[elbe-devel] [PATCH v2 0/9] Repository key handling

Mon Mar 6 12:47:37 CET 2023

There are problems with Elbe's Debian repository key handling.
First off, there are copies of expired key in the repository.
The apt-key tool that Elbe uses to install mirror keys
needs a gpg installation on the target, which we can avoid.
The only thing that we need as a replacement is an ascii-unarmor
implementation.

Additionally, advertise the elbe-archive-keyring package in the
installation instructions.

Changelog:
v2:
 * typo fixes, collect John's R-b
 * replace the CRC-ignoring python unarmor with gpg call
   (which will not happen in target context)
 * use absolute paths for /cdrom in chroot context
 * prefix the raw-keyN.gpg files

Bastian Germann (9):
  examples: Renew and centralize outdated public key
  examples: x86_64-docker-elbe: Drop elbe-common
  docs: quickstart: Introduce elbe-archive-keyring
  docs: elbeoverview: Drop installation instructions
  initvm: Replace <key> with <raw-key>
  egpg: Implement unarmor_openpgp_keyring
  Eliminate most apt-key calls
  rfs: Drop gpg from debootstrap include
  elbeproject: Install full gnupg for pbuilder again

 docs/elbeoverview-en.txt                      |  29 -----
 docs/quickstart.txt                           |  12 +--
 elbepack/egpg.py                              |  16 ++-
 elbepack/elbeproject.py                       |   4 +-
 elbepack/init/default-init.xml                | 102 ++++++++++++++++--
 elbepack/rfs.py                               |  49 ++++-----
 elbepack/virtapt.py                           |  18 ++--
 .../{devel/mirrors.xml => mirrorkey.xml}      |  43 +++-----
 examples/x86_64-docker-elbe.xml               |  68 +-----------
 9 files changed, 166 insertions(+), 175 deletions(-)
 rename examples/includes/{devel/mirrors.xml => mirrorkey.xml} (60%)

-- 
2.39.2