Your message dated Sat, 1 Sep 2012 21:56:23 +0200 with message-id <20120901215623.14215462@george.anarkia> and subject line Re: Bug#686298: RFS: obnam/1.1-1.1 [NMU] [RC] has caused the Debian Bug report #686298, regarding RFS: obnam/1.1-1.1 [NMU] [RC] to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 686298: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686298 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: RFS: obnam/1.1-1.1 [NMU] [RC]
- From: Mika Pflüger <debian@mikapflueger.de>
- Date: Fri, 31 Aug 2012 00:55:48 +0200
- Message-id: <20120830225548.8670.92764.reportbug@george.anarkia>
Package: sponsorship-requests Severity: important Dear mentors, I am looking for a sponsor for an NMU fxing an RC bug in the package "obnam". The RC bug http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680670 I reported myself is open and has a patch for two weeks now. Although I tested the resulting package pretty thoroughly (and obnam itself has a rather extensive test suite), I would be glad if someone could review the patch. As this RC bug fix naturally aims for wheezy, I changed only the absolute minimum. Therefore, no new lintian tags are introduced, but also no old ones are fixed. As outlined in the bug report, users who added new encryption keys to their backup repository need to re-add these keys in order for them to be properly added. As this can't be automized (or at least I can't figure out a save way to do it), I added a NEWS entry including a proposal for a shell command to re-add all keys. I hope the NEWS entry is comprehensible and properly worded. * Package name : obnam Version : 1.1-1.1 Maintainer : Lars Wirzenius <liw@liw.fi> * URL : http://packages.debian.org/wheezy/obnam Section : python It builds those binary packages: obnam - online and disk-based backup application To access further information about this package, please visit the following URL: http://mentors.debian.net/package/obnam Alternatively, one can download the package with dget using this command: dget -x http://mentors.debian.net/debian/pool/main/o/obnam/obnam_1.1-1.1.dsc Changes in this version: obnam (1.1-1.1) unstable; urgency=low * Non-maintainer upload for RC bug. * obnamlib/plugins/encryption_plugin.py: Reencrypt symmetric key with added GPG keys when using add-key command line option (Closes: #680670) Also adds a NEWS entry for this. -- Mika Pflüger <debian@mikapflueger.de> Wed, 29 Aug 2012 22:11:16 +0200 The full debdiff is: $ debdiff obnam_1.1-1.dsc obnam_1.1-1.1.dsc only in patch2: unchanged: --- obnam-1.1.orig/debian/changelog +++ obnam-1.1/debian/changelog @@ -1,3 +1,12 @@ +obnam (1.1-1.1) unstable; urgency=low + + * Non-maintainer upload for RC bug. + * obnamlib/plugins/encryption_plugin.py: Reencrypt symmetric key with + added GPG keys when using add-key command line option (Closes: #680670) + Also adds a NEWS entry for this. + + -- Mika Pflüger <debian@mikapflueger.de> Wed, 29 Aug 2012 22:11:16 +0200 + obnam (1.1-1) unstable; urgency=low * New upstream version. only in patch2: unchanged: --- obnam-1.1.orig/debian/NEWS +++ obnam-1.1/debian/NEWS @@ -0,0 +1,19 @@ +obnam (1.1-1.1) unstable; urgency=low + + This release fixes a bug in the behaviour of the add-key subcommand. + In previous versions, "obnam add-key --keyid KEYID" did not + reencrypt the internal symmetric key with the new key. Therefore, + backups could only be restored with the first key, not with any + keys added via "obnam add-key". + This version fixes this, but all keys added with "obnam add-key" + have to be re-added in order to be able to restore from backup + using them. + To re-add all keys that were previously added to a given CLIENT, + use a shell loop like this: + $ for key in $(obnam list-keys|grep key|awk '{ print $2 }') + > do obnam add-key --keyid=${key} CLIENT + > done + It is always a good idea to afterwards test restoring from a machine + or user with access to the new keys only. + + -- Mika Pflüger <debian@mikapflueger.de> Wed, 29 Aug 2012 22:11:16 +0200 only in patch2: unchanged: --- obnam-1.1.orig/obnamlib/plugins/encryption_plugin.py +++ obnam-1.1/obnamlib/plugins/encryption_plugin.py @@ -145,6 +145,10 @@ encrypted = self.filter_write(encoded, repo, toplevel) pathname = os.path.join(toplevel, 'userkeys') self._overwrite_file(repo, pathname, encrypted) + symmetric_key = self.get_symmetric_key(repo, toplevel) + encrypted_symmetric_key = obnamlib.encrypt_with_keyring(symmetric_key, keyring) + pathname = os.path.join(toplevel, 'key') + self._overwrite_file(repo, pathname, encrypted_symmetric_key) def add_to_userkeys(self, repo, toplevel, public_key): userkeys = self.read_keyring(repo, toplevel) Cheers, Mika Pflüger
--- End Message ---
--- Begin Message ---
- To: Lars Wirzenius <liw@liw.fi>, 686298-done@bugs.debian.org
- Cc: Russ Allbery <rra@debian.org>
- Subject: Re: Bug#686298: RFS: obnam/1.1-1.1 [NMU] [RC]
- From: Mika Pflüger <debian@mikapflueger.de>
- Date: Sat, 1 Sep 2012 21:56:23 +0200
- Message-id: <20120901215623.14215462@george.anarkia>
- In-reply-to: <20120831074438.GA5441@havelock.liw.fi>
- References: <20120830225548.8670.92764.reportbug@george.anarkia> <876280q7ti.fsf@windlord.stanford.edu> <20120831074438.GA5441@havelock.liw.fi>
Hi, Am Fri, 31 Aug 2012 08:44:39 +0100 schrieb Lars Wirzenius <liw@liw.fi>: > On Thu, Aug 30, 2012 at 04:27:37PM -0700, Russ Allbery wrote: > > Mika Pflüger <debian@mikapflueger.de> writes: > > > > > I am looking for a sponsor for an NMU fxing an RC bug in the > > > package "obnam". The RC bug > > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680670 I reported > > > myself is open and has a patch for two weeks now. > > > > Given that the Debian package maintainer is also upstream and this > > is not a trivial change semantically even if it's small in number > > of lines changed, it would be good to have Lars be able to review > > this before pushing it into the archive as an NMU. > > > > Lars was posting to debian-devel as recently as last Saturday. Let > > me copy him on this message. > > I will review this (and other obnam bugs) as soon as I am able. Right > now I am fixing my CI system, which is a prerequisite to be able to > make a new release upstream. I didn' mean to rush anybody, sorry if it did come across otherwise. In the case that the patch was agreed upon, but nobody had the time to wrap it all up I meant to do that work and offer it for easy consumption. (-: Therefore I close the RFS. Cheers, Mika -- Own your own computer. Don't use Windows 7. <http://windows7sins.org>Attachment: signature.asc
Description: PGP signature
--- End Message ---