diffstat of debian/ for ubuntu-keyring_2016.05.13-2 ubuntu-keyring_2016.10.27 README.Debian | 11 ---- README.source | 15 +++++ changelog | 113 ++++++++++++------------------------------- compat | 1 config | 11 ---- control | 28 ++++++---- copyright | 59 +++++++++------------- docs | 1 install | 1 po/POTFILES.in | 1 po/templates.pot | 42 --------------- postinst | 43 ++++------------ postrm | 19 ------- rules | 95 ++++++++++++++++++++++++++++++++---- source/format | 1 templates | 12 ---- ubuntu-keyring-udeb.postinst | 6 ++ 17 files changed, 194 insertions(+), 265 deletions(-) diff -Nru ubuntu-keyring-2016.05.13/debian/README.Debian ubuntu-keyring-2016.10.27/debian/README.Debian --- ubuntu-keyring-2016.05.13/debian/README.Debian 2018-08-29 07:34:00.000000000 +0000 +++ ubuntu-keyring-2016.10.27/debian/README.Debian 1970-01-01 00:00:00.000000000 +0000 @@ -1,11 +0,0 @@ -ubuntu-archive-keyring for Debian ---------------------------------- - - This package does not enable Ubuntu's GPG keys as system trusted keyring by - default (since 2016.05.13-2). If you want to do so, run below command. - . - # dpkg-reconfigure --priority=low ubuntu-archive-keyring - . - However, it is not recommended because not necessary in most cases. - - -- Hideki Yamane Wed, 29 Aug 2018 16:30:23 +0900 diff -Nru ubuntu-keyring-2016.05.13/debian/README.source ubuntu-keyring-2016.10.27/debian/README.source --- ubuntu-keyring-2016.05.13/debian/README.source 1970-01-01 00:00:00.000000000 +0000 +++ ubuntu-keyring-2016.10.27/debian/README.source 2016-09-19 18:14:35.000000000 +0000 @@ -0,0 +1,15 @@ +The fingerprints currently in use by The Ubuntu Project are currently +listed at: + + https://wiki.ubuntu.com/SecurityTeam/FAQ#GPG_Keys_used_by_Ubuntu + +The sha512sums of the keyrings and fragments can be verified using: + + $ gpg --no-default-keyring --keyring /usr/share/keyrings/debian-keyring.gpg --decrypt SHA512SUMS.txt.asc | sha512sum -c - + $ gpg --no-default-keyring --keyring /usr/share/keyrings/debian-keyring.gpg --decrypt md5sums.txt | md5sum -c - + +It is left as an excercise to the reader to establish trust path to +the Debian Project strongly connect set of keys. + + + -- Dimitri John Ledkov , Mon, 19 Sep 2016 19:14:35 +0100 diff -Nru ubuntu-keyring-2016.05.13/debian/changelog ubuntu-keyring-2016.10.27/debian/changelog --- ubuntu-keyring-2016.05.13/debian/changelog 2018-08-29 07:34:00.000000000 +0000 +++ ubuntu-keyring-2016.10.27/debian/changelog 2016-10-27 14:34:50.000000000 +0000 @@ -1,86 +1,37 @@ -ubuntu-keyring (2016.05.13-2) unstable; urgency=medium +ubuntu-keyring (2016.10.27) zesty; urgency=medium - * debian/control - - add Vcs-* - - set Build-Depends: debhelper (>= 11) - - set Standards-Version: 4.2.1 - - add Build-Depends: po-debconf - * debian/compat - - set 11 - * debian/copyright - - eliminate "global-files-wildcard-not-first-paragraph-in-dep5-copyright" - lintian warning - - use https - * Use debconf to not enable ubuntu-archive-keyring as trusted GPG key by - default. It should be enebled by user's intention (Closes: #826558) - * Add README.Debian about above change - - -- Hideki Yamane Wed, 29 Aug 2018 16:34:00 +0900 - -ubuntu-keyring (2016.05.13-1) unstable; urgency=medium - - * New upstream release - * debian/control - - add Conflicts: ubuntu-keyring since some people who put it into Debian - from Ubuntu cannot install ubuntu-archive-keyring package - (Closes: #823775) - - set Standards-Version: 3.9.8 - * debian/post{inst,rm} - - simply it. - - create symlink keyrings to /etc/apt/trusted.gpg.d/ (Closes: #823776) - Thanks to Konstantin Demin for the suggestion. - - -- Hideki Yamane Sat, 04 Jun 2016 21:24:14 +0900 - -ubuntu-keyring (2012.05.19-5) unstable; urgency=medium - - * debian/postrm - - fix "postrm called with unknown argument `upgrade'" (Closes: #813259) - - -- Hideki Yamane Mon, 01 Feb 2016 21:54:21 +0900 - -ubuntu-keyring (2012.05.19-4) unstable; urgency=medium - - * debian/postinst - - fix regression that introduced in 2012.05.19-3 - - -- Hideki Yamane Sun, 03 Jan 2016 15:44:17 +0900 - -ubuntu-keyring (2012.05.19-3) unstable; urgency=medium - - * debian/postinst - - fix lintian "command-with-path-in-maintainer-script" warning, - see https://www.debian.org/doc/manuals/developers-reference/best-pkging-practices.html#bpp-debian-maint-scripts - for the reference. - - -- Hideki Yamane Wed, 06 May 2015 21:40:18 +0900 - -ubuntu-keyring (2012.05.19-2) unstable; urgency=medium - - * debian/control - - set Standards-Version: 3.9.6 - * debian/copyright - - fix "space-in-std-shortname-in-dep5-copyright" lintian warning - - -- Hideki Yamane Sat, 24 Jan 2015 21:38:33 +0900 - -ubuntu-keyring (2012.05.19-1) unstable; urgency=medium - - * Imported to Debian (Closes: #457899) - - not make udeb package, remove ubuntu-keyring-udeb.postinst and more. - - set binary package name as ubuntu-archive-keyring - - rewrite debian/rules to modern dh style - + add debian/compat and debian/source/format - - debian/postinst - + fix lintian warning: hardcoded path - + don't touch /etc/apt/trusted.gpg permission - + add debhelper token - + set -e - - add debian/postrm - - debian/copyright - + format it as Machine-readable debian/copyright file 1.0 + * Drop 1024D key fragments. LP: #1363482 + * Remove 1024D keys from ubuntu-archive-keyring. + * Add 1024D keys to ubuntu-archive-removed-keys.gpg. + * Remove the md5sums.asc file, no longer valid. + * Regenerate SHA512SUMS.txt.asc file. - -- Hideki Yamane Mon, 23 Dec 2013 11:54:55 +0900 + -- Dimitri John Ledkov Thu, 27 Oct 2016 15:31:35 +0100 + +ubuntu-keyring (2016.09.19) yakkety; urgency=medium + + * Ship each active key in a separate keyring in /etc/apt/trusted.gpg.d/ + as conffiles for simpler usage of apt-secure(8). + * Remove all active keys from /etc/apt/trusted.gpg as they are shipped + now as fragment files. + * Depend on gpgv and only recommend gnupg. + * Stop calling apt-key update LP: #1619444 + * Generate SHA512SUMS.txt.asc file, signed by me, and verified against + debian-keyring at build time as a weak consistency check. + + -- Dimitri John Ledkov Fri, 16 Sep 2016 14:36:10 +0100 + +ubuntu-keyring (2016.09.01) yakkety; urgency=medium + + * Depend on "gnupg | gnupg1". LP: #1615039 + + -- Dimitri John Ledkov Thu, 01 