From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:47158)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1evSPZ-0001JR-QK
	for guix-patches@gnu.org; Mon, 12 Mar 2018 14:43:07 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1evSPW-0001AE-Nb
	for guix-patches@gnu.org; Mon, 12 Mar 2018 14:43:05 -0400
Received: from debbugs.gnu.org ([208.118.235.43]:49612)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1evSPW-00019y-JF
	for guix-patches@gnu.org; Mon, 12 Mar 2018 14:43:02 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1evSPW-0008Kn-CJ
	for guix-patches@gnu.org; Mon, 12 Mar 2018 14:43:02 -0400
Subject: [bug#30709] [PATCH 3/4] gnu: Add ubuntu-keyring.
Resent-Message-ID: <handler.30709.B30709.152088014131985@debbugs.gnu.org>
Date: Mon, 12 Mar 2018 20:42:11 +0200
From: Efraim Flashner <efraim@flashner.co.il>
Message-ID: <20180312184211.GA1184@macbook41>
References: <20180305092625.1014-1-efraim@flashner.co.il>
	<20180305092907.1191-1-efraim@flashner.co.il>
	<20180305092907.1191-3-efraim@flashner.co.il>
	<87d10cjmvy.fsf@fastmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature"; boundary="ReaqsoxgOBHFXBhH"
Content-Disposition: inline
In-Reply-To: <87d10cjmvy.fsf@fastmail.com>
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-patches/>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org
Sender: "Guix-patches" <guix-patches-bounces+kyle=kyleam.com@gnu.org>
To: Marius Bakke <mbakke@fastmail.com>
Cc: 30709@debbugs.gnu.org


--ReaqsoxgOBHFXBhH
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, Mar 10, 2018 at 10:33:21AM +0100, Marius Bakke wrote:
> Efraim Flashner <efraim@flashner.co.il> writes:
>=20
> > * gnu/packages/debian.scm (ubuntu-keyring): New variable.
>=20
> [...]
>=20
> > +    (build-system trivial-build-system)
> > +    (arguments
> > +     `(#:modules ((guix build utils))
> > +       #:builder (begin
> > +                   (use-modules (guix build utils))
> > +                   (let* ((out (assoc-ref %outputs "out"))
> > +                          (apt (string-append out "/etc/apt/trusted.gp=
g.d/"))
> > +                          (key (string-append out "/share/keyrings/")))
> > +                     (setenv "PATH" (string-append
> > +                                      (assoc-ref %build-inputs "gzip")=
 "/bin:"
> > +                                      (assoc-ref %build-inputs "tar") =
"/bin"))
> > +                     (invoke "tar" "xvf" (assoc-ref %build-inputs "sou=
rce"))
> > +                     (for-each (lambda (file)
> > +                                 (install-file file key)
> > +                                 (install-file file apt))
> > +                               (find-files "." "\\.gpg$")))
> > +                   #t)))
>=20
> Why is having the same files in out/share/keyrings and
> out/etc/apt/trusted.gpg.d necessary?
>=20
> (this was perhaps the case with the Debian keyring too?)

This wasn't actually the case for the Debian keyring, I was more careful
about installing the keyring files to the correct directories. I've gone
ahead and fixed the Ubuntu ones.

$ apt-file show debian-archive-keyring
debian-archive-keyring: /etc/apt/trusted.gpg.d/debian-archive-jessie-automa=
tic.gpg
debian-archive-keyring: /etc/apt/trusted.gpg.d/debian-archive-jessie-securi=
ty-automatic.gpg
debian-archive-keyring: /etc/apt/trusted.gpg.d/debian-archive-jessie-stable=
=2Egpg
debian-archive-keyring: /etc/apt/trusted.gpg.d/debian-archive-squeeze-autom=
atic.gpg
debian-archive-keyring: /etc/apt/trusted.gpg.d/debian-archive-squeeze-stabl=
e.gpg
debian-archive-keyring: /etc/apt/trusted.gpg.d/debian-archive-wheezy-automa=
tic.gpg
debian-archive-keyring: /etc/apt/trusted.gpg.d/debian-archive-wheezy-stable=
=2Egpg
debian-archive-keyring: /usr/share/doc/debian-archive-keyring/README
debian-archive-keyring: /usr/share/doc/debian-archive-keyring/changelog.gz
debian-archive-keyring: /usr/share/doc/debian-archive-keyring/copyright
debian-archive-keyring: /usr/share/keyrings/debian-archive-keyring.gpg
debian-archive-keyring: /usr/share/keyrings/debian-archive-removed-keys.gpg

$ tree /gnu/store/af8qx6kva04fzxm13sbjb998h1sqbrrz-debian-archive-keyring-2=
017.7/
/gnu/store/af8qx6kva04fzxm13sbjb998h1sqbrrz-debian-archive-keyring-2017.7/
|-- etc
|   `-- apt
|       `-- trusted.gpg.d
|           |-- debian-archive-jessie-automatic.gpg
|           |-- debian-archive-jessie-security-automatic.gpg
|           |-- debian-archive-jessie-stable.gpg
|           |-- debian-archive-stretch-automatic.gpg
|           |-- debian-archive-stretch-security-automatic.gpg
|           |-- debian-archive-stretch-stable.gpg
|           |-- debian-archive-wheezy-automatic.gpg
|           `-- debian-archive-wheezy-stable.gpg
`-- share
    `-- keyrings
        |-- debian-archive-keyring.gpg
        `-- debian-archive-removed-keys.gpg

$ apt-file show ubuntu-keyring
ubuntu-keyring: /usr/share/doc/ubuntu-keyring/README.gz
ubuntu-keyring: /usr/share/doc/ubuntu-keyring/changelog.gz
ubuntu-keyring: /usr/share/doc/ubuntu-keyring/copyright
ubuntu-keyring: /usr/share/keyrings/ubuntu-archive-keyring.gpg
ubuntu-keyring: /usr/share/keyrings/ubuntu-archive-removed-keys.gpg
ubuntu-keyring: /usr/share/keyrings/ubuntu-master-keyring.gpg

$ tree /gnu/store/iayj7kvhd7y6dl50gf6i63calgirj6ry-ubuntu-keyring-2018.02.2=
8/
/gnu/store/iayj7kvhd7y6dl50gf6i63calgirj6ry-ubuntu-keyring-2018.02.28/
|-- etc
|   `-- apt
|       `-- trusted.gpg.d
|           |-- ubuntu-cloud-keyring.gpg
|           |-- ubuntu-cloud-removed-keys.gpg
|           |-- ubuntu-cloudimage-keyring.gpg
|           |-- ubuntu-cloudimage-removed-keys.gpg
|           |-- ubuntu-dbgsym-keyring.gpg
|           |-- ubuntu-dbgsym-removed-keys.gpg
|           |-- ubuntu-keyring-2012-archive.gpg
|           |-- ubuntu-keyring-2012-cdimage.gpg
|           |-- ubuntu-keyring-2012-cloud-archive.gpg
|           `-- ubuntu-keyring-2016-dbgsym.gpg
`-- share
    `-- keyrings
        |-- ubuntu-archive-keyring.gpg
        |-- ubuntu-archive-removed-keys.gpg
        `-- ubuntu-master-keyring.gpg

--=20
Efraim Flashner   <efraim@flashner.co.il>   =D7=90=D7=A4=D7=A8=D7=99=D7=9D =
=D7=A4=D7=9C=D7=A9=D7=A0=D7=A8
GPG key =3D A28B F40C 3E55 1372 662D  14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted

--ReaqsoxgOBHFXBhH
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEoov0DD5VE3JmLRT3Qarn3Mo9g1EFAlqmyf8ACgkQQarn3Mo9
g1GPyg/9G9LABRg0LhV024B8dkD4tpXn4+eVZnPH2I6idoT1qfTMBg25TgD8GFKo
gOvIJ868eCBrk5MbS1lj4C3XZ2ogl3Y03JBl5baQcbwIhiUURQl+cKdg7Ypk8Itf
V35jatwN42VjYdWlRJB0E9pgYu83VWh+0kXjKJe8UuelyTn9MrRuSRNXmU0AcRMS
xChNa0OLJc9Ou6kKhM6br6JAwjKuOTdDMOnUVD8rAgB0qbke08lin06Df5KRMM/4
sLxhWl/jebjkaddzGpcaSg6FC0w+2VrkpXwx8p2PkKaCTK8S09p2TvYMT5QIO1Yo
o/UwhefyDi1vkuAsruhZnn6AjqwfwOMn9nVQr/+s4ow/oR6TI0VO0k1MY4Ec5BF4
IefDthrjV44FusFOZ0lLQ4/0d5Gb637ibs7wa/Wclg4GeoEiBtP2PFydW4E5iOo7
CINFnJtvjAc/2kZ2zF+8AA/cPean2vIdP5DcLDKphuNNnc/mRiwxfXzPCzoEbdrH
IZzrHna0ynGNpiH7R0KlWXH4tJKtFEZqCuMs3Op1gzor0AyIMjnMlf9niUCTVrx4
73BXD4EpzCZgVKMb8i8wSxmkpkOD+aKkatEvu9FS41VlSp5IPKAUu3EBKbMR6f/D
w8IwkX0MzhJVthUtydn5AxmIPuq/gR9jkWTIxXvhwT7uxlBY2oc=
=lZMl
-----END PGP SIGNATURE-----

--ReaqsoxgOBHFXBhH--