Public bug reported:
After gpg v2.1, the --pinentry-mode=loopback flag is required to use the
--passphrase, --passphrase-fd, and --passphrase-file flags with gpg.
`--pinentry-mode=loopback` will need to be added to the command line
arguments for gpg during signing for the case where a passphrase file is
passed. Without this extra flag, gpg tries to prompt for pin entry. Also
instead of opening the passphrase file as file descriptor 42 in the perl
script, just pass the file path to the --passphrase-file gpg option.
lsb_release -rd:
Description: Ubuntu 20.04.2 LTS
Release: 20.04
apt-cache policy dpkg-sig:
dpkg-sig:
Installed: 0.13.1+nmu4
Candidate: 0.13.1+nmu4
Version table:
*** 0.13.1+nmu4 500
500 http://ca.archive.ubuntu.com/ubuntu focal/universe amd64 Packages
100 /var/lib/dpkg/status
What I expected:
dpkg-sig to use the provided passphrase file to sign the package
What happened instead:
$ dpkg-sig -v -k GPG_KEY --passphrase-file passphrase.txt --sign builder
PACKAGE.deb
Processing PACKAGE.deb...
Default key: GPG_KEY
Using passphrase from passphrase.txt
Signing /tmp/debsigs-ng.G5mxne/digests with key GPG_KEY
gpg: Fatal: passphrase-fd is invalid: Bad file descriptor
E: Signing failed. Error code: 512
** Affects: dpkg-sig (Ubuntu)
Importance: Undecided
Status: New
** Patch added: "patch for perl script to fix --passphrase-file option"
https://bugs.launchpad.net/bugs/1933267/+attachment/5506303/+files/dpkg-sig.patch
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1933267
Title:
--passphrase-file option is broken with gpg version >= 2.1
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dpkg-sig/+bug/1933267/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
