Your message dated Sun, 31 Mar 2019 08:03:01 +0200 with message-id <76978cd4-893d-6413-ddb5-c40e0d70996b@debian.org> and subject line Re: unblock: software-properties/0.96.20.2-2 has caused the Debian Bug report #926045, regarding unblock: software-properties/0.96.20.2-2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 926045: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926045 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: unblock: software-properties/0.96.20.2-2
- From: Julian Andres Klode <jak@debian.org>
- Date: Sat, 30 Mar 2019 20:51:43 +0100
- Message-id: <[🔎] 20190330204946.GA16328@debian.org>
Package: release.debian.org Severity: normal User: release.debian.org@packages.debian.org Usertags: unblock Please unblock package software-properties This fixes a release critical bug that made software-properties generate a trusted.gpg file in the wrong format, causing apt to fail to read. I essentially replaced the AptAuth.py with the one in Ubuntu 18.04, which makes it use apt-key instead of gpg directly, so while this is not as minimal a change as it maybe? could be, it's battle-tested :) (include/attach the debdiff against the package in testing) unblock software-properties/0.96.20.2-2 -- System Information: Debian Release: buster/sid APT prefers disco APT policy: (991, 'disco'), (500, 'disco'), (500, 'cosmic-security') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.0.0-7-generic (SMP w/8 CPU cores) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled -- debian developer - deb.li/jak | jak-linux.org - free software dev ubuntu core developer i speak de, endiff -Nru software-properties-0.96.20.2/debian/changelog software-properties-0.96.20.2/debian/changelog --- software-properties-0.96.20.2/debian/changelog 2016-06-30 12:13:48.000000000 +0200 +++ software-properties-0.96.20.2/debian/changelog 2019-03-30 20:45:34.000000000 +0100 @@ -1,3 +1,10 @@ +software-properties (0.96.20.2-2) unstable; urgency=medium + + * softwareproperties/AptAuth.py: Use apt-key (Closes: #867681) + * debian/gbp.conf: Point to debian/buster + + -- Julian Andres Klode <jak@debian.org> Sat, 30 Mar 2019 20:45:34 +0100 + software-properties (0.96.20.2-1) unstable; urgency=medium * Imported Upstream version 0.96.20.2 diff -Nru software-properties-0.96.20.2/debian/gbp.conf software-properties-0.96.20.2/debian/gbp.conf --- software-properties-0.96.20.2/debian/gbp.conf 2016-06-30 12:13:48.000000000 +0200 +++ software-properties-0.96.20.2/debian/gbp.conf 2019-03-30 20:45:34.000000000 +0100 @@ -1,2 +1,3 @@ -[buildpackage] +[DEFAULT] sign-tags = True +debian-branch = debian/buster diff -Nru software-properties-0.96.20.2/debian/patches/0001-Imported-Debian-version-0.96.9debian1.patch software-properties-0.96.20.2/debian/patches/0001-Imported-Debian-version-0.96.9debian1.patch --- software-properties-0.96.20.2/debian/patches/0001-Imported-Debian-version-0.96.9debian1.patch 2016-06-30 12:13:48.000000000 +0200 +++ software-properties-0.96.20.2/debian/patches/0001-Imported-Debian-version-0.96.9debian1.patch 2019-03-30 20:45:34.000000000 +0100 @@ -46,7 +46,7 @@ <packing> <property name="expand">True</property> diff --git a/softwareproperties/gtk/SoftwarePropertiesGtk.py b/softwareproperties/gtk/SoftwarePropertiesGtk.py -index fbe5b0a..33eaaca 100644 +index 11e65c4..cf375c1 100644 --- a/softwareproperties/gtk/SoftwarePropertiesGtk.py +++ b/softwareproperties/gtk/SoftwarePropertiesGtk.py @@ -51,7 +51,11 @@ import softwareproperties.distro diff -Nru software-properties-0.96.20.2/debian/patches/0004-Implement-PackageKit-support.patch software-properties-0.96.20.2/debian/patches/0004-Implement-PackageKit-support.patch --- software-properties-0.96.20.2/debian/patches/0004-Implement-PackageKit-support.patch 2016-06-30 12:13:48.000000000 +0200 +++ software-properties-0.96.20.2/debian/patches/0004-Implement-PackageKit-support.patch 2019-03-30 20:45:34.000000000 +0100 @@ -146,7 +146,7 @@ return res diff --git a/softwareproperties/gtk/SoftwarePropertiesGtk.py b/softwareproperties/gtk/SoftwarePropertiesGtk.py -index 33eaaca..df8ad45 100644 +index cf375c1..92037a9 100644 --- a/softwareproperties/gtk/SoftwarePropertiesGtk.py +++ b/softwareproperties/gtk/SoftwarePropertiesGtk.py @@ -27,16 +27,21 @@ from __future__ import absolute_import, print_function @@ -191,7 +191,7 @@ # Put some life into the user interface: self.init_auto_update() -@@ -1031,7 +1038,7 @@ class SoftwarePropertiesGtk(SoftwareProperties, SimpleGtkbuilderApp): +@@ -1033,7 +1040,7 @@ class SoftwarePropertiesGtk(SoftwareProperties, SimpleGtkbuilderApp): if e._dbus_error_name == 'com.ubuntu.SoftwareProperties.PermissionDeniedByPolicy': logging.error("Authentication canceled, changes have not been saved") @@ -200,7 +200,7 @@ #print(progress) self.button_driver_revert.set_visible(False) self.button_driver_apply.set_visible(False) -@@ -1041,30 +1048,30 @@ class SoftwarePropertiesGtk(SoftwareProperties, SimpleGtkbuilderApp): +@@ -1043,30 +1050,30 @@ class SoftwarePropertiesGtk(SoftwareProperties, SimpleGtkbuilderApp): self.progress_bar.set_visible(True) self.label_driver_action.set_label(_("Applying changes...")) @@ -254,7 +254,7 @@ def on_driver_changes_apply(self, button): -@@ -1077,18 +1084,36 @@ class SoftwarePropertiesGtk(SoftwareProperties, SimpleGtkbuilderApp): +@@ -1079,18 +1086,36 @@ class SoftwarePropertiesGtk(SoftwareProperties, SimpleGtkbuilderApp): else: installs.append(pkg.shortname) @@ -299,7 +299,7 @@ print("Warning: install transaction not completed successfully: {}".format(e)) def on_driver_changes_revert(self, button_revert=None): -@@ -1108,7 +1133,7 @@ class SoftwarePropertiesGtk(SoftwareProperties, SimpleGtkbuilderApp): +@@ -1110,7 +1135,7 @@ class SoftwarePropertiesGtk(SoftwareProperties, SimpleGtkbuilderApp): self.button_driver_apply.set_sensitive(False) def on_driver_changes_cancel(self, button_cancel): diff -Nru software-properties-0.96.20.2/debian/patches/0006-softwareproperties-AptAuth.py-Use-apt-key.patch software-properties-0.96.20.2/debian/patches/0006-softwareproperties-AptAuth.py-Use-apt-key.patch --- software-properties-0.96.20.2/debian/patches/0006-softwareproperties-AptAuth.py-Use-apt-key.patch 1970-01-01 01:00:00.000000000 +0100 +++ software-properties-0.96.20.2/debian/patches/0006-softwareproperties-AptAuth.py-Use-apt-key.patch 2019-03-30 20:45:34.000000000 +0100 @@ -0,0 +1,110 @@ +From: Julian Andres Klode <jak@debian.org> +Date: Sat, 30 Mar 2019 20:41:15 +0100 +Subject: softwareproperties/AptAuth.py: Use apt-key + +This fixes the code to not generate gpg keybox files rather +than classical keyring files (concatenated public keys), which +broke apt. + +Closes: #867681 +--- + softwareproperties/AptAuth.py | 61 +++++++++++++++++-------------------------- + 1 file changed, 24 insertions(+), 37 deletions(-) + +diff --git a/softwareproperties/AptAuth.py b/softwareproperties/AptAuth.py +index 7cc88ce..cbbe94f 100644 +--- a/softwareproperties/AptAuth.py ++++ b/softwareproperties/AptAuth.py +@@ -22,6 +22,7 @@ + from __future__ import print_function + + import atexit ++import datetime + import gettext + import os + import shutil +@@ -44,61 +45,47 @@ N_("Ubuntu Extras Archive Automatic Signing Key <ftpmaster@ubuntu.com>") + + class AptAuth: + def __init__(self, rootdir="/"): +- self.gpg = ["/usr/bin/gpg"] +- self.base_opt = self.gpg + [ +- "--no-options", +- "--no-default-keyring", +- "--no-auto-check-trustdb", +- "--trust-model", "always", +- "--keyring", os.path.join(rootdir, "etc/apt/trusted.gpg"), +- ] ++ self.rootdir = rootdir + self.tmpdir = tempfile.mkdtemp() +- self.base_opt += ["--secret-keyring", +- os.path.join(self.tmpdir, "secring.gpg")] +- self.list_opt = self.base_opt + ["--with-colons", +- "--batch", +- "--list-keys"] +- self.rm_opt = self.base_opt + ["--quiet", +- "--batch", +- "--delete-key", +- "--yes"] +- self.add_opt = self.base_opt + ["--quiet", +- "--batch", +- "--import"] ++ self.aptconf = os.path.join(self.tmpdir, 'apt.conf') ++ with open(self.aptconf, 'w') as f: ++ f.write('DIR "%s";\n' % self.rootdir) ++ os.environ['APT_CONFIG'] = self.aptconf + atexit.register(self._cleanup_tmpdir) + + def _cleanup_tmpdir(self): + shutil.rmtree(self.tmpdir) +- ++ + def list(self): ++ cmd = ["/usr/bin/apt-key", "--quiet", "adv", "--with-colons", "--batch", "--fixed-list-mode", "--list-keys"] + res = [] +- #print(self.list_opt) +- p = subprocess.Popen( +- self.list_opt, stdout=PIPE, universal_newlines=True).stdout ++ p = subprocess.Popen(cmd, stdout=PIPE, stderr=PIPE, universal_newlines=True).stdout ++ name = '' + for line in p: + fields = line.split(":") +- if fields[0] == "pub": ++ if fields[0] in ["pub", "uid"]: + name = fields[9] +- res.append("%s %s\n%s" %((fields[4])[-8:],fields[5], _(name))) ++ if fields[0] == "pub": ++ key = fields[4] ++ expiry = datetime.date.fromtimestamp(int(fields[5])).isoformat() ++ if not name: ++ continue ++ res.append("%s %s\n%s" % (key, expiry, _(name))) ++ name = '' + p.close() + return res + + def add(self, filename): +- #print("request to add " + filename) +- cmd = self.add_opt[:] +- cmd.append(filename) +- #print("cmd is: %s" % ' '.join(cmd)) +- p = subprocess.Popen(cmd) ++ cmd = ["/usr/bin/apt-key", "--quiet", "--fakeroot", "add", filename] ++ p = subprocess.Popen(cmd, stderr=PIPE) + return (p.wait() == 0) + + def update(self): +- cmd = ["/usr/bin/apt-key", "update"] +- p = subprocess.Popen(cmd) ++ cmd = ["/usr/bin/apt-key", "--quiet", "--fakeroot", "update"] ++ p = subprocess.Popen(cmd, stderr=PIPE) + return (p.wait() == 0) + + def rm(self, key): +- #print("request to remove " + key) +- cmd = self.rm_opt[:] +- cmd.append(key) +- p = subprocess.Popen(cmd) ++ cmd = ["/usr/bin/apt-key", "--quiet", "--fakeroot", "rm", key] ++ p = subprocess.Popen(cmd, stderr=PIPE) + return (p.wait() == 0) diff -Nru software-properties-0.96.20.2/debian/patches/series software-properties-0.96.20.2/debian/patches/series --- software-properties-0.96.20.2/debian/patches/series 2016-06-30 12:13:48.000000000 +0200 +++ software-properties-0.96.20.2/debian/patches/series 2019-03-30 20:45:34.000000000 +0100 @@ -3,3 +3,4 @@ 0003-Fix-typo-in-software-properties-drivers.desktop-and-.patch 0004-Implement-PackageKit-support.patch 0006-l18n-template-rebuild.patch +0006-softwareproperties-AptAuth.py-Use-apt-key.patch
--- End Message ---
--- Begin Message ---
- To: 926045-done@bugs.debian.org
- Subject: Re: unblock: software-properties/0.96.20.2-2
- From: Paul Gevers <elbrus@debian.org>
- Date: Sun, 31 Mar 2019 08:03:01 +0200
- Message-id: <76978cd4-893d-6413-ddb5-c40e0d70996b@debian.org>
- In-reply-to: <[🔎] 20190330204946.GA16328@debian.org>
- References: <[🔎] 20190330204946.GA16328@debian.org> <[🔎] 20190330204946.GA16328@debian.org>
Hi, On Sat, 30 Mar 2019 20:51:43 +0100 Julian Andres Klode <jak@debian.org> wrote: > Please unblock package software-properties unblocked, thanks. PaulAttachment: signature.asc
Description: OpenPGP digital signature
--- End Message ---