Package: duply Version: 2.1-1 Severity: normal Tags: patch Dear Maintainer,
I occasionally restore servers by installing a basic Debian server, recovering the /root/.duply and then use duply restore. However, then, I don't have a gnupg home, so that that keys are imported on first run. This works fine. However, then, the key needs to be trusted, and it *always* fail. Step to reproduce: mv .gnupg .gnupg.bak duply ... status You then get something like: > Encryption public key 'DEBF3E88927A9346' not found. > Import keyfile '/root/.duply/hosname/gpgkey.DEBF3E88927A9346.pub.asc' to > keyring (OK) > Import keyfile '/root/.duply/hosname/gpgkey.DEBF3E88927A9346.sec.asc' to > keyring (OK) > Autoset trust of key 'DEBF3E88927A9346' to ultimate (FAILED) > For duply to work you have to set the trust level > with the command "trust" to "ultimate" (5) now. > Exit the edit mode of gpg with "quit". > Running gpg to manually edit key 'D790F566D0CC0472'Secret key is available. This is really annoying. I traced back the issue to the function gpg_fingerprint that's not working. The attached patch fixes the issue. Thank you for taking care of duply :) -- System Information: Debian Release: 10.3 APT prefers proposed-updates APT policy: (500, 'proposed-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-8-amd64 (SMP w/8 CPU cores) Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8), LANGUAGE=en_GB.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages duply depends on: ii duplicity 0.7.18.2-1 ii gnupg 2.2.12-1+deb10u1 duply recommends no packages. Versions of packages duply suggests: ii openssh-client 1:7.9p1-10+deb10u2 -- no debconf information
--- /usr/bin/duply.orig 2018-11-17 22:27:30.000000000 +0000 +++ /usr/bin/duply 2020-02-07 16:07:04.261144459 +0000 @@ -1100,7 +1100,7 @@ # see 'How to specify a user ID' on gpg manpage function gpg_fingerprint { - local PRINT=$(gpg $GPG_OPTS --fingerprint "$1" 2>&1|awk -F= 'NR==2{gsub(/ /,"",$2);$2=toupper($2); if ( $2 ~ /^[A-F0-9]+$/ && length($2) == 40 ) print $2; else exit 1}') \ + local PRINT=$(gpg $GPG_OPTS --fingerprint "$1" 2>&1|awk -F= 'NR==2{gsub(/ /,"",$1);$2=toupper($1); if ( $1 ~ /^[A-F0-9]+$/ && length($1) == 40 ) print $1; else exit 1}') \ && [ -n "$PRINT" ] && echo $PRINT && return 0 return 1 }
signature.asc
Description: This is a digitally signed message part.