[buildd-tools-devel] Bug#840883: Please work around gnupg agents
Ian Jackson
ijackson at chiark.greenend.org.uk
Sat Oct 15 18:47:25 UTC 2016
Package: schroot
Version: 1.6.10-2
Modern gnupg (gnupg2) has a gpg program which automatically starts a
gpg-agent, which may then live on for some time.
If some program is run within an schroot which invokes gpg (for
example, as part of a package build, or a DEP-8 test suite), schroot
can fail to tear the chroot down. As an example, dgit's DEP-8 test
suite currently fails for this reason when run with adt-virt-schroot
specifying an lvm snapshot sid chroot.
(See #840669 for more details.)
I suggest that schroot ought to kill gpg-agents when tearing down the
chroot. On my own computer I have done this with the attached script,
which might serve as a starting point.
I suspect that this script is not quite what is needed. Things which
are perhaps wrong with it:
* It always prints output (good for me to help debug this problem,
but not good for a default shipped with schroot)
* I am not sure whether the --exec test will DTRT. ISTM that it
will almost certainly do a wrong thing for tarball chroots, but
it's probably right for lvm snapshot ones (or any other that has
its own separately mounted /usr filesystem).
* Other things I haven't thought of.
Thanks,
Ian.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 71killagent
Type: application/octet-stream
Size: 366 bytes
Desc: /etc/schroot/setup.d/71killagent
URL: <http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20161015/5dbd1730/attachment.obj>
-------------- next part --------------
--
Ian Jackson <ijackson at chiark.greenend.org.uk> These opinions are my own.
If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.
More information about the Buildd-tools-devel
mailing list