Skip to content

Amend location of GPG key file#4998

Merged
vilmibm merged 1 commit intocli:trunkfrom
SubOptimal:patch-1
Jan 25, 2022
Merged

Amend location of GPG key file#4998
vilmibm merged 1 commit intocli:trunkfrom
SubOptimal:patch-1

Conversation

@SubOptimal
Copy link
Contributor

@SubOptimal SubOptimal commented Jan 6, 2022

Following the Debian documentation for SecureApt the keyring files should be stored in /etc/apt/trusted.gpg.d/.

In more recent Debian GNU/Linux versions (Wheezy, for example), the keyrings are stored in specific files all located in the /etc/apt/trusted.gpg.d directory.

@SubOptimal
Amend location of GPG key file
0ac546a 
Following the Debian [documentation](https://wiki.debian.org/SecureApt) the keyring should be stored in `/etc/apt/trusted.gpg.d/.

> In more recent Debian GNU/Linux versions (Wheezy, for example), the keyrings are stored in specific files all located in the `/etc/apt/trusted.gpg.d` directory.
@SubOptimal SubOptimal requested a review from a team as a code owner January 6, 2022 08:19
@SubOptimal SubOptimal requested review from vilmibm and removed request for a team January 6, 2022 08:19
@cliAutomation
Copy link
Collaborator

cliAutomation commented Jan 6, 2022

Hi! Thanks for the pull request. Please ensure that this change is linked to an issue by mentioning an issue number in the description of the pull request. If this pull request would close the issue, please put the word 'Fixes' before the issue number somewhere in the pull request body. If this is a tiny change like fixing a typo, feel free to ignore this message.

@cliAutomation cliAutomation added the external pull request originating outside of the CLI core team label Jan 6, 2022
mislav
mislav reviewed Jan 6, 2022
View reviewed changes
@ArwynFr
Copy link

ArwynFr commented Jan 13, 2022
edited
Loading

The pgp file also needs to be readable by user _apt
Consider adding a chmod 644 instruction

@SubOptimal
Copy link
Contributor Author

SubOptimal commented Jan 16, 2022

In relation the comment from @ArwynFr, the permissions on a recent Debian installation are ...

$ ls -l /etc/apt/trusted.gpg.d/githubcli-archive-keyring.gpg 
-rw-r--r-- 1 root root 1795 Dec 21 17:38 /etc/apt/trusted.gpg.d/githubcli-archive-keyring.gpg

vilmibm
vilmibm approved these changes Jan 25, 2022
View reviewed changes
Copy link
Contributor

@vilmibm vilmibm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

given that this directory has been standard in Debian since 2013 and is clearly supported in Ubuntu, I think this is pretty low risk.

@vilmibm vilmibm enabled auto-merge January 25, 2022 20:01
@vilmibm vilmibm merged commit 13b3c7c into cli:trunk Jan 25, 2022
@chrisccoulson chrisccoulson mentioned this pull request Jan 28, 2022
Closed
@mislav mislav mentioned this pull request Feb 14, 2022
Merged
@selim750000

This comment was marked as spam.

Sign in to view
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

2 more reviewers

@mislav mislav mislav left review comments

@vilmibm vilmibm vilmibm approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@vilmibm vilmibm

Labels

external pull request originating outside of the CLI core team

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@SubOptimal @cliAutomation @ArwynFr @selim750000 @mislav @vilmibm