Sep 2016 18:44:10 +0100 + +ubuntu-keyring (2016.05.13) yakkety; urgency=medium + + * Depend on "gnupg | gnupg2" for apt-key now that apt itself doesn't. + + -- Adam Conrad Fri, 13 May 2016 14:59:35 -0600 ubuntu-keyring (2012.05.19) quantal; urgency=low diff -Nru ubuntu-keyring-2016.05.13/debian/compat ubuntu-keyring-2016.10.27/debian/compat --- ubuntu-keyring-2016.05.13/debian/compat 2018-08-29 07:34:00.000000000 +0000 +++ ubuntu-keyring-2016.10.27/debian/compat 1970-01-01 00:00:00.000000000 +0000 @@ -1 +0,0 @@ -11 diff -Nru ubuntu-keyring-2016.05.13/debian/config ubuntu-keyring-2016.10.27/debian/config --- ubuntu-keyring-2016.05.13/debian/config 2018-08-29 07:34:00.000000000 +0000 +++ ubuntu-keyring-2016.10.27/debian/config 1970-01-01 00:00:00.000000000 +0000 @@ -1,11 +0,0 @@ -#!/bin/sh - -set -e - -. /usr/share/debconf/confmodule -db_version 2.0 - -db_input low ubuntu-archive-keyring/keyring || true -db_go - -exit 0 diff -Nru ubuntu-keyring-2016.05.13/debian/control ubuntu-keyring-2016.10.27/debian/control --- ubuntu-keyring-2016.05.13/debian/control 2018-08-29 07:34:00.000000000 +0000 +++ ubuntu-keyring-2016.10.27/debian/control 2016-09-19 17:28:35.000000000 +0000 @@ -1,20 +1,26 @@ Source: ubuntu-keyring Section: misc Priority: optional -Maintainer: Hideki Yamane -Build-Depends: debhelper (>= 11), po-debconf -Standards-Version: 4.2.1 -Homepage: https://launchpad.net/ubuntu/+source/ubuntu-keyring -Vcs-Git: https://salsa.debian.org/debian/ubuntu-keyring.git -Vcs-Browser: https://salsa.debian.org/debian/ubuntu-keyring +Maintainer: Michael Vogt +Standards-Version: 3.8.3 +Build-Depends: gnupg, debian-keyring -Package: ubuntu-archive-keyring +Package: ubuntu-keyring +Priority: important Architecture: all Multi-Arch: foreign -Pre-Depends: debconf -Depends: ${misc:Depends} -Recommends: gpgv -Conflicts: ubuntu-keyring +Depends: gpgv +Recommends: gnupg | gnupg1 Description: GnuPG keys of the Ubuntu archive The Ubuntu project digitally signs its Release files. This package contains the archive keys used for that. + +Package: ubuntu-keyring-udeb +Priority: optional +Architecture: all +Section: debian-installer +Recommends: gpgv-udeb +Description: GnuPG keys of the Ubuntu archive + The Ubuntu project digitally signs its Release files. This package + contains the archive keys used for that, in a minimal form for use + in the installer. diff -Nru ubuntu-keyring-2016.05.13/debian/copyright ubuntu-keyring-2016.10.27/debian/copyright --- ubuntu-keyring-2016.05.13/debian/copyright 2018-08-29 07:34:00.000000000 +0000 +++ ubuntu-keyring-2016.10.27/debian/copyright 2010-05-27 16:53:12.000000000 +0000 @@ -1,34 +1,25 @@ -Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ -Upstream-Name: ubuntu-keyring -Upstream-Contact: michael.vogt@canonical.com -Source: https://launchpad.net/ubuntu/+source/ubuntu-keyring - -Files: * -Copyright: 1998-2004 James Troup - 2004-2012 Michael Vogt - 2013-2018 Hideki Yamane -License: GPL-2+ - This program is free software; you can redistribute it - and/or modify it under the terms of the GNU General Public - License as published by the Free Software Foundation; either - version 2 (or later) of the License. - . - This program is distributed in the hope that it will be - useful, but WITHOUT ANY WARRANTY; without even the implied - warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR - PURPOSE. See the GNU General Public License for more - details. - . - You should have received a copy of the GNU General Public - License along with this package; if not, write to the Free - Software Foundation, Inc., 51 Franklin St, Fifth Floor, - Boston, MA 02110-1301 USA - . - On Debian systems, the full text of the GNU General Public - License version 2 can be found in the file - `/usr/share/common-licenses/GPL-2'. - -Files: keyrings/* -Copyright: no copyright (it's just a archive of GPG public keys) -License: public-domain - The keys in the keyrings don't fall under any copyright. +This is Ubuntu GNU's GnuPG keyrings of archive keys. + +This package was originally put together by Michael Vogt + + +The keys in the keyrings don't fall under any copyright. Everything +else in the package is covered by the GNU GPL. + +Ubuntu support files Copyright (C) 2004 Michael Vogt based on the debian-keyring package maintained by James Troup + +Ubuntu support files for ubuntu-keyring are free software; you can +redistribute them and/or modify them under the terms of the GNU +General Public License as published by the Free Software Foundation; +either version 2, or (at your option) any later version. + +Ubuntu support files for ubuntu-keyring are distributed in the hope +that they will be useful, but WITHOUT ANY WARRANTY; without even the +implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +PURPOSE. See the GNU General Public License for more details. + +You should have received a copy of the GNU General Public License with +your Ubuntu system, in /usr/share/common-licenses/GPL, or with the +Ubuntu GNU ubuntu-keyring source package as the file COPYING. If not, +write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth +Floor, Boston, MA 02110-1301 USA. diff -Nru ubuntu-keyring-2016.05.13/debian/docs ubuntu-keyring-2016.10.27/debian/docs --- ubuntu-keyring-2016.05.13/debian/docs 2018-08-29 07:34:00.000000000 +0000 +++ ubuntu-keyring-2016.10.27/debian/docs 1970-01-01 00:00:00.000000000 +0000 @@ -1 +0,0 @@ -md5sums.txt diff -Nru ubuntu-keyring-2016.05.13/debian/install ubuntu-keyring-2016.10.27/debian/install --- ubuntu-keyring-2016.05.13/debian/install 2018-08-29 07:34:00.000000000 +0000 +++ ubuntu-keyring-2016.10.27/debian/install 1970-01-01 00:00:00.000000000 +0000 @@ -1 +0,0 @@ -keyrings/*.gpg usr/share/keyrings/ diff -Nru ubuntu-keyring-2016.05.13/debian/po/POTFILES.in ubuntu-keyring-2016.10.27/debian/po/POTFILES.in --- ubuntu-keyring-2016.05.13/debian/po/POTFILES.in 2018-08-29 07:34:00.000000000 +0000 +++ ubuntu-keyring-2016.10.27/debian/po/POTFILES.in 1970-01-01 00:00:00.000000000 +0000 @@ -1 +0,0 @@ -[type: gettext/rfc822deb] templates diff -Nru ubuntu-keyring-2016.05.13/debian/po/templates.pot ubuntu-keyring-2016.10.27/debian/po/templates.pot --- ubuntu-keyring-2016.05.13/debian/po/templates.pot 2018-08-29 07:34:00.000000000 +0000 +++ ubuntu-keyring-2016.10.27/debian/po/templates.pot 1970-01-01 00:00:00.000000000 +0000 @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the ubuntu-keyring package. -# FIRST AUTHOR , YEAR. -# -#, fuzzy -msgid "" -msgstr "" -"Project-Id-Version: ubuntu-keyring\n" -"Report-Msgid-Bugs-To: ubuntu-keyring@packages.debian.org\n" -"POT-Creation-Date: 2018-12-22 09:13+0900\n" -"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" -"Last-Translator: FULL NAME \n" -"Language-Team: LANGUAGE \n" -"Language: \n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=CHARSET\n" -"Content-Transfer-Encoding: 8bit\n" - -#. Type: multiselect -#. Description -#: ../templates:1001 -msgid "Which keyring is trusted GPG key used by apt to authenticate packages?" -msgstr "" - -#. Type: multiselect -#. Description -#: ../templates:1001 -msgid "" -"If you want to use Ubuntu archive as same as Debian archive in some " -"situation (e.g. chdist from devscripts package), you should enable ubuntu-" -"archive-keyring as whole system trusted GPG key (and also ubuntu-archive-" -"removed-keys for obsolete Ubuntu archive)." -msgstr "" - -#. Type: multiselect -#. Description -#: ../templates:1001 -msgid "" -"However, note that adding those keyring as system trusted key is not " -"necessary in most cases (e.g. debootstrap) and may be a risk for your system." -msgstr "" diff -Nru ubuntu-keyring-2016.05.13/debian/postinst ubuntu-keyring-2016.10.27/debian/postinst --- ubuntu-keyring-2016.05.13/debian/postinst 2018-08-29 07:34:00.000000000 +0000 +++ ubuntu-keyring-2016.10.27/debian/postinst 2016-09-19 18:11:40.000000000 +0000 @@ -2,34 +2,17 @@ set -e -case "$1" in - install|configure) +if [ "$1" = 'configure' -a -n "$2" ]; then + # remove keys from the trusted.gpg file as they are now shipped in fragment files in trusted.gpg.d + if dpkg --compare-versions "$2" 'lt' "2016.09.19" && which gpg > /dev/null && which apt-key > /dev/null; then + TRUSTEDFILE='/etc/apt/trusted.gpg' + eval $(apt-config shell TRUSTEDFILE Apt::GPGV::TrustedKeyring) + eval $(apt-config shell TRUSTEDFILE Dir::Etc::Trusted/f) + if [ -e "$TRUSTEDFILE" ]; then + for KEY in 40976EAF437D05B5 46181433FBB75451 3B4FE6ACC0B21F32 D94AA3F0EFE21092; do + apt-key --keyring "$TRUSTEDFILE" del $KEY > /dev/null 2>&1 || : + done + fi + fi +fi - . /usr/share/debconf/confmodule - db_version 2.0 - db_get ubuntu-archive-keyring/keyring - - if [ -n "$RET" ]; then - for keyring in "$RET" - do - rm -f /etc/apt/trusted.gpg.d/"$keyring".gpg - ln -sf /usr/share/keyrings/"$keyring".gpg /etc/apt/trusted.gpg.d/ - done - fi - - db_stop - - ;; - - abort-upgrade|abort-remove|abort-deconfigure) - ;; - - *) - echo "postinst called with unknown argument \`$1'" >&2 - exit 1 - ;; -esac - -#DEBHELPER# - -exit 0 diff -Nru ubuntu-keyring-2016.05.13/debian/postrm ubuntu-keyring-2016.10.27/debian/postrm --- ubuntu-keyring-2016.05.13/debian/postrm 2018-08-29 07:34:00.000000000 +0000 +++ ubuntu-keyring-2016.10.27/debian/postrm 1970-01-01 00:00:00.000000000 +0000 @@ -1,19 +0,0 @@ -#!