Re: Separate gpg signing from package building

To: debian-mentors@lists.debian.org
Subject: Re: Separate gpg signing from package building
From: The Wanderer <wanderer@fastmail.fm>
Date: Mon, 14 Jul 2014 00:31:06 -0400
Message-id: <[🔎] 53C35D0A.5000907@fastmail.fm>
In-reply-to: <[🔎] CAKTje6GtXJ1m5HdpGZ84qCi7tk0bDT=wBKBF2uz9wypVf6+H1w@mail.gmail.com>
References: <[🔎] lpvkie$c5h$5@ger.gmane.org> <[🔎] CAKTje6GtXJ1m5HdpGZ84qCi7tk0bDT=wBKBF2uz9wypVf6+H1w@mail.gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 07/14/2014 12:26 AM, Paul Wise wrote:

> On Mon, Jul 14, 2014 at 11:59 AM, T o n g wrote:

>> Now I'm thinking, wouldn't it be nice I always build the package
>> without gpg signing, and when finally I tested everything working
>> fine, I sign it. Would it be possible? Detailed steps (instead of a
>> mere yes) appreciated.
> 
> The dpkg-buildpackage manual page documents that you should pass -us
> to not sign the dsc and -uc to not sign the changes file. The debuild
> manual page documents that the contents of the
> DEBUILD_DPKG_BUILDPACKAGE_OPTS config option are passed to
> dpkg-buildpackage. So you just need to put this line in ~/.devscripts
> and use debuild instead of dpkg-buildpackage:
> 
> export DEBUILD_DPKG_BUILDPACKAGE_OPTS="-us -uc"
> 
> IIRC the maint-guide mentions this stuff, have you read it?

I could be wrong, but I understood the question as being not how to
build without signing, but how to sign after building, without having to
rebuild. I.e., always build without signing, then sign as a separate
step once a build has proved satisfactory.

I don't remember reading an explanation of how to do this in the New
Maintainers' Guide or similar documentation, and I don't see an obvious
way in the man pages I know to check first off. Is it possible?

- --
   The Wanderer

Secrecy is the beginning of tyranny.

A government exists to serve its citizens, not to control them.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCgAGBQJTw10KAAoJEASpNY00KDJrfWoQAKh+nxYPl5N57dtIB9YEiK3g
Hub1hKYZwHD/dxgv1Y3eqWVZP4C4gVlAlVPJaztbniCWsV9ITZJy4c9vvs46nJhU
FFfd1cwVCUl/fJ6DjE8BSo5+PmxBXCWiHX8pDcrUsfDjNNBSV1fkULqQJA/aFTK9
cCo4DSPMae8RWzL9OnJqz9dnZRzOWXlfZamsmWf3aj5oPvJHLZ03+SNR9OmXdCbC
aUbQpeexMiVwR5mRXpghIp7dYBa0G6LALeX2POjDFc39XtDdycizA5O9//TsxVNA
eMnejO6SV0Hcl6JwdaJrZWBbK15Vt+EF23YGG1Ywmb4pvEZ/333jHP/30ySG2rZc
2f48hlpoF9qaaksFhU24OIf/7zwkGnZ4dnvTTxpuofMs+DMJB+zH7P716lfVBx4b
4gtUiBiYrlwHtOvfB3Kv143nVwZ+K269MhAIKoSIILPxTE1xWD+muS8F3bn36dik
as4o7kBzhQ0OdBpCPpKdkx5LC/RUBqK15zAwPdKyfzZmn+MDtW/oA/zRYtHf39gc
Z77iVLT4aXd9aPXcuAG6AhOQbl0mjNaM7AHTebHIn3zQYDLxmKdbTXML2rhHWnod
OfFm2t/Ahy2POQhduQOhVSpWHS8MShZcN6c0HSTheAsYcQZUzXZtsmH64a5qdb5E
pxlg1cjSSqwgH60EifU4
=5n1y
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: Separate gpg signing from package building
  - From: Paul Wise <pabs@debian.org>

References:
- Separate gpg signing from package building
  - From: T o n g <mlist4suntong@yahoo.com>
- Re: Separate gpg signing from package building
  - From: Paul Wise <pabs@debian.org>

Prev by Date: Re: Separate gpg signing from package building
Next by Date: Re: Separate gpg signing from package building
Previous by thread: Re: Separate gpg signing from package building
Next by thread: Re: Separate gpg signing from package building
Index(es):
- Date
- Thread