| Summary: | gnupg2 states that it is a development version not suitable for use with production keys | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | Buchan Milne <bgmilne> |
| Component: | RPM Packages | Assignee: | All Packagers <pkg-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | |
| Severity: | normal | ||
| Priority: | release_blocker | CC: | cae, marja11, ngompa13, pterjan |
| Version: | Cauldron | ||
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Source RPM: | gnupg2-2.1.21-1.mga6.src.rpm | CVE: | |
| Status comment: | |||
|
Description
Buchan Milne
2017-06-06 22:14:22 CEST
With this patch:
--- gnupg-2.1.21/autogen.sh.orig 2017-03-17 10:34:37.000000000 +0200
+++ gnupg-2.1.21/autogen.sh 2017-06-06 21:24:21.624726814 +0200
@@ -245,8 +245,8 @@ if [ "$myhost" = "find-version" ]; then
rvd=$((0x$(echo ${rev} | dd bs=1 count=4 2>/dev/null)))
else
ingit=no
- beta=yes
- tmp="-unknown"
+ beta=no
+ tmp="-${RPM_PACKAGE_RELEASE:-unknown}"
rev="0000000"
rvd="0"
fi
Building the package with running autogen.sh gives:
[root@localhost ~]# gpg2 --version
gpg (GnuPG) 2.1.21-1.mga6
libgcrypt 1.7.6
Copyright (C) 2017 Free Software Foundation, Inc.
....
Building the package without running autogen.sh gives:
[root@localhost ~]# gpg2 --version
gpg (GnuPG) 2.1.21
libgcrypt 1.7.6
Copyright (C) 2017 Free Software Foundation, Inc.
Assigning to all packagers collectively, since there is no registered maintainer for this package. Priority:
Normal =>
release_blocker It looks like a fix was committed but we haven't pushed it? Is there a reason for this? CC:
(none) =>
ngompa13 The pkg was submitted but failed on the buildsystem in %check Makefile:928: recipe for target 'xcheck' failed make[2]: *** [xcheck] Error 28 make[2]: Leaving directory '/home/iurt/rpmbuild/BUILD/gnupg-2.1.21/tests/openpgp' Makefile:533: recipe for target 'check-recursive' failed make[1]: *** [check-recursive] Error 1 make[1]: Leaving directory '/home/iurt/rpmbuild/BUILD/gnupg-2.1.21/tests' Makefile:588: recipe for target 'check-recursive' failed make: *** [check-recursive] Error 1 error: Bad exit status from /home/iurt/rpmbuild/tmp/rpm-tmp.lFgYcu (%check) It did pass all test when Buchan built it locally and also built for me locally. CC:
(none) =>
cae The package fails to build in the buildsystem occasionally (Pascal posited that it might have to do with entropy requirements). Usually resubmitting fixes it. :/ For the entropy problems I ended up running rngd on arm build nodes (which had 100% failure) # Else some tests fail due to lack of entropy rpm -q rng-utils || urpmi rng-utils rngd -r /dev/urandom Here the package fails with that error even on arm so it's unlikely to be the problem. CC:
(none) =>
pterjan I just tried building locally in iurt and get the same failure Disabling the patch, I get 100% success in iurt, enabling the patch I get 100% failure but no idea why. The way to start a gpg-agent in %check is probably broken ++ ./agent/gpg-agent --use-standard-socket --daemon --write-env-file gpg-agent-info gpg-agent[4488]: WARNING: "--use-standard-socket" is an obsolete option - it has no effect gpg-agent[4488]: WARNING: "--write-env-file" is an obsolete option - it has no effect gpg-agent[4488]: directory '/home/pterjan/.gnupg' created gpg-agent[4488]: directory '/home/pterjan/.gnupg/private-keys-v1.d' created gpg-agent[4489]: gpg-agent (GnuPG) 2.1.21-2.mga6 started + eval modern way would probably be /agent/gpg-agent || ./agent/gpg-agent --daemon I just committed a patch from Fedora that fixes the build for me locally with mock and all the tests passing. This is now fixed with gnupg2-2.1.21-2.mga6. Resolution:
(none) =>
FIXED |