Control: tag -1 moreinfo On Fri, Jan 06, 2017 at 05:39:04PM +0000, Wookey wrote: > I tried to use dcut dm to give my co-maintainer (Punit Agrawal) upload > permissions. It didn't go well. > > this page: > https://wiki.debian.org/DebianMaintainer#Granting_Permissions > says comands of this format should work: > dcut dm --uid 0xfedcba9876543210 --allow glibc > > however if I import punit's key locally: > $ gpg --recv-key F5392FD213FBFEDD > gpg: requesting key F5392FD213FBFEDD from hkp server keys.gnupg.net > gpg: key F5392FD213FBFEDD: "Punit Agrawal <[email protected]>" > not changed > gpg: Total number processed: 1 > gpg: unchanged: 1 > > and check that debian-keyring is installed and his key is in the > maintainers keyring: > $ dpkg -l debian-keyring > ii debian-keyring 2015.04.10 all GnuPG keys of Debian > Developers a > > $ gpg --keyring /usr/share/keyrings/debian-maintainers.gpg --list-key > punit > pub 4096R/F5392FD213FBFEDD 2014-03-29 > uid Punit Agrawal <[email protected]> > sub 4096R/20806957C14ABC91 2014-03-29
That command doesn't exclude gpg from looking up in the local keyring, you also need --no-default-keyring, otherwise gpg will simply look in both keyrings. Really, dcut totally ignores your keyring, it only cares about /usr/share/keyrings/debian-maintainers.gpg > then run the documented command: > $ dcut ftp-master dm --uid F5392FD213FBFEDD --allow=global > Uploading commands file to ftp.upload.debian.org (incoming: > /pub/UploadQueue/) > > There was an error looking up the DM's key Of course, as expected. > dput-ng uses the DM keyring in /usr/share/keyrings/ > as the keyring to pull full fingerprints from. > > Please ensure your keyring is up to date: > > sudo apt-get install debian-keyring > > Or, if you can not get the keyring, you may use their > full fingerprint (without spaces) and pass the --force > argument in. This goes to dak directly, so try to > pay attention to formatting. > > > DM fingerprint lookup for argument F5392FD213FBFEDD failed. > GnuPG returned error: gpg: error reading key: public key not found > > This seems like a bug. It's not. It's working as documented both in the error messsage and the man page you also mention. > I tried this with a name, an email and a preceding 0x: > dcut ftp-master dm --uid "Punit Agrawal" --allow=global > dcut ftp-master dm --uid 0xF5392FD213FBFEDD --allow=global > dcut ftp-master dm --uid "<[email protected]>" --allow=global > > all give the same result of failing to look up the key/user > > only the full fingerprint (no spaces), with -f to force works. Exactly. What of all of this is different than what it's documented? I must assume that key wasn't yet in your installed debian-keyring package, so you must turn of the automatic UID lookup by providing a full fingerprint and -f, it seems very regular to me. > (And --force/-f only works if it is at the start of the command - I > can't just add it as an option at the end.) (That's a detail on how the command line is passed, and I deem it an implementation detail that's orthogonal to the topic of this bug report) -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. more about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `-
signature.asc
Description: PGP signature
