cloud-init shouldn't use apt-key
Bug #1836336 reported by
Julian Andres Klode
This bug affects 5 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
cloud-init |
Fix Released
|
High
|
Brett Holman |
Bug Description
In cc_apt_
It should instead be dropping raw .gpg files or (optionally, starting with bionic / apt 1.4) ASCII armored .asc files into trusted.gpg.d, with a name matching the name of the source.
Not sure if there are other places.
Changed in cloud-init: | |
assignee: | nobody → Brett Holman (holmanb) |
To post a comment you must log in.
Hi Julian,
Thanks for letting us know! I have a couple of questions, one to help us understand priority and one to inform implementation once we get there:
* Are there any plans to remove apt-key from Debian or Ubuntu any time soon? (i.e. Is there a forcing function here?)
* When you say "with a name matching the name of the source", is that a strict requirement for the key to be found, or best practice?
Thanks!
Dan