Re: debuild finds no secret key after dist-upgrade (original) (raw)

On Fri, Sep 15, 2017 at 07:42:54PM +0200, Thomas Schmitt wrote:

Note that making a package and signing it are two separate operations (and you are supposed to run all build commands with -us -uc and run debsign explicitly).

I understand that my signature as sponsored preparer is not of interest but rather the signature of the sponsor who uploads my files. No, I was not talking about that.

Currently my cheat sheet has as commands for packing up and checking after preparing the ./debian files:

debuild -S debuild -b So you don't even use a clean chroot?

lintian -I -E --color never --show-overrides | less You forget --pedantic.

Can you give me a command sequence as replacement for debuild -S, which omits the gpg part ? debuild -S -us -uc (I already told you that).

Policy 5.5 says that ".changes" stems from control, changelog, or rules. Do i have to edit one of them ?

No, you need to read dpkg-source(1) about including the orig tarball sig into the source package.

I read about .asc there, but not about .sig. Sure, it doesn't support .sig

And the instructions for .asc just say: "Optionally each original tarball can be accompanied by a detached upstream signature" No clarification is to see what "accompanied" means in particular. It means "existing in the same directory".

Is the requirement for a .sig or .asc new since september 2016 ? It's not a requirement. A lintian tag emitted when you provide the upstream signing key but don't make use of it by also providing the sig to check against it is relatively new, yes.

-- WBR, wRAR

Attachment:signature.asc
Description: PGP signature

Reply to: