diff --git a/apt-key-migrate b/apt-key-migrate new file mode 100644 index 0000000..4836103 --- /dev/null +++ b/apt-key-migrate @@ -0,0 +1,69 @@ +#!/bin/bash + +# Ugly key exporter/splitter for APT's keyring +# (c) 2022 by crt0mega +if [ $(command -v sudo) ]; then + declare SU=$(command -v sudo) +else + declare SU="$(command -v su) -c" +fi + +if ! [ $(id -u) == 0 ]; then + echo "This script must be run as root." + $SU $0 + exit +fi + +declare KEYFILE="/etc/apt/trusted.gpg" +declare NEWPATH="/etc/apt/trusted.gpg.d" +declare GPG_CMD=$(command -v gpg) +declare GPG_LIST="--keyring $KEYFILE --no-default-keyring --list-public-keys --with-colons" +declare GPG_EXPORT="--keyring $KEYFILE --no-default-keyring --export --armor" + +declare i=0 +declare e=0 + +# Get a list of all public keys +echo "Getting list of keys from $KEYFILE ..." +declare KEY_LIST=$($GPG_CMD $GPG_LIST | grep "pub" | cut -d: -f 5) + +# Export each key in an ASCII armored file +for key in $KEY_LIST; do + echo "Exporting $key ..." + $GPG_CMD $GPG_EXPORT --output $NEWPATH/$key.asc $key + + if ! [ $? == 0 ]; then + echo Error exporting key $key + ((e++)) + fi + + ((i++)) +done + +echo "$((i - e)) keys exported." + +if ! [ $e == 0 ]; then + echo "There have $e been errors. Exiting." + exit +fi + +if [ $i == 0 ]; then + echo "No keys have been exported. Exiting." + exit +fi + +read -n 1 -p "All keys have been exported. Do you wish to delete APT's deprecated keyring? (Y/N) " +echo + +if [ "${REPLY^^}" == "Y" ]; then + rm $KEYFILE +fi + +read -n 1 -p "APT needs to be refreshed. Run apt-get update now? (Y/N) " +echo + +if [ "${REPLY^^}" == "Y" ]; then + apt-get update +fi + +echo "Finished." diff --git a/debian/readme.md b/debian/readme.md new file mode 100644 index 0000000..f660911 --- /dev/null +++ b/debian/readme.md @@ -0,0 +1,8 @@ +# Usage of tools in debian/ + +## apt-key-migrate + +`apt-key-migrate` is a simple tool for lazy folks like me who have a bunch of public keys in `apt-key`'s deprecated keyring. It exports every single key to a seperate file in `/etc/apt/trusted.gpg.d/` and cleans the mess up afterwards. + +![Butt beware!](https://img-9gag-fun.9cache.com/photo/aPMDxAB_700bwp.webp) +This script has not been thorougly tested. Use at your own risk!