From 58f7a9e379c20379ebec0e1c0cb79992aa53ed29 Mon Sep 17 00:00:00 2001 From: snip Date: Thu, 5 Jan 2023 09:20:28 +0100 Subject: [PATCH] Use same naming scheme for archive keys in chroot and binary stages Commit 8403487d introduced in the chroot stage a naming scheme for local archive keys which distinguishes between ASCII-armored keys and binary ones, and then adds the appropriate extension (either `.asc` or `.gpg`, respectively) when copying them to `/etc/apt/trusted.gpg.d`. However, this change was not applied to the binary stage: ASCII-armored and binary keys are still both copied with the `.asc` extension, which introduces a discrepancy between the two stages. This, in turn, may prevent using the same `.list` file for both stages, as entries such as deb [signed-by=/etc/apt/trusted.gpg.d/my-repository.key.asc] ... will fail in the chroot stage if `config/archives/my-repository.key` is in binary format (as it will be copied with the `.gpg` extension), while entries such as deb [signed-by=/etc/apt/trusted.gpg.d/my-repository.key.gpg] ... will fail in the binary stage (as the key will this time be copied with the `.asc` extension). --- scripts/build/chroot_archives | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/scripts/build/chroot_archives b/scripts/build/chroot_archives index d8f0d3baf..952fbea22 100755 --- a/scripts/build/chroot_archives +++ b/scripts/build/chroot_archives @@ -446,7 +446,12 @@ case "${_ACTION}" in do if [ -e "${FILE}" ] then - cp ${FILE} chroot/etc/apt/trusted.gpg.d/$(basename ${FILE}).asc + if grep -q "PGP PUBLIC KEY BLOCK" "${FILE}" + then + cp ${FILE} chroot/etc/apt/trusted.gpg.d/$(basename ${FILE}).asc + else + cp ${FILE} chroot/etc/apt/trusted.gpg.d/$(basename ${FILE}).gpg + fi fi done