remove_key_from_keyring() {
local GPG="$GPG_CMD --keyring $1"
# check if the key is in this keyring: the key id is in the 5 column at the end
- if ! $GPG --with-colons --list-keys 2>&1 | grep -q "^pub:[^:]*:[^:]*:[^:]*:[0-9A-F]*$2:"; then
- return
+ if ! $GPG --with-colons --list-keys 2>&1 | grep -qi "^pub:[^:]*:[^:]*:[^:]*:[0-9A-F]*$2:"; then
+ return 1
fi
if [ ! -w "$1" ]; then
echo >&2 "Key ${2} is in keyring ${1}, but can't be removed as it is read only."
remove_key() {
requires_root
+ local NOTFOUND=1
+ local RET=0
# if a --keyring was given, just remove from there
if [ -n "$FORCED_KEYRING" ]; then
- remove_key_from_keyring "$FORCED_KEYRING" "$1"
+ remove_key_from_keyring "$FORCED_KEYRING" "$1" || RET=$?
+ NOTFOUND=$RET
else
# otherwise all known keyrings are up for inspection
local TRUSTEDFILE="/etc/apt/trusted.gpg"
eval $(apt-config shell TRUSTEDFILE Apt::GPGV::TrustedKeyring)
eval $(apt-config shell TRUSTEDFILE Dir::Etc::Trusted/f)
- remove_key_from_keyring "$TRUSTEDFILE" "$1"
+ remove_key_from_keyring "$TRUSTEDFILE" "$1" || RET=$?
+ NOTFOUND=$RET
TRUSTEDPARTS="/etc/apt/trusted.gpg.d"
eval $(apt-config shell TRUSTEDPARTS Dir::Etc::TrustedParts/d)
if [ -d "$TRUSTEDPARTS" ]; then
for trusted in $(run-parts --list "$TRUSTEDPARTS" --regex '^.*\.gpg$'); do
- remove_key_from_keyring "$trusted" "$1"
+ RET=0
+ remove_key_from_keyring "$trusted" "$1" || RET=$?
+ if [ $RET -eq 0 ]; then
+ NOTFOUND=0
+ fi
done
fi
fi
+ if [ $NOTFOUND -ne 0 ]; then
+ echo >&2 "ERROR: The specified keyid '$1' was not found"
+ return 1
+ fi
echo "OK"
}
aptkey list | grep '^pub' > aptkey.list
testfileequal ./aptkey.list 'pub 2048R/DBAC8DAE 2010-08-18'
+msgtest "Try to remove a" 'nonexistent keyid'
+testfailure --nomsg aptkey --fakeroot --keyring rootdir/etc/apt/trusted.gpg del BOGUSKEY
+
+aptkey list | grep '^pub' > aptkey2.list
+testsuccess diff ./aptkey.list ./aptkey2.list
+
msgtest "Try to remove a key which exists, but isn't in the" 'forced keyring'
testsuccess --nomsg aptkey --fakeroot --keyring rootdir/etc/apt/trusted.gpg del DBAC8DAE
testsuccess test ! -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
+msgtest 'Test key removal with' 'lowercase keyid'
+cleanplate
+cp -a keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
+testsuccess --nomsg aptkey --fakeroot del dbac8dae
+testempty aptkey list
+testsuccess test ! -e rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
+testsuccess cmp keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg~
+
msgtest 'Test key removal with' 'single key in softlink'
cleanplate
ln -s $(readlink -f ./keys/joesixpack.pub) rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg