Bug#840575: [buildd-tools-devel] Bug#840575: sbuild bpo: uses non-available option gnupg --pinentry-mode
On Tue 2016-11-08 01:58:42 -0600, Cyril Brulebois wrote: > Daniel Kahn Gillmor (2016-11-07): >> On Thu 2016-11-03 06:56:21 -0600, Luca Falavigna wrote: >> > 2016-11-03 13:41 GMT+01:00 Thomas Goirand : >> >> dkg, you had the intention to upload gnupg 2.1 to backports. Is there >> >> anything that's holding it? >> >> >> >> Lucas, could you upload a version of sbuild to BPO without this hard >> >> requirement, and maybe with the fix I suggested for the keygen thing? >> >> While not the definitive solution, this would fix it in the mean time. >> > >> > If Daniel is willing to upload gnupg2, that would be cool! Otherwise >> > I'll try to see which other alternatives we have. >> >> I'd be happy to upload gnupg2 2.1.15-8 to backports, but it's currently >> not migrating to testing, i think because of the current udeb freeze (we >> have gpgv-udeb). I'm adding kibi to the cc list here to see whether >> that's something he's ok with unblocking. > > Builds for the next d-i release have finished but still need testing; > I'll unblock packages once tests look good (so possibly a bit before the > announcement is published). Thanks, KiBi! --dkg signature.asc Description: PGP signature
Bug#840575: [buildd-tools-devel] Bug#840575: sbuild bpo: uses non-available option gnupg --pinentry-mode
Hi, Daniel Kahn Gillmor (2016-11-07): > On Thu 2016-11-03 06:56:21 -0600, Luca Falavigna wrote: > > 2016-11-03 13:41 GMT+01:00 Thomas Goirand : > >> dkg, you had the intention to upload gnupg 2.1 to backports. Is there > >> anything that's holding it? > >> > >> Lucas, could you upload a version of sbuild to BPO without this hard > >> requirement, and maybe with the fix I suggested for the keygen thing? > >> While not the definitive solution, this would fix it in the mean time. > > > > If Daniel is willing to upload gnupg2, that would be cool! Otherwise > > I'll try to see which other alternatives we have. > > I'd be happy to upload gnupg2 2.1.15-8 to backports, but it's currently > not migrating to testing, i think because of the current udeb freeze (we > have gpgv-udeb). I'm adding kibi to the cc list here to see whether > that's something he's ok with unblocking. Builds for the next d-i release have finished but still need testing; I'll unblock packages once tests look good (so possibly a bit before the announcement is published). KiBi. signature.asc Description: Digital signature
Bug#840575: [buildd-tools-devel] Bug#840575: sbuild bpo: uses non-available option gnupg --pinentry-mode
On Thu 2016-11-03 06:56:21 -0600, Luca Falavigna wrote: > 2016-11-03 13:41 GMT+01:00 Thomas Goirand : >> dkg, you had the intention to upload gnupg 2.1 to backports. Is there >> anything that's holding it? >> >> Lucas, could you upload a version of sbuild to BPO without this hard >> requirement, and maybe with the fix I suggested for the keygen thing? >> While not the definitive solution, this would fix it in the mean time. > > If Daniel is willing to upload gnupg2, that would be cool! Otherwise > I'll try to see which other alternatives we have. I'd be happy to upload gnupg2 2.1.15-8 to backports, but it's currently not migrating to testing, i think because of the current udeb freeze (we have gpgv-udeb). I'm adding kibi to the cc list here to see whether that's something he's ok with unblocking. --dkg signature.asc Description: PGP signature
Bug#840575: [buildd-tools-devel] Bug#840575: sbuild bpo: uses non-available option gnupg --pinentry-mode
