Re: debuild finds no secret key after dist-upgrade
Hi,
> > - How to bring the original tarball's .sig file into the packaging ?
> Convert it to .asc
I could try to squeeze something out of
https://lists.gnupg.org/pipermail/gnupg-users/2011-November/043252.html
or
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832267
but will probably generate such an .asc file from original data as soon
as i found out how it relates to the .asc payload wrapper which i generate
by gpg --clearsign.
Reading GnuPG manual, i get the suspicion that dpkg-source's .asc is
just a gpg --detach-sig with a suffix that the GnuPG manual uses for
--clearsign results.
I may be wrong.
> and read dpkg-source(1).
I try hard. But what does it mean when it says
"tarball can be accompanied by a detached upstream signature"
?
A big problem with Debian packaging is that nearly everything happens
automagically but the docs expect the reader to know the entrails and
the multi-layer structure.
> > Can it [my key] be too old for the new gpg binary ?
> Have you read https://www.gnupg.org/faq/whats-new-in-2.1.html#nosecring
Yes. But it does not explain how the dist-upgrade of last year left
gpg in the state which after another dist-upgrade makes it inoperational.
Something must have confused apt-get (or a layer underneath).
My own contribution to the mess is mainly my key. So i first look at this.
> Check /usr/bin/gpg2 or whatever it was called in the old gnupg2 package?
There is one and it does not see keys.
Obviously it is not used by debuild of the old Sid.
> Surely you understand that installing or removing packages cannot have any
> effect on user files?
I'm trying to make as few assumptions as possible.
> please fix your workflow ASAP.
I am thankful for your advise. But your instructions are far too short.
It is not easy to navigate between contradicting DD styles and tool chains.
And then there is https://www.debian.org/doc/manuals/maint-guide/ ...
I don't strive for becoming a Debian Maintainer.
The preparation of my packages is done out of the mere need that nobody
found it necessary to maintain them for two years, while debian-cd had
to switch to my GNU xorriso source package because Debian's xorriso was
too old to fulfill the needs of Debian installation ISOs.
My aptness for contribution is actually restricted to providing the
original source tarball, its .sig file, and the
* New upstream release
part of the changelog file.
The rest is the pain of dealing with an unstable system and the gordian knot
of Debian packaging tools. I do this to support debian-cd and because i
am thankful for my Jessie with its wellknown kernel bugs which i can work
around in userspace.
Normally i do not complain. But i cannot achieve results beyond my limits.
> Use pbuilder or sbuild.
My Sid remembers an encounter with pbuilder. 1.2 GB of cache. I could try
to find in my mail archive why i tried it and why i gave up on it.
The more different tools and approaches i get urged to use, the more error
prone becomes the whole procedure.
Isn't any tool in the box which can make a Debian package out of a vanilla
autotools based tarball ? ./configure && make && make install
GUIX can, Arch can, Fedora can. My upstream releases get packaged faster
than i have started my dist-upgrade on the Sid VM.
Have a nice day :)
Thomas
Reply to: