From 219a998412a7d9206126c534a7d227802262b0f6 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Peter=20M=C3=BCller?= Date: Mon, 21 Mar 2022 11:44:48 +0000 Subject: [PATCH] Core Update 166: Drop old 2007 Pakfire key, and remove it from existing installations MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit It is not necessary to have this key present on IPFire systems anymore, since it has not been in use for years, and we can expect systems to be sufficiently up-to-date, so they no longer need to rely on old updates or add-ons signed with this key. Also, given the current key was generated in 2018, we should consider a Pakfire key rollover soon. Signed-off-by: Peter Müller Acked-by: Michael Tremer --- config/rootfiles/common/pakfire | 1 - config/rootfiles/core/166/filelists/files | 1 + config/rootfiles/core/166/update.sh | 6 +++++ src/initscripts/system/pakfire | 3 --- src/pakfire/pakfire-2007.key | 31 ----------------------- 5 files changed, 7 insertions(+), 35 deletions(-) delete mode 100644 src/pakfire/pakfire-2007.key diff --git a/config/rootfiles/common/pakfire b/config/rootfiles/common/pakfire index 0487c58f96..bd5559597a 100644 --- a/config/rootfiles/common/pakfire +++ b/config/rootfiles/common/pakfire @@ -6,7 +6,6 @@ opt/pakfire/db/rootfiles #opt/pakfire/etc #opt/pakfire/pakfire.conf opt/pakfire/etc/pakfire.conf -opt/pakfire/pakfire-2007.key opt/pakfire/pakfire-2018.key #opt/pakfire/lib opt/pakfire/lib/functions.pl diff --git a/config/rootfiles/core/166/filelists/files b/config/rootfiles/core/166/filelists/files index b77c7fa07f..6bb3c8d820 100644 --- a/config/rootfiles/core/166/filelists/files +++ b/config/rootfiles/core/166/filelists/files @@ -1,5 +1,6 @@ etc/inittab.d etc/rc.d/init.d/firewall +etc/rc.d/init.d/pakfire srv/web/ipfire/cgi-bin/connections.cgi srv/web/ipfire/cgi-bin/ids.cgi usr/lib/firewall/rules.pl diff --git a/config/rootfiles/core/166/update.sh b/config/rootfiles/core/166/update.sh index 3924039c66..1370555b06 100644 --- a/config/rootfiles/core/166/update.sh +++ b/config/rootfiles/core/166/update.sh @@ -34,11 +34,17 @@ done # Remove files rm -vf \ /etc/dracut.conf \ + /opt/pakfire/pakfire-2007.key \ /usr/bin/mkinitrd \ /usr/lib/dracut \ /usr/local/bin/ovpn-ccd-convert \ /usr/local/bin/rebuild-initrd +# Delete old 2007 Pakfire key from GPG keyring +export GNUPGHOME="/opt/pakfire/etc/.gnupg" +gpg --batch --yes --delete-keys 179740DC4D8C47DC63C099C74BDE364C64D96617 +unset GNUPGHOME + # Stop services # Extract files