Hallo,
* Guilhem Moulin [Tue, Sep 01 2015, 10:43:19PM]:
> Hi,
>
> On Tue, 01 Sep 2015 at 22:11:23 +0200, Eduard Bloch wrote:
> > And for some reason, gpg-agent is no longer working, I guess it's
> > caused by gpg2 installation?
>
> It has nothing to do with signing-party anyway.
Uhm... see below.
> > The solution is removing .caff/gnupghome and let it replace it. This is
> > either a bug or your docs might point out that it needs to be deleted
> > after changing gpg version.
> Could you also try to create a fresh caff keyring with gnupg 1.4 and
> later try to run caff with 2.1? Something like that:
>
> mv ~/.caff/gnupghome ~/.caff/gnupghome1
> # set ‘$CONFIG{'gpg'} = 'gpg';’ in your caffrc
> caff --debug --no-sign $KEYID
> # set ‘$CONFIG{'gpg'} = 'gpg2';’ in your caffrc
> caff --debug $KEYID
>
> If that works, it might be due to [0] indeed. Otherwise, it's probably
> a bug in caff ;-)
Yes, the migration of a fresh version worked just as you have expected.
> No action should be required on your side. Do you still have a copy of
> the ‘~/.caff/gnupghome’? If yes can you run
>
> gpg2 --homedir ~/.caff/gnupghome --list-key $KEYID
I have a backup, indeed...
$ gpg2 --homedir ~/.caff/gnupghome.alt --list-key
7C3AB9CFD230BD30DD009C591E7091B1F14A64A2
gpg: checking the trustdb
gpg: keydb_get_keyblock failed: Legacy key
gpg: keydb_get_keyblock failed: Legacy key
gpg: keydb_get_keyblock failed: Legacy key
... LOTS OF THEM ...
gpg: keydb_get_keyblock failed: Legacy key
gpg: no ultimately trusted keys found
pub rsa4096/F14A64A2 2009-05-22 [expires: 2017-07-21]
uid [ unknown] Aaron M. Ucko <a...@alum.mit.edu>
uid [ unknown] Aaron M. Ucko <u...@debian.org>
uid [ unknown] [jpeg image of size 6064]
sub rsa4096/0ABAADF9 2009-05-22 [expires: 2017-07-21]
But I saw no trustdb check when caff is working...
This makes me wonder, I see --no-auto-check-trustdb in your gpg options...
maybe this is the
key? It needs to update trustdb prior to migration but it's forbidden.
So I hacked caff and removed the option but this did not change anything.
Maybe it's not allowed together with --batch? I don't know.
Anyhow, after little RTFM, I think that a possible workaround for this
problem in caff should be calling this always when caff starts:
gpg2 --batch --check-trustdb --homedir ...
It shouldn't do anything if no update is needed. I checked that:
restored broken dir, reproduced mentioned problem, called the command,
watched the update finished, called caff again, and it worked just fine.
> I wonder if it's related to [0] somehow.
Yeah, probably.
Regards,
Eduard.
--
<HE> Bücken ist schonmal ganz schlecht.
<HE> Wehe einer wirft mir ein Stück Seife zu!
