Bug#545274: dpkg-dev: dpkg-source cannot verify GPG signatures
On Mon, 7 Sep 2009 08:45:58 +0200 Raphael Hertzog hert...@debian.org wrote: Other idea, please paste the output of dpkg-vendor --query Vendor echo $?. I guess that's more likely to be the problem... you have not upgraded base-files to the unstable version. Install version 5.0.0 or newer and try again. # dpkg-vendor --query Vendor ; echo $? dpkg-vendor: error: vendor default doesn't exist in /etc/dpkg/origins/ 2 # # ls -l /etc/dpkg/origins/ total 4 -rw-r--r-- 1 root root 82 2009-02-02 14:13 debian # # cat /etc/dpkg/origins/debian Vendor: Debian Vendor-URL: http://www.debian.org/ Bugs: debbugs://bugs.debian.org # # apt-show-versions -a base-files base-files 5lenny2 install ok installed base-files 5lenny4 stable ftp.us.debian.org base-files 5.0.0 testing ftp.us.debian.org base-files 5.0.0 unstable ftp.us.debian.org base-files/testing upgradeable from 5lenny2 to 5.0.0 # # apt-get install base-files Reading package lists... Done Building dependency tree Reading state information... Done The following packages will be upgraded: base-files 1 upgraded, 0 newly installed, 0 to remove and 548 not upgraded. Need to get 68.0kB of archives. After this operation, 24.6kB of additional disk space will be used. Get:1 http://ftp.us.debian.org testing/main base-files 5.0.0 [68.0kB] Fetched 68.0kB in 0s (118kB/s) (Reading database ... 141937 files and directories currently installed.) Preparing to replace base-files 5lenny2 (using .../base-files_5.0.0_i386.deb) ... Unpacking replacement base-files ... Setting up base-files (5.0.0) ... Installing new version of config file /etc/debian_version ... Installing new version of config file /etc/issue ... Installing new version of config file /etc/issue.net ... # # dpkg-source --require-valid-signature -x psutils_1.17-27.dsc dpkg-source: info: extracting psutils in psutils-1.17 dpkg-source: info: unpacking psutils_1.17.orig.tar.gz dpkg-source: info: applying psutils_1.17-27.diff.gz # That explains why it doesn't use the Debian keyring since it doesn't know that the current vendor is Debian, since no keyring are passed to gpgv, it fallbacks to usings trustedkeys which doesn't exist and complains about it. Seems like it. Maybe a versioned Depends: would help? -- Ian Bruce -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#545274: dpkg-dev: dpkg-source cannot verify GPG signatures
On Sun, 06 Sep 2009, ian_br...@fastmail.net wrote: On Sun, 6 Sep 2009 10:38:37 +0200 Raphael Hertzog hert...@debian.org wrote: What's up with /home/ian/.gnupg/trustedkeys.gpg? Is it a good keyring file? Does it have correct permissions? Try again after moving it out of the way? It doesn't exist -- but it shouldn't have to, since the required key is supplied by the debian-keyring package, as shown by the fact that dscverify succeeds where dpkg-source fails. Other idea, please paste the output of “dpkg-vendor --query Vendor echo $?”. I guess that's more likely to be the problem... you have not upgraded base-files to the unstable version. Install version 5.0.0 or newer and try again. That explains why it doesn't use the Debian keyring since it doesn't know that the current vendor is Debian, since no keyring are passed to gpgv, it fallbacks to usings trustedkeys which doesn't exist and complains about it. Cheers, -- Raphaël Hertzog -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#545274: dpkg-dev: dpkg-source cannot verify GPG signatures
Package: dpkg-dev Version: 1.15.3.1 Severity: important $ dscverify psutils_1.17-27.dsc psutils_1.17-27.dsc: Good signature found validating psutils_1.17.orig.tar.gz validating psutils_1.17-27.diff.gz All files validated successfully. $ $ dpkg-source --require-valid-signature -x psutils_1.17-27.dsc gpgv: keyblock resource `/home/ian/.gnupg/trustedkeys.gpg': general error gpgv: Signature made Wed 19 Aug 2009 04:21:54 PM PDT using DSA key ID D688E0A7 gpgv: Can't check signature: public key not found dpkg-source: error: failed to verify signature on ./psutils_1.17-27.dsc $ -- System Information: Debian Release: 5.0.1 APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.30-1-686 (SMP w/1 CPU core) Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages dpkg-dev depends on: ii binutils 2.19.51.20090723-1 The GNU assembler, linker and bina ii bzip2 1.0.5-3high-quality block-sorting file co ii dpkg 1.15.3.1 Debian package management system ii libtimedate-perl 1.1600-9 Time and date functions for Perl ii lzma 4.43-14Compression method of 7z format in ii make 3.81-6 An utility for Directing compilati ii patch 2.5.9-5Apply a diff file to an original ii perl [perl5] 5.10.0-25 Larry Wall's Practical Extraction ii perl-modules 5.10.0-25 Core Perl modules Versions of packages dpkg-dev recommends: ii build-essential 11.4 Informational list of build-essent ii gcc [c-compiler] 4:4.3.3-9 The GNU C compiler ii gcc-4.3 [c-compiler] 4.3.4-1The GNU C compiler ii gnupg 1.4.9-4GNU privacy guard - a free PGP rep ii gpgv 1.4.9-4GNU privacy guard - signature veri Versions of packages dpkg-dev suggests: ii debian-keyring [debian-mainta 2009.08.27 GnuPG (and obsolete PGP) keys of D -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#545274: dpkg-dev: dpkg-source cannot verify GPG signatures
Hello, On Sun, 06 Sep 2009, Ian Bruce wrote: $ dpkg-source --require-valid-signature -x psutils_1.17-27.dsc gpgv: keyblock resource `/home/ian/.gnupg/trustedkeys.gpg': general error gpgv: Signature made Wed 19 Aug 2009 04:21:54 PM PDT using DSA key ID D688E0A7 gpgv: Can't check signature: public key not found dpkg-source: error: failed to verify signature on ./psutils_1.17-27.dsc What's up with /home/ian/.gnupg/trustedkeys.gpg? Is it a good keyring file? Does it have correct permissions? Try again after moving it out of the way? From here, it looks like a local setup problem that makes gpgv fail. With the same debian-keyring package, it works fine here: ┏rivendell:~/tmp ┗(960)$ LANG=C dpkg-source --require-valid-signature -x psutils_1.17-27.dsc dpkg-source: info: extracting psutils in psutils-1.17 dpkg-source: info: unpacking psutils_1.17.orig.tar.gz dpkg-source: info: applying psutils_1.17-27.diff.gz ┏rivendell:~/tmp ┗(961)$ Cheers, -- Raphaël Hertzog -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#545274: dpkg-dev: dpkg-source cannot verify GPG signatures
fuck off From: Raphael Hertzog hert...@debian.org To: Ian Bruce ian_br...@fastmail.net; 545...@bugs.debian.org Sent: Sunday, 6 September, 2009 9:38:37 Subject: Bug#545274: dpkg-dev: dpkg-source cannot verify GPG signatures Hello, On Sun, 06 Sep 2009, Ian Bruce wrote: $ dpkg-source --require-valid-signature -x psutils_1.17-27.dsc gpgv: keyblock resource `/home/ian/.gnupg/trustedkeys.gpg': general error gpgv: Signature made Wed 19 Aug 2009 04:21:54 PM PDT using DSA key ID D688E0A7 gpgv: Can't check signature: public key not found dpkg-source: error: failed to verify signature on ./psutils_1.17-27.dsc What's up with /home/ian/.gnupg/trustedkeys.gpg? Is it a good keyring file? Does it have correct permissions? Try again after moving it out of the way? From here, it looks like a local setup problem that makes gpgv fail. With the same debian-keyring package, it works fine here: ┏rivendell:~/tmp ┗(960)$ LANG=C dpkg-source --require-valid-signature -x psutils_1.17-27.dsc dpkg-source: info: extracting psutils in psutils-1.17 dpkg-source: info: unpacking psutils_1.17.orig.tar.gz dpkg-source: info: applying psutils_1.17-27.diff.gz ┏rivendell:~/tmp ┗(961)$ Cheers, -- Raphaël Hertzog -- To UNSUBSCRIBE, email to debian-dpkg-bugs-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#545274: dpkg-dev: dpkg-source cannot verify GPG signatures
On Sun, 6 Sep 2009 10:38:37 +0200 Raphael Hertzog hert...@debian.org wrote: $ dpkg-source --require-valid-signature -x psutils_1.17-27.dsc gpgv: keyblock resource `/home/ian/.gnupg/trustedkeys.gpg': general error gpgv: Signature made Wed 19 Aug 2009 04:21:54 PM PDT using DSA key ID D688E0A7 gpgv: Can't check signature: public key not found dpkg-source: error: failed to verify signature on ./psutils_1.17-27.dsc What's up with /home/ian/.gnupg/trustedkeys.gpg? Is it a good keyring file? Does it have correct permissions? Try again after moving it out of the way? It doesn't exist -- but it shouldn't have to, since the required key is supplied by the debian-keyring package, as shown by the fact that dscverify succeeds where dpkg-source fails. -- Ian Bruce -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org