dpkg-buildpackage requires user's FULL key in "changelog" file
When building a package with dpkg-buildpackage, it reads
.../debian/changelog
for a gpg/pgp key.
I entered
-- Jameson C. Burt <jameson@coost.com> ...
rather than
-- Jameson C. Burt (from Bozeman, Montana, USA) <jameson@coost.com> ...
Having not included my gpg comment "(from Bozeman, Montana, USA)",
the key didn't match, so dpkg-buildpackage failed.
In particular, the following line in dpkg-buildpackage
evidently strips out this key,
else mustsetvar maintainer "`dpkg-parsechangelog | \
sed -n 's/^Maintainer: //p'`" "source maintainer"; fi
unless I specifically mention the key to use when building my package,
dpkg-buildpackage -rfakeroot -kjameson
Documenting this could help us new maintainers, as this took me 4 hours
to resolve.
The following minor additions to
"Debian New Maintainer's Guide", version 1.2, 6 April 2002.
could help.
In section "4.3 changlog file", consider changing,
Lines 3-5 are a log entry, where you document changes made in this
package revision (not the upstram changes - there is special file for
that purpose, created by the upstream authors, which you will later
install as /usr/share/doc/gentoo/changelog.gz).
...
to
Lines 3-5 are a log entry, where you document changes made in this
package revision (not the upstram changes - there is special file for
that purpose, created by the upstream authors, which you will later
install as /usr/share/doc/gentoo/changelog.gz).
Because dpkg-buildpackage looks at line 5, your entry there
should exactly match one of your key entries; eg, one of
gpg --list-secret-keys
If this responds with no entry like,
sec 1024D/200D1596 Josip Rodin <jrodin@jagor.srce.hr>
but only an entry like,
sec 1024D/200D1596 Josip Rodin (email signing key) \
<jrodin@jagor.srce.hr>
then you should have on line 5 full-text to match your key,
including any necessary comment,
Josip Rodin (email signing key) <jrodin@jagor.srce.hr>
...
And in section "6.1 Complete rebuild", consider changing,
The only input that will be required of you is your GPG key secret
pass phrase, twice.
to
The only input that will be required of you is your GPG key secret
pass phrase, twice.
This key corresponds to your entry in
.../debian/changelog
like
-- Josip Rodin <jrodin@jagor.srce.hr> ...
but will fail if your entry does not match
"gpg --list-secret-keys", so you might need something like,
especially if your key has a comment,
-- Josip Rodin (email signing key) <jrodin@jagor.srce.hr> ...
Alternatively, you can add "-k",
dpkg-buildpackage -rfakeroot -kjosip
As a new Debian package maker, I must also learn how to properly
sign packages/files. I perhaps errored by adding a comment in my key,
Jameson C. Burt (from Bozeman, Montana, USA) <jameson@coost.com>
although gpg prompts for such a comment.
With the "Debian New Maintainers' Guide" mentioning "very important"
documentation to read including itself and two other documents,
but implicitly requiring reading the GNU_Privacy_Handbook,
I have been immersed in about 300 pages of manuals/guides.
Unless such impediments like finding what key to include in
.../debian/changes are quizes, we new packagers could use
hints like the above to ease our Debian packaging.
--
Jameson C. Burt, NJ9L Fairfax, Virginia, USA
jameson@coost.com http://www.coost.com
Reply to: