I want to delete a keyring key on Ubuntu 22.04

gi flag

Here is what I did:

cmd> export distro=ubuntu2204
cmd> export arch=x86_64
cmd> wget$distro/$arch/cuda-keyring_1.0-1_all.deb
cmd> sudo dpkg -i cuda-keyring_1.0-1_all.deb
(Reading database ... 326997 files and directories currently installed.)
Preparing to unpack cuda-keyring_1.0-1_all.deb ...
Unpacking cuda-keyring (1.0-1) over (1.0-1) ...
Setting up cuda-keyring (1.0-1) ...

A deprecated public CUDA GPG key appear to be installed.
To remove the key, run this command:
sudo apt-key del 7fa2af80

cmd> sudo apt-key del 7fa2af80
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).

"del" is the only subcommand of apt-key that is still supported in Ubuntu 22.04. It appears to have worked (OK) with just a warning. But if I try to install the cuda key again I get the same error. Is this interfering key installed elsewhere and do I need to delete it from there also before I can install the new one?

The question is simple: How can I delete the key it is complaining about such that the new cuda-keyring can be installed? Hopefully I don't need to study gpg theory to do this. Yes, I have extensively googled this with queries like: 'delete gpg key from "trusted.gpg.d"' and many other variations. I consider any answer that involves some kind of forced install or forced key overwrite to also be ok.

gi flag

I decided to run strace on the dpkg install of the keyring. I found some shell script being written out and executed that prints the message about needing to delete a key. I've never looked inside a deb file but figure out how and found a file name 'postinst'. In it there is:

keyexists="$(GNUPGHOME=/dev/null gpg /etc/apt/trusted.gpg 2>/dev/null | grep -i 7fa2af80)" || true
if [ ! -f "/etc/apt/trusted.gpg" ] || [ ! "$keyexists" ]; then
     removeKey="sudo apt-key del 7fa2af80"

It is complaining about needing to remove the key if the key DOES NOT(!) exist! How can this be? The short version: I found a nearly identical shell script, elsewhere in a comment on the web, with the same "if" logic but it was for a case with the key needed to be added instead of removed. It looks like someone didn't bother to change the "if" test and adopted that script for this keyring deb. This is an NVidia bug which I'll try to report if I can find the right forum.

I sit in a Tesla and translated this thread with Ai:


Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.