Package: apt
Version: 0.6.46.2
Severity: wishlist
Tags: patch

apt-key should support exporting both particular trusted keys, and the entire list of trusted keys. This would allow an administrator to copy the list of trusted keys from one machine to another by doing:

 apt-key exportall | ssh remotehost.example.com "apt-key add -"

It would also allow exporting particular public keys, like so:

 apt-key export 2D230C5F | ssh remotehost.example.com "apt-key add -"

The attached patch adds this functionality.

-- System Information:
Debian Release: 4.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16.29-xenU
Locale: LANG=C, LC_CTYPE=C (charmap=UTF-8) (ignored: LC_ALL set to en_CA.UTF-8)

Versions of packages apt depends on:
ii  debian-archive-keyring  2007.02.19       GnuPG archive keys of the Debian a
ii  libc6                   2.6.1-1+b1       GNU C Library: Shared libraries
ii  libgcc1                 1:4.2-20070516-1 GCC support library
ii  libstdc++6              4.2-20070516-1   The GNU Standard C++ Library v3

apt recommends no packages.

diff -ru orig/apt-0.7.6/cmdline/apt-key apt-0.7.6/cmdline/apt-key
--- orig/apt-0.7.6/cmdline/apt-key      2007-07-24 06:33:29.000000000 -0600
+++ apt-0.7.6/cmdline/apt-key   2007-09-11 18:00:19.000000000 -0600
@@ -39,6 +39,8 @@
     echo
     echo "  apt-key add <file>          - add the key contained in <file> ('-' 
for stdin)"
     echo "  apt-key del <keyid>         - remove the key <keyid>"
+    echo "  apt-key export <keyid>      - output the key <keyid>"
+    echo "  apt-key exportall           - output all trusted keys"
     echo "  apt-key update              - update keys using the keyring 
package"
     echo "  apt-key list                - list keys"
     echo
@@ -75,6 +77,12 @@
     finger*)
         $GPG --batch --fingerprint
         ;;
+    export)
+        $GPG --armor --export "$1"
+        ;;
+    exportall)
+        $GPG --armor --export
+        ;;
     adv*)
         echo "Executing: $GPG $*"
         $GPG $*
diff -ru orig/apt-0.7.6/doc/apt-key.8.xml apt-0.7.6/doc/apt-key.8.xml
--- orig/apt-0.7.6/doc/apt-key.8.xml    2007-07-24 06:33:29.000000000 -0600
+++ apt-0.7.6/doc/apt-key.8.xml 2007-09-11 18:36:55.000000000 -0600
@@ -63,6 +63,28 @@
      </listitem>
      </varlistentry>
 
+     <varlistentry><term>export <replaceable>keyid</replaceable></term>
+     <listitem>
+     <para>
+
+        Output the key <replaceable>keyid</replaceable> to standard output.
+
+     </para>
+
+     </listitem>
+     </varlistentry>
+
+     <varlistentry><term>exportall</term>
+     <listitem>
+     <para>
+
+        Output all trusted keys to standard output.
+
+     </para>
+
+     </listitem>
+     </varlistentry>
+
      <varlistentry><term>list</term>
      <listitem>
      <para>

Reply via email to