Hi,
I'm having problems with importing GPG apt keys on Stretch. I'm using
Puppet for managing apt keys, for some reason Puppet considers key missing
and tries to import it. Which results in many dirmngr processes running on
the system:
dirmngr --daemon --homedir /tmp/apt-key-gpghome.0Iq6GBV3gF
These are the problematic keys:
pub rsa2048 2013-09-12 [SC]
D27A 72F3 2D86 7DF9 300A 2415 7449 0FD6 EC51 E8C4
uid [ unknown] Draios Inc. <supp...@draios.com>
sub rsa2048 2013-09-12 [E]
pub rsa4096 2015-09-28 [SC]
05CE 1508 5FC0 9D18 E99E FB22 684A 14CF 2582 E0C5
uid [ unknown] InfluxDB Packaging Service <supp...@influxdb.com>
sub rsa4096 2015-09-28 [E]
Puppet executes something like this:
mkdir /tmp/apt-key-gpghome.o22a3cK7lA
touch /tmp/apt-key-gpghome.o22a3cK7lA/empty.gpg
gpg --ignore-time-conflict --no-options --no-default-keyring --homedir
/tmp/apt-key-gpghome.o22a3cK7lA --quiet --check-trustdb --keyring
/tmp/apt-key-gpghome.o22a3cK7lA/empty.gpg
sh /tmp/apt-key-gpghome.o22a3cK7lA/gpg.0.sh --batch --import
gpg --ignore-time-conflict --no-options --no-default-keyring --homedir
/tmp/apt-key-gpghome.o22a3cK7lA --no-auto-check-trustdb --trust-model
always --batch --import
sh /tmp/apt-key-gpghome.o22a3cK7lA/gpg.0.sh --keyring
/tmp/apt-key-gpghome.o22a3cK7lA/pubring.gpg --with
-colons --fingerprint
gpg --ignore-time-conflict --no-options --no-default-keyring --homedir
/tmp/apt-key-gpghome.o22a3cK7lA -
-no-auto-check-trustdb --trust-model always --keyring
/tmp/apt-key-gpghome.o22a3cK7lA/pubring.gpg --with-colons --fingerprint
gpgconf --kill gpg-agent
gpg-connect-agent --no-autostart KILLAGENT
The commands list is incomplete. It works fine on Jessie, I'm not sure what
causes the problem. So far I didn't manage to replicate the behaviour from
command line.
Regards,
Tomas
