apt-key del keyid is case sensitive
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apt (Debian) |
Fix Released
|
Unknown
|
|||
apt (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
Bug Description
Note:
Confirmed on Ubuntu utopic with apt 1.0.9.2ubuntu2
Confirmed on Debian jessie apt 1.0.9.7
Behavior NOT seen on Ubuntu precise with apt 0.8.16~
Behavior NOT seen on Debian wheezy apt 0.9.7.9+deb7u7
apt-key export is not case-sensitive to the hex keyid specified. Inconsistently, apt-key del is case-sensitive and won't match unless the hex keyid is uppercase. This is highly exacerbated by bug #1256565 which results in "OK" being printed and success being returned when apt-key del doesn't match anything.
The user is reasonably left to conclude that the key has been deleted from the trusted keyring when it has not.
Example:
# apt-key export 7fac5991
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1
mQGiBEXwb0YRBAD
kv2E5VixBP1vcQF
fvmI+i9b2EhHAA1
feGqtn3PP5YAdD0
QhI2U5jt6jUKN4f
b0V0SqiTCkWADZy
78X0A/0Tqlhc2RB
4XmfTg4Jl8BNjWy
HdwCG5MNT2A5XxD
bmMuIExpbnV4IFB
eW1hc3RlckBnb29
HgECF4AFAkYVdn8
AJEAniSFbuv8V5F
A51ZcC46KFtIDgj
rgNVaFv6Qu4bo2/
XyAZ9SvfcW4EtxV
pZeKz+UBEEqPyw7
K3krttbDlY1NaeQ
2vgLAAMFB/
CljrrDZkPSQ/
KcofuNb3lPdXZb9
cpWY1n6z6oSS9As
G0KSObnmZ7FwFWu
5og9qFEkMrIrBCp
D3+sWZF/
/FJG
=Quqp
-----END PGP PUBLIC KEY BLOCK-----
# apt-key del 7fac5991
OK
# echo $?
0
# apt-key export 7fac5991
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1
mQGiBEXwb0YRBAD
kv2E5VixBP1vcQF
fvmI+i9b2EhHAA1
feGqtn3PP5YAdD0
QhI2U5jt6jUKN4f
b0V0SqiTCkWADZy
78X0A/0Tqlhc2RB
4XmfTg4Jl8BNjWy
HdwCG5MNT2A5XxD
bmMuIExpbnV4IFB
eW1hc3RlckBnb29
HgECF4AFAkYVdn8
AJEAniSFbuv8V5F
A51ZcC46KFtIDgj
rgNVaFv6Qu4bo2/
XyAZ9SvfcW4EtxV
pZeKz+UBEEqPyw7
K3krttbDlY1NaeQ
2vgLAAMFB/
CljrrDZkPSQ/
KcofuNb3lPdXZb9
cpWY1n6z6oSS9As
G0KSObnmZ7FwFWu
5og9qFEkMrIrBCp
D3+sWZF/
/FJG
=Quqp
-----END PGP PUBLIC KEY BLOCK-----
# apt-key del 7FAC5991
OK
# echo $?
0
# apt-key export 7fac5991
gpg: WARNING: nothing exported
information type: | Private Security → Public Security |
description: | updated |
description: | updated |
tags: | added: regression-release |
tags: | added: utopic |
tags: | added: vivid |
Changed in apt (Ubuntu): | |
status: | New → Confirmed |
importance: | Undecided → High |
no longer affects: | apt (Debian) |
Changed in apt (Debian): | |
status: | Unknown → New |
Changed in apt (Debian): | |
status: | New → Fix Released |
Changed in apt (Ubuntu): | |
status: | Confirmed → Triaged |
Changed in apt (Ubuntu): | |
milestone: | none → vivid-updates |
Note: I just forwarded this info on to <email address hidden> already.