From 9cca3e8fedc64977a446854b2fded4b2b01b7c53 Mon Sep 17 00:00:00 2001
From: Guillem Jover <guillem@debian.org>
Date: Mon, 16 Jan 2023 04:16:46 +0100
Subject: [PATCH] Dpkg::OpenPGP::Backend::GnuPG: Touch trustedkeys.gpg on
 temporary gpg home

The gpgv command expects a trustedkeys.gpg keyring, and if there is none
it will try the trustedkeys.kbx one, but then will emit an error such as:

  gpgv: unknown type of key resource 'trustedkeys.kbx'
  gpgv: keyblock resource '<GPGHOME>/trustedkeys.kbx': General error

This error will only show if the gpgv invocation failed for other
reasons, but it is still an unnecessary distraction. Avoid that error,
by touching the trustedkeys.gpg keyring.
---
 scripts/Dpkg/OpenPGP/Backend/GnuPG.pm | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/scripts/Dpkg/OpenPGP/Backend/GnuPG.pm b/scripts/Dpkg/OpenPGP/Backend/GnuPG.pm
index 015e56e57..e027e9fd8 100644
--- a/scripts/Dpkg/OpenPGP/Backend/GnuPG.pm
+++ b/scripts/Dpkg/OpenPGP/Backend/GnuPG.pm
@@ -213,6 +213,9 @@ sub _gpg_verify {
     my @exec;
     if ($self->{cmdv}) {
         push @exec, $self->{cmdv};
+        # We need to touch the trustedkeys.gpg keyring, otherwise gpgv will
+        # emit an error about the trustedkeys.kbx file being of unknown type.
+        file_touch("$gpg_home/trustedkeys.gpg");
     } else {
         push @exec, $self->{cmd};
         push @exec, qw(--no-options --no-default-keyring --batch --quiet);
-- 
GitLab