From mboxrd@z Thu Jan 1 00:00:00 1970 From: Peter =?utf-8?q?M=C3=BCller?= To: development@lists.ipfire.org Subject: [PATCH] Core Update 166: Drop old 2007 Pakfire key, and remove it from existing installations Date: Mon, 21 Mar 2022 11:44:48 +0000 Message-ID: <5d58d997-0219-3ea3-ed96-04cba303ebfb@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============6034944892284735729==" List-Id: --===============6034944892284735729== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable It is not necessary to have this key present on IPFire systems anymore, since it has not been in use for years, and we can expect systems to be sufficiently up-to-date, so they no longer need to rely on old updates or add-ons signed with this key. Also, given the current key was generated in 2018, we should consider a Pakfire key rollover soon. Signed-off-by: Peter M=C3=BCller --- config/rootfiles/common/pakfire | 1 - config/rootfiles/core/166/filelists/files | 1 + config/rootfiles/core/166/update.sh | 6 +++++ src/initscripts/system/pakfire | 3 --- src/pakfire/pakfire-2007.key | 31 ----------------------- 5 files changed, 7 insertions(+), 35 deletions(-) delete mode 100644 src/pakfire/pakfire-2007.key diff --git a/config/rootfiles/common/pakfire b/config/rootfiles/common/pakfire index 0487c58f9..bd5559597 100644 --- a/config/rootfiles/common/pakfire +++ b/config/rootfiles/common/pakfire @@ -6,7 +6,6 @@ opt/pakfire/db/rootfiles #opt/pakfire/etc #opt/pakfire/pakfire.conf opt/pakfire/etc/pakfire.conf -opt/pakfire/pakfire-2007.key opt/pakfire/pakfire-2018.key #opt/pakfire/lib opt/pakfire/lib/functions.pl diff --git a/config/rootfiles/core/166/filelists/files b/config/rootfiles/cor= e/166/filelists/files index b77c7fa07..6bb3c8d82 100644 --- a/config/rootfiles/core/166/filelists/files +++ b/config/rootfiles/core/166/filelists/files @@ -1,5 +1,6 @@ etc/inittab.d etc/rc.d/init.d/firewall +etc/rc.d/init.d/pakfire srv/web/ipfire/cgi-bin/connections.cgi srv/web/ipfire/cgi-bin/ids.cgi usr/lib/firewall/rules.pl diff --git a/config/rootfiles/core/166/update.sh b/config/rootfiles/core/166/= update.sh index 3924039c6..1370555b0 100644 --- a/config/rootfiles/core/166/update.sh +++ b/config/rootfiles/core/166/update.sh @@ -34,11 +34,17 @@ done # Remove files rm -vf \ /etc/dracut.conf \ + /opt/pakfire/pakfire-2007.key \ /usr/bin/mkinitrd \ /usr/lib/dracut \ /usr/local/bin/ovpn-ccd-convert \ /usr/local/bin/rebuild-initrd =20 +# Delete old 2007 Pakfire key from GPG keyring +export GNUPGHOME=3D"/opt/pakfire/etc/.gnupg" +gpg --batch --yes --delete-keys 179740DC4D8C47DC63C099C74BDE364C64D96617 +unset GNUPGHOME + # Stop services =20 # Extract files diff --git a/src/initscripts/system/pakfire b/src/initscripts/system/pakfire index 4fe399403..1305bda48 100644 --- a/src/initscripts/system/pakfire +++ b/src/initscripts/system/pakfire @@ -29,9 +29,6 @@ case "${1}" in boot_mesg "Setting up Pakfire Package Manager..." gpg --import /opt/pakfire/pakfire-2018.key &>/dev/null evaluate_retval - - # Try to import the old key, too - gpg --import /opt/pakfire/pakfire-2007.key &>/dev/null ;; =20 *) diff --git a/src/pakfire/pakfire-2007.key b/src/pakfire/pakfire-2007.key deleted file mode 100644 index ced120ad8..000000000 --- a/src/pakfire/pakfire-2007.key +++ /dev/null @@ -1,31 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- - -mQGiBEYssZ8RBACcbHcYW+gPbjPFxv4ImlK1FgXV3s65Nnu7V9kghB7AZXterMVM -rZ87sNEw6J3JT32k0e9iBukA1QrshPg3c/mL+2/lMvvxsUW19rj/8ZBCCnP1Svgq -9q0OSJfadbm9b6Ndj06D/3EM+VpY5aI7XgNenh7ZcDbY9m8YDPdu0OF9uwCgltJS -+Pzjr16bJ/VnI549LfIG2KkEAJZWQmLQSXbl4VVEOSyaaJN8ugGBnZtnaL6IBE9K -0FHoZU3GaEOP6L3IUHUzyWsrpC/G44hGPC3xIbr5VG3sJ6hUc3J2rjx1clFdyN6A -bte9EWk1HkRFdaMfDn86vhIjn7znHU4cbvQLIpgB12+y2P/ydqLwyuyf6rV1JEWk -pSXpA/91LnlvICvqompSmrpLKpb+DSe59tr/r5GI36VNnqWt32InmF0N2ceLwG1F -K62M4Tf5/OZOg5m3uoTTHWf355+7NJjyPzT+DYbsuK56TNd/cFPeVdisdteeuINj -3DIC/8H9Y7mvYMAoSNtdA74JrdzGiqH2zSTB/oa/nwDXFekrq7Q2TWljaGFlbCBU -cmVtZXIgKFBha2ZpcmUgU2lnbmluZyBLZXkpIDxwYWtzQGlwZmlyZS5vcmc+iFoE -ExECABoFAkYssZ8CGwMCCwIDFQIDAxYCAQIeAQIXgAAKCRBL3jZMZNlmF0pBAJ95 -S5xzasjMQLpvOWA9E4JG3YJasQCfbNpdZXbZHr7Io7hLR9iJ+OhybfuIawQQEQIA -KwUCRi3ByAWDAeKFAB4aaHR0cDovL3d3dy5jYWNlcnQub3JnL2Nwcy5waHAACgkQ -0rsNAWXQ/VjJhQCfUQh+9wPAlyQVb9gYZ5zgHfqDY1MAn2T/VXH2+acwC4O3oV1W -Ni36NNRpuQINBEYsuJoQCAC6wq4ZMtWRGF/GeTd9l7boo40ulBth8Wr+IBK38XYv -5s+WLiTuuTCM8Thq4eY3MOfO+VXhjQen1S2e8WiZq+c55pDDAKXvBFmVNKcgkK7C -1AW85kY86aspoAK3/vi2pghlXAysTKSoW+WfoCbASDheEJopOkIMehdroraI2zTM -y8AEk+TnbRPzoFNBEYwr3J1GlkegtU3mIPpALDfpL4+HoCgS+7SfAvIlG//C+4W/ -oI/VOYHDdM5zR1av/pVZGpUK4Ao/JBxXMaqsbiP43KytbNuMRsZ+sFDs/ZtmHf1z -6AQ8mnxU0klT4ppU8Nl3hSVcvRacm6wBTvvGEqjkApkPAAMFCACKWJVpzcVAdOMP -aB08qJ+GPSSgxspaSoFPjVN307Pr1Di/ZriC/UVNrq/eUHEIvC1zIx+t3O109qVH -RMWbfCj+4/OBHJ4Ik3Nc5/8v6zaGwixJrkjohF8QLwodqazrjc+W3VsQ5jwfPpLe -DFpd3xHhj5zhXQKN0tCCk435Q/58aMQCK75St3/ymP6NGaE2s7dsXU/BwndgfxJu -Yz8LEK6phJ2t0jBiJJgcjWkoBkq8MhI6wKW6uDU4B/KKGHHLuZHg1ZKum8ASMcti -S980DlSJyfLJnUIio5F/u/csug8bHKq5pA1x+wmsUBhuH66aosNJuz35Bl4nW365 -PoahYtQBiEkEGBECAAkFAkYsuJsCGwwACgkQS942TGTZZheq7ACfTrW5OaZOhrwt -Jr+xgdjSFRrT14cAnjkEj51RQsP7LS5UTm+yce2olHDp -=3DhYb3 ------END PGP PUBLIC KEY BLOCK----- --=20 2.34.1 --===============6034944892284735729==--