Back | Home
الـ Path الحالي: /home/picotech/domains/instantly.picotech.app/public_html/public/uploads/.././../../../../../../bin
الملفات الموجودة في هذا الـ Path:
.
..
411toppm
7zr
GET
HEAD
JxrDecApp
JxrEncApp
NF
POST
VGAuthService
X11
[
aa-enabled
aa-exec
aa-features-abi
ab
acpi_listen
addftinfo
addpart
addr2line
afmtodit
animate
animate-im6
animate-im6.q16
anytopnm
appres
apropos
apt
apt-cache
apt-cdrom
apt-config
apt-extracttemplates
apt-ftparchive
apt-get
apt-key
apt-mark
apt-sortpkgs
ar
arch
aria_chk
aria_dump_log
aria_ftdump
aria_pack
aria_read_log
arpaname
as
asciitopgm
aspell
aspell-import
atktopbm
automat-visualize3
awk
awstats
b2sum
base32
base64
basename
basenc
bash
bashbug
bc
bioradtopgm
bmptopnm
bmptoppm
boltctl
bootctl
broadwayd
browse
brushtopbm
btrfs
btrfs-convert
btrfs-find-root
btrfs-image
btrfs-map-logical
btrfs-select-super
btrfsck
btrfstune
bundle3.0
bundler3.0
bunzip2
busctl
busybox
byobu
byobu-config
byobu-ctrl-a
byobu-disable
byobu-disable-prompt
byobu-enable
byobu-enable-prompt
byobu-export
byobu-janitor
byobu-keybindings
byobu-launch
byobu-launcher
byobu-launcher-install
byobu-launcher-uninstall
byobu-layout
byobu-prompt
byobu-quiet
byobu-reconnect-sockets
byobu-screen
byobu-select-backend
byobu-select-profile
byobu-select-session
byobu-shell
byobu-silent
byobu-status
byobu-status-detail
byobu-tmux
byobu-ugraph
byobu-ulevel
bzcat
bzcmp
bzdiff
bzegrep
bzexe
bzfgrep
bzgrep
bzip2
bzip2recover
bzless
bzmore
c++
c++filt
c89
c89-gcc
c99
c99-gcc
c_rehash
captoinfo
cat
catman
cautious-launcher
cc
certbot
cftp3
cgi-fcgi
chage
chardet
chardetect
chattr
chcon
checkgid
chem
chfn
chgrp
chmod
choom
chown
chrt
chsh
chvt
ckbcomp
ckeygen3
cksum
clambc
clamconf
clamdscan
clamdtop
clamscan
clamsubmit
clear
clear_console
cmp
cmuwmtopbm
codepage
col
col1
col2
col3
col4
col5
col6
col7
col8
col9
colcrt
colrm
column
comm
compare
compare-im6
compare-im6.q16
compose
composite
composite-im6
composite-im6.q16
conch3
conjure
conjure-im6
conjure-im6.q16
convert
convert-im6
convert-im6.q16
corelist
cp
cpan
cpan5.34-x86_64-linux-gnu
cpio
cpp
cpp-11
crontab
csplit
ctail
ctstat
curl
cut
cvtsudoers
dash
date
db5.3_archive
db5.3_checkpoint
db5.3_deadlock
db5.3_dump
db5.3_hotbackup
db5.3_load
db5.3_log_verify
db5.3_printlog
db5.3_recover
db5.3_replicate
db5.3_stat
db5.3_upgrade
db5.3_verify
db_archive
db_checkpoint
db_deadlock
db_dump
db_hotbackup
db_load
db_log_verify
db_printlog
db_recover
db_replicate
db_sql
db_stat
db_upgrade
db_verify
dbilogstrip
dbiprof
dbiproxy
dbus-cleanup-sockets
dbus-daemon
dbus-monitor
dbus-run-session
dbus-send
dbus-update-activation-environment
dbus-uuidgen
dbxtool
dd
deallocvt
deb-systemd-helper
deb-systemd-invoke
debconf
debconf-apt-progress
debconf-communicate
debconf-copydb
debconf-escape
debconf-set-selections
debconf-show
debian-distro-info
delpart
delv
df
dfu-tool
dh_bash-completion
dh_installxmlcatalogs
dh_perl_dbi
dh_perl_openssl
diff
diff3
dig
dir
dircolors
dirmngr
dirmngr-client
dirname
display
display-im6
display-im6.q16
distro-info
dkimproxy-sign
dkimproxy-verify
dmesg
dnsdomainname
dnssec-cds
dnssec-dsfromkey
dnssec-importkey
dnssec-keyfromlabel
dnssec-keygen
dnssec-revoke
dnssec-settime
dnssec-signzone
dnssec-verify
domainname
doveadm
doveconf
dovecot-sysreport
dpkg
dpkg-architecture
dpkg-buildflags
dpkg-buildpackage
dpkg-checkbuilddeps
dpkg-deb
dpkg-distaddfile
dpkg-divert
dpkg-genbuildinfo
dpkg-genchanges
dpkg-gencontrol
dpkg-gensymbols
dpkg-maintscript-helper
dpkg-mergechangelogs
dpkg-name
dpkg-parsechangelog
dpkg-query
dpkg-realpath
dpkg-scanpackages
dpkg-scansources
dpkg-shlibdeps
dpkg-source
dpkg-split
dpkg-statoverride
dpkg-trigger
dpkg-vendor
dsync
du
dumpkeys
dvipdf
dwp
ec2metadata
echo
echo_supervisord_conf
ed
edit
editor
editres
egrep
eject
elfedit
enc2xs
encguess
env
envsubst
eps2eps
epsffit
eqn
eqn2graph
erb
erb3.0
esparse
esvalidate
etckeeper
ex
expand
expiry
expr
extractres
eyuvtoppm
factor
fail2ban-client
fail2ban-python
fail2ban-regex
fail2ban-server
fail2ban-testcases
faillog
faked-sysv
faked-tcp
fakeroot
fakeroot-sysv
fakeroot-tcp
fallocate
false
fc-cache
fc-cat
fc-conflist
fc-list
fc-match
fc-pattern
fc-query
fc-scan
fc-validate
fcgistarter
fgconsole
fgrep
fiascotopnm
filan
file
finalrd
fincore
find
findmnt
firewall-cmd
firewall-offline-cmd
fitstopnm
fixdlsrps
fixfmps
fixpsditps
fixpspps
fixscribeps
fixtpps
fixwfwps
fixwpps
fixwwps
flock
fmt
fold
formail
free
freshclam
fstopgm
ftp
ftpcount
ftpdctl
ftptop
ftpwho
funzip
fuser
fusermount
fusermount3
fwupdagent
fwupdate
fwupdmgr
fwupdtool
g++
g++-11
g3topbm
galera_new_cluster
galera_recovery
gapplication
gawk
gcc
gcc-11
gcc-ar
gcc-ar-11
gcc-nm
gcc-nm-11
gcc-ranlib
gcc-ranlib-11
gcov
gcov-11
gcov-dump
gcov-dump-11
gcov-tool
gcov-tool-11
gdbus
gdiffmk
gdk-pixbuf-csource
gdk-pixbuf-pixdata
gdk-pixbuf-thumbnailer
gem
gem3.0
gemtopbm
gemtopnm
gen-auth
gencat
geqn
getafm
getconf
getent
getkeycodes
getopt
gettext
gettext.sh
ghostscript
giftopnm
ginstall-info
gio
gio-querymodules
git
git-receive-pack
git-shell
git-upload-archive
git-upload-pack
glib-compile-schemas
glilypond
gmake
gold
gouldtoppm
gpasswd
gperl
gpg
gpg-agent
gpg-connect-agent
gpg-wks-server
gpg-zip
gpgcompose
gpgconf
gpgparsemail
gpgsm
gpgsplit
gpgtar
gpgv
gpic
gpinyin
gprof
gpu-manager
grap2graph
grep
gresource
grn
grodvi
groff
groffer
