[pkg-gnupg-maint] Bug#822974: backport for jessie
Robert Lange
rcl24 at drexel.edu
Fri Apr 29 14:36:30 UTC 2016
I have made such a backport in my personal Jessie backports repo. I used the source packages from testing (and maybe unstable, if a package was not in testing, but I think all relevant packages are in testing now). The process was complicated b/c I needed to backport dpkg and debhelpers and a bunch of others in order to satisfy the dependency chain and build dependency chain. However, after compiling around 10ish source packages, everything worked. I've been tracking and keeping up w/ changes, and so far I have not had any problems, with the following caveats.
One major issue with an official backport is that GnuPG 2.1 breaks backward compatibility with the key format of previous versions. This is not a problem if you can use gpg2 for everything, but if you still need gpg1 for some things, then you will have to manually keep 2 copies of your keychain in sync; the old 1.x format and the 2.1 format. Every time you import or sign a new key, you will have to remember to do the operation with both gpg and gpg2. For me, I have been able to live with 2.1 only, but others may not be able to.
This is made somewhat more complicated by the fact that many Debian admin and build scripts currently still default to invoke gpg instead of gpg2. I had to set some environment variables to get some scripts to use gpg2, and I think I had to set up a diversion for some other scripts that are currently hard-coded to use gpg instead of gpg2. (I am not at home currently, so I can't be more exact.) There were some warnings about gpg2 having possibly incompatible command line arguments and maybe some scripts breaking as a result of this, but so far I have not noticed any problems from this.
Anyway, upgrading my personal machines to GnuPG 2.1 was interesting and rewarding, but given the above, I would say that doing this in the official backports repo would cause a lot of problems, especially with that special breed of user who upgrades first and reads the notes later.
--Robert Lange
On 16-04-29, Daniel Pocock <daniel at pocock.pro> wrote:
> Package: gnupg2
> Version: 2.1.11-7
> Severity: wishlist
>
> Please consider providing a gnupg2 2.1.x backport in jessie-backports or
> comment if it is not feasible.
>
> I came across some comments about it here:
>
> https://lists.gnupg.org/pipermail/gnupg-users/2015-June/053772.html
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnupg-maint/attachments/20160429/49635a7c/attachment.html>
More information about the pkg-gnupg-maint
mailing list