sts-sponsors team mailing list archive

Thread
Date

[Bug 2011549] Re: Should use /usr/share/keyrings/ubuntu-cloudimage-keyring.gpg if available for simplestreams validation

To: sts-sponsors@xxxxxxxxxxxxxxxxxxx
From: Ian Booth <2011549@xxxxxxxxxxxxxxxxxx>
Date: Thu, 16 Mar 2023 06:41:13 -0000
Reply-to: Bug 2011549 <2011549@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx

Can you describe the juju part of the bug? Juju is compiled with a
public key which it uses to validate the inline signed json metadata
containing the hash of the simplestreams agent binary. To my knowledge
juju does not need or attempt to access any keyrings to do this.

** Changed in: juju (Ubuntu)
       Status: New => Invalid

** Changed in: juju
       Status: New => Incomplete

-- 
You received this bug notification because you are a member of MAAS
Maintainers, which is subscribed to simplestreams in Ubuntu.
https://bugs.launchpad.net/bugs/2011549

Title:
  Should use /usr/share/keyrings/ubuntu-cloudimage-keyring.gpg if
  available for simplestreams validation

Status in Canonical Juju:
  Incomplete
Status in juju package in Ubuntu:
  Invalid
Status in simplestreams package in Ubuntu:
  New

Bug description:
  Should use /usr/share/keyrings/ubuntu-cloudimage-keyring.gpg if
  available, instead of default user's keyrings.

To manage notifications about this bug go to:
https://bugs.launchpad.net/juju/+bug/2011549/+subscriptions

References

[Bug 2011549] [NEW] Should use /usr/share/keyrings/ubuntu-cloudimage-keyring.gpg if available for simplestreams validation
From: Dimitri John Ledkov, 2023-03-14