/bin/sh - -set -e - -case "$1" in - purge|remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) - - rm -f /etc/apt/trusted.gpg.d/ubuntu-archive-keyring.gpg \ - /etc/apt/trusted.gpg.d/ubuntu-archive-removed-keys.gpg - ;; - *) - echo "postrm called with unknown argument \`$1'" >&2 - exit 1 - ;; -esac - -#DEBHELPER# - -exit 0 diff -Nru ubuntu-keyring-2016.05.13/debian/rules ubuntu-keyring-2016.10.27/debian/rules --- ubuntu-keyring-2016.05.13/debian/rules 2018-08-29 07:34:00.000000000 +0000 +++ ubuntu-keyring-2016.10.27/debian/rules 2016-10-27 14:36:52.000000000 +0000 @@ -1,13 +1,90 @@ #!/usr/bin/make -f -# Uncomment this to turn on verbose mode. -#export DH_VERBOSE=1 +# debian/rules file - for debian/keyring +# Based on sample debian/rules file - for GNU Hello (1.3). +# Copyright 1994,1995 by Ian Jackson. +# Copyright 1998-2003 James Troup +# I hereby give you perpetual unlimited permission to copy, +# modify and relicense this file, provided that you do not remove +# my name from the file itself. (I assert my moral right of +# paternity under the Copyright, Designs and Patents Act 1988.) +# This file may have to be extensively modified -%: - dh $@ +install_dir=install -d -m 755 +install_file=install -m 644 +install_script=install -m 755 +install_binary=install -m 755 -s -override_dh_installchangelogs: - dh_installchangelogs -Xchangelog +VERSION := $(shell dpkg-parsechangelog | grep ^Version: | cut -d' ' -f2) -override_dh_clean: - dh_clean - debconf-updatepo +build: + +clean: + $(checkdir) + -rm -f foo foo.asc *.bak *~ */*~ debian/files* debian/*substvars + -rm -rf debian/tmp debian/ubuntu-keyring-udeb + +binary-indep: checkroot checkkeyrings + $(checkdir) + -rm -rf debian/tmp + $(install_dir) debian/tmp/DEBIAN/ + $(install_script) debian/postinst debian/tmp/DEBIAN/ + + $(install_dir) debian/tmp/usr/share/keyrings/ + $(install_file) keyrings/ubuntu-archive-keyring.gpg debian/tmp/usr/share/keyrings/ + $(install_file) keyrings/ubuntu-archive-removed-keys.gpg debian/tmp/usr/share/keyrings/ + $(install_file) keyrings/ubuntu-master-keyring.gpg debian/tmp/usr/share/keyrings/ + + $(install_dir) debian/tmp/etc/apt/trusted.gpg.d/ + $(install_file) keyrings/ubuntu-keyring-2012-archive.gpg debian/tmp/etc/apt/trusted.gpg.d/ + $(install_file) keyrings/ubuntu-keyring-2012-cdimage.gpg debian/tmp/etc/apt/trusted.gpg.d/ + + $(install_dir) debian/tmp/usr/share/doc/ubuntu-keyring/ + $(install_file) README debian/tmp/usr/share/doc/ubuntu-keyring/ + $(install_file) debian/changelog debian/tmp/usr/share/doc/ubuntu-keyring/changelog + gzip -9v debian/tmp/usr/share/doc/ubuntu-keyring/* + $(install_file) debian/copyright debian/tmp/usr/share/doc/ubuntu-keyring/ + cd debian/tmp; find -type f \! -regex '.*/DEBIAN/.*' -printf '%P\0' | xargs -r0 md5sum >DEBIAN/md5sums + + dpkg-gencontrol -pubuntu-keyring -isp + chown -R root.root debian/tmp + chmod -R go=rX debian/tmp + dpkg --build debian/tmp .. + + -rm -rf debian/ubuntu-keyring-udeb + $(install_dir) debian/ubuntu-keyring-udeb/DEBIAN/ + + $(install_dir) debian/ubuntu-keyring-udeb/usr/share/keyrings/ + $(install_file) keyrings/ubuntu-archive-keyring.gpg debian/ubuntu-keyring-udeb/usr/share/keyrings/ + install -m 755 debian/ubuntu-keyring-udeb.postinst