Re: debuild finds no secret key after dist-upgrade (original) (raw)

On Fri, Sep 15, 2017 at 06:44:49PM +0200, Thomas Schmitt wrote:

I read on https://www.gnupg.org/documentation/manuals/gnupg/GPG-Configuration.html that since GnuPG 2.1 the file ~/.gnupg/secring.gpg is not used any more. It still exists, but gpg --version now says "2.2.0". It's fine if still exists.

Alternatively: Would it be ok to make my packages with a backup of my Sid which is still in the state before today's dist-upgrade ? Note that making a package and signing it are two separate operations (and you are supposed to run all build commands with -us -uc and run debsign explicitly).

Further problem: lintian says Standards-Version: is 4.0.0, upgrading-checklist.txt says it is 4.1.0. It's not a problem, lintian isn't always up-to-date.

My $HOME on Sid has a .gnupg directory with files which, except one, are unchanged since two years, when i began to prepare Debian packages. Last year they did suffice. The only file with new timestamp is the empty directory .gnupg/private-keys-v1.d which according to https://www.gnupg.org/faq/whats-new-in-2.1.html#nosecring is supposed to contain automatically converted secret keys. Then something went wrong? Do you have .gnupg/.gpg-v21-migrated? Are .gnupg/private-keys-v1.d perms correct? Are .gnupg perms correct?

The lintian error is documented as The packaging includes an upstream signing key but the corresponding .asc signature for one or more source tarballs are not included in your .changes file. Policy 5.5 says that ".changes" stems from control, changelog, or rules. Do i have to edit one of them ? No, you need to read dpkg-source(1) about including the orig tarball sig into the source package.

-- WBR, wRAR

Attachment:signature.asc
Description: PGP signature

Reply to: