/usr/share/apt/ubuntu-archive.gpg is missing but necessary for fresh install

apt does not depend on gpg so should be happy to operate without keys. Nor does it depend on ubuntu-keyring.

/etc/apt/trusted.gpg normally seems to be generated by ubutnu-keyring postinst.

So I''m not sure what the purpose of the /usr/share/apt/ubuntu-archive.gpg is/was. Is it now superceded?

The practical problem where this bug is an issue is chreating a minimal rootfs or chroot where ubuntu-keyring is not installed.

If you install ubuntu-keyring as well this problem still occurs. Installing both ubuntu-keyring and gnupg is sufficient for it not to happen (because /etc/apt/trusted.gpg is now automatically created).

This bug was fixed in the package apt - 0.8.3ubuntu1

---------------
apt (0.8.3ubuntu1) maverick; urgency=low

  * merged fixes from debian-sid
  * debian/rules:
    - put ubuntu-archive.gpg back into the package (LP: #620576)
  * apt-pkg/init.cc:
    - ignore ".distUpgrade" and ".save" files in sources.list.d
      (LP: #631770)

apt (0.8.3) unstable; urgency=low

  [ Manpages translations ]
  * Japanese (KURASAWA Nozomu). Closes: #595862

  [ Michael Vogt ]
  * apt-pkg/indexcopy.cc:
    - only use trusted.gpg.d directory if it exists
    - do not replace /dev/null when running in APT::CDROM::NoAct
      mode (LP: #612666), thanks to Colin Watson

  [ David Kalnischkies ]
  * ftparchive/apt-ftparchive.cc:
    - ensure that BinDirectory as well as Tree settings get
      the correct default FileMode setting (Closes: #595922)

apt (0.8.2) unstable; urgency=low

  [ Manpages translations ]
  * Spanish (Omar Campagne). Closes: #595557

  [ David Kalnischkies ]
  * apt-pkg/versionmatch.cc:
    - do not accept 'Pin: origin "' (missing closing ") as a valid
      way to pin a local archive: either "" or none…
  * apt-pkg/deb/dpkgpm.cc:
    - create Dir::Log if needed to support /var/log as tmpfs or similar,
      inspired by Thomas Bechtold, thanks! (Closes: #523919, LP: #220239)
  * apt-pkg/indexcopy.cc:
    - support really still the APT::GPGV::TrustedKeyring setting,
      as it breaks d-i badly otherwise (Closes: #595428)
  * cmdline/apt-key:
    - support also Dir::Etc::Trusted so that apt-key works in the same
      way as the library part which works with the trusted files
  * methods/{gzip,bzip2}.cc:
    - empty files can never be valid archives (Closes: #595691)

apt (0.8.1) unstable; urgency=low

  [ Programs translations ]
  * Thai (Theppitak Karoonboonyanan). Closes: #592695
  * Russian (Yuri Kozlov). Closes: #594232
  * Slovak (Ivan Masár). Closes: #594255
  * Swedish (Daniel Nylander). Closes: #594241
  * Japanese (Kenshi Muto, Osamu Aoki). Closes: #594265
  * Italian (Milo Casagrande). Closes: #594238
  * Asturian (maacub). Closes: #594303
  * Simplified Chinese (Aron Xu). Closes: #594458
  * Bulgarian (Damyan Ivanov). Closes: #594627
  * Portuguese (Miguel Figueiredo). Closes: #594668
  * Korean (Changwoo Ryu). Closes: #594809
  * Norwegian Bokmål (Hans Nordhaug). Closes: #595182
  * Danish (Joe Hansen). Closes: #595176
  * Catalan (Agustí Grau). Closes: #595234

  [ Christian Perrier ]
  * Fix spelling error in cmdline/apt-get.cc. Thanks to Osamu Aoki
    Closes: #594211

  [ Manpages translations ]
  * Portuguese (Américo Monteiro)

  [ David Kalnischkies ]
  * cmdline/apt-cache.cc:
    - show in madison command again also source packages (LP: #614589)
    - remove useless GetInitialize method
  * cmdline/apt-get.cc:
    - remove direct calls of ReadMainList and use the wrapper instead
      to protect us from useless re-reads and two-times notice display
    - remove death code by removing unused GetInitialize
  * apt-pkg/depcache.cc:
    - now that apt-get purge works on 'rc' packages let the MarkDelete
      pass this purge forward to the non-pseudo package for pseudos
  * apt-pkg/contrib/fileutl.cc:
    - apply SilentlyIgnore...