Re: debuild finds no secret key after dist-upgrade

To: debian-mentors@lists.debian.org
Subject: Re: debuild finds no secret key after dist-upgrade
From: Andrey Rahmatullin <wrar@debian.org>
Date: Sat, 16 Sep 2017 11:23:25 +0500
Message-id: <[🔎] 20170916062325.jbtmqj7ft6ah5up7@belkar.wrar.name>
In-reply-to: <[🔎] 1779475663836677186@scdbackup.webframe.org>
References: <[🔎] 20170915202331.wgw3gvyxmgktxx4e@belkar.wrar.name> <[🔎] 1779475663836677186@scdbackup.webframe.org>

On Fri, Sep 15, 2017 at 11:44:02PM +0200, Thomas Schmitt wrote:
> > > - How to bring the original tarball's .sig file into the packaging ?
> 
> > Convert it to .asc
> 
> I could try to squeeze something out of
>   https://lists.gnupg.org/pipermail/gnupg-users/2011-November/043252.html
> or
>   https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832267
The bug report contains a recipe, using gpg --enarmor

> but will probably generate such an .asc file from original data as soon
> as i found out how it relates to the .asc payload wrapper which i generate
> by gpg --clearsign.
The only difference between .sig and .asc is that .asc is ASCII-armored.

> > and read dpkg-source(1).
> 
> I try hard. But what does it mean when it says
>   "tarball can be accompanied by a detached upstream signature"
> ?
I think I've already answered that. You need to put it in the same
directory.

> > > Can it [my key] be too old for the new gpg binary ?
> 
> > Have you read https://www.gnupg.org/faq/whats-new-in-2.1.html#nosecring
> 
> Yes. But it does not explain how the dist-upgrade of last year left
> gpg in the state which after another dist-upgrade makes it inoperational.
Most likely because the old dist-upgrade doesn't have anything to do with
that.
And the recent dist-upgrade changed your /usr/bin/gpg to v.2.

> Something must have confused apt-get (or a layer underneath).
Of course not. apt doesn't touch user files.

> > Check /usr/bin/gpg2 or whatever it was called in the old gnupg2 package?
> There is one and it does not see keys.
You asked where did you get a v.2 GnuPG. Here is the answer. I didn't
expect it to see the keys.

> > please fix your workflow ASAP.
> 
> I am thankful for your advise. But your instructions are far too short.
Use sbuild or pbuilder.

> It is not easy to navigate between contradicting DD styles and tool chains.
> And then there is https://www.debian.org/doc/manuals/maint-guide/ ...
https://www.debian.org/doc/manuals/maint-guide/build.en.html#pbuilder

> I don't strive for becoming a Debian Maintainer.
That doesn't matter. You are making packages for Debian. You ned to do
that correctly.

> Isn't any tool in the box which can make a Debian package out of a vanilla
> autotools based tarball ? ./configure && make && make install
Yes, but the result is not suitable for inclusion in Debian.

> GUIX can, Arch can, Fedora can.
I guess it's the same here.

-- 
WBR, wRAR

Attachment: signature.asc
Description: PGP signature

Reply to:

References:
- Re: debuild finds no secret key after dist-upgrade
  - From: Andrey Rahmatullin <wrar@debian.org>
- Re: debuild finds no secret key after dist-upgrade
  - From: "Thomas Schmitt" <scdbackup@gmx.net>

Prev by Date: Bug#862875: RFS: libzc/0.3.1-1 [ITP] -- fast zip cracking library
Next by Date: git problem with upstream branch
Previous by thread: Re: debuild finds no secret key after dist-upgrade
Next by thread: Re: debuild finds no secret key after dist-upgrade
Index(es):
- Date
- Thread