grog
grolbp
grolj4
gropdf
grops
grotty
groups
growpart
grub-editenv
grub-file
grub-fstest
grub-glue-efi
grub-kbdcomp
grub-menulst2cfg
grub-mkfont
grub-mkimage
grub-mklayout
grub-mknetdir
grub-mkpasswd-pbkdf2
grub-mkrelpath
grub-mkrescue
grub-mkstandalone
grub-mount
grub-ntldr-img
grub-render-label
grub-script-check
grub-syslinux2cfg
gs
gsbj
gsdj
gsdj500
gsettings
gslj
gslp
gsnd
gtbl
gtk-builder-tool
gtk-encode-symbolic-svg
gtk-launch
gtk-query-settings
gtk-update-icon-cache
gunzip
gxditview
gyp
gzexe
gzip
h2ph
h2xs
hardlink
hd
head
helpztags
hexdump
hipstopgm
host
hostid
hostname
hostnamectl
hpftodit
htcacheclean
htdbm
htdigest
htop
htpasswd
i386
iceauth
icontopbm
iconv
id
identify
identify-im6
identify-im6.q16
ilbmtoppm
imagetops
imgtoppm
import
import-im6
import-im6.q16
includeres
indxbib
info
infobrowser
infocmp
infotocap
innochecksum
innotop
install
install-info
instmodsh
ionice
ip
ipcmk
ipcrm
ipcs
iptables-xml
irb
irb3.0
ischroot
iscsiadm
ispell-wrapper
jk_uchroot
join
journalctl
jpegtopnm
js
js-yaml
json_pp
json_xs
jsonlint-php
jsonschema
kbd_mode
kbdinfo
kbxutil
keep-one-running
kernel-install
keyring
kill
killall
kmod
kmodsign
l4p-tmpl
last
lastb
lastlog
lcf
ld
ld.bfd
ld.gold
ldd
leaftoppm
less
lessecho
lessfile
lesskey
lesspipe
letsencrypt
lexgrog
libnetcfg
link
linux-boot-prober
linux-check-removal
linux-update-symlinks
linux-version
linux32
linux64
lispmtopgm
listres
lkbib
ln
lnstat
loadkeys
loadunimap
locale
locale-check
localectl
localedef
lockfile
logger
login
loginctl
logname
logresolve
look
lookbib
lowntfs-3g
ls
lsattr
lsb_release
lsblk
lscpu
lshw
lsinitramfs
lsipc
lslocks
lslogins
lsmem
lsmod
lsns
lsof
lspci
lspgpot
lsusb
lto-dump-11
luit
lwp-download
lwp-dump
lwp-mirror
lwp-request
lynx
lzcat
lzcmp
lzdiff
lzegrep
lzfgrep
lzgrep
lzless
lzma
lzmainfo
lzmore
macptopbm
maildirmake.dovecot
mailmail3
mailq
mailstat
make
make-first-existing-target
man
man-recode
mandb
manifest
manpath
mapscrn
mariadb
mariadb-access
mariadb-admin
mariadb-analyze
mariadb-binlog
mariadb-check
mariadb-conv
mariadb-convert-table-format
mariadb-dump
mariadb-dumpslow
mariadb-find-rows
mariadb-fix-extensions
mariadb-hotcopy
mariadb-import
mariadb-install-db
mariadb-optimize
mariadb-plugin
mariadb-repair
mariadb-report
mariadb-secure-installation
mariadb-service-convert
mariadb-setpermission
mariadb-show
mariadb-slap
mariadb-tzinfo-to-sql
mariadb-upgrade
mariadb-waitpid
mariadbcheck
mariadbd-multi
mariadbd-safe
mariadbd-safe-helper
mawk
mcookie
md5sum
md5sum.textutils
mdatopbm
mdig
memusage
memusagestat
mesg
mgrtopbm
migrate-pubring-from-classic-gpg
mimeopen
mimetype
mk_modmap
mkdir
mkfifo
mknod
mkpasswd
mksquashfs
mktemp
mmroff
mogrify
mogrify-im6
mogrify-im6.q16
montage
montage-im6
montage-im6.q16
more
mount
mountpoint
msql2mysql
mt
mt-gnu
mtr
mtr-packet
mtrace
mtvtoppm
mv
my_print_defaults
myisam_ftdump
myisamchk
myisamlog
myisampack
mysql
mysql_convert_table_format
mysql_find_rows
mysql_fix_extensions
mysql_install_db
mysql_plugin
mysql_secure_installation
mysql_setpermission
mysql_tzinfo_to_sql
mysql_upgrade
mysql_waitpid
mysqlaccess
mysqladmin
mysqlanalyze
mysqlbinlog
mysqlcheck
mysqld_multi
mysqld_safe
mysqld_safe_helper
mysqldump
mysqldumpslow
mysqlhotcopy
mysqlimport
mysqloptimize
mysqlrepair
mysqlreport
mysqlshow
mysqlslap
mytop
named-checkconf
named-checkzone
named-compilezone
named-journalprint
named-nzd2nzf
named-rrchecker
namei
nano
nawk
nc
nc.openbsd
neotoppm
neqn
net-server
netcat
netstat
networkctl
networkd-dispatcher
newaliases
newgrp
ngettext
nice
nisdomainname
nl
nm
node
node-coveralls
node-gyp
nodejs
nohup
notify-send
nproc
nroff
nsec3hash
nsenter
nslookup
nstat
nsupdate
ntfs-3g
ntfs-3g.probe
ntfscat
ntfscluster
ntfscmp
ntfsdecrypt
ntfsfallocate
ntfsfix
ntfsinfo
ntfsls
ntfsmove
ntfsrecover
ntfssecaudit
ntfstruncate
ntfsusermap
ntfswipe
numfmt
nvidia-detector
objcopy
objdump
od
on_ac_power
open
opendkim-spam
opener
openssl
openvt
os-prober
p7zip
pager
palmtopnm
pamcut
pamdeinterlace
pamdice
pamfile
pamoil
pamstack
pamstretch
pamstretch-gen
paperconf
partx
passwd
paste
pastebinit
patch
pathchk
pbget
pbmclean
pbmlife
pbmmake
pbmmask
pbmpage
pbmpscale
pbmreduce
pbmtext
pbmtextps
pbmto10x
pbmtoascii
pbmtoatk
pbmtobbnbg
pbmtocmuwm
pbmtoepsi
pbmtoepson
pbmtog3
pbmtogem
pbmtogo
pbmtoicon
pbmtolj
pbmtomacp
pbmtomda
pbmtomgr
pbmtonokia
pbmtopgm
pbmtopi3
pbmtoplot
pbmtoppa
pbmtopsg3
pbmtoptx
pbmtowbmp
pbmtox10bm
pbmtoxbm
pbmtoybm
pbmtozinc
pbmupc
pbput
pbputs
pcxtoppm
pdb3
pdb3.10
pdf2dsc
pdf2ps
pdfmom
pdfroff
pear
peardev
pecl
peekfd
perl
perl5.34-x86_64-linux-gnu
perl5.34.0
perlbug
perldoc
perldoc.stub
perlivp
perlthanks
perror
pf2afm
pfbtopfa
pfbtops
pgmbentley
pgmcrater
pgmedge
pgmenhance
pgmhist
pgmkernel
pgmnoise
pgmnorm
pgmoil
pgmramp
pgmslice
pgmtexture
pgmtofs
pgmtolispm
pgmtopbm
pgmtoppm
pgrep
phar
phar.default
phar.phar
phar.phar.default
phar.phar7.4
phar.phar8.0
phar.phar8.1
phar.phar8.2
phar.phar8.3
phar.phar8.4
phar7.4
phar7.4.phar
phar8.0
phar8.0.phar
phar8.1
phar8.1.phar
phar8.2
phar8.2.phar
phar8.3
phar8.3.phar
phar8.4
phar8.4.phar
php
php-cgi
php-cgi.default
php-cgi7.4
php-cgi8.0
php-cgi8.1
php-cgi8.2
php-cgi8.3
php.default
php7.4
php8.0
php8.1
php8.2
php8.3
php8.4
phpdbg
phpdbg8.4
pi1toppm
pi3topbm
pic
pic2graph
pico
piconv
pidof
pidproxy
pidwait
pinentry
pinentry-curses
ping
ping4
ping6
pinky
pjtoppm
pkaction
pkcheck
pkcon
pkexec
pkill
pkmon
pkttyagent
pl2pm
pldd
plymouth
pmap
pngtopnm
pnmalias
pnmarith
pnmcat
pnmcolormap
pnmcomp
pnmconvol
pnmcrop
pnmcut
pnmdepth
pnmenlarge
pnmfile
pnmflip
pnmgamma
pnmhisteq
pnmhistmap
pnmindex
pnminterp
pnminterp-gen
pnminvert
pnmmargin
pnmmontage
pnmnlfilt
pnmnoraw
pnmnorm
pnmpad
pnmpaste
pnmpsnr
pnmquant
pnmremap
pnmrotate
pnmscale
pnmscalefixed
pnmshear
pnmsmooth
pnmsplit
pnmtile
pnmtoddif
pnmtofiasco
pnmtofits
pnmtojpeg
pnmtopalm
pnmtoplainpnm
pnmtopng
pnmtops
pnmtorast
pnmtorle
pnmtosgi
pnmtosir
pnmtotiff
pnmtotiffcmyk
pnmtoxwd
pod2html
pod2man
pod2text
pod2usage
podchecker
pollinate
post-grohtml
postgreyreport
pphs
ppm3d
ppmbrighten
ppmchange
ppmcie
ppmcolormask
ppmcolors
ppmdim
ppmdist
ppmdither
ppmfade
ppmflash
ppmforge
ppmhist
ppmlabel
ppmmake
ppmmix
ppmnorm
ppmntsc
ppmpat
ppmquant
ppmquantall
ppmqvga
ppmrainbow
ppmrelief
ppmshadow
ppmshift
ppmspread
ppmtoacad
ppmtobmp
ppmtoeyuv
ppmtogif
ppmtoicr
ppmtoilbm
ppmtojpeg
ppmtoleaf
ppmtolj
ppmtomap
ppmtomitsu
ppmtompeg
ppmtoneo
ppmtopcx
ppmtopgm
ppmtopi1
ppmtopict
ppmtopj
ppmtopuzz
ppmtorgb3
ppmtosixel
ppmtotga
ppmtouil
ppmtowinicon
ppmtoxpm
ppmtoyuv
ppmtoyuvsplit
ppmtv
pr
pre-grohtml
precat
preconv
preunzip
prezip
prezip-bin
print
printafm
printenv
printf
prlimit
pro
procan
procmail
procmail-wrapper
prove
prtstat
ps
ps2ascii
ps2epsi
ps2pdf
ps2pdf12
ps2pdf13
ps2pdf14
ps2pdfwr
ps2ps
ps2ps2
ps2txt
psbook
psfaddtable
psfgettable
psfstriptable
psfxtable
psidtopgm
psjoin
pslog
psmerge
psnup
psresize
psselect
pstopnm
pstops
pstree
pstree.x11
ptar
ptardiff
ptargrep
ptx
purge-old-kernels
pwd
pwdx
py3clean
py3compile
py3rsa-decrypt
py3rsa-encrypt
py3rsa-keygen
py3rsa-priv2pub
py3rsa-sign
py3rsa-verify
py3versions
pydoc3
pydoc3.10
pygettext3
pygettext3.10
pygmentize
pyhtmlizer3
pyserial-miniterm
pyserial-ports
python3
python3.10
pzstd
qrencode
qrttoppm
quirks-handler
quota
quotasync
racc3.0
rake
rake3.0
ranlib
rasttopnm
rawtopgm
rawtoppm
rbash
rbs3.0
rcp
rdma
rdoc
rdoc3.0
re2c
re2go
re2rust
readelf
readlink
realpath
red
redis-benchmark
redis-check-aof
redis-check-rdb
redis-cli
redis-server
refer
renice
replace
rescan-scsi-bus.sh
reset
resizecons
resizepart
resolve_stack_dump
resolvectl
resolveip
rev
rgb3toppm
rgrep
ri
ri3.0
rimraf
rletopnm
rlogin
rm
rmail
rmdir
rnano
roff2dvi
roff2html
roff2pdf
roff2ps
roff2text
roff2x
rotatelogs
routef
routel
rpcgen
rrsync
rsh
rst-buildhtml
rst2html
rst2html4
rst2html5
rst2latex
rst2man
rst2odt
rst2odt_prepstyles
rst2pseudoxml
rst2s5
rst2xetex
rst2xml
rstpep2html
rsync
rsync-ssl
rtstat
ruby
ruby3.0
run-mailcap
run-one
run-one-constantly
run-one-until-failure
run-one-until-success
run-parts
run-this-one
run-with-aspell
runcon
rview
rvim
sa-awl
sa-check_spamd
sa-compile
sa-learn
sa-update
sasl-sample-client
saslfinger
savelog
sbattach
sbigtopgm
sbkeysync
sbsiglist
sbsign
sbvarsign
sbverify
scandeps
scp
screen
screendump
script
scriptlive
scriptreplay
scsi_logging_level
scsi_mandat
scsi_readcap
scsi_ready
scsi_satl
scsi_start
scsi_stop
scsi_temperature
sdiff
sed
see
select-default-iwrap
select-editor
semver
sensible-browser
sensible-editor
sensible-pager
sensors
sensors-conf-convert
seq
session-migration
sessreg
setarch
setfont
setkeycodes
setleds
setlogcons
setmetamode
setpci
setpriv
setsid
setterm
setupcon
sftp
sg
sg_bg_ctl
sg_compare_and_write
sg_copy_results
sg_dd
sg_decode_sense
sg_emc_trespass
sg_format
sg_get_config
sg_get_elem_status
sg_get_lba_status
sg_ident
sg_inq
sg_logs
sg_luns
sg_map
sg_map26
sg_modes
sg_opcodes
sg_persist
sg_prevent
sg_raw
sg_rbuf
sg_rdac
sg_read
sg_read_attr
sg_read_block_limits
sg_read_buffer
sg_read_long
sg_readcap
sg_reassign
sg_referrals
sg_rep_pip
sg_rep_zones
sg_requests
sg_reset
sg_reset_wp
sg_rmsn
sg_rtpg
sg_safte
sg_sanitize
sg_sat_identify
sg_sat_phy_event
sg_sat_read_gplog
sg_sat_set_features
sg_scan
sg_seek
sg_senddiag
sg_ses
sg_ses_microcode
sg_start
sg_stpg
sg_stream_ctl
sg_sync
sg_test_rwbuf
sg_timestamp
sg_turs
sg_unmap
sg_verify
sg_vpd
sg_wr_mode
sg_write_buffer
sg_write_long
sg_write_same
sg_write_verify
sg_write_x
sg_xcopy
sg_zone
sginfo
sgitopnm
sgm_dd
sgp_dd
sh
sha1sum
sha224sum
sha256sum
sha384sum
sha512sum
shasum
showchar
showconsolefont
showkey
showrgb
shred
shuf
sigtool
sirtopnm
size
skill
slabtop
sldtoppm
sleep
slogin
snice
socat
soelim
sort
sos
sos-collector
sosreport
sotruss
spamalyze
spamassassin
spamc
spctoppm
spinner
splain
split
splitfont
sprof
sputoppm
sqfscat
sqfstar
ss
ssh
ssh-add
ssh-agent
ssh-argv0
ssh-copy-id
ssh-keygen
ssh-keyscan
st4topgm
stat
static-sh
stdbuf
strace
strace-log-merge
stream
stream-im6
stream-im6.q16
streamzip
strings
strip
stty
su
sudo
sudoedit
sudoreplay
sum
supervisorctl
supervisord
sync
systemctl
systemd
systemd-analyze
systemd-ask-password
systemd-cat
systemd-cgls
systemd-cgtop
systemd-cryptenroll
systemd-delta
systemd-detect-virt
systemd-escape
systemd-hwdb
systemd-id128
systemd-inhibit
systemd-machine-id-setup
systemd-mount
systemd-notify
systemd-path
systemd-run
systemd-socket-activate
systemd-stdio-bridge
systemd-sysext
systemd-sysusers
systemd-tmpfiles
systemd-tty-ask-password-agent
systemd-umount
tabs
tac
tail
tap
tap-mocha-reporter
tap-parser
tar
taskset
tbl
tcpdump
tee
telnet
telnet.netkit
tempfile
test
tfmtodit
tgatoppm
thinkjettopbm
tic
tifftopnm
tilix
tilix.wrapper
time
timedatectl
timeout
tkconch3
tload
tmux
tnftp
toe
top
touch
tput
tr
tracepath
trial3
troff
true
truncate
tset
tsort
tty
twist3
twistd3
typeprof3.0
tzselect
ua
ubuntu-advantage
ubuntu-distro-info
ubuntu-drivers
ucf
ucfq
ucfr
uclampset
udevadm
udisksctl
ul
umount
uname
unattended-upgrade
unattended-upgrades
uncompress
unexpand
unicode_start
unicode_stop
uniq
unlink
unlzma
unmkinitramfs
unshare
unsquashfs
unxz
unzip
unzipsfx
unzstd
update-alternatives
update-mime-database
update-perl-sax-parsers
update_rubygems
upower
uptime
usb-devices
usbhid-dump
usbreset
users
utmpdump
uuidgen
uuidparse
validate-json
vcs-run
vdir
vi
view
viewres
vigpg
vim
vim.basic
vim.tiny
vimdiff
vimtutor
virtualmin-config-system
vm-support
vmhgfs-fuse
vmstat
vmtoolsd
vmware-alias-import
vmware-checkvm
vmware-hgfsclient
vmware-namespace-cmd
vmware-rpctool
vmware-toolbox-cmd
vmware-vgauth-cmd
vmware-vmblock-fuse
vmware-xferlogs
w
wall
watch
watchgnupg
wbmptopbm
wc
wdctl
webmin
wget
whatis
whereis
which
which.debianutils
whiptail
who
whoami
whois
wifi-status
winicontoppm
word-list-compress
write
write.ul
wscat
wsrep_sst_backup
wsrep_sst_common
wsrep_sst_mariabackup
wsrep_sst_mysqldump
wsrep_sst_rsync
wsrep_sst_rsync_wan
www-browser
x-terminal-emulator
x86_64
x86_64-linux-gnu-addr2line
x86_64-linux-gnu-ar
x86_64-linux-gnu-as
x86_64-linux-gnu-c++filt
x86_64-linux-gnu-cpp
x86_64-linux-gnu-cpp-11
x86_64-linux-gnu-dwp
x86_64-linux-gnu-elfedit
x86_64-linux-gnu-g++
x86_64-linux-gnu-g++-11
x86_64-linux-gnu-gcc
x86_64-linux-gnu-gcc-11
x86_64-linux-gnu-gcc-ar
x86_64-linux-gnu-gcc-ar-11
x86_64-linux-gnu-gcc-nm
x86_64-linux-gnu-gcc-nm-11
x86_64-linux-gnu-gcc-ranlib
x86_64-linux-gnu-gcc-ranlib-11
x86_64-linux-gnu-gcov
x86_64-linux-gnu-gcov-11
x86_64-linux-gnu-gcov-dump
x86_64-linux-gnu-gcov-dump-11
x86_64-linux-gnu-gcov-tool
x86_64-linux-gnu-gcov-tool-11
x86_64-linux-gnu-gold
x86_64-linux-gnu-gprof
x86_64-linux-gnu-ld
x86_64-linux-gnu-ld.bfd
x86_64-linux-gnu-ld.gold
x86_64-linux-gnu-lto-dump-11
x86_64-linux-gnu-nm
x86_64-linux-gnu-objcopy
x86_64-linux-gnu-objdump
x86_64-linux-gnu-ranlib
x86_64-linux-gnu-readelf
x86_64-linux-gnu-size
x86_64-linux-gnu-strings
x86_64-linux-gnu-strip
xargs
xbmtopbm
xcmsdb
xdg-desktop-icon
xdg-desktop-menu
xdg-email
xdg-icon-resource
xdg-mime
xdg-open
xdg-screensaver
xdg-settings
xdg-user-dir
xdg-user-dirs-update
xdpyinfo
xdriinfo
xev
xfd
xfontsel
xgamma
xhost
ximtoppm
xkeystone
xkill
xlsatoms
xlsclients
xlsfonts
xmessage
xmodmap
xpmtoppm
xprop
xrandr
xrdb
xrefresh
xset
xsetmode
xsetpointer
xsetroot
xstdcmap
xsubpp
xtotroff
xvidtune
xvinfo
xvminitoppm
xwdtopnm
xwininfo
xxd
xz
xzcat
xzcmp
xzdiff
xzegrep
xzfgrep
xzgrep
xzless
xzmore
ybmtopbm
yes
ypdomainname
yuvsplittoppm
yuvtoppm
zcat
zcmp
zdiff
zdump
zegrep
zeisstopnm
zfgrep
zforce
zgrep
zip
zipcloak
zipdetails
zipgrep
zipinfo
zipnote
zipsplit
zless
zmore
znew
zstd
zstdcat
zstdgrep
zstdless
zstdmt
مشاهدة ملف: apt-key
#!/bin/sh
set -e
unset GREP_OPTIONS GPGHOMEDIR CURRENTTRAP
export IFS="$(printf "\n\b")"
MASTER_KEYRING='/usr/share/keyrings/ubuntu-master-keyring.gpg'
eval "$(apt-config shell MASTER_KEYRING APT::Key::MasterKeyring)"
ARCHIVE_KEYRING='/usr/share/keyrings/ubuntu-archive-keyring.gpg'
eval "$(apt-config shell ARCHIVE_KEYRING APT::Key::ArchiveKeyring)"
REMOVED_KEYS='/usr/share/keyrings/ubuntu-archive-removed-keys.gpg'
eval "$(apt-config shell REMOVED_KEYS APT::Key::RemovedKeys)"
ARCHIVE_KEYRING_URI='http://archive.ubuntu.com/ubuntu/project/ubuntu-archive-keyring.gpg'
eval "$(apt-config shell ARCHIVE_KEYRING_URI APT::Key::ArchiveKeyringURI)"
aptkey_echo() { echo "$@"; }
find_gpgv_status_fd() {
while [ -n "$1" ]; do
if [ "$1" = '--status-fd' ]; then
shift
echo "$1"
break
fi
shift
done
}
GPGSTATUSFD="$(find_gpgv_status_fd "$@")"
apt_warn() {
if [ -z "$GPGHOMEDIR" ]; then
echo >&2 'W:' "$@"
else
echo 'W:' "$@" > "${GPGHOMEDIR}/aptwarnings.log"
fi
if [ -n "$GPGSTATUSFD" ]; then
echo >&${GPGSTATUSFD} '[APTKEY:] WARNING' "$@"
fi
}
apt_error() {
if [ -z "$GPGHOMEDIR" ]; then
echo >&2 'E:' "$@"
else
echo 'E:' "$@" > "${GPGHOMEDIR}/aptwarnings.log"
fi
if [ -n "$GPGSTATUSFD" ]; then
echo >&${GPGSTATUSFD} '[APTKEY:] ERROR' "$@"
fi
}
cleanup_gpg_home() {
if [ -z "$GPGHOMEDIR" ]; then return; fi
if [ -s "$GPGHOMEDIR/aptwarnings.log" ]; then
cat >&2 "$GPGHOMEDIR/aptwarnings.log"
fi
if command_available 'gpgconf'; then
GNUPGHOME="${GPGHOMEDIR}" gpgconf --kill all >/dev/null 2>&1 || true
fi
rm -rf "$GPGHOMEDIR"
}
# gpg needs (in different versions more or less) files to function correctly,
# so we give it its own homedir and generate some valid content for it later on
create_gpg_home() {
# for cases in which we want to cache a homedir due to expensive setup
if [ -n "$GPGHOMEDIR" ]; then
return
fi
if [ -n "$TMPDIR" ]; then
# tmpdir is a directory and current user has rwx access to it
# same tests as in apt-pkg/contrib/fileutl.cc GetTempDir()
if [ ! -d "$TMPDIR" ] || [ ! -r "$TMPDIR" ] || [ ! -w "$TMPDIR" ] || [ ! -x "$TMPDIR" ]; then
unset TMPDIR
fi
fi
GPGHOMEDIR="$(mktemp --directory --tmpdir 'apt-key-gpghome.XXXXXXXXXX')"
CURRENTTRAP="${CURRENTTRAP} cleanup_gpg_home;"
trap "${CURRENTTRAP}" 0 HUP INT QUIT ILL ABRT FPE SEGV PIPE TERM
if [ -z "$GPGHOMEDIR" ]; then
apt_error "Could not create temporary gpg home directory in $TMPDIR (wrong permissions?)"
