Thanks Julian. > Also read the warning message apt-key gives you: > > Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead > (see apt-key(8))
I think the wrong course of action was taken. Deprecated is not withdrawn. As long as apt-key is provided, it is expected to perform properly. Once apt-key goes away, then all bets are off. I also think its a bad idea to [eventually] remove apt-key. The tool is ubiquitous and it is cited across the web. Searching for "apt-key" returns over 1 million hits. It would be wise to keep the tool since it is so well known and used. I think it would be better to fix apt-key since so many people are familiar with it and depend on it. And it is economical to fix it. The cost of fixing apt-key is less expensive than 1 million people working around the missing tool and learning to use a new tool. One person fixing apt-key may take 3 days or 1 month. 1 million people wasting 15 minutes each 250,000 man hours. 3 days or 1 month is much cheaper than 250,000 hours. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/2025116 Title: apt-key saves key in legacy trusted.gpg keyring (/etc/apt/trusted.gpg) Status in apt package in Ubuntu: Invalid Bug description: Hi Everyone, I want to install Firefox from Mozilla PPA. I added issued apt-key (from apt package) to fetch the signing key, and then enabled the PPA in /etc/apt/sources.list.d/mozillateam-ubuntu-ppa-jammy.list. The apt- key command used was: sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 9BDB3D89CE49EC21 Then, upon apt-get update: # sudo apt-get update Hit:1 http://us.archive.ubuntu.com/ubuntu jammy InRelease ... Reading package lists... Done W: https://ppa.launchpadcontent.net/mozillateam/ppa/ubuntu/dists/jammy/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details. ----- In the old days, we were supposed to put keys at /etc/apt/trusted.gpg.d. If I am parsing things correctly nowadays... a new method is supposed to be used: adding [signed-by=<path>] to the sources.list line and putting the key in /usr/share/keyrings or /etc/apt/keyrings [1]. [1] https://lists.debian.org/debian-user/2023/06/msg00722.html ----- A related bug appears to be https://bugs.launchpad.net/ubuntu/+source/ubuntu-release- upgrader/+bug/1995825. The 1995825 appears to trigger after an upgrade. For me, this is a fresh install. There was no upgrade. ----- This is Ubuntu 22.04 LTS, x86_64, fully patched. $ lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 22.04.2 LTS Release: 22.04 Codename: jammy ----- $ dpkg -S /usr/bin/apt-key apt: /usr/bin/apt-key $ apt-cache show apt Package: apt Architecture: amd64 Version: 2.4.9 Priority: important Section: admin Origin: Ubuntu Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com> Original-Maintainer: APT Development Team <de...@lists.debian.org> Bugs: https://bugs.launchpad.net/ubuntu/+filebug Installed-Size: 4156 Provides: apt-transport-https (= 2.4.9) Depends: adduser, gpgv | gpgv2 | gpgv1, libapt-pkg6.0 (>= 2.4.9), ubuntu-keyring, libc6 (>= 2.34), libgcc-s1 (>= 3.3.1), libgnutls30 (>= 3.7.0), libseccomp2 (>= 2.4.2), libstdc++6 (>= 11), libsystemd0 Recommends: ca-certificates To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/2025116/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
