Bug#833547: [buildd-tools-devel] Bug#833547: sbuild: with gpg2, sbuild-update --keygen prompts the user for a passphrase

2016-08-05 Thread Johannes Schauer 
Hi,

Quoting Sean Whitton (2016-08-06 01:05:01)
> On Sat, Aug 06, 2016 at 12:58:45AM +0200, Johannes Schauer wrote:
> > Is anybody actually using that feature anymore?
> 
> The LTS guys probably are.

nope, squeeze LTS support was dropped February 2016:

https://wiki.debian.org/DebianSqueeze#Release_and_updates

> > I want to kick out everything gpg related after the squeeze release.
> > Everything that is fixed now is just to make things work until then.
> 
> I assume you mean after the stretch release? :)

Yes.

cheers, josch


signature.asc
Description: signature

Bug#833547: [buildd-tools-devel] Bug#833547: sbuild: with gpg2, sbuild-update --keygen prompts the user for a passphrase

2016-08-05 Thread Sean Whitton 
On Sat, Aug 06, 2016 at 12:58:45AM +0200, Johannes Schauer wrote:
> Quoting Sean Whitton (2016-08-06 00:51:48)
> > You might also want to look into the new --quick-gen-key flag.
> 
> no sorry, but thanks.
> 
> The only reason that gpg is still around is to build stuff for squeeze.

Right, makes sense.

> Is anybody actually using that feature anymore?

The LTS guys probably are.

> I want to kick out everything gpg related after the squeeze
> release. Everything that is fixed now is just to make things work
> until then.

I assume you mean after the stretch release? :)

-- 
Sean Whitton


signature.asc
Description: PGP signature

Bug#833547: [buildd-tools-devel] Bug#833547: sbuild: with gpg2, sbuild-update --keygen prompts the user for a passphrase

2016-08-05 Thread Johannes Schauer 
Quoting Sean Whitton (2016-08-06 00:51:48)
> You might also want to look into the new --quick-gen-key flag.

no sorry, but thanks.

The only reason that gpg is still around is to build stuff for squeeze.

Is anybody actually using that feature anymore?

I want to kick out everything gpg related after the squeeze release. Everything
that is fixed now is just to make things work until then.

Thanks!

cheers, josch


signature.asc
Description: signature

Bug#833547: [buildd-tools-devel] Bug#833547: sbuild: with gpg2, sbuild-update --keygen prompts the user for a passphrase

2016-08-05 Thread Sean Whitton 
Hello,

On Sat, Aug 06, 2016 at 12:15:55AM +0200, Johannes Schauer wrote:
> wow... This is really unexpected given that gpg is run with the --batch
> argument. Why would gpg prompt for any user interaction if I even pass the
> --batch flag?? But at this point I should not be surprised anymore about gpg
> weirdness...

You might also want to look into the new --quick-gen-key flag.

> Thanks for testing this and providing the patch. It's in my git
> branch.

Cool :)

-- 
Sean Whitton


signature.asc
Description: PGP signature

Bug#833547: [buildd-tools-devel] Bug#833547: sbuild: with gpg2, sbuild-update --keygen prompts the user for a passphrase

2016-08-05 Thread Johannes Schauer 
Control: tag -1 + pending

Hi,

Quoting Sean Whitton (2016-08-05 22:17:27)
> With gnupg 2.1, which will soon be the default in unstable,
> `sbuild-update --keygen` prompts the user for a passphrase for the
> generated keys.  This is confusing, and will probably break things if
> the user actually enters a passphrase.
> 
> The attached patch fixes the problem.

wow... This is really unexpected given that gpg is run with the --batch
argument. Why would gpg prompt for any user interaction if I even pass the
--batch flag?? But at this point I should not be surprised anymore about gpg
weirdness...

Thanks for testing this and providing the patch. It's in my git branch.

cheers, josch


signature.asc
Description: signature

Bug#833547: sbuild: with gpg2, sbuild-update --keygen prompts the user for a passphrase

2016-08-05 Thread Sean Whitton 
Package: sbuild
Version: 0.70.0-1
Severity: normal
Tags: patch

Dear maintainers,

With gnupg 2.1, which will soon be the default in unstable,
`sbuild-update --keygen` prompts the user for a passphrase for the
generated keys.  This is confusing, and will probably break things if
the user actually enters a passphrase.

The attached patch fixes the problem.

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (900, 'testing')
Architecture: i386 (i686)

Kernel: Linux 4.5.0-2-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages sbuild depends on:
ii  adduser 3.115
ii  apt-utils   1.3~pre2
ii  gnupg   2.1.14-2
ii  libsbuild-perl  0.70.0-1
ii  perl5.22.2-3

Versions of packages sbuild recommends:
ii  debootstrap  1.0.81
ii  fakeroot 1.21-1

Versions of packages sbuild suggests:
pn  deborphan  
ii  wget   1.18-2

-- no debconf information

-- 
Sean Whitton
From dd166466e75015a0ebc39f6a0533c98649a7a504 Mon Sep 17 00:00:00 2001
From: Sean Whitton 
Date: Fri, 5 Aug 2016 13:14:52 -0700
Subject: [PATCH] don't prompt the user during --keygen

---
 debian/control| 3 ++-
 lib/Sbuild/ChrootSetup.pm | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/debian/control b/debian/control
index 98f061f..40b8b61 100644
--- a/debian/control
+++ b/debian/control
@@ -56,7 +56,8 @@ Depends: adduser,
  libsbuild-perl (= ${source:Version}),
  ${misc:Depends},
  ${perl:Depends},
- ${shlibs:Depends}
+ ${shlibs:Depends},
+ gnupg (>= 2)
 Recommends: debootstrap, fakeroot
 Suggests: deborphan, wget
 Description: Tool for building Debian binary packages from Debian sources
diff --git a/lib/Sbuild/ChrootSetup.pm b/lib/Sbuild/ChrootSetup.pm
index d45ef68..53dd75b 100644
--- a/lib/Sbuild/ChrootSetup.pm
+++ b/lib/Sbuild/ChrootSetup.pm
@@ -274,7 +274,7 @@ EOF
 	return $?
 }
 
-my @command = ('gpg', '--no-options', '--no-default-keyring', '--batch', '--gen-key',
+my @command = ('gpg', '--no-options', '--pinentry-mode', 'loopback', '--passphrase-file', '/dev/null', '--no-default-keyring', '--batch', '--gen-key',
$tmpfilename);
 $host->run_command(
 { COMMAND => \@command,
-- 
2.8.1



signature.asc
Description: PGP signature