[buildd-tools-devel] Bug#726866: libsbuild-perl: "sbuild-update --keygen": wrong group permissions for sbuild-key.pub

Pierre-Louis Bonicoli pierre-louis.bonicoli at gmx.fr
Sat Oct 19 23:11:33 UTC 2013 

Package: libsbuild-perl
Version: 0.64.1-1
Severity: normal
Tags: patch

Dear Maintainer,

"sbuild-update --keygen" generates sbuild-key.pub and sbuild-key.sec
files (default location is "/var/lib/sbuild/apt-keys/").

The generated file sbuild-key.pub is owned by $BUILD_USER:sbuild with
access permission set to 0600. So when a user (root or an user belonging to
'sbuild' group) use "sbuild-update --keygen", this file is not readable
by other users and "sbuild" command fails:

> gpg: keyring `/«BUILDDIR»/resolver-GS4RzV/apt_archive/sbuild-key.pub' created
> gpg: key AEF9CEB5: secret key without public key - skipped
> gpg: no default secret key: secret key not available
> gpg: signing failed: secret key not available
> Failed to sign dummy archive Release file.

Attached patch change group permissions (0640).


-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (700, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.11-rc7-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages libsbuild-perl depends on:
ii  adduser                                    3.113+nmu3
ii  apt                                        0.9.12.1
ii  apt-utils                                  0.9.12.1
ii  dctrl-tools                                2.23
ii  devscripts                                 2.13.4
ii  dpkg-dev                                   1.17.1
ii  exim4                                      4.80-9
ii  exim4-daemon-light [mail-transport-agent]  4.80-9
ii  libdpkg-perl                               1.17.1
ii  libexception-class-perl                    1.37-1
ii  libfilesys-df-perl                         0.92-4+b2
ii  libmime-lite-perl                          3.028-1
ii  perl                                       5.18.1-4
ii  perl-modules [libio-zlib-perl]             5.18.1-4
ii  schroot                                    1.6.5-1+b1

libsbuild-perl recommends no packages.

libsbuild-perl suggests no packages.

-- no debconf information
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Public-key-needs-to-be-readable-by-sbuild-group.patch
Type: text/x-diff
Size: 2482 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20131020/658cd251/attachment.patch>

More information about the Buildd-tools-devel mailing list