debian/ubuntu-keyring-udeb/DEBIAN/postinst + + # Don't let dpkg-gencontrol write incorrect guesses to debian/files. + # Instead, register the udeb manually. + dpkg-gencontrol -nubuntu-keyring-udeb_$(VERSION)_all.udeb -pubuntu-keyring-udeb -Tdebian/ubuntu-keyring-udeb.substvars -Pdebian/ubuntu-keyring-udeb -isp + chown -R root.root debian/ubuntu-keyring-udeb + chmod -R go=rX debian/ubuntu-keyring-udeb + dpkg --build debian/ubuntu-keyring-udeb ../ubuntu-keyring-udeb_$(VERSION)_all.udeb + +binary-arch: + +define checkdir + test -f keyrings/ubuntu-archive-keyring.gpg +endef + +# Below here is fairly generic really + +binary: binary-indep binary-arch + +checkroot: + $(checkdir) + test root = "`whoami`" + +regenerate-key-fragments: + rm -f keyrings/ubuntu-keyring-*.gpg + gpg --no-default-keyring --keyring ./keyrings/ubuntu-archive-keyring.gpg --output keyrings/ubuntu-keyring-2012-archive.gpg --export 0x790BC7277767219C42C86F933B4FE6ACC0B21F32 + gpg --no-default-keyring --keyring ./keyrings/ubuntu-archive-keyring.gpg --output keyrings/ubuntu-keyring-2012-cdimage.gpg --export 0x843938DF228D22F7B3742BC0D94AA3F0EFE21092 + sha512sum keyrings/*.gpg | gpg --clearsign > SHA512SUMS.txt.asc + +checkkeyrings: + gpg --no-default-keyring --keyring /usr/share/keyrings/debian-keyring.gpg --decrypt SHA512SUMS.txt.asc | sha512sum -c - + +.PHONY: binary binary-arch binary-indep clean checkroot checkkeyrings build diff -Nru ubuntu-keyring-2016.05.13/debian/source/format ubuntu-keyring-2016.10.27/debian/source/format --- ubuntu-keyring-2016.05.13/debian/source/format 2018-08-29 07:34:00.000000000 +0000 +++ ubuntu-keyring-2016.10.27/debian/source/format 1970-01-01 00:00:00.000000000 +0000 @@ -1 +0,0 @@ -3.0 (quilt) diff -Nru ubuntu-keyring-2016.05.13/debian/templates ubuntu-keyring-2016.10.27/debian/templates --- ubuntu-keyring-2016.05.13/debian/templates 2018-08-29 07:34:00.000000000 +0000 +++ ubuntu-keyring-2016.10.27/debian/templates 1970-01-01 00:00:00.000000000 +0000 @@ -1,12 +0,0 @@ -Template: ubuntu-archive-keyring/keyring -Type: multiselect -Choices: ubuntu-archive-keyring, ubuntu-archive-removed-keys -Default: -_Description: Which keyring is trusted GPG key used by apt to authenticate packages? - If you want to use Ubuntu archive as same as Debian archive in some situation - (e.g. chdist from devscripts package), you should enable - ubuntu-archive-keyring as whole system trusted GPG key (and also - ubuntu-archive-removed-keys for obsolete Ubuntu archive). - . - However, note that adding those keyring as system trusted key is not - necessary in most cases (e.g. debootstrap) and may be a risk for your system. diff -Nru ubuntu-keyring-2016.05.13/debian/ubuntu-keyring-udeb.postinst ubuntu-keyring-2016.10.27/debian/ubuntu-keyring-udeb.postinst --- ubuntu-keyring-2016.05.13/debian/ubuntu-keyring-udeb.postinst 1970-01-01 00:00:00.000000000 +0000 +++ ubuntu-keyring-2016.10.27/debian/ubuntu-keyring-udeb.postinst 2010-05-27 16:53:12.000000000 +0000 @@ -0,0 +1,6 @@ +#!/bin/sh +set -e +DIR=/usr/share/keyrings +if [ ! -e $DIR/archive.gpg ]; then + ln -s ubuntu-archive-keyring.gpg $DIR/archive.gpg +fi