exit 28
fi
chmod 700 "$GPGHOMEDIR"
}
requires_root() {
if [ "$(id -u)" -ne 0 ]; then
apt_error "This command can only be used by root."
exit 1
fi
}
command_available() {
if [ -x "$1" ]; then return 0; fi
command -v "$1" >/dev/null # required by policy, see #747320
}
escape_shell() {
echo "$@" | sed -e "s#'#'\"'\"'#g"
}
get_fingerprints_of_keyring() {
aptkey_execute "$GPG_SH" --keyring "$1" --with-colons --fingerprint | while read publine; do
# search for a public key
if [ "${publine%%:*}" != 'pub' ]; then continue; fi
# search for the associated fingerprint (should be the very next line)
while read fprline; do
if [ "${fprline%%:*}" = 'sub' ]; then break; # should never happen
elif [ "${fprline%%:*}" != 'fpr' ]; then continue; fi
echo "$fprline" | cut -d':' -f 10
done
# order in the keyring shouldn't be important
done | sort
}
add_keys_with_verify_against_master_keyring() {
ADD_KEYRING="$1"
MASTER="$2"
if [ ! -f "$ADD_KEYRING" ]; then
apt_error "Keyring '$ADD_KEYRING' to be added not found"
return
fi
if [ ! -f "$MASTER" ]; then
apt_error "Master-Keyring '$MASTER' not found"
return
fi
# when adding new keys, make sure that the archive-master-keyring
# is honored. so:
# all keys that are exported must have a valid signature
# from a key in the $distro-master-keyring
add_keys="$(get_fingerprints_of_keyring "$ADD_KEYRING")"
all_add_keys="$(aptkey_execute "$GPG_SH" --keyring "$ADD_KEYRING" --with-colons --list-keys | grep ^[ps]ub | cut -d: -f5)"
master_keys="$(aptkey_execute "$GPG_SH" --keyring "$MASTER" --with-colons --list-keys | grep ^pub | cut -d: -f5)"
# ensure there are no colisions LP: #857472
for all_add_key in $all_add_keys; do
for master_key in $master_keys; do
if [ "$all_add_key" = "$master_key" ]; then
echo >&2 "Keyid collision for '$all_add_key' detected, operation aborted"
return 1
fi
done
done
for add_key in $add_keys; do
# export the add keyring one-by-one
local TMP_KEYRING="${GPGHOMEDIR}/tmp-keyring.gpg"
aptkey_execute "$GPG_SH" --batch --yes --keyring "$ADD_KEYRING" --output "$TMP_KEYRING" --export "$add_key"
if ! aptkey_execute "$GPG_SH" --batch --yes --keyring "$TMP_KEYRING" --import "$MASTER" > "${GPGHOMEDIR}/gpgoutput.log" 2>&1; then
cat >&2 "${GPGHOMEDIR}/gpgoutput.log"
false
fi
# check if signed with the master key and only add in this case
ADDED=0
for master_key in $master_keys; do
if aptkey_execute "$GPG_SH" --keyring "$TMP_KEYRING" --check-sigs --with-colons "$add_key" \
| grep '^sig:!:' | cut -d: -f5 | grep -q "$master_key"; then
aptkey_execute "$GPG_SH" --batch --yes --keyring "$ADD_KEYRING" --export "$add_key" \
| aptkey_execute "$GPG" --batch --yes --import
ADDED=1
fi
done
if [ $ADDED = 0 ]; then
echo >&2 "Key '$add_key' not added. It is not signed with a master key"
fi
rm -f "${TMP_KEYRING}"
done
}
# update the current archive signing keyring from a network URI
# the archive-keyring keys needs to be signed with the master key
# (otherwise it does not make sense from a security POV)
net_update() {
local APT_DIR='/'
eval $(apt-config shell APT_DIR Dir)
# Disabled for now as code is insecure (LP: #1013639 (and 857472, 1013128))
APT_KEY_NET_UPDATE_ENABLED=""
eval $(apt-config shell APT_KEY_NET_UPDATE_ENABLED APT::Key::Net-Update-Enabled)
if [ -z "$APT_KEY_NET_UPDATE_ENABLED" ]; then
exit 1
fi
if [ -z "$ARCHIVE_KEYRING_URI" ]; then
apt_error 'Your distribution is not supported in net-update as no uri for the archive-keyring is set'
exit 1
fi
# in theory we would need to depend on wget for this, but this feature
# isn't usable in debian anyway as we have no keyring uri nor a master key
if ! command_available 'wget'; then
apt_error 'wget is required for a network-based update, but it is not installed'
exit 1
fi
if [ ! -d "${APT_DIR}/var/lib/apt/keyrings" ]; then
mkdir -p "${APT_DIR}/var/lib/apt/keyrings"
fi
keyring="${APT_DIR}/var/lib/apt/keyrings/$(basename "$ARCHIVE_KEYRING_URI")"
old_mtime=0
if [ -e $keyring ]; then
old_mtime=$(stat -c %Y "$keyring")
fi
(cd "${APT_DIR}/var/lib/apt/keyrings"; wget --timeout=90 -q -N "$ARCHIVE_KEYRING_URI")
if [ ! -e "$keyring" ]; then
return
fi
new_mtime=$(stat -c %Y "$keyring")
if [ $new_mtime -ne $old_mtime ]; then
aptkey_echo "Checking for new archive signing keys now"
add_keys_with_verify_against_master_keyring "$keyring" "$MASTER_KEYRING"
fi
}
update() {
if [ -z "$APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE" ]; then
echo >&2 "Warning: 'apt-key update' is deprecated and should not be used anymore!"
if [ -z "$ARCHIVE_KEYRING" ]; then
echo >&2 "Note: In your distribution this command is a no-op and can therefore be removed safely."
exit 0
fi
fi
if [ ! -f "$ARCHIVE_KEYRING" ]; then
apt_error "Can't find the archive-keyring (Is the ubuntu-keyring package installed?)"
exit 1
fi
# add new keys from the package;
# we do not use add_keys_with_verify_against_master_keyring here,
# because "update" is run on regular package updates. A
# attacker might as well replace the master-archive-keyring file
# in the package and add his own keys. so this check wouldn't
# add any security. we *need* this check on net-update though
import_keyring_into_keyring "$ARCHIVE_KEYRING" '' && cat "${GPGHOMEDIR}/gpgoutput.log"
if [ -r "$REMOVED_KEYS" ]; then
# remove no-longer supported/used keys
get_fingerprints_of_keyring "$(dearmor_filename "$REMOVED_KEYS")" | while read key; do
foreach_keyring_do 'remove_key_from_keyring' "$key"
done
else
apt_warn "Removed keys keyring '$REMOVED_KEYS' missing or not readable"
fi
}
remove_key_from_keyring() {
local KEYRINGFILE="$1"
shift
# non-existent keyrings have by definition no keys
if [ ! -e "$KEYRINGFILE" ]; then
return
fi
local FINGERPRINTS="${GPGHOMEDIR}/keyringfile.keylst"
local DEARMOR="$(dearmor_filename "$KEYRINGFILE")"
get_fingerprints_of_keyring "$DEARMOR" > "$FINGERPRINTS"
for KEY in "$@"; do
# strip leading 0x, if present:
KEY="$(echo "${KEY#0x}" | tr -d ' ')"
# check if the key is in this keyring
if ! grep -iq "^[0-9A-F]*${KEY}$" "$FINGERPRINTS"; then
continue
fi
if [ ! -w "$KEYRINGFILE" ]; then
apt_warn "Key ${KEY} is in keyring ${KEYRINGFILE}, but can't be removed as it is read only."
