Comment 2 for bug 1825239

To verify the key, you can add this to sources.list and run apt-get update, it will complain about a missing key (if you don't have it), and you can then use it and verify the complaint is gone.

deb https://esm.ubuntu.com/ubuntu trusty-security main

> Does this mean that if I run 'ua enable-esm' twice, the file gets two entries? (Should this instead be > instead of >> so that it's idempotent?)

Bummer, I thought it was gated on an is_esm_enabled check. Will fix. >> was used because in other releases other services (like fips) would also use an auth.conf file, and it was the same file (no .d existed).

> Given that this file is /etc/apt/auth.conf.d/90ubuntu-advantage which is exclusive to ESM, why sedding this out instead of deleting the file?

It used to be just /etc/apt/auth.conf, but an apt SRU allowed us to use auth.conf.d and I opted to switch to that format, because it's what the new client is using. I also opted to not change that code since it would still work and I wouldn't have to change anything else, not even tests, and the consequence is a zero-sized file if you disable esm. But on purge it gets removed.

> +deb https://${ESM_REPO_HOST}/ubuntu ${SERIES}-updates main
> +# deb-src https://${ESM_REPO_HOST}/ubuntu ${SERIES}-updates main
> +EOF
> I would suggest that we don't enable -updates at this stage, and defer that until the new client lands.

I'll check