aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2024-07-16 18:33:56 -0300
committerSilvio Rhatto <rhatto@riseup.net>2024-07-16 18:33:56 -0300
commitdc1b677799bd6d827e6e371ea8d65fbeb78019b8 (patch)
treed964af7449455c88af56df9616066739c9dbdd24
parentb03c4c9680b1f7069755b353de9d5923fc2e16c9 (diff)
downloadtrashman-dc1b677799bd6d827e6e371ea8d65fbeb78019b8.tar.gz
trashman-dc1b677799bd6d827e6e371ea8d65fbeb78019b8.tar.bz2
Fix: trashman: tor: ensure seamless deb.torproject.org-keyring upgrades
Diffstat
-rw-r--r--share/trashman/tor/unix/linux/debian/files/usr/share/keyrings/deb.torproject.org-keyring.gpg (renamed from share/trashman/tor/unix/linux/debian/files/etc/apt/trusted.gpg.d/torproject.org.gpg)bin37730 -> 38678 bytes
-rwxr-xr-xshare/trashman/tor/unix/linux/debian/install28
2 files changed, 20 insertions, 8 deletions
diff --git a/share/trashman/tor/unix/linux/debian/files/etc/apt/trusted.gpg.d/torproject.org.gpg b/share/trashman/tor/unix/linux/debian/files/usr/share/keyrings/deb.torproject.org-keyring.gpg
index 7614b20..738ef5d 100644
--- a/share/trashman/tor/unix/linux/debian/files/etc/apt/trusted.gpg.d/torproject.org.gpg
+++ b/share/trashman/tor/unix/linux/debian/files/usr/share/keyrings/deb.torproject.org-keyring.gpg
Binary files differ
diff --git a/share/trashman/tor/unix/linux/debian/install b/share/trashman/tor/unix/linux/debian/install
index 6676c8d..5b70819 100755
--- a/share/trashman/tor/unix/linux/debian/install
+++ b/share/trashman/tor/unix/linux/debian/install
@@ -7,6 +7,7 @@
SHARE="$1"
LIB="$2"
REQUIREMENTS="apt-transport-https wget gnupg"
+KEYRING="/usr/share/keyrings/deb.torproject.org-keyring.gpg"
# Include basic functions
. $LIB/trashman/functions || exit 1
@@ -19,16 +20,27 @@ trashman_apt_install $REQUIREMENTS
DISTRIBUTION="`trashman_debian_major_version_name`"
cat <<-EOF > /etc/apt/sources.list.d/tor.list
- deb [signed-by=/etc/apt/trusted.gpg.d/torproject.org.gpg] https://deb.torproject.org/torproject.org $DISTRIBUTION main
- deb-src [signed-by=/etc/apt/trusted.gpg.d/torproject.org.gpg] https://deb.torproject.org/torproject.org $DISTRIBUTION main
+ deb [signed-by=${KEYRING}] https://deb.torproject.org/torproject.org $DISTRIBUTION main
+ deb-src [signed-by=${KEYRING}] https://deb.torproject.org/torproject.org $DISTRIBUTION main
EOF
-# Remove key from old location
+# Remove key from old locations
rm -f /usr/share/keyrings/tor-archive-keyring.gpg
-
-#wget -O- https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | gpg --dearmor | tee /usr/share/keyrings/tor-archive-keyring.gpg >/dev/null
-cp $SHARE/tor/unix/linux/debian/files/etc/apt/trusted.gpg.d/torproject.org.gpg /etc/apt/trusted.gpg.d/
-
-apt update && apt install -y tor deb.torproject.org-keyring
+rm -f /etc/apt/trusted.gpg.d/ /etc/apt/trusted.gpg.d/torproject.org.gpg
+
+# Install temporary keyring
+# Details at https://support.torproject.org/apt/tor-deb-repo/
+#wget -O- https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | \
+# gpg --dearmor | tee /usr/share/keyrings/deb.torproject.org-keyring.gpg > /dev/null
+if [ ! -e "${KEYRING}" ]; then
+ cp $SHARE/tor/unix/linux/debian/files/${KEYRING} ${KEYRING}
+fi
+
+# Now that we have the config and the keyring, leave it to be managed by
+# deb.torproject.org-keyring package.
+#
+# Do an upgrade first to make sure we have the latest keyring package
+# installed if that's not the first time this script is running.
+apt update && apt upgrade -y && apt install -y tor deb.torproject.org-keyring
#rm -rf /var/lib/apt/lists/*
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-03 17:40:53 +0000