Ubuntu
devscripts package

dscverify does not find Debian keyring

Bug #228296 reported by Rolf Leggewie on 2008-05-08

This bug affects 1 person

	Status	Importance	Assigned to
devscripts (Ubuntu)	Fix Released	Undecided	Unassigned
Hardy	Fix Released	Undecided	Unassigned
Intrepid	Fix Released	Undecided	Unassigned

Bug Description

Binary package hint: devscripts

$ dget -x http://ftp.de.debian.org/debian/pool/main/a/anthy/anthy_9100e-3.dsc
dget: retrieving http://ftp.de.debian.org/debian/pool/main/a/anthy/anthy_9100e-3.dsc
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 672 100 672 0 0 3367 0 --:--:-- --:--:-- --:--:-- 0
dget: using existing anthy_9100e.orig.tar.gz
dget: using existing anthy_9100e-3.diff.gz
dscverify: can't find any Debian keyrings

Tags:

Related branches

lp:ubuntu/karmic/devscripts

lp:ubuntu/hardy-proposed/devscripts

Revision history for this message

Rolf Leggewie (r0lf) wrote on 2008-05-08:

$ dpkg -l devscripts
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Installed/Config-f/Unpacked/Failed-cfg/Half-inst/t-aWait/T-pend
|/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad)
||/ Name Version Description
+++-=============================================-=============================================-==========================================================================================================
ii devscripts 2.10.26ubuntu3~hardy1 scripts to make the life of a Debian Package maintainer easier

Revision history for this message

John Dong (jdong) wrote on 2008-08-27:

12:26 < cjwatson> perhaps somebody should add the Ubuntu keyring to the list of
keyrings checked by dscverify, though
12:26 < jdong> hmm this particular package is an Ubuntu one
12:26 < cjwatson> (/usr/share/keyrings/ubuntu-archive-keyring.gpg)
12:26 < jdong> oh is the Ubuntu keyring not recognized by dscverify?
12:26 < cjwatson> right

Looks like Devscripts doesn't recognize the Ubuntu keyring.

Changed in devscripts:
status:	New → Triaged

Revision history for this message

TJ (tj) wrote on 2008-09-28:

Hardy debdiff adding Ubuntu keyrings Edit (1.2 KiB, text/plain)

I've been affected by this too trying to use prevu to backport Intrepid packages to Hardy.

I've added the ubuntu master and archive keyrings to the script, and am attaching debdiffs for the hardy and intrepid releases.

devscripts (2.10.11ubuntu6) hardy; urgency=low

* dscverify: Add Ubuntu keyrings (LP: #228296).

-- TJ <email address hidden> Sun, 28 Sep 2008 23:00:00 +0200

devscripts (2.10.26ubuntu13) intrepid; urgency=low

* dscverify: Add Ubuntu keyrings (LP: #228296).

-- TJ <email address hidden> Sun, 28 Sep 2008 23:00:00 +0200

Revision history for this message

TJ (tj) wrote on 2008-09-28:

Intrepid debdiff adding Ubuntu keyrings Edit (1.3 KiB, text/plain)

Revision history for this message

TJ (tj) wrote on 2008-09-28:

SRU Justification:

Impact: Using dscverify (often embedded in other tools) fails to verify Ubuntu archive keys.

The script doesn't add the Ubuntu-installed keyrings (package ubuntu-keyring) to the list of keyrings passed to gpg.

testcase: Without the keyrings dscverify will fail, reporting "dscverify: can't find any Debian keyrings"

Adding the keyrings to the list results in successful verification of the package.

Revision history for this message

Martin Pitt (pitti) wrote on 2008-09-29:

Intrepid fix sponsored, waiting in unapproved. Will probably stall until after beta freeze.

Changed in devscripts:
status:	Triaged → Fix Committed

Revision history for this message

Martin Pitt (pitti) wrote on 2008-09-29:

Accepted into hardy-proposed, please test.

Changed in devscripts:
status:	New → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2008-09-29:

This bug was fixed in the package devscripts - 2.10.26ubuntu13

---------------
devscripts (2.10.26ubuntu13) intrepid; urgency=low

* dscverify: Add Ubuntu keyrings (LP: #228296).

-- TJ <email address hidden> Sun, 28 Sep 2008 23:00:00 +0200

Changed in devscripts:
status:	Fix Committed → Fix Released

Revision history for this message

Martin Pitt (pitti) wrote on 2008-10-22:

I confirmed that this works. Copied to hardy-updates.

Changed in devscripts:
status:	Fix Committed → Fix Released

Revision history for this message

Rolf Leggewie (r0lf) wrote on 2008-10-29:

#10

I still see the same effect on an up-to-date hardy

reopening

Changed in devscripts:
status:	Fix Released → New

Revision history for this message

Rolf Leggewie (r0lf) wrote on 2008-10-29:

#11

Try "dget -x http://ftp.de.debian.org/debian/pool/main/a/anthy/anthy_9100e-3.2.dsc"

Revision history for this message

Martin Pitt (pitti) wrote on 2008-10-29:

#12

Rolf, I initially assumed you actually meant "Ubuntu keyring is not taken into account", which was fixed in this SRU. Using the debian keyring has never been a problem. Maybe you don't have the "debian-keyring" package installed?