ubuntu-keyring
I'm struggling to understand, from a casual inspection, what the change that
introduced this is trying to achieve.
So it was trying to fix this
bug, which is actually in a completely separate package.
I guess the first thing is to understand what this net-update mode
for apt-key is.
Aha. That appears to be an Ubuntu-ism: AptArchiveKeySignatures
Anyway, having looked at the /etc/cron.daily/apt script that ships
with Ubuntu's apt package, I fail to see how the changes to
ubuntu-keyring address bug 192074. The net_update()
function of apt-key is still going to spit out stuff.
Oh wait, I see. The cron job will still spit out output when it actually
decides that something should have been done. The presence of
/var/lib/apt/keyrings/ubuntu-archive-keyring.gpg will mean the
stat call will return a valid mtime, so more often than not,
because the mtime is unchanged, the cron job won't feel the need to actually
do anything that produces output. I guess it's reasonable to produce output
on the odd occasion that a key update actually occurs. Fair enough.
I'm not sure I'd be using mtimes to make the decision though. I'd be more
inclined to use the MD5 checksum of the files, but that's just me.
So guess I've now had less of a casual inspection, and understand what the
change was trying to achieve. It just failed miserably by not ensuring the
directory existed. Oh well, patch supplied.
