[pkg-gnupg-maint] Bug#1086140: ostree: FTBFS against gpg 2.2.45: gpg --import for revocation cert exits 2
Andreas Metzler
ametzler at bebt.de
Sun Oct 27 17:08:16 GMT 2024
On 2024-10-27 Simon McVittie <smcv at debian.org> wrote:
[...]
> I can reproduce this. The actual error appears to be:
> > + gpg --homedir=/var/tmp/tap-test.4h3gy2/gpghome --import /var/tmp/tap-test.4h3gy2/gpghome/revocations/key1.rev
> > Imported 0 GPG keys to remote "R1"
> > gpg: key 7FCA23D8472CDAFA: "Ostree Tester <test at test.com>" revocation certificate imported
> > gpg: Total number processed: 1
> > gpg: new key revocations: 1
> > gpg: Note: ultimately trusted key 7FCA23D8472CDAFA expired
> > gpg: marginals needed: 3 completes needed: 1 trust model: pgp
> > gpg: depth: 0 valid: 2 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 2u
> > ++ report_err
> > ++ local exit_status=2
> > Unexpected nonzero exit status 2 while running: ${GPG} --homedir=${TEST_GPG_KEYHOME} --import ${TEST_GPG_KEYHOME}/revocations/key1.rev
> Is it intentional that importing a revocation certificate, apparently
> successfully (or at least there are no obvious error/warning messages),
> is now exiting with status 2?
> The failing test script is:
> https://sources.debian.org/src/ostree/2024.8-1/tests/test-remote-gpg-list-keys.sh/
> and the test keys and revoation certificate can be found in:
> https://sources.debian.org/src/ostree/2024.8-1/tests/gpghome/
Hello,
The minimal test case seems to be to expire a key and then import its
revocation certificate. .45 exits with 2 instead of success.
--------------------
#!/bin/sh
MYGPGHOME=`mktemp -d`
cp -a /tmp/ostree-2024.8/tests/gpghome/* ${MYGPGHOME}/
gpg --homedir=${MYGPGHOME} --version
gpg --homedir=${MYGPGHOME} -K > /dev/null
gpg --verbose --homedir=${MYGPGHOME} \
--quick-set-expire 5E65DE75AB1C501862D476347FCA23D8472CDAFA seconds=1
echo DEBUG quick-expire exit status $?
sleep 2
gpg --verbose --homedir=${MYGPGHOME} --import \
/tmp/ostree-2024.8/tests/gpghome/revocations/key1.rev
echo DEBUG import rev exit status $?
rm -rf ${MYGPGHOME}
--------------------
Given that gpg 2.4 does not behave this way I think this is probably not
intended.
cu Andeas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
More information about the pkg-gnupg-maint
mailing list