continue
fi
# check if it is the only key in the keyring and if so remove the keyring altogether
if [ '1' = "$(uniq "$FINGERPRINTS" | wc -l)" ]; then
mv -f "$KEYRINGFILE" "${KEYRINGFILE}~" # behave like gpg
return
fi
# we can't just modify pointed to files as these might be in /usr or something
local REALTARGET
if [ -L "$DEARMOR" ]; then
REALTARGET="$(readlink -f "$DEARMOR")"
mv -f "$DEARMOR" "${DEARMOR}.dpkg-tmp"
cp -a "$REALTARGET" "$DEARMOR"
fi
# delete the key from the keyring
aptkey_execute "$GPG_SH" --keyring "$DEARMOR" --batch --delete-keys --yes "$KEY"
if [ -n "$REALTARGET" ]; then
# the real backup is the old link, not the copy we made
mv -f "${DEARMOR}.dpkg-tmp" "${DEARMOR}~"
fi
if [ "$DEARMOR" != "$KEYRINGFILE" ]; then
mv -f "$KEYRINGFILE" "${KEYRINGFILE}~"
create_new_keyring "$KEYRINGFILE"
aptkey_execute "$GPG_SH" --keyring "$DEARMOR" --armor --export > "$KEYRINGFILE"
fi
get_fingerprints_of_keyring "$DEARMOR" > "$FINGERPRINTS"
done
}
accessible_file_exists() {
if ! test -s "$1"; then
return 1
fi
if test -r "$1"; then
return 0
fi
apt_warn "The key(s) in the keyring $1 are ignored as the file is not readable by user '$USER' executing apt-key."
return 1
}
is_supported_keyring() {
# empty files are always supported
if ! test -s "$1"; then
return 0
fi
local FILEEXT="${1##*.}"
if [ "$FILEEXT" = 'gpg' ]; then
# 0x98, 0x99 and 0xC6 via octal as hex isn't supported by dashs printf
if printf '\231' | cmp -s -n 1 - "$1"; then
true
elif printf '\230' | cmp -s -n 1 - "$1"; then
true
elif printf '\306' | cmp -s -n 1 - "$1"; then
true
else
apt_warn "The key(s) in the keyring $1 are ignored as the file has an unsupported filetype."
return 1
fi
elif [ "$FILEEXT" = 'asc' ]; then
true #dearmor_filename will deal with them
else
# most callers ignore unsupported extensions silently
apt_warn "The key(s) in the keyring $1 are ignored as the file has an unsupported filename extension."
return 1
fi
return 0
}
foreach_keyring_do() {
local ACTION="$1"
shift
# if a --keyring was given, just work on this one
if [ -n "$FORCED_KEYRING" ]; then
$ACTION "$FORCED_KEYRING" "$@"
else
# otherwise all known keyrings are up for inspection
if accessible_file_exists "$TRUSTEDFILE" && is_supported_keyring "$TRUSTEDFILE"; then
$ACTION "$TRUSTEDFILE" "$@"
fi
local TRUSTEDPARTS="/etc/apt/trusted.gpg.d"
eval "$(apt-config shell TRUSTEDPARTS Dir::Etc::TrustedParts/d)"
if [ -d "$TRUSTEDPARTS" ]; then
TRUSTEDPARTS="$(readlink -f "$TRUSTEDPARTS")"
local TRUSTEDPARTSLIST="$(cd /; find "$TRUSTEDPARTS" -mindepth 1 -maxdepth 1 \( -name '*.gpg' -o -name '*.asc' \))"
for trusted in $(echo "$TRUSTEDPARTSLIST" | sort); do
if accessible_file_exists "$trusted" && is_supported_keyring "$trusted"; then
$ACTION "$trusted" "$@"
fi
done
fi
fi
}
list_keys_in_keyring() {
local KEYRINGFILE="$1"
shift
# fingerprint and co will fail if key isn't in this keyring
aptkey_execute "$GPG_SH" --keyring "$(dearmor_filename "$KEYRINGFILE")" "$@" > "${GPGHOMEDIR}/gpgoutput.log" 2> "${GPGHOMEDIR}/gpgoutput.err" || true
if [ ! -s "${GPGHOMEDIR}/gpgoutput.log" ]; then
return
fi
# we fake gpg header here to refer to the real asc file rather than a temp file
if [ "${KEYRINGFILE##*.}" = 'asc' ]; then
if expr match "$(sed -n '2p' "${GPGHOMEDIR}/gpgoutput.log")" '^-\+$' >/dev/null 2>&1; then
echo "$KEYRINGFILE"
echo "$KEYRINGFILE" | sed 's#[^-]#-#g'
sed '1,2d' "${GPGHOMEDIR}/gpgoutput.log" || true
else
cat "${GPGHOMEDIR}/gpgoutput.log"
fi
else
cat "${GPGHOMEDIR}/gpgoutput.log"
fi
if [ -s "${GPGHOMEDIR}/gpgoutput.err" ]; then
cat >&2 "${GPGHOMEDIR}/gpgoutput.err"
fi
}
export_key_from_to() {
local FROM="$1"
local TO="$2"
shift 2
if ! aptkey_execute "$GPG_SH" --keyring "$(dearmor_filename "$FROM")" --export "$@" > "$TO" 2> "${GPGHOMEDIR}/gpgoutput.log"; then
cat >&2 "${GPGHOMEDIR}/gpgoutput.log"
false
else
chmod 0644 -- "$TO"
fi
}
import_keyring_into_keyring() {
local FROM="${1:-${GPGHOMEDIR}/pubring.gpg}"
local TO="${2:-${GPGHOMEDIR}/pubring.gpg}"
shift 2
rm -f "${GPGHOMEDIR}/gpgoutput.log"