diff --git a/src/initscripts/system/pakfire b/src/initscripts/system/pakfire index 4fe3994036..1305bda484 100644 --- a/src/initscripts/system/pakfire +++ b/src/initscripts/system/pakfire @@ -29,9 +29,6 @@ case "${1}" in boot_mesg "Setting up Pakfire Package Manager..." gpg --import /opt/pakfire/pakfire-2018.key &>/dev/null evaluate_retval - - # Try to import the old key, too - gpg --import /opt/pakfire/pakfire-2007.key &>/dev/null ;; *) diff --git a/src/pakfire/pakfire-2007.key b/src/pakfire/pakfire-2007.key deleted file mode 100644 index ced120ad8d..0000000000 --- a/src/pakfire/pakfire-2007.key +++ /dev/null @@ -1,31 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- - -mQGiBEYssZ8RBACcbHcYW+gPbjPFxv4ImlK1FgXV3s65Nnu7V9kghB7AZXterMVM -rZ87sNEw6J3JT32k0e9iBukA1QrshPg3c/mL+2/lMvvxsUW19rj/8ZBCCnP1Svgq -9q0OSJfadbm9b6Ndj06D/3EM+VpY5aI7XgNenh7ZcDbY9m8YDPdu0OF9uwCgltJS -+Pzjr16bJ/VnI549LfIG2KkEAJZWQmLQSXbl4VVEOSyaaJN8ugGBnZtnaL6IBE9K -0FHoZU3GaEOP6L3IUHUzyWsrpC/G44hGPC3xIbr5VG3sJ6hUc3J2rjx1clFdyN6A -bte9EWk1HkRFdaMfDn86vhIjn7znHU4cbvQLIpgB12+y2P/ydqLwyuyf6rV1JEWk -pSXpA/91LnlvICvqompSmrpLKpb+DSe59tr/r5GI36VNnqWt32InmF0N2ceLwG1F -K62M4Tf5/OZOg5m3uoTTHWf355+7NJjyPzT+DYbsuK56TNd/cFPeVdisdteeuINj -3DIC/8H9Y7mvYMAoSNtdA74JrdzGiqH2zSTB/oa/nwDXFekrq7Q2TWljaGFlbCBU -cmVtZXIgKFBha2ZpcmUgU2lnbmluZyBLZXkpIDxwYWtzQGlwZmlyZS5vcmc+iFoE -ExECABoFAkYssZ8CGwMCCwIDFQIDAxYCAQIeAQIXgAAKCRBL3jZMZNlmF0pBAJ95 -S5xzasjMQLpvOWA9E4JG3YJasQCfbNpdZXbZHr7Io7hLR9iJ+OhybfuIawQQEQIA -KwUCRi3ByAWDAeKFAB4aaHR0cDovL3d3dy5jYWNlcnQub3JnL2Nwcy5waHAACgkQ -0rsNAWXQ/VjJhQCfUQh+9wPAlyQVb9gYZ5zgHfqDY1MAn2T/VXH2+acwC4O3oV1W -Ni36NNRpuQINBEYsuJoQCAC6wq4ZMtWRGF/GeTd9l7boo40ulBth8Wr+IBK38XYv -5s+WLiTuuTCM8Thq4eY3MOfO+VXhjQen1S2e8WiZq+c55pDDAKXvBFmVNKcgkK7C -1AW85kY86aspoAK3/vi2pghlXAysTKSoW+WfoCbASDheEJopOkIMehdroraI2zTM -y8AEk+TnbRPzoFNBEYwr3J1GlkegtU3mIPpALDfpL4+HoCgS+7SfAvIlG//C+4W/ -oI/VOYHDdM5zR1av/pVZGpUK4Ao/JBxXMaqsbiP43KytbNuMRsZ+sFDs/ZtmHf1z -6AQ8mnxU0klT4ppU8Nl3hSVcvRacm6wBTvvGEqjkApkPAAMFCACKWJVpzcVAdOMP -aB08qJ+GPSSgxspaSoFPjVN307Pr1Di/ZriC/UVNrq/eUHEIvC1zIx+t3O109qVH -RMWbfCj+4/OBHJ4Ik3Nc5/8v6zaGwixJrkjohF8QLwodqazrjc+W3VsQ5jwfPpLe -DFpd3xHhj5zhXQKN0tCCk435Q/58aMQCK75St3/ymP6NGaE2s7dsXU/BwndgfxJu -Yz8LEK6phJ2t0jBiJJgcjWkoBkq8MhI6wKW6uDU4B/KKGHHLuZHg1ZKum8ASMcti -S980DlSJyfLJnUIio5F/u/csug8bHKq5pA1x+wmsUBhuH66aosNJuz35Bl4nW365 -PoahYtQBiEkEGBECAAkFAkYsuJsCGwwACgkQS942TGTZZheq7ACfTrW5OaZOhrwt -Jr+xgdjSFRrT14cAnjkEj51RQsP7LS5UTm+yce2olHDp -=hYb3 ------END PGP PUBLIC KEY BLOCK----- -- 2.39.5