cannot import new keys if another malformed key exists
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apt (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
"apt-key add" fails to import keys if there exists another key with a malformed file name.
Such malformed key names used to be provided by the openSUSE Build Service (https:/
After importing such malformed key, future key imports will fail with something like:
$ sudo apt-key add linux_signing_
gpg: invalid key resource URL '/tmp/apt-
gpg: keyblock resource '(null)': General error
even though no such file "isv:ownCloud:
This affects deb packages that import public repo keys during installation, such as Google Chrome or Vivaldi, and results in minor issues such as breaking GUI tools and CLI warnings, and the major issue that the installed repo cannot be used anymore to update the software (Google Chrome, Vivaldi).
apt-key should be robust to such issues and continue importing keys. As in the example above, apt-key should import "linux_
ProblemType: Bug
DistroRelease: Ubuntu 20.04
Package: apt 2.0.2ubuntu0.2
ProcVersionSign
Uname: Linux 5.8.0-38-generic x86_64
NonfreeKernelMo
ApportVersion: 2.20.11-
Architecture: amd64
CasperMD5CheckR
CurrentDesktop: ubuntu:GNOME
Date: Wed Jan 20 19:24:34 2021
InstallationDate: Installed on 2020-04-24 (271 days ago)
InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Release amd64 (20200423)
SourcePackage: apt
UpgradeStatus: No upgrade log present (probably fresh install)
It's a legacy tool nobody should be using anymore. It's been like what, half a decade or so, we've been telling people to stop it, and drop files into trusted.gpg.d. It will go away in 2022.
So I'm not super excited about spending time investigating and fixing this, but I guess I'll have a crack at it.