2016-11-03 13:41 GMT+01:00 Thomas Goirand : > Indeed, sbuild in backports is not not installable. Indeed, I normally test all my packages, and I did this time too... but I didn't realize I already had gnupg2 installed on stable (private copy) and I trusted the last line of piuparts log without looking at what was written a few lines above. Sorry for the mess. > dkg, you had the intention to upload gnupg 2.1 to backports. Is there > anything that's holding it? > > Lucas, could you upload a version of sbuild to BPO without this hard > requirement, and maybe with the fix I suggested for the keygen thing? > While not the definitive solution, this would fix it in the mean time. If Daniel is willing to upload gnupg2, that would be cool! Otherwise I'll try to see which other alternatives we have. -- Cheers, Luca
Bug#840575: [buildd-tools-devel] Bug#840575: sbuild bpo: uses non-available option gnupg --pinentry-mode
On 11/03/2016 11:10 AM, Wouter Verhelst wrote: > The following packages have unmet dependencies: > sbuild : Depends: libsbuild-perl (= 0.72.0-2~bpo8+1) but 0.70.0-1~bpo8+1 is > to be installed > E: Unable to correct problems, you have held broken packages. > root@debian-sbuild:~# apt install -t jessie-backports libsbuild-perl > The following packages have unmet dependencies: > libsbuild-perl : Depends: gnupg (>= 2.1) but 1.4.18-7+deb8u3 is to be > installed Hi there! Indeed, sbuild in backports is not not installable. dkg, you had the intention to upload gnupg 2.1 to backports. Is there anything that's holding it? Lucas, could you upload a version of sbuild to BPO without this hard requirement, and maybe with the fix I suggested for the keygen thing? While not the definitive solution, this would fix it in the mean time. Cheers, Thomas Goirand (zigo)
Bug#840575: [buildd-tools-devel] Bug#840575: sbuild bpo: uses non-available option gnupg --pinentry-mode
On Fri, Oct 14, 2016 at 07:36:56AM +0200, Johannes Schauer wrote: > Hi, > > Quoting Daniel Kahn Gillmor (2016-10-13 00:31:28) > > > On Wed, Oct 12, 2016 at 11:42:15PM +0200, Thomas Goirand wrote: > > >> gpg: Invalid option "--pinentry-mode" > > > > … it sounds like sbuild should at least have declared a versioned > > dependency on gnupg (>= 2.1), when --pinentry-mode was introduced. > > this is indeed a real bug. Thanks for reopening this so that I don't forget to > handle this for my next upload. This seems to have been fixed with that next upload. However, now it's not installable in stable anymore: Script started on Thu Nov 3 11:08:15 2016 root@debian-sbuild:~# apt install -t jessie-backports sbuild Reading package lists... 0% Reading package lists... 100% Reading package lists... Done Building dependency tree... 0% Building dependency tree... 0% Building dependency tree... 50% Building dependency tree... 50% Building dependency tree Reading state information... 0% Reading state information... 0% Reading state information... Done Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming. The following information may help to resolve the situation: The following packages have unmet dependencies: sbuild : Depends: libsbuild-perl (= 0.72.0-2~bpo8+1) but 0.70.0-1~bpo8+1 is to be installed E: Unable to correct problems, you have held broken packages. root@debian-sbuild:~# apt install -t jessie-backports libsbuild-perl Reading package lists... 0% Reading package lists... 100% Reading package lists... Done Building dependency tree... 0% Building dependency tree... 0% Building dependency tree... 50% Building dependency tree... 50% Building dependency tree Reading state information... 0% Reading state information... 0% Reading state information... Done Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming. The following information may help to resolve the situation: The following packages have unmet dependencies: libsbuild-perl : Depends: gnupg (>= 2.1) but 1.4.18-7+deb8u3 is to be installed E: Unable to correct problems, you have held broken packages. root@debian-sbuild:~# apt-cache policy gnupg gnupg: Installed: 1.4.18-7+deb8u3 Candidate: 1.4.18-7+deb8u3 Version table: *** 1.4.18-7+deb8u3 0 500 http://ftp.be.debian.org/debian/ jessie/main amd64 Packages 100 /var/lib/dpkg/status 1.4.18-7+deb8u2 0 500 http://security.debian.org/ jessie/updates/main amd64 Packages root@debian-sbuild:~# apt-cache policy gnupg2 gnupg2: Installed: (none) Candidate: 2.0.26-6+deb8u1 Version table: 2.0.26-6+deb8u1 0 500 http://ftp.be.debian.org/debian/ jessie/main amd64 Packages root@debian-sbuild:~# exit Script done on Thu Nov 3 11:08:41 2016 Regards, -- < ron> I mean, the main *practical* problem with C++, is there's like a dozen people in the world who think they really understand all of its rules, and pretty much all of them are just lying to themselves too. -- #debian-devel, OFTC, 2016-02-12
Bug#840575: [buildd-tools-devel] Bug#840575: sbuild bpo: uses non-available option gnupg --pinentry-mode
Hi, 2016-10-14 7:36 GMT+02:00 Johannes Schauer : > don't know if our current sbuild backporter Luca (in CC) would be willing to > write such a patch, especially considering that > > - it is a feature of sbuild since version 0.67.0 (I corrected the wiki page >accordingly) to *not* require signing of the internal dummy repository (and >thus you don't need to run sbuild-update --keygen anymore) and that > - the next stable release is not far away. Indeed, I think it's pointless to write a patch given that we no longer suggest to sign the internal repository, and also that explains why I didn't notice this issue since in order to build the sbuild backport I used the very same version found in unstable/testing, installed on a machine running stable where my Deb-o-Matic farm is running on :-) -- Cheers, Luca
Bug#840575: [buildd-tools-devel] Bug#840575: sbuild bpo: uses non-available option gnupg --pinentry-mode
On Fri 2016-10-14 01:36:56 -0400, Johannes Schauer wrote: > - it is a feature of sbuild since version 0.67.0 (I corrected the wiki page >accordingly) to *not* require signing of the internal dummy repository (and >thus you don't need to run sbuild-update --keygen anymore) and that awesome, thanks for this improvement (and thanks for all your work on sbuild)! Regards, --dkg
Bug#840575: [buildd-tools-devel] Bug#840575: sbuild bpo: uses non-available option gnupg --pinentry-mode
Hi, Quoting Daniel Kahn Gillmor (2016-10-13 00:31:28) > > On Wed, Oct 12, 2016 at 11:42:15PM +0200, Thomas Goirand wrote: > >> gpg: Invalid option "--pinentry-mode" > > … it sounds like sbuild should at least have declared a versioned > dependency on gnupg (>= 2.1), when --pinentry-mode was introduced. this is indeed a real bug. Thanks for reopening this so that I don't forget to handle this for my next upload. > Alternately, maybe the requirement to run --keygen could be relaxed? That would require some version detection mechanism I suppose. I don't think it is useful to have sbuild in stable be able to run with old gnupg as the next stable release will have the correct gnupg version available. So if the requirement is relaxed, then it is purely useful for sbuild in backports. I don't know if our current sbuild backporter Luca (in CC) would be willing to write such a patch, especially considering that - it is a feature of sbuild since version 0.67.0 (I corrected the wiki page accordingly) to *not* require signing of the internal dummy repository (and thus you don't need to run sbuild-update --keygen anymore) and that - the next stable release is not far away. Thanks! cheers, josch signature.asc Description: signature
Bug#840575: [buildd-tools-devel] Bug#840575: sbuild bpo: uses non-available option gnupg --pinentry-mode
On 10/13/2016 12:58 PM, Johannes Schauer wrote: > Hi, > > Quoting Thomas Goirand (2016-10-12 23:42:15) >> Dear backport maintainer, >> >> Since the upload of sbuild 0.71.0-2~bpo8+1 to stable backport, running >> sbuild-update --keygen leads to this error message: >> >> gpg: Invalid option "--pinentry-mode" >> >> Indeed, it looks like --pinentry-mode isn't available in gnupg 1.4.18-7 which >> is in Jessie. Since there's no backport of gnupg 2.1.x, this makes sbuild >> from >> jessie-bpo completely broken, considering one need to run sbuild-update >> --keygen >> to start using sbuild. > > You do not need to run sbuild-update --keygen to start using sbuild with the > sbuild versions after 0.69.0. > > So until this bug is fixed, just don't run that command. Thanks for the hint. I've edited https://wiki.debian.org/sbuild to add this information. Cheers, Thomas Goirand (zigo)
Bug#840575: sbuild bpo: uses non-available option gnupg --pinentry-mode
Control: reopen 840575 Control: found 840575 0.71.0-2 Control: retitle 840575 sbuild should Depends: gnupg (>= 2.1) Control: affects 840575 src:gnupg2 On Wed 2016-10-12 18:07:39 -0400, James Clarke wrote: > Bugs in backported packages should not be sent to the BTS, but to > debian-backports (CC'ed for your convenience). While i agree with James here… > On Wed, Oct 12, 2016 at 11:42:15PM +0200, Thomas Goirand wrote: >> Package: sbuild >> Version: 0.71.0-2~bpo8+1 >> Severity: grave >> Tags: patch >> >> Dear backport maintainer, >> >> Since the upload of sbuild 0.71.0-2~bpo8+1 to stable backport, running >> sbuild-update --keygen leads to this error message: >> >> gpg: Invalid option "--pinentry-mode" … it sounds like sbuild should at least have declared a versioned dependency on gnupg (>= 2.1), when --pinentry-mode was introduced. >> Indeed, it looks like --pinentry-mode isn't available in gnupg 1.4.18-7 which >> is in Jessie. Since there's no backport of gnupg 2.1.x, this makes sbuild >> from >> jessie-bpo completely broken, considering one need to run sbuild-update >> --keygen >> to start using sbuild. Alternately, maybe the requirement to run --keygen could be relaxed? Regards, --dkg signature.asc Description: PGP signature
Bug#840575: [buildd-tools-devel] Bug#840575: sbuild bpo: uses non-available option gnupg --pinentry-mode
Hi, Quoting Thomas Goirand (2016-10-12 23:42:15) > Dear backport maintainer, > > Since the upload of sbuild 0.71.0-2~bpo8+1 to stable backport, running > sbuild-update --keygen leads to this error message: > > gpg: Invalid option "--pinentry-mode" > > Indeed, it looks like --pinentry-mode isn't available in gnupg 1.4.18-7 which > is in Jessie. Since there's no backport of gnupg 2.1.x, this makes sbuild from > jessie-bpo completely broken, considering one need to run sbuild-update > --keygen > to start using sbuild. You do not need to run sbuild-update --keygen to start using sbuild with the sbuild versions after 0.69.0. So until this bug is fixed, just don't run that command. Thanks! cheers, josch signature.asc Description: signature
Bug#840575: sbuild bpo: uses non-available option gnupg --pinentry-mode
Package: sbuild Version: 0.71.0-2~bpo8+1 Severity: grave Tags: patch Dear backport maintainer, Since the upload of sbuild 0.71.0-2~bpo8+1 to stable backport, running sbuild-update --keygen leads to this error message: gpg: Invalid option "--pinentry-mode" Indeed, it looks like --pinentry-mode isn't available in gnupg 1.4.18-7 which is in Jessie. Since there's no backport of gnupg 2.1.x, this makes sbuild from jessie-bpo completely broken, considering one need to run sbuild-update --keygen to start using sbuild. This simple patch to ChrootSetup.pm line 277 fixes the issue: --- ChrootSetup.pm.orig 2016-10-12 21:03:05.357702250 + +++ ChrootSetup.pm 2016-10-12 21:03:26.929579131 + @@ -274,7 +274,7 @@ return $? } -my @command = ('gpg', '--no-options', '--pinentry-mode', 'loopback', '--passphrase-file', '/dev/null', '--no-default-keyring', '--batch', '--gen-key', +my @command = ('gpg', '--no-options', '--passphrase-file', '/dev/null', '--no-default-keyring', '--batch', '--gen-key', $tmpfilename); $host->run_command( { COMMAND => \@command, Please apply this patch to sbuild 0.71.0-2~bpo8+1 and upload the fix. Thanks for maintaining this sbuild backport: it is very useful, especially that $clean_source = 0; isn't available in Jessie's version of sbuild (if you know a workaround for this without jessie-bpo, please let me know). Cheers, Thomas Goirand (zigo)