From db5fac3828c98495bbb0f8eab824fdfd66df9beb Mon Sep 17 00:00:00 2001 From: Johannes Schauer Date: Sun, 4 Dec 2016 01:34:18 +0100 Subject: [PATCH] handle keyring download differently: - do not (re)install keyring package on the host system (closes: #787438 ) - do not disable SecureApt when using fakeroot (closes: #846776) --- debian/changelog | 8 ++++++++ multistrap | 20 ++++---------------- 2 files changed, 12 insertions(+), 16 deletions(-) diff --git a/debian/changelog b/debian/changelog index c4bedcc..a0073bf 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +multistrap (2.2.4) UNRELEASED; urgency=medium + + * handle keyring download differently: + - do not (re)install keyring package on the host system (closes: #787438 ) + - do not disable SecureApt when using fakeroot (closes: #846776) + + -- Johannes Schauer Sun, 04 Dec 2016 01:31:11 +0100 + multistrap (2.2.3) unstable; urgency=medium * The B-D-A header doesn't make any sense without Architecture:any packages diff --git a/multistrap b/multistrap index c913b52..367a3f7 100755 --- a/multistrap +++ b/multistrap @@ -273,25 +273,12 @@ foreach my $pkg (values %keyrings) { $k .= "$pkg "; } if ((defined $k) and (not defined $noauth)) { - # the keyring package must be available to the external apt - # and apt refuses to allow fakeroot to do this. - $str = ""; - if (not exists $ENV{FAKEROOTKEY}) { - if ((exists $ENV{USER}) and ($ENV{USER} ne "root")) { - $str = "sudo" if (-f "/usr/bin/sudo"); - } - } else { - print "Turning off SecureApt due to use of fakeroot\n"; - $noauth++; - } -} -if ((defined $k) and (not defined $noauth)) { - printf (_g("I: Installing %s\n"), $k); - system ("$str apt-get -y -d --reinstall install $k"); + printf (_g("I: Downloading %s\n"), $k); + system ("apt-get -y download $k"); foreach my $keyring_pkg (values %keyrings) { next if (not defined $keyring_pkg); my @files=(); - my $file = `find /var/cache/apt/archives/ -name "$keyring_pkg*"|grep -m1 $keyring_pkg`; + my $file = `find ./ -name "${keyring_pkg}_*_all.deb"|grep -m1 $keyring_pkg`; chomp ($file); if ($file eq "") { my $msg = sprintf (_g("Unable to download keyring package: '%s'"),$dir); @@ -310,6 +297,7 @@ if ((defined $k) and (not defined $noauth)) { File::Copy::copy "${xdir}/usr/share/keyrings/${gpg}", "${dir}${etcdir}trusted.gpg.d/"; } system ("rm -rf ${xdir}"); + unlink ($file); } }