22625 – Unable to sign packages

Bug 22625 - Unable to sign packages

Summary: Unable to sign packages

Status:	RESOLVED INVALID

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	RPM Packages (show other bugs)
Version:	6
Hardware:	All Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	Mageia Bug Squad
QA Contact:

URL:
Whiteboard:
Keywords:	IN_RELEASENOTES6

Depends on:
Blocks:

Reported:	2018-02-18 11:43 CET by Georges Eckenschwiller
Modified:	2018-02-20 14:11 CET (History)
CC List:	2 users (show)

See Also:	https://bugzilla.redhat.com/show_bug.cgi?id=1271050
Source RPM:
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Georges Eckenschwiller 2018-02-18 11:43:26 CET

I cannot any more sign the packages which I make.
I reinstalled recently my computer, having added a SSD.

I install gnupg and rpm-sign.
I create my keys with gpg - gen-key
which gives me a ~/.gnupg directory with:
- an empty directory: private-keys-v1.d
-. gpg-21-migrated
- gpg.conf
- pubring.gpg
- random_seed
- secring.gpg
- trustdb.gpg

I can create the pubkey file with gpg --export -a paiiou@free.fr > pubkey

To sign the packages of a directory, I make:
rpmsign --addsign *.rpm
=>
baka-mplayer-2.0.4.1-0.git20180121.1.pa ii6.x86_64.rpm:
gpg: "52xxyyzz was ignored: no secret key
gpg: signing failed: no secret key

Comment 1 katnatek 2018-02-19 00:07:00 CET

i find myself with this
export the secret key
gpg --export-secret-keys keyid > seckey

import the secret key but with gpg2

gpg2 --import seckey

Comment 2 Georges Eckenschwiller 2018-02-19 13:05:41 CET

Thank you, katnatek. it fonctionee well.
It allows to by-pass the problem.

However, I think that it is a regression of gnupg.
Can it be corrected?

Comment 3 katnatek 2018-02-19 18:19:19 CET

(In reply to Georges Eckenschwiller from comment #2)
> Thank you, katnatek. it fonctionee well.
> It allows to by-pass the problem.
> 
> However, I think that it is a regression of gnupg.
> Can it be corrected?

It's a upstream change https://gnupg.org/faq/whats-new-in-2.1.html#nosecring
I find that and solution searching about this issue

Maybe some for include in release notes or erratas

Comment 4 Marja Van Waes 2018-02-19 20:15:13 CET

(In reply to katnatek from comment #3)
> (In reply to Georges Eckenschwiller from comment #2)
> > Thank you, katnatek. it fonctionee well.
> > It allows to by-pass the problem.
> > 
> > However, I think that it is a regression of gnupg.
> > Can it be corrected?
> 
> It's a upstream change https://gnupg.org/faq/whats-new-in-2.1.html#nosecring
> I find that and solution searching about this issue
> 
> Maybe some for include in release notes or erratas

Thanks, Katnatek!

So it isn't a bug, but a deliberate upstream change, which should go in the release notes

Keywords: (none) => FOR_RELEASENOTES6
CC: (none) => marja11

Comment 5 katnatek 2018-02-19 20:50:13 CET

Adding link to similar issue in redhat

See Also: (none) => https://bugzilla.redhat.com/show_bug.cgi?id=1271050

Comment 6 Do not mail this address 2018-02-20 12:08:27 CET

In the wiki now https://wiki.mageia.org/en/Mageia_6_Release_Notes#gnupg_removal_of_the_secret_keyring

I cannot change the keyword being marja11 (i need a sysadmin to reset my marja password)

Also, this report should be closed, since it is not a bug (I wish we had a RESOLVED-NOTABUG status, I don't like closing reports like this one as INVALID)... marja11 can't close it, though ;-)

CC: (none) => marja

Comment 7 Marja Van Waes 2018-02-20 14:11:27 CET

(In reply to Do not mail this address from comment #6)

> 
> Also, this report should be closed, since it is not a bug (I wish we had a
> RESOLVED-NOTABUG status, I don't like closing reports like this one as
> INVALID)... marja11 can't close it, though ;-)

but marja can :-)

Resolution: (none) => INVALID
Keywords: FOR_RELEASENOTES6 => IN_RELEASENOTES6
Status: NEW => RESOLVED

Note You need to log in before you can comment on or make changes to this bug.