# the idea is simple: We take keys from one keyring and copy it to another
# we do this with so many checks in between to ensure that WE control the
# creation, so we know that the (potentially) created $TO keyring is a
# simple keyring rather than a keybox as gpg2 would create it which in turn
# can't be read by gpgv.
# BEWARE: This is designed more in the way to work with the current
# callers, than to have a well defined it would be easy to add new callers to.
if [ ! -s "$TO" ]; then
if [ -s "$FROM" ]; then
if [ -z "$2" ]; then
local OPTS
if [ "${TO##*.}" = 'asc' ]; then
OPTS='--armor'
fi
export_key_from_to "$(dearmor_filename "$FROM")" "$TO" $OPTS ${1:+"$1"}
else
create_new_keyring "$TO"
fi
else
create_new_keyring "$TO"
fi
elif [ -s "$FROM" ]; then
local EXPORTLIMIT="$1"
if [ -n "$1$2" ]; then shift; fi
local DEARMORTO="$(dearmor_filename "$TO")"
if ! aptkey_execute "$GPG_SH" --keyring "$(dearmor_filename "$FROM")" --export ${EXPORTLIMIT:+"$EXPORTLIMIT"} \
| aptkey_execute "$GPG_SH" --keyring "$DEARMORTO" --batch --import "$@" > "${GPGHOMEDIR}/gpgoutput.log" 2>&1; then
cat >&2 "${GPGHOMEDIR}/gpgoutput.log"
false
fi
if [ "$DEARMORTO" != "$TO" ]; then
export_key_from_to "$DEARMORTO" "${DEARMORTO}.asc" --armor
if ! cmp -s "$TO" "${DEARMORTO}.asc" 2>/dev/null; then
cp -a "$TO" "${TO}~"
mv -f "${DEARMORTO}.asc" "$TO"
fi
fi
fi
}
dearmor_keyring() {
# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831409#67
# The awk script is more complex through to skip surrounding garbage and
# to support multiple keys in one file (old gpgs generate version headers
# which get printed with the original and hence result in garbage input for base64
awk '/^-----BEGIN/{ x = 1; }
/^$/{ if (x == 1) { x = 2; }; }
/^[^=-]/{ if (x == 2) { print $0; }; }
/^-----END/{ x = 0; }' | base64 -d
}
dearmor_filename() {
if [ "${1##*.}" = 'asc' ]; then
local trusted="${GPGHOMEDIR}/${1##*/}.gpg"
if [ -s "$1" ]; then
dearmor_keyring < "$1" > "$trusted"
fi
echo "$trusted"
elif [ "${1##*.}" = 'gpg' ]; then
echo "$1"
elif [ "$(head -n 1 "$1" 2>/dev/null)" = '-----BEGIN PGP PUBLIC KEY BLOCK-----' ]; then
local trusted="${GPGHOMEDIR}/${1##*/}.gpg"
dearmor_keyring < "$1" > "$trusted"
echo "$trusted"
else
echo "$1"
fi
}
catfile() {
cat "$(dearmor_filename "$1")" >> "$2"
}
merge_all_trusted_keyrings_into_pubring() {
# does the same as:
# foreach_keyring_do 'import_keys_from_keyring' "${GPGHOMEDIR}/pubring.gpg"
# but without using gpg, just cat and find
local PUBRING="$(readlink -f "${GPGHOMEDIR}")/pubring.gpg"
rm -f "$PUBRING"
touch "$PUBRING"
foreach_keyring_do 'catfile' "$PUBRING"
}
import_keys_from_keyring() {
import_keyring_into_keyring "$1" "$2"
}
merge_keys_into_keyrings() {
import_keyring_into_keyring "$2" "$1" '' --import-options 'merge-only'
}
merge_back_changes() {
if [ -n "$FORCED_KEYRING" ]; then
# if the keyring was forced merge is already done
if [ "$FORCED_KEYRING" != "$TRUSTEDFILE" ]; then
mv -f "$FORCED_KEYRING" "${FORCED_KEYRING}~"
export_key_from_to "$TRUSTEDFILE" "$FORCED_KEYRING" --armor
fi
return
fi
if [ -s "${GPGHOMEDIR}/pubring.gpg" ]; then
# merge all updated keys
foreach_keyring_do 'merge_keys_into_keyrings' "${GPGHOMEDIR}/pubring.gpg"
fi
# look for keys which were added or removed
get_fingerprints_of_keyring "${GPGHOMEDIR}/pubring.orig.gpg" > "${GPGHOMEDIR}/pubring.orig.keylst"
get_fingerprints_of_keyring "${GPGHOMEDIR}/pubring.gpg" > "${GPGHOMEDIR}/pubring.keylst"
comm -3 "${GPGHOMEDIR}/pubring.keylst" "${GPGHOMEDIR}/pubring.orig.keylst" > "${GPGHOMEDIR}/pubring.diff"
# key isn't part of new keyring, so remove
cut -f 2 "${GPGHOMEDIR}/pubring.diff" | while read key; do
if [ -z "$key" ]; then continue; fi
foreach_keyring_do 'remove_key_from_keyring' "$key"
done
# key is only part of new keyring, so we need to import it
cut -f 1 "${GPGHOMEDIR}/pubring.diff" | while read key; do
if [ -z "$key" ]; then continue; fi
import_keyring_into_keyring '' "$TRUSTEDFILE" "$key"
done
}
setup_merged_keyring() {
if [ -n "$FORCED_KEYID" ]; then
merge_all_trusted_keyrings_into_pubring
FORCED_KEYRING="${GPGHOMEDIR}/forcedkeyid.gpg"
TRUSTEDFILE="${FORCED_KEYRING}"
echo "#!/bin/sh
exec sh '($(escape_shell "${GPG}")' --keyring '$(escape_shell "${TRUSTEDFILE}")' \"\$@\"" > "${GPGHOMEDIR}/gpg.1.sh"
GPG="${GPGHOMEDIR}/gpg.1.sh"
# ignore error as this "just" means we haven't found the forced keyid and the keyring will be empty
import_keyring_into_keyring '' "$TRUSTEDFILE" "$FORCED_KEYID" || true
elif [ -z "$FORCED_KEYRING" ]; then
merge_all_trusted_keyrings_into_pubring
if [ -r "${GPGHOMEDIR}/pubring.gpg" ]; then
cp -a "${GPGHOMEDIR}/pubring.gpg" "${GPGHOMEDIR}/pubring.orig.gpg"
else
touch "${GPGHOMEDIR}/pubring.gpg" "${GPGHOMEDIR}/pubring.orig.gpg"
fi
echo "#!/bin/sh
exec sh '$(escape_shell "${GPG}")' --keyring '$(escape_shell "${GPGHOMEDIR}/pubring.gpg")' \"\$@\"" > "${GPGHOMEDIR}/gpg.1.sh"
GPG="${GPGHOMEDIR}/gpg.1.sh"
else
TRUSTEDFILE="$(dearmor_filename "$FORCED_KEYRING")"
create_new_keyring "$TRUSTEDFILE"
echo "#!/bin/sh
exec sh '$(escape_shell "${GPG}")' --keyring '$(escape_shell "${TRUSTEDFILE}")' \"\$@\"" > "${GPGHOMEDIR}/gpg.1.sh"
GPG="${GPGHOMEDIR}/gpg.1.sh"
fi
}
create_new_keyring() {
# gpg defaults to mode 0600 for new keyrings. Create one with 0644 instead.
if ! [ -e "$1" ]; then
if [ -w "$(dirname "$1")" ]; then
touch -- "$1"
chmod 0644 -- "$1"
fi
fi
}
aptkey_execute() { sh "$@"; }
usage() {
echo "Usage: apt-key [--keyring file] [command] [arguments]"
echo
echo "Manage apt's list of trusted keys"
echo
echo " apt-key add <file> - add the key contained in <file> ('-' for stdin)"
echo " apt-key del <keyid> - remove the key <keyid>"
echo " apt-key export <keyid> - output the key <keyid>"
echo " apt-key exportall - output all trusted keys"
echo " apt-key update - update keys using the keyring package"
echo " apt-key net-update - update keys using the network"
echo " apt-key list - list keys"
echo " apt-key finger - list fingerprints"
echo " apt-key adv - pass advanced options to gpg (download key)"
echo
echo "If no specific keyring file is given the command applies to all keyring files."
}
while [ -n "$1" ]; do
case "$1" in
--keyring)
shift
if [ -z "$FORCED_KEYRING" -o "$FORCED_KEYRING" = '/dev/null' ]; then
TRUSTEDFILE="$1"
FORCED_KEYRING="$1"
elif [ "$TRUSTEDFILE" = "$FORCED_KEYRING" ]; then
create_gpg_home
FORCED_KEYRING="${GPGHOMEDIR}/mergedkeyrings.gpg"
echo -n '' > "$FORCED_KEYRING"
chmod 0644 -- "$FORCED_KEYRING"
catfile "$TRUSTEDFILE" "$FORCED_KEYRING"
catfile "$1" "$FORCED_KEYRING"
else
catfile "$1" "$FORCED_KEYRING"
fi
;;
--keyid)
shift
if [ -n "$FORCED_KEYID" ]; then
apt_error 'Specifying --keyid multiple times is not supported'
exit 1
fi
FORCED_KEYID="$1"
;;
--secret-keyring)
shift
FORCED_SECRET_KEYRING="$1"
;;
--readonly)
merge_back_changes() { true; }
create_new_keyring() { if [ ! -r "$FORCED_KEYRING" ]; then TRUSTEDFILE='/dev/null'; FORCED_KEYRING="$TRUSTEDFILE"; fi; }
;;
--fakeroot)
requires_root() { true; }
;;
--quiet)
aptkey_echo() { true; }
;;
--debug1)
# some cmds like finger redirect stderr to /dev/null …
aptkey_execute() { echo 'EXEC:' "$@"; sh "$@"; }
;;
--debug2)
# … other more complicated ones pipe gpg into gpg.
aptkey_execute() { echo >&2 'EXEC:' "$@"; sh "$@"; }
;;
--homedir)
# force usage of a specific homedir instead of creating a temporary
shift
GPGHOMEDIR="$1"
;;
--*)
echo >&2 "Unknown option: $1"
usage
exit 1;;
*)
break;;
esac
shift
done
if [ -z "$TRUSTEDFILE" ]; then
TRUSTEDFILE="/etc/apt/trusted.gpg"
eval $(apt-config shell TRUSTEDFILE Apt::GPGV::TrustedKeyring)
eval $(apt-config shell TRUSTEDFILE Dir::Etc::Trusted/f)
if [ "$APT_KEY_NO_LEGACY_KEYRING" ]; then
TRUSTEDFILE="/dev/null"
fi
fi
command="$1"
