Add little script to make adding Launchpad PPAs easier

Bug #380071 reported by Mackenzie Morgan on 2009-05-24
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
apt (Ubuntu)
Wishlist
Unassigned

Bug Description

Binary package hint: apt

I have in my ~/.bash_aliases:
alias ppagpg='sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com'

Adding /usr/bin/ppakey to make it easier to import PPA keys would be nice. Example attached.

ProblemType: Bug
Architecture: amd64
Dependencies:
 libgcc1 1:4.3.3-5ubuntu4
 gcc-4.3-base 4.3.3-5ubuntu4
 libstdc++6 4.3.3-5ubuntu4
 findutils 4.4.0-2ubuntu4
 libc6 2.9-4ubuntu6
DistroRelease: Ubuntu 9.04
NonfreeKernelModules: openafs
Package: apt 0.7.20.2ubuntu6
ProcEnviron:
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: apt
Uname: Linux 2.6.28-12-generic x86_64

Mackenzie Morgan (maco.m) wrote :
Changed in apt (Ubuntu):
assignee: nobody → Mackenzie Morgan (maco.m)
importance: Undecided → Wishlist
status: New → Confirmed

On Sun, May 24, 2009 at 10:33:42PM -0000, Launchpad Bug Tracker wrote:
> You have been subscribed to a public bug by Mackenzie Morgan (maco.m):
>
> Binary package hint: apt
>
> I have in my ~/.bash_aliases:
> alias ppagpg='sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com'
>
> Adding /usr/bin/ppakey to make it easier to import PPA keys would be
> nice. Example attached.

Thanks for following up on this. I had two other ideas about it since we
spoke:

1. Maybe it should be a part of apt-key, since it's just a trivial wrapper
around it

2. It would be great to fetch the appropriate key for a particular PPA from
Launchpad, rather than specifying the key ID, e.g.:

 sudo apt-key add-ppa https://edge.launchpad.net/~ubuntu-desktop/+archive/ppa

or perhaps even:

 sudo add-ppa https://edge.launchpad.net/~ubuntu-desktop/+archive/ppa

(which would also take care of the sources.list entries)

--
 - mdz

Talking to NCommander yesterday, "Just add apt-key net-add" (like net-update)
came up. Of course, this'd require that gnupg have some default keyservers
setup. It only has pgp.net or whatever it is, no MIT or Ubuntu. I filed a bug
to add the Ubuntu keyserver to the default keyserver list in gpg.conf. The
combination could work for this.

That "find by PPA name" bit sounds interesting too, though...

Why can't you simply run

gpg --keyserver keyserver.ubuntu.com --recv-keys ...

in such a target? Why must gnupg have keyserver.ubuntu.com as default keyserver? It is just stupid to fix *this* request by making keyserver.ubuntu.com the default keyserver in gnupgs options.skel. Especially when you think of all those existing gnupg installations which do not have keyserver.ubuntu.com as default keyserver and where you cannot rely on this setup. Please use a proper gnupg command line instead to change options.skel.

On Sat, May 30, 2009 at 07:05:12PM -0000, Daniel Leidert wrote:
> Why can't you simply run
>
> gpg --keyserver keyserver.ubuntu.com --recv-keys ...
>
> in such a target? Why must gnupg have keyserver.ubuntu.com as default
> keyserver? It is just stupid to fix *this* request by making
> keyserver.ubuntu.com the default keyserver in gnupgs options.skel.
> Especially when you think of all those existing gnupg installations
> which do not have keyserver.ubuntu.com as default keyserver and where
> you cannot rely on this setup. Please use a proper gnupg command line
> instead to change options.skel.

I think you may have misunderstood the intent behind the gnupg change. In
the course of looking at this feature request, we asked the question "why
*isn't* keyserver.ubuntu.com one of the default keyservers in Ubuntu?"

There was no good reason for it not to be, so it was added.

Regardless of the default keyserver configuration, a way for apt-key to "add
this key ID, which should be available from one of my default keyservers" is
useful.

--
 - mdz

gnupg does not handle several "default" keyservers. It uses only the last specified. So the change made keyserver.ubuntu.com the default one, not one of the default ones.

An `apt-key net-add' can be realized pretty easily. Allow one mandatory and one optional argument. The first is the key and the second (optional) a keyserver. Use keyserver.ubuntu.com as default if no keyserver has been given. I fail to see, why you have to patch options.skel for this.

GnuPG's supposed to be able to handle multiple default keyservers though,
isn't it? So can I try to fix that bug?

I wouldn't say so. See the entries #139 and #1038 in the upstream bug tracker (especially the last). If you provide a patch, which enables handling of several keyservers and which doesn't break existing scripts, I guess you have good chances that it will be accepted upstream, as this is a frequently requested feature.

But you'll have several design decisions to make: For receiving or searching keys, it might be useful to cycle through all specified keyservers. But how to act on sending a key? How to act on updating the keyring? What if the keys provided by the keyservers differ? IMHO this is not as easy to implement as you think.

I vote for not deviating from upstream. This feature should be discussed on gnupg-devel or in #1038.

BTW: Can we move the discussion about gnupg-related things completely to bug 380093?

Changed in apt (Ubuntu):
assignee: Mackenzie Morgan (maco.m) → nobody
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Bug attachments