Re: gnupg fails during packaging
On Tue, May 17, 2005 at 11:31:21AM +0200, Luk Claes wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Neil Williams wrote:
> > On Monday 16 May 2005 11:07 pm, Mauro Darida wrote:
> >
> >>I notice the following error at the end of a package session:
> >>gpg: [stdin]: clearsign failed: secret key not available
> >
> >
> > Create ~/.devscripts
> >
> > Add:
> > DEBSIGN_KEYID="your_key_id"
> >
> > I've also added:
> > DEBUILD_DPKG_BUILDPACKAGE_OPTS="-i -ICVS -I.svn"
> >
> > Also export
> > export DEBEMAIL=your_email
> > from ~/.bashrc if you haven't already.
>
> I don't know if that is the right solution because if it doesn't work
> without this configuration, it will be treated as non-maintainer uploads
> by DAK (because the keyid and the entry in the control file differ) if I
> remember correctly.
No, you remember incorrectly. If this were the case, one wouldn't be
able to ever sponsor (with a DD key and a non-DD name in control,
changelog and in .changes).
What matters for NMU or not is whether the Changed-By in .changes
matches the Maintainer: or one of the Uploaders: of the .dsc
byte-for-byte, which typically comes down to whether the newest entry in
debian/changelog matches Maintainer or Uploaders in debian/control.
Indeed, overriding what keyid to use in one way or the other is *the*
way to solve signing issues. You can also distatch signing from building
by using debsign later after testing your build (typically one builds
much more often than one uploads, as in my experience, the first build
not always turns out to be completely bugfree/fixing all bugs as claimed
in changelog).
--Jeroen
--
Jeroen van Wolffelaar
Jeroen@wolffelaar.nl (also for Jabber & MSN; ICQ: 33944357)
http://Jeroen.A-Eskwadraat.nl
Reply to: