Forum: Too Lazy BBS

Who's Online

System Info

Sysop:	Amessyroom
Location:	Fayetteville, NC
Users:	43
Nodes:	6 (0 / 6)
Uptime:	100:11:37
Calls:	290
Files:	905
Messages:	76,507

Bug#1091915: dpkg-buildpackage: error: failed to sign ../${dsc} file: s

From Salvatore Bonaccorso@21:1/5 to All on Thu Jan 2 15:20:01 2025

XPost: linux.debian.maint.dpkg

Package: dpkg-dev
Version: 1.22.12
Severity: normal
X-Debbugs-Cc: carnil@debian.org

Hi Guillem

I'm not even sure if this is considered a bug, so if not feel free to
close.

I do not use sq, but sq is installed on the system. Now after the
update to dpkg/1.22.12 when building a source package and singing I
get:

dpkg-buildpackage: info: source package linux-base
dpkg-buildpackage: info: source version 4.11
dpkg-buildpackage: info: source distribution unstable
dpkg-buildpackage: info: source changed by Salvatore Bonaccorso <carnil@debian.org>
dpkg-source --before-build .
debian/rules clean
dh clean
dh_auto_clean
make -j8 clean
make[1]: Entering directory '/tmp/linux-base-4.11'
rm -f man/*.??.[1-9]
make[1]: Leaving directory '/tmp/linux-base-4.11'
dh_clean
dpkg-source -b .
dpkg-source: info: using source format '3.0 (native)'
dpkg-source: info: building linux-base in linux-base_4.11.tar.xz
dpkg-source: info: building linux-base in linux-base_4.11.dsc
dpkg-genbuildinfo --build=source -O../linux-base_4.11_source.buildinfo
dpkg-genchanges -sa --build=source -O../linux-base_4.11_source.changes dpkg-genchanges: info: including full source code in upload
dpkg-source --after-build .
dpkg-buildpackage: info: source-only upload: Debian-native package
signfile linux-base_4.11.dsc
dpkg-buildpackage: error: failed to sign ../linux-base_4.11.dsc file: specified key needs a keystore

Either downgrading dpkg to 1.22.11 or removing the installed sq
package solves the problem. Equally reverting the change 17309e15bbe7 ("Dpkg::OpenPGP::Backend::Sequoia: Add keystore support").

Regards,
Salvatore

-- System Information:
Debian Release: trixie/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.12.6-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages dpkg-dev depends on:
ii binutils 2.43.50.20241230-1
ii bzip2 1.0.8-6
ii libdpkg-perl 1.22.12
ii make 4.4.1-1
ii patch 2.7.6-7
ii perl 5.40.0-8
ii tar 1.35+dfsg-3.1
ii xz-utils 5.6.3-1+b1

Versions of packages dpkg-dev recommends:
ii build-essential 12.12
ii fakeroot 1.36.2-1
ii gcc [c-compiler] 4:14.2.0-1
ii gcc-10 [c-compiler] 10.5.0-4
ii gcc-11 [c-compiler] 11.5.0-1
ii gcc-12 [c-compiler] 12.4.0-2
ii gcc-13 [c-compiler] 13.3.0-12
ii gcc-14 [c-compiler] 14.2.0-12
ii gnupg 2.2.45-2
ii gpgv 2.2.45-2
ii libalgorithm-merge-perl 0.08-5
ii sq 0.40.0-1+b1

Versions of packages dpkg-dev suggests:
ii debian-keyring 2024.09.22

-- no debconf information

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

From Guillem Jover@21:1/5 to Salvatore Bonaccorso on Thu Jan 2 15:40:01 2025

XPost: linux.debian.maint.dpkg

Hi!

On Thu, 2025-01-02 at 15:12:58 +0100, Salvatore Bonaccorso wrote:

Package: dpkg-dev
Version: 1.22.12
Severity: normal
X-Debbugs-Cc: carnil@debian.org

I'm not even sure if this is considered a bug, so if not feel free to
close.

I'd need to first understand what's going on, but my assumption is
that this is a bug yes. :) I try to reproduce after lunch.

I do not use sq, but sq is installed on the system. Now after the
update to dpkg/1.22.12 when building a source package and singing I
get:

dpkg-buildpackage: info: source package linux-base
dpkg-buildpackage: info: source version 4.11
dpkg-buildpackage: info: source distribution unstable
dpkg-buildpackage: info: source changed by Salvatore Bonaccorso <carnil@debian.org>
dpkg-source --before-build .
debian/rules clean
dh clean
dh_auto_clean
make -j8 clean
make[1]: Entering directory '/tmp/linux-base-4.11'
rm -f man/*.??.[1-9]
make[1]: Leaving directory '/tmp/linux-base-4.11'
dh_clean
dpkg-source -b .
dpkg-source: info: using source format '3.0 (native)'
dpkg-source: info: building linux-base in linux-base_4.11.tar.xz
dpkg-source: info: building linux-base in linux-base_4.11.dsc
dpkg-genbuildinfo --build=source -O../linux-base_4.11_source.buildinfo
dpkg-genchanges -sa --build=source -O../linux-base_4.11_source.changes dpkg-genchanges: info: including full source code in upload
dpkg-source --after-build .
dpkg-buildpackage: info: source-only upload: Debian-native package
signfile linux-base_4.11.dsc
dpkg-buildpackage: error: failed to sign ../linux-base_4.11.dsc file: specified key needs a keystore

Either downgrading dpkg to 1.22.11 or removing the installed sq
package solves the problem. Equally reverting the change 17309e15bbe7 ("Dpkg::OpenPGP::Backend::Sequoia: Add keystore support").

I assume that you either specify the signing via a key ID or let dpkg-buildpackage use the email from the changelog as the user ID?

(I'm assuming you are not using a keyfile.)

Thanks,
Guillem

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

From Salvatore Bonaccorso@21:1/5 to Guillem Jover on Thu Jan 2 16:00:01 2025

XPost: linux.debian.maint.dpkg

Hi Guillem,

On Thu, Jan 02, 2025 at 03:27:08PM +0100, Guillem Jover wrote:

Hi!

On Thu, 2025-01-02 at 15:12:58 +0100, Salvatore Bonaccorso wrote:

Package: dpkg-dev
Version: 1.22.12
Severity: normal
X-Debbugs-Cc: carnil@debian.org

I'm not even sure if this is considered a bug, so if not feel free to close.

I'd need to first understand what's going on, but my assumption is
that this is a bug yes. :) I try to reproduce after lunch.

Ok, thanks for looking into it. (I was thinking it might be unusual
situation having sq installed but not transitioned yet to sequoia or
using gpg-sq et al).

I do not use sq, but sq is installed on the system. Now after the
update to dpkg/1.22.12 when building a source package and singing I
get:

dpkg-buildpackage: info: source package linux-base
dpkg-buildpackage: info: source version 4.11
dpkg-buildpackage: info: source distribution unstable
dpkg-buildpackage: info: source changed by Salvatore Bonaccorso <carnil@debian.org>
dpkg-source --before-build .
debian/rules clean
dh clean
dh_auto_clean
make -j8 clean
make[1]: Entering directory '/tmp/linux-base-4.11'
rm -f man/*.??.[1-9]
make[1]: Leaving directory '/tmp/linux-base-4.11'
dh_clean
dpkg-source -b .
dpkg-source: info: using source format '3.0 (native)'
dpkg-source: info: building linux-base in linux-base_4.11.tar.xz dpkg-source: info: building linux-base in linux-base_4.11.dsc
dpkg-genbuildinfo --build=source -O../linux-base_4.11_source.buildinfo
dpkg-genchanges -sa --build=source -O../linux-base_4.11_source.changes dpkg-genchanges: info: including full source code in upload
dpkg-source --after-build .
dpkg-buildpackage: info: source-only upload: Debian-native package
signfile linux-base_4.11.dsc
dpkg-buildpackage: error: failed to sign ../linux-base_4.11.dsc file: specified key needs a keystore

Either downgrading dpkg to 1.22.11 or removing the installed sq
package solves the problem. Equally reverting the change 17309e15bbe7 ("Dpkg::OpenPGP::Backend::Sequoia: Add keystore support").

I assume that you either specify the signing via a key ID or let dpkg-buildpackage use the email from the changelog as the user ID?

(I'm assuming you are not using a keyfile.)

Right, it happens both when specifying the key ID with -k/--sign-keyid
or letting dpkg-buildpackage use the email from the changelog as the
user ID. I'm not using a keyfile.

Thank you,

Regards,
Salvatore

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Who's Online

System Info

Bug#1091915: dpkg-buildpackage: error: failed to sign ../${dsc} file: s