[pkg-gnupg-maint] Bug#850657: Bug#850657: gnupg: Please find gpg-agent on PATH

Wed Jan 11 11:56:19 UTC 2017

Daniel Kahn Gillmor writes ("Re: [pkg-gnupg-maint] Bug#850657: gnupg: Please find gpg-agent on PATH"):
> On Sun 2017-01-08 17:35:13 -0500, Ian Jackson wrote:
> > gpg executes /usr/bin/gpg-agent, rather than fetching it from the
> > PATH.
> >
> > This is contrary to Debian policy.
> 
> Can you point to the specific part of debian policy that this violates?

I looked for the appropriate part.  debian-policy fails to specify
many aspects of behaviour of programs other than maintainer scripts,
but about maintainer scripts it has this to say:

| Programs called from maintainer scripts should not normally have a
| path prepended to them.
(policy 6.1)

> If you want to pass exciting options to gpg-agent, you can pass them
> directly by launching the agent by hand.  there aren't many contortions
> involved, afaict.  Can you explain what you're trying to do?

I don't think it is fruitful in this bug report to speculate about
other ways of achieving my objective at the time I noticed the bug.
(I disagree that this is a wishlist request.  Absolute paths are a
bug.)

Putting a stunt wrapper of a program on PATH is a well-established
technique for debugging, and for users interfering with and modifying
the behaviour of their systems, and for thingse like test suites.

Of course the system administrator can move the program aside (perhaps
also using dpkg-divert), but that has global effect on the whole
system, while setting PATH has only local impact and requires no
privilege.

> > Please change the package to execute all its programs from PATH.
> 
> this almost certainly won't be done.  for example, if a smarcard is
> present, scdaemon is currently invoked from /usr/lib/gnupg/scdaemon ,
> which isn't even in the path.

Sorry, I was unclear.  I meant to limit my request to those programs
which are already on PATH directories, like gpg-agent.

> > Ideally upstream would change too but my experience is that upstreams
> > often don't like this kind of change.
> 
> indeed, they don't like changes that make it more difficult to track
> down problems, [...]

I don't want to have this argument with upstream.  IMO this is just
how we do things in Debian.  In Debian we have reportbug, which is the
right place to address the kind of bug report handling difficulties
you mention.  I have other serious objections to the arguments you
made in that paragraph but I'm hoping we don't have to go there.

I'd like to contrast the reaction to this bug report with that of the
Debian devscripts maintainers in http://bugs.debian.org/850655.

Thanks,
Ian.

-- 
Ian Jackson <ijackson at chiark.greenend.org.uk>   These opinions are my own.

If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.