Ubuntu MATE 21.04:删除 Debian 密钥环 GPG 文件是否安全?

Ubuntu MATE 21.04:删除 Debian 密钥环 GPG 文件是否安全?

我刚刚注意到,我的 Ubuntu MATE 21.04 安装目录内有很多 Debian 密钥环 GPG 文件/usr/share/keyrings/(已定期从以前的版本升级)。

$ ls -lsh /usr/share/keyrings/
total 32M
 12K -rw-r--r-- 1 root root 8.5K Mar 26 16:41 debian-archive-bullseye-automatic.gpg
 12K -rw-r--r-- 1 root root 8.6K Mar 26 16:41 debian-archive-bullseye-security-automatic.gpg
4.0K -rw-r--r-- 1 root root 2.4K Mar 26 16:41 debian-archive-bullseye-stable.gpg
8.0K -rw-r--r-- 1 root root 8.0K Mar 26 16:41 debian-archive-buster-automatic.gpg
8.0K -rw-r--r-- 1 root root 8.0K Mar 26 16:41 debian-archive-buster-security-automatic.gpg
4.0K -rw-r--r-- 1 root root 2.3K Mar 26 16:41 debian-archive-buster-stable.gpg
 56K -rw-r--r-- 1 root root  55K Mar 26 16:41 debian-archive-keyring.gpg
 40K -rw-r--r-- 1 root root  37K Mar 26 16:41 debian-archive-removed-keys.gpg
8.0K -rw-r--r-- 1 root root 7.3K Mar 26 16:41 debian-archive-stretch-automatic.gpg
8.0K -rw-r--r-- 1 root root 7.3K Mar 26 16:41 debian-archive-stretch-security-automatic.gpg
4.0K -rw-r--r-- 1 root root 2.3K Mar 26 16:41 debian-archive-stretch-stable.gpg
 28M -rw-r--r-- 1 root root  28M Mar 25 02:40 debian-keyring.gpg
2.6M -rw-r--r-- 1 root root 2.6M Mar 25 02:40 debian-maintainers.gpg
772K -rw-r--r-- 1 root root 771K Mar 25 02:40 debian-nonupload.gpg
 28K -rw-r--r-- 1 root root  26K Mar 25 02:40 debian-role-keys.gpg

4.0K -rw-r--r-- 1 root root 2.3K May 11 15:49 ubuntu-advantage-cis.gpg
4.0K -rw-r--r-- 1 root root 2.2K May 11 15:49 ubuntu-advantage-esm-apps.gpg
4.0K -rw-r--r-- 1 root root 2.3K May 11 15:49 ubuntu-advantage-esm-infra-trusty.gpg
4.0K -rw-r--r-- 1 root root 2.3K May 11 15:49 ubuntu-advantage-fips.gpg
8.0K -rw-r--r-- 1 root root 7.3K Sep 18  2018 ubuntu-archive-keyring.gpg
8.0K -rw-r--r-- 1 root root 6.6K Oct 27  2016 ubuntu-archive-removed-keys.gpg
4.0K -rw-r--r-- 1 root root 3.0K Mar 27 05:04 ubuntu-cloudimage-keyring.gpg
   0 -rw-r--r-- 1 root root    0 Jan 17  2018 ubuntu-cloudimage-removed-keys.gpg
4.0K -rw-r--r-- 1 root root 1.2K May 27  2010 ubuntu-master-keyring.gpg
$

当我将其与 Ubuntu MATE 21.04 的全新虚拟安装进行比较时,发现它只有 Ubuntu 密钥环文件。

那么,删除这些 Debian 密钥环文件安全吗?谢谢。

編輯-1:

dpkg -S /usr/share/keyrings/debian-* | awk -F: '{print $1}' | sort -u

debian-archive-keyring
debian-keyring
aptitude why debian-archive-keyring

i   packaging-dev    Recommends ubuntu-dev-tools      
i A ubuntu-dev-tools Recommends debian-archive-keyring

aptitude why debian-keyring

i   packaging-dev    Recommends ubuntu-dev-tools
i A ubuntu-dev-tools Recommends debian-keyring  

答案1

直接删除文件不是一个好主意。

您可以删除他们的软件包 - 通过以下方式找到它们

dpkg -S '/usr/share/keyrings/debian-*' | awk -F: '{print $1}' | sort -u

然后删除

sudo apt-get purge $(dpkg -S '/usr/share/keyrings/debian-*' | awk -F: '{print $1}' | sort -u)

例如,在我的 18.04 LTS 上,我看到两个包debian-archive-keyringdebian-keyring。Aptitude 说它们是按照建议安装的:

$ aptitude why debian-archive-keyring
i   bikeshed         Recommends ubuntu-dev-tools      
i A ubuntu-dev-tools Recommends debian-archive-keyring

$ aptitude why debian-keyring 
i   bikeshed         Recommends ubuntu-dev-tools
i A ubuntu-dev-tools Recommends debian-keyring  

您可以尝试在您的机器上执行以上所有命令,然后再决定。

对于我的机器来说,移除这些钥匙圈是安全的,我将节省大约35,6 MB

相关内容