> On 1 Aug 2022, at 17:14, Andrew Savchenko <birc...@gentoo.org> wrote:
> On Mon, 1 Aug 2022 15:49:18 +0000 (UTC) Andrey Grozin wrote:
>> Hello *,
>> Sorry for a very naive question.
>> In the past, I used
>> repoman commit
>> to commit a new ebuild. I got a text screen in my terminal where I typed my
>> passphraise (if I then committed something else within the timeout, I didn't
>> have to re-type it).
>> Now we are recommended to use
>> pkgdev commit
>> instead. But it does not ask for my passphraise, just writes an error message
>> that it cannot sign my commit.
>> If I commit something with repoman and then (within the timeout) commit
>> something else with pkgdev, it works.
>> My .gnupg/gpg-agent.conf is
>> pinentry-program /usr/bin/pinentry-curses
>> write-env-file
>> default-cache-ttl 1000000
>> My .gnupg/gpg.conf includes the line
>> use-agent
>> I can, of course, continue to use repoman for committing. But now it does not
>> add the Signed-off-by: automatically. I have to add it by hand, in nano. 
>> This is
>> definitely the most convenient way.
> I have the same problem with pkgdev. It fails to run at
> least CLI/TUI pinentry when password is needed. To workaround
> I sign some dummy file with `gpg -s file`, then within cache period
> I can use it for commits using pkgdev.
> Cache timeout can be set in gpg-agent.conf, e.g. in seconds:
> default-cache-ttl 7200
> Furthermore I can't use `pkgdev push` to push my commits, because
> it fails to sign the push and the server rejects my push. I have no
> idea why, because `git push --signed' works perfectly fine.
> Regarding pushing to git (I mean git push process, not various
> checks), pkgdev should do the same as `git push --signed`, but it
> apparently does not.

git push --signed is of course going to work because you're explicitly
telling git to.

I suspect you need to run:
git config --local push.gpgsign 1

You can probably set it per-remote if desired.

> And last but not the least pkgdev have some problem I could not
> precisely identify that makes gpg socket forwarding unusable, so I
> can't forward nitrokey from another host. Plain gpg usually works.

You can do:
GIT_TRACE=1 pkgdev commit ...
to see exactly which gpg command is being run, then run that
manually and debug it.

> Best regards,
> Andrew Savchenko

Attachment: signature.asc
Description: Message signed with OpenPGP

Reply via email to