Browse code
Makes sure the GPG key fingerprint is inlined in the doc everywhere.
Instead of `curl $url | apt-get add -` use the ubuntu keyserver and a full
fingerprint to retreive the key. This makes the distribution of the GPG key
more secure an less likely to change even if 3rd party gains access to the
packages repository.
Docker-DCO-1.0-Signed-off-by: Jonas Pfenniger <zimbatm@zimbatm.com> (github: zimbatm)
zimbatm authored on 2013/12/28 00:18:40Showing 6 changed files
- Vagrantfile
- docs/sources/installation/ubuntulinux.rst
- docs/sources/installation/upgrading.rst
- hack/infrastructure/docker-ci/deployment.py
- hack/install.sh
- hack/release.sh
| ... | ... |
@@ -24,7 +24,7 @@ if [ -z "$user" ]; then |
| 24 | 24 |
fi |
| 25 | 25 |
|
| 26 | 26 |
# Adding an apt gpg key is idempotent. |
| 27 |
-wget -q -O - https://get.docker.io/gpg | apt-key add - |
|
| 27 |
+apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9 |
|
| 28 | 28 |
|
| 29 | 29 |
# Creating the docker.list file is idempotent, but it may overwrite desired |
| 30 | 30 |
# settings if it already exists. This could be solved with md5sum but it |
| ... | ... |
@@ -68,13 +68,11 @@ easy. **See the :ref:`installmirrors` section below if you are not in |
| 68 | 68 |
the United States.** Other sources of the Debian packages may be |
| 69 | 69 |
faster for you to install. |
| 70 | 70 |
|
| 71 |
-First add the Docker repository key to your local keychain. You can use the |
|
| 72 |
-``apt-key`` command to check the fingerprint matches: ``36A1 D786 9245 C895 0F96 |
|
| 73 |
-6E92 D857 6A8B A88D 21E9`` |
|
| 71 |
+First add the Docker repository key to your local keychain. |
|
| 74 | 72 |
|
| 75 | 73 |
.. code-block:: bash |
| 76 | 74 |
|
| 77 |
- sudo sh -c "wget -qO- https://get.docker.io/gpg | apt-key add -" |
|
| 75 |
+ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9 |
|
| 78 | 76 |
|
| 79 | 77 |
Add the Docker repository to your apt sources list, update and install the |
| 80 | 78 |
``lxc-docker`` package. |
| ... | ... |
@@ -142,13 +140,11 @@ Docker is available as a Debian package, which makes installation easy. |
| 142 | 142 |
Please note that these instructions have changed for 0.6. If you are upgrading from an earlier version, you will need |
| 143 | 143 |
to follow them again. |
| 144 | 144 |
|
| 145 |
-First add the Docker repository key to your local keychain. You can use the |
|
| 146 |
-``apt-key`` command to check the fingerprint matches: ``36A1 D786 9245 C895 0F96 |
|
| 147 |
-6E92 D857 6A8B A88D 21E9`` |
|
| 145 |
+First add the Docker repository key to your local keychain. |
|
| 148 | 146 |
|
| 149 | 147 |
.. code-block:: bash |
| 150 | 148 |
|
| 151 |
- sudo sh -c "wget -qO- https://get.docker.io/gpg | apt-key add -" |
|
| 149 |
+ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9 |
|
| 152 | 150 |
|
| 153 | 151 |
Add the Docker repository to your apt sources list, update and install the |
| 154 | 152 |
``lxc-docker`` package. |
| ... | ... |
@@ -26,7 +26,7 @@ use ``apt-get`` to upgrade. |
| 26 | 26 |
.. code-block:: bash |
| 27 | 27 |
|
| 28 | 28 |
# Add the Docker repository key to your local keychain |
| 29 |
- sudo sh -c "curl https://get.docker.io/gpg | apt-key add -" |
|
| 29 |
+ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9 |
|
| 30 | 30 |
|
| 31 | 31 |
# Add the Docker repository to your apt sources list. |
| 32 | 32 |
sudo sh -c "echo deb https://get.docker.io/ubuntu docker main > /etc/apt/sources.list.d/docker.list" |
| ... | ... |
@@ -127,7 +127,7 @@ call('/usr/bin/rsync -aH {} {}@{}:{}'.format(DOCKER_CI_PATH, DO_IMAGE_USER, ip,
|
| 127 | 127 |
|
| 128 | 128 |
# Install Docker and Buildbot dependencies |
| 129 | 129 |
sudo('mkdir /mnt/docker; ln -s /mnt/docker /var/lib/docker')
|
| 130 |
-sudo('wget -q -O - https://get.docker.io/gpg | apt-key add -')
|
|
| 130 |
+sudo('apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9')
|
|
| 131 | 131 |
sudo('echo deb https://get.docker.io/ubuntu docker main >'
|
| 132 | 132 |
' /etc/apt/sources.list.d/docker.list') |
| 133 | 133 |
sudo('echo -e "deb http://archive.ubuntu.com/ubuntu raring main universe\n'
|
| ... | ... |
@@ -108,7 +108,7 @@ case "$lsb_dist" in |
| 108 | 108 |
fi |
| 109 | 109 |
( |
| 110 | 110 |
set -x |
| 111 |
- $sh_c "$curl ${url}gpg | apt-key add -"
|
|
| 111 |
+ $sh_c "apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9" |
|
| 112 | 112 |
$sh_c "echo deb ${url}ubuntu docker main > /etc/apt/sources.list.d/docker.list"
|
| 113 | 113 |
$sh_c 'sleep 3; apt-get update; apt-get install -y -q lxc-docker' |
| 114 | 114 |
) |
| ... | ... |
@@ -245,7 +245,7 @@ EOF |
| 245 | 245 |
# Add the repository to your APT sources |
| 246 | 246 |
echo deb $(s3_url)/ubuntu docker main > /etc/apt/sources.list.d/docker.list |
| 247 | 247 |
# Then import the repository key |
| 248 |
-curl $(s3_url)/gpg | apt-key add - |
|
| 248 |
+apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9 |
|
| 249 | 249 |
# Install docker |
| 250 | 250 |
apt-get update ; apt-get install -y lxc-docker |
| 251 | 251 |
|