if [ -z "$command" ]; then
usage
exit 1
fi
shift
prepare_gpg_home() {
# crude detection if we are called from a maintainerscript where the
# package depends on gnupg or not. We accept recommends here as
# well as the script hopefully uses apt-key optionally then like e.g.
# debian-archive-keyring for (upgrade) cleanup did
if [ -n "$DPKG_MAINTSCRIPT_PACKAGE" ] && [ -z "$APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE" ]; then
if ! dpkg-query --show --showformat '${Pre-Depends}${Depends}${Recommends}\n' "$DPKG_MAINTSCRIPT_PACKAGE" 2>/dev/null | grep -E -q 'gpg|gnupg'; then
cat >&2 <<EOF
Warning: The $DPKG_MAINTSCRIPT_NAME maintainerscript of the package $DPKG_MAINTSCRIPT_PACKAGE
Warning: seems to use apt-key (provided by apt) without depending on gpg, gnupg, or gnupg2.
Warning: This will BREAK in the future and should be fixed by the package maintainer(s).
Note: Check first if apt-key functionality is needed at all - it probably isn't!
EOF
fi
fi
eval "$(apt-config shell GPG_EXE Apt::Key::gpgcommand)"
if [ -n "$GPG_EXE" ] && command_available "$GPG_EXE"; then
true
elif command_available 'gpg'; then
GPG_EXE="gpg"
elif command_available 'gpg2'; then
GPG_EXE="gpg2"
elif command_available 'gpg1'; then
GPG_EXE="gpg1"
else
apt_error 'gnupg, gnupg2 and gnupg1 do not seem to be installed, but one of them is required for this operation'
exit 255
fi
create_gpg_home
# now tell gpg that it shouldn't try to maintain this trustdb file
echo "#!/bin/sh
exec '$(escape_shell "${GPG_EXE}")' --ignore-time-conflict --no-options --no-default-keyring \\
--homedir '$(escape_shell "${GPGHOMEDIR}")' --no-auto-check-trustdb --trust-model always \"\$@\"" > "${GPGHOMEDIR}/gpg.0.sh"
GPG_SH="${GPGHOMEDIR}/gpg.0.sh"
GPG="$GPG_SH"
# create the trustdb with an (empty) dummy keyring
# older gpgs required it, newer gpgs even warn that it isn't needed,
# but require it nonetheless for some commands, so we just play safe
# here for the foreseeable future and create a dummy one
touch "${GPGHOMEDIR}/empty.gpg"
if ! "$GPG_EXE" --ignore-time-conflict --no-options --no-default-keyring \
--homedir "$GPGHOMEDIR" --quiet --check-trustdb --keyring "${GPGHOMEDIR}/empty.gpg" >"${GPGHOMEDIR}/gpgoutput.log" 2>&1; then
cat >&2 "${GPGHOMEDIR}/gpgoutput.log"
false
fi
# We don't usually need a secret keyring, of course, but
# for advanced operations, we might really need a secret keyring after all
if [ -n "$FORCED_SECRET_KEYRING" ] && [ -r "$FORCED_SECRET_KEYRING" ]; then
if ! aptkey_execute "$GPG" -v --batch --import "$FORCED_SECRET_KEYRING" >"${GPGHOMEDIR}/gpgoutput.log" 2>&1; then
# already imported keys cause gpg1 to fail for some reason… ignore this error
if ! grep -q 'already in secret keyring' "${GPGHOMEDIR}/gpgoutput.log"; then
cat >&2 "${GPGHOMEDIR}/gpgoutput.log"
false
fi
fi
else
# and then, there are older versions of gpg which panic and implode
# if there isn't one available - and writeable for imports
# and even if not output is littered with the creation of a secring,
# so lets call import once to have it create what it wants in silence
echo -n | aptkey_execute "$GPG" --batch --import >/dev/null 2>&1 || true
fi
}
warn_on_script_usage() {
if [ -n "$APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE" ]; then
return
fi
# (Maintainer) scripts should not be using apt-key
if [ -n "$DPKG_MAINTSCRIPT_PACKAGE" ]; then
echo >&2 "Warning: apt-key should not be used in scripts (called from $DPKG_MAINTSCRIPT_NAME maintainerscript of the package ${DPKG_MAINTSCRIPT_PACKAGE})"
fi
echo >&2 "Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8))."
}
warn_outside_maintscript() {
# In del, we want to warn in interactive use, but not inside maintainer
# scripts, so as to give people a chance to migrate keyrings.
#
# FIXME: We should always warn starting in 2022.
if [ -z "$DPKG_MAINTSCRIPT_PACKAGE" ]; then
echo >&2 "Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8))."
fi
}
if [ "$command" != 'help' ] && [ "$command" != 'verify' ]; then
prepare_gpg_home
fi
case "$command" in
add)
warn_on_script_usage
requires_root
setup_merged_keyring
aptkey_execute "$GPG" --quiet --batch --import "$@"
merge_back_changes
aptkey_echo "OK"
;;
del|rm|remove)
# no script warning here as removing 'add' usage needs 'del' for cleanup
warn_outside_maintscript
requires_root
foreach_keyring_do 'remove_key_from_keyring' "$@"
aptkey_echo "OK"
;;
update)
warn_on_script_usage
requires_root
setup_merged_keyring
update
merge_back_changes
;;
net-update)
warn_on_script_usage
requires_root
setup_merged_keyring
net_update
merge_back_changes
;;
list|finger*)
warn_on_script_usage
foreach_keyring_do 'list_keys_in_keyring' --fingerprint "$@"
;;
export|exportall)
warn_on_script_usage
merge_all_trusted_keyrings_into_pubring
aptkey_execute "$GPG_SH" --keyring "${GPGHOMEDIR}/pubring.gpg" --armor --export "$@"
;;
adv*)
warn_on_script_usage
setup_merged_keyring
aptkey_echo "Executing: $GPG" "$@"
aptkey_execute "$GPG" "$@"
merge_back_changes
;;
verify)
GPGV=''
eval $(apt-config shell GPGV Apt::Key::gpgvcommand)
if [ -n "$GPGV" ] && command_available "$GPGV"; then true;
elif command_available 'gpgv'; then GPGV='gpgv';
elif command_available 'gpgv2'; then GPGV='gpgv2';
elif command_available 'gpgv1'; then GPGV='gpgv1';
else
apt_error 'gpgv, gpgv2 or gpgv1 required for verification, but neither seems installed'
exit 29
fi
# for a forced keyid we need gpg --export, so full wrapping required
if [ -n "$FORCED_KEYID" ]; then
prepare_gpg_home
else
create_gpg_home
fi
setup_merged_keyring
if [ -n "$FORCED_KEYRING" ]; then
"$GPGV" --homedir "${GPGHOMEDIR}" --keyring "$(dearmor_filename "${FORCED_KEYRING}")" --ignore-time-conflict "$@"
else
"$GPGV" --homedir "${GPGHOMEDIR}" --keyring "${GPGHOMEDIR}/pubring.gpg" --ignore-time-conflict "$@"
fi
;;
help)
usage
;;
*)
usage
exit 1
;;
esac