Bug#1140788: dpkg-buildpackage will fail when sequoia is installed

Fri, 26 Jun 2026 05:23:12 -0700 

Package: dpkg-dev
Version: 1.22.22
Severity: normal
X-Debbugs-Cc: [email protected]

Hi,

when sequoia is installed, then building/signing with dpkg-buildpackage
will fail when it was signed before:

$ dpkg-buildpackage -S -d -nc
dpkg-buildpackage: info: source-only, diff-only upload (original source NOT 
included)
 signfile ansible_2.7.7+dfsg-1+deb10u3.dsc

  Error: File ../ansible_2.7.7+dfsg-1+deb10u3.dsc.asc exists, use "sq 
--overwrite ..." to overwrite
dpkg-buildpackage: hint: imported own keys might be missing ownership 
information, try:
dpkg-buildpackage: hint:   sq pki link authorize --cert FINGERPRINT --all 
--unconstrained
dpkg-buildpackage: error: failed to sign ../ansible_2.7.7+dfsg-1+deb10u3.dsc 
file: key is not signature-capable

This is different from using gnupg, where it will happily overwrite the
old signature. In this case the hint that dpkg-buildpackage gives is
also wrong, the key has owneship info and is also signature-capable.

I recommend catching also this error condition, and also adding
--overwrite to the sq invocation to match it with gnupg.

Regards,
Lee

-- System Information:
Debian Release: 13.5
  APT prefers stable-updates
  APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990, 
'proposed-updates'), (990, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.12.90+deb13.1-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages dpkg-dev depends on:
ii  binutils      2.44-3
ii  bzip2         1.0.8-6
ii  libdpkg-perl  1.22.22
ii  make          4.4.1-2
ii  patch         2.8-2
ii  perl          5.40.1-6
ii  tar           1.35+dfsg-3.1
ii  xz-utils      5.8.1-1

Versions of packages dpkg-dev recommends:
ii  build-essential          12.12
ii  fakeroot                 1.37.1.1-1
ii  gcc [c-compiler]         4:14.2.0-1
ii  gcc-14 [c-compiler]      14.2.0-19
ii  gnupg                    2.4.7-21+deb13u1
ii  gpgv                     2.4.7-21+deb13u1+b4
pn  libalgorithm-merge-perl  <none>
ii  sq                       1.3.1-2+b2
ii  sqv                      1.3.0-3+b2

Versions of packages dpkg-dev suggests:
ii  debian-keyring             2025.07.26
ii  debian-tag2upload-keyring  1.1

-- no debconf information

Reply via email to