[Pkg-gnupg-maint] shipping example gpgconf.conf in gnupg2?
Eric Dorland
eric at debian.org
Fri Nov 7 21:46:40 UTC 2014
* Daniel Kahn Gillmor (dkg at fifthhorseman.net) wrote:
> by default, in debian we don't ship any file as
> /etc/gnupg2/gpgconf.conf. we do ship an example in
> /usr/share/doc/gnupg2/examples/gpgconf.conf
>
> However, this means that an error is produced here:
>
> 0 dkg at alice:~$ gpgconf --list-config
> gpgconf: can not open global config file '/etc/gnupg2/gpgconf.conf': No
> such file or directory
> 1 dkg at alice:~$
>
> note the non-zero return value.
>
> The example file itself is all commented out, and if it is placed in the
> given directory, the process returns 0 and emits nothing on stdout.
>
> What do folks think a reasonable thing to do is?
>
> 0) continue as currently done: no /etc/gnupg2/gpgconf.conf at all
>
> 1) ship an empty file in /etc/gnupg2/gpgconf.conf as a configfile
>
> 2) ship the example file (all commented-out) in
> /etc/gnupg2/gpgconf.conf as a configfile
>
> 3) consider modifying gpgconf --list-config to treat a missing file
> like an empty file (this probably would require poking upstream about it).
>
>
> I'm currently tempted to just carry on with (0), and acknowledge that
> gpgconf --list-config *should* return an error if the config file
> doesn't exist. this saves us the grief of maintaining a configfile in
> the package, and of considering poking upstream about it. I'm also
> thinking ahead to a day when gpg2 might become the stock gpg, and the
> extra hassle of moving a configfile from /etc/gnupg2/ to /etc/gnupg/
>
> otoh, i can't help but think that it's somehow shirking our
> responsibility as packagers to do (0), so i'm kind of leaning toward (2)
> instead. That way, people who modify the gpgconf.conf configfile will
> at least get notifications when the default changes on upgrade, etc.
>
> what do y'all think? I'm unlikely to change from the status quo unless
> people have opinions, but i wanted to float the question anyway.
0 seems perfectly reasonable to me. 3 also seems worth pursuing if
upstream is amenable. I could live with 1 (maybe not empty but a
single comment pointing to the example file). I'm not crazy about 2
since while on the face of it shipping the example file seems helpful,
I think you actually end up with more frequent conffile conflicts to
resolve at package upgrade time.
We could also carry a patch to change the wording of that message to
sound less ominous.
--
Eric Dorland <eric at kuroneko.ca>
43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnupg-maint/attachments/20141107/b8e23de8/attachment.sig>
More information about the Pkg-gnupg-maint
mailing list