On Fri, Mar 25, 2011 at 05:19, Josh Triplett <j...@joshtriplett.org> wrote: > apt doesn't need to maintain the GPG trustdb in /etc/apt/trustdb.gpg; > apt trusts all keys in /etc/apt/trusted.gpg and /etc/apt/trusted.gpg.d/* > .. Please consider getting rid of the trustdb, and if necessary just > telling GPG to trust all keys in the trusted keyring.
Do you have an idea how to let this work? Last time i checked gpg doesn't like to be run without a trustdb… Following the gpg command apt-key uses to import the debian-archive-keyring without the --trustdb-name option it uses to switch to its own one: $ gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --quiet --batch --keyring /usr/share/keyrings/debian-archive-keyring.gpg --export | gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --import gpg: key F42584E6: "Lenny Stable Release Key <debian-rele...@lists.debian.org>" not changed gpg: key 55BE302B: "Debian Archive Automatic Signing Key (5.0/lenny) <ftpmas...@debian.org>" not changed gpg: key 6D849617: "Debian-Volatile Archive Automatic Signing Key (5.0/lenny)" not changed gpg: key B98321F9: "Squeeze Stable Release Key <debian-rele...@lists.debian.org>" not changed gpg: key 473041FA: "Debian Archive Automatic Signing Key (6.0/squeeze) <ftpmas...@debian.org>" not changed gpg: Total number processed: 5 gpg: unchanged: 5 gpg: fatal: /root/.gnupg: directory does not exist! secmem usage: 0/0 bytes in 0/0 blocks of pool 0/32768 if all keys are already present its successful but prints this gpg fatal - otherwise it fails with the same message (without the two-line statistic about processed keys). I think this is very similar to --secrect-keyring which isn't really needed, but gpg seems to insist on having it around… The good think is if all -keyring packages switch to dropping files into trusted.gpg.d we don't need gpg as we don't need to maintain a single trusted.gpg file… Best regards David Kalnischkies -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org