1. Forum
  2. Usenet
  3. LINUX.DEBIAN.MAINT.DPKG

  • Bug#1099178: dupload: Fail to check signature

    From Guillem Jover@21:1/5 to Christian Marillat on Sat Mar 1 15:10:01 2025
    XPost: linux.debian.bugs.dist

    Hi!

    On Sat, 2025-03-01 at 11:36:09 +0100, Christian Marillat wrote:
    Package: dupload
    Version: 2.13.0
    Severity: serious

    Since 2.13.0 dupload doesn't work.

    Downgrading to 2.12.0 solve this issue.

    ,----
    | $ debrelease -S
    | dupload: warning: mail options disabled, cannot run '/usr/sbin/sendmail': No such file or directory
    | dupload note: no announcement will be sent.
    | Checking OpenPGP signatures on ../displaycal-py3_3.9.14-3_source.changes... >| gpgv: Signature made Sat Mar 1 11:27:32 2025 CET
    | gpgv: using RSA key A401FF99368FA1F98152DE755C808C2B65558117 >| gpgv: Can't check signature: No public key
    | openpgp-check: error: cannot verify OpenPGP signature for ../displaycal-py3_3.9.14-3_source.changes: no acceptable signature found
    |
    | dupload: error: Pre-upload '/usr/share/dupload/openpgp-check %1' failed for ../displaycal-py3_3.9.14-3_source.changes
    `----

    I assume this is fallout from the new OpenPGP multi-backend support,
    which requires passing explicit keyrings for hosts that have an
    openpgp-check hook enabled. This is the case for pre-configured hosts
    in the shipped conffile, but I'm assuming you might be using a custom
    host entry?

    I improved yesterday the error reporting to make this error condition
    more clear and how to fix it. And I'm thinking about adding a NEWS
    entry, because I guess the implications of the changes are not obvious
    at all.

    Thanks,
    Guillem

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Guillem Jover@1:229/2 to Guillem Jover on Sat Mar 1 21:10:01 2025
    XPost: linux.debian.bugs.dist
    From: [email protected]

    Control: severity -1 normal

    Assuming this is mostly a matter of missing notice/NEWS, I'm lowering
    the severity, and will be closing this with today's upload which will
    include such NEWS entry.

    (My previous questions below still stand though. :)

    On Sat, 2025-03-01 at 18:33:04 +0100, Guillem Jover wrote:
    On Sat, 2025-03-01 at 16:27:05 +0100, Christian Marillat wrote:
    On 01 mars 2025 15:02, Guillem Jover <[email protected]> wrote:
    I assume this is fallout from the new OpenPGP multi-backend support, which requires passing explicit keyrings for hosts that have an openpgp-check hook enabled. This is the case for pre-configured hosts
    in the shipped conffile, but I'm assuming you might be using a custom host entry?

    Here is my configuration. After reading /etc/dupload.conf I added
    global hooks and three use lines no dupload is working.

    I assume that meant to say s/no/now/?

    ,----
    | default_host = "ftp-master";
    |
    | $cfg{'ftp-master'} = {
    | fqdn => 'ssh.upload.debian.org',
    | method => 'scpb',
    | incoming => '/srv/upload.debian.org/UploadQueue/',
    | # Files pass on to dinstall on ftp-master which sends emails itself. | dinstall_runs => 1,
    | };
    `----

    I'd still be interested to know whether you could get the
    openpgp-check hook to work, though. Also in theory using the
    system-wide config on a Debian system should do the right thing with
    no need to customize anything.
    So it would be nice to know also whether that would work for you out
    of the box?

    Thanks,
    Guillem

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)