New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
deb822: Puts Keys in wrong directory #83074
Comments
Files identified in the description: None If these files are incorrect, please update the |
@ansibot component +lib/ansible/modules/deb822_repository.py |
Files identified in the description: If these files are incorrect, please update the |
The source file is correct and points to the right location.
https://manpages.debian.org/bookworm/apt/sources.list.5.en.html: |
thanks, this would mean the documentation is wrongly refering to |
No, not really. "Either a URL to a GPG key, absolute path to a keyring file, one or more fingerprints of keys either in the trusted.gpg keyring or in the keyrings in the trusted.gpg.d/ directory, or an ASCII armored GPG public key block." There are still keys present in ~$ lsb_release -d && ls /etc/apt/trusted.gpg.d/
No LSB modules are available.
Description: Debian GNU/Linux trixie/sid
debian-archive-bookworm-automatic.asc debian-archive-bookworm-stable.asc debian-archive-bullseye-security-automatic.asc debian-archive-buster-automatic.asc debian-archive-buster-stable.asc
debian-archive-bookworm-security-automatic.asc debian-archive-bullseye-automatic.asc debian-archive-bullseye-stable.asc debian-archive-buster-security-automatic.asc
~$ cat /etc/apt/trusted.gpg.d/debian-archive-bookworm-automatic.asc | gpg --show-keys --dry-run
pub rsa4096 2023-01-21 [SC] [expires: 2031-01-19]
B8B80B5B623EAB6AD8775C45B7C5D7D6350947F8
uid Debian Archive Automatic Signing Key (12/bookworm) <ftpmaster@debian.org>
sub rsa4096 2023-01-21 [S] [expires: 2031-01-19] |
Closing per above. |
Summary
We noticed that the deb822 module puts the keys it downloads into the
/etc/apt/keyrings
folder. The official documentation says that they should be stored intrusted.gpg.d
folder.This is a show-stopper in adopting the deb822 module, as keys stored in
/etc/apt/keyrings
will not be loaded on the current Debian 12 cloud image.Issue Type
Bug Report
Component Name
deb822_repository
Ansible Version
Configuration
OS / Environment
Debian 12
Steps to Reproduce
Expected Results
The imported key is placed in
/etc/apt/trusted.gpg.d
Actual Results
Code of Conduct
The text was updated successfully, but these errors were encountered: