[buildd-tools-devel] Bug#606668: sbuild: shouldn't read gpg.conf when signing dummy archive key

Simon McVittie smcv at debian.org
Fri Dec 10 18:31:39 UTC 2010 

Package: sbuild
Version: 0.60.7-1
Severity: normal
Tags: patch

My gpg.conf sets up a non-default secret keyring in a location that sbuild
can't see. This causes signing of the dummy archive key to fail when using
the aptitude resolver (because --secret-keyring appears to have the semantics
of "add another secret keyring", not "replace the secret keyring", and gpg
refuses to run unless it can access all of its secret keyrings).

Please see attached patch, which makes the gpg run by sbuild not use ~/.gnupg
at all.

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (101, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages sbuild depends on:
ii  adduser                       3.112+nmu2 add and remove users and groups
ii  libsbuild-perl                0.60.7-1   Tool for building Debian binary pa
ii  perl                          5.10.1-16  Larry Wall's Practical Extraction 
ii  perl-modules                  5.10.1-16  Core Perl modules

Versions of packages sbuild recommends:
ii  debootstrap                   1.0.26     Bootstrap a basic Debian system
ii  fakeroot                      1.14.5-1   Gives a fake root environment

Versions of packages sbuild suggests:
pn  deborphan                     <none>     (no description available)
ii  wget                          1.12-2.1   retrieves files from the web

-- no debconf information
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Use-gpg-homedir-to-avoid-the-user-s-gpg.conf-complet.patch
Type: text/x-diff
Size: 1089 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20101210/a32d09d2/attachment.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 793 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20101210/a32d09d2/attachment.pgp>

More information about the Buildd-tools-devel mailing list