Bug#833547: [buildd-tools-devel] Bug#833547: sbuild: with gpg2, sbuild-update --keygen prompts the user for a passphrase
Hi, Quoting Sean Whitton (2016-08-06 01:05:01) > On Sat, Aug 06, 2016 at 12:58:45AM +0200, Johannes Schauer wrote: > > Is anybody actually using that feature anymore? > > The LTS guys probably are. nope, squeeze LTS support was dropped February 2016: https://wiki.debian.org/DebianSqueeze#Release_and_updates > > I want to kick out everything gpg related after the squeeze release. > > Everything that is fixed now is just to make things work until then. > > I assume you mean after the stretch release? :) Yes. cheers, josch signature.asc Description: signature
Bug#833547: [buildd-tools-devel] Bug#833547: sbuild: with gpg2, sbuild-update --keygen prompts the user for a passphrase
On Sat, Aug 06, 2016 at 12:58:45AM +0200, Johannes Schauer wrote: > Quoting Sean Whitton (2016-08-06 00:51:48) > > You might also want to look into the new --quick-gen-key flag. > > no sorry, but thanks. > > The only reason that gpg is still around is to build stuff for squeeze. Right, makes sense. > Is anybody actually using that feature anymore? The LTS guys probably are. > I want to kick out everything gpg related after the squeeze > release. Everything that is fixed now is just to make things work > until then. I assume you mean after the stretch release? :) -- Sean Whitton signature.asc Description: PGP signature
Bug#833547: [buildd-tools-devel] Bug#833547: sbuild: with gpg2, sbuild-update --keygen prompts the user for a passphrase
Quoting Sean Whitton (2016-08-06 00:51:48) > You might also want to look into the new --quick-gen-key flag. no sorry, but thanks. The only reason that gpg is still around is to build stuff for squeeze. Is anybody actually using that feature anymore? I want to kick out everything gpg related after the squeeze release. Everything that is fixed now is just to make things work until then. Thanks! cheers, josch signature.asc Description: signature
Bug#833547: [buildd-tools-devel] Bug#833547: sbuild: with gpg2, sbuild-update --keygen prompts the user for a passphrase
Hello, On Sat, Aug 06, 2016 at 12:15:55AM +0200, Johannes Schauer wrote: > wow... This is really unexpected given that gpg is run with the --batch > argument. Why would gpg prompt for any user interaction if I even pass the > --batch flag?? But at this point I should not be surprised anymore about gpg > weirdness... You might also want to look into the new --quick-gen-key flag. > Thanks for testing this and providing the patch. It's in my git > branch. Cool :) -- Sean Whitton signature.asc Description: PGP signature
Bug#833547: [buildd-tools-devel] Bug#833547: sbuild: with gpg2, sbuild-update --keygen prompts the user for a passphrase
Control: tag -1 + pending Hi, Quoting Sean Whitton (2016-08-05 22:17:27) > With gnupg 2.1, which will soon be the default in unstable, > `sbuild-update --keygen` prompts the user for a passphrase for the > generated keys. This is confusing, and will probably break things if > the user actually enters a passphrase. > > The attached patch fixes the problem. wow... This is really unexpected given that gpg is run with the --batch argument. Why would gpg prompt for any user interaction if I even pass the --batch flag?? But at this point I should not be surprised anymore about gpg weirdness... Thanks for testing this and providing the patch. It's in my git branch. cheers, josch signature.asc Description: signature
Bug#833547: sbuild: with gpg2, sbuild-update --keygen prompts the user for a passphrase
Package: sbuild Version: 0.70.0-1 Severity: normal Tags: patch Dear maintainers, With gnupg 2.1, which will soon be the default in unstable, `sbuild-update --keygen` prompts the user for a passphrase for the generated keys. This is confusing, and will probably break things if the user actually enters a passphrase. The attached patch fixes the problem. -- System Information: Debian Release: stretch/sid APT prefers testing APT policy: (900, 'testing') Architecture: i386 (i686) Kernel: Linux 4.5.0-2-686-pae (SMP w/2 CPU cores) Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages sbuild depends on: ii adduser 3.115 ii apt-utils 1.3~pre2 ii gnupg 2.1.14-2 ii libsbuild-perl 0.70.0-1 ii perl5.22.2-3 Versions of packages sbuild recommends: ii debootstrap 1.0.81 ii fakeroot 1.21-1 Versions of packages sbuild suggests: pn deborphan ii wget 1.18-2 -- no debconf information -- Sean Whitton From dd166466e75015a0ebc39f6a0533c98649a7a504 Mon Sep 17 00:00:00 2001 From: Sean WhittonDate: Fri, 5 Aug 2016 13:14:52 -0700 Subject: [PATCH] don't prompt the user during --keygen --- debian/control| 3 ++- lib/Sbuild/ChrootSetup.pm | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/debian/control b/debian/control index 98f061f..40b8b61 100644 --- a/debian/control +++ b/debian/control @@ -56,7 +56,8 @@ Depends: adduser, libsbuild-perl (= ${source:Version}), ${misc:Depends}, ${perl:Depends}, - ${shlibs:Depends} + ${shlibs:Depends}, + gnupg (>= 2) Recommends: debootstrap, fakeroot Suggests: deborphan, wget Description: Tool for building Debian binary packages from Debian sources diff --git a/lib/Sbuild/ChrootSetup.pm b/lib/Sbuild/ChrootSetup.pm index d45ef68..53dd75b 100644 --- a/lib/Sbuild/ChrootSetup.pm +++ b/lib/Sbuild/ChrootSetup.pm @@ -274,7 +274,7 @@ EOF return $? } -my @command = ('gpg', '--no-options', '--no-default-keyring', '--batch', '--gen-key', +my @command = ('gpg', '--no-options', '--pinentry-mode', 'loopback', '--passphrase-file', '/dev/null', '--no-default-keyring', '--batch', '--gen-key', $tmpfilename); $host->run_command( { COMMAND => \@command, -- 2.8.1 signature.asc Description: PGP signature