Ubuntu 23.10 Improving PPA Management For Enhanced Security & Reliability

Written by Michael Larabel in Ubuntu on 16 May 2023 at 05:59 AM EDT. 5 Comments
One of the great longtime features of Ubuntu Linux has been Launchpad's Personal Package Archives (PPAs) for easily augmenting the official Ubuntu repositories with additional packages either to supply updated versions of select software or for software not yet found in the official Ubuntu archives. With Ubuntu 23.10 a change is being made in how PPAs are managed to enhance the security and reliability.

Up to this point Ubuntu PPAs were managed via a .list file within /etc/apt/sources.list.d while a GPG keyring was added within /etc/apt/trusted.gpg.d. Starting with Ubuntu 23.10, PPAs will be managed by deb822-formatted .sources files where the keys are directly embedded into the same file.

sudo apt-add-repository

The intent of reworking how the Ubuntu PPAs are managed on user systems is intended to make it easier to also ensure a PPA's associated key is removed from the system if also removing the PPA from the system. This also allows limiting a PPA's key for use just by that Personal Package Archive and not adding the key to the global keyring nor does it then allow for other keys to be utilized for signing the given PPA.

More details on this PPA handling change for Ubuntu 23.10 via this announcement.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week