Bug 1180170

Summary: virt-builder gives GPG warning message with gnupg2
Product: [Community] Virtualization Tools Reporter: Pino Toscano <ptoscano>
Component: libguestfsAssignee: Richard W.M. Jones <rjones>
Status: CLOSED UPSTREAM QA Contact:
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: unspecifiedCC: huzhan, leiwang, mbooth, ptoscano, rbalakri, rjones, virt-bugs, wshi
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1099976 Environment:
Last Closed: 2015-08-06 11:54:20 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1099976    

Description Pino Toscano 2015-01-08 14:52:05 UTC 
+++ This bug was initially created as a clone of Bug #1099976 +++

Description of problem:

Note this is when using the RHEL 7.1 preview packages from:
https://www.redhat.com/archives/libguestfs/2014-May/msg00090.html
It is NOT a bug in any released version of RHEL or libguestfs.

$ virt-builder -l
gpg: Signature made Sat 10 May 2014 12:39:51 BST using RSA key ID E1B768A0
gpg: Good signature from "Richard W.M. Jones <rjones>"
gpg:                 aka "Richard W.M. Jones <rich>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: F777 4FB1 AD07 4A7E 8C87  67EA 9173 8F73 E1B7 68A0
centos-6                 x86_64     CentOS 6.5
cirros-0.3.1             x86_64     CirrOS 0.3.1
debian-6                 x86_64     Debian 6 (Squeeze)
debian-7                 x86_64     Debian 7 (Wheezy)
fedora-18                x86_64     Fedora® 18
fedora-19                x86_64     Fedora® 19
fedora-20                x86_64     Fedora® 20
[etc]

Why is the GPG warning printed?

Version-Release number of selected component (if applicable):

libguestfs-1.27.11-3.1.el7.x86_64

--- Additional comment from Pino Toscano on 2015-01-08 15:41:38 CET ---

This also happens when using gnupg2 (i.e. `gpg2`) for virt-builder's --gpg.

For example on a Fedora 20 box I get:

$ virt-builder --gpg /usr/bin/gpg -l
centos-6                 x86_64     CentOS 6.6
centos-7.0               x86_64     CentOS 7.0
cirros-0.3.1             x86_64     CirrOS 0.3.1
debian-6                 x86_64     Debian 6 (Squeeze)
debian-7                 x86_64     Debian 7 (Wheezy)
fedora-18                x86_64     Fedora® 18
fedora-19                x86_64     Fedora® 19
fedora-20                x86_64     Fedora® 20
fedora-21                x86_64     Fedora® 21 Server
scientificlinux-6        x86_64     Scientific Linux 6.5
ubuntu-10.04             x86_64     Ubuntu 10.04 (Lucid)
ubuntu-12.04             x86_64     Ubuntu 12.04 (Precise)
ubuntu-14.04             x86_64     Ubuntu 14.04 (Trusty)

$ virt-builder --gpg /usr/bin/gpg2 -l
gpg: Signature made Tue Dec  9 20:16:40 2014 CET using RSA key ID E1B768A0
gpg: Good signature from "Richard W.M. Jones <rjones>" [unknown]
gpg:                 aka "Richard W.M. Jones <rich>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: F777 4FB1 AD07 4A7E 8C87  67EA 9173 8F73 E1B7 68A0
centos-6                 x86_64     CentOS 6.6
centos-7.0               x86_64     CentOS 7.0
cirros-0.3.1             x86_64     CirrOS 0.3.1
debian-6                 x86_64     Debian 6 (Squeeze)
debian-7                 x86_64     Debian 7 (Wheezy)
fedora-18                x86_64     Fedora® 18
fedora-19                x86_64     Fedora® 19
fedora-20                x86_64     Fedora® 20
fedora-21                x86_64     Fedora® 21 Server
scientificlinux-6        x86_64     Scientific Linux 6.5
ubuntu-10.04             x86_64     Ubuntu 10.04 (Lucid)
ubuntu-12.04             x86_64     Ubuntu 12.04 (Precise)
ubuntu-14.04             x86_64     Ubuntu 14.04 (Trusty)
Comment 1 Pino Toscano 2015-01-08 17:57:32 UTC 
Actually, even gnupg 1.x prints that, but it is sent to /dev/null when not verbose (because "-q --logger-file /dev/null" are passed as arguments to gpg).

$ virt-builder --gpg /usr/bin/gpg -l -v
command line: virt-builder --gpg /usr/bin/gpg -l -v
virt-builder: trying to read [...]/libguestfs.conf
virt-builder: ... read 1 sources
/usr/bin/gpg --homedir /tmp/vb.gpghome.HHC2Cw --list-keys
gpg: keyring `/tmp/vb.gpghome.HHC2Cw/pubring.gpg' created
gpg: /tmp/vb.gpghome.HHC2Cw/trustdb.gpg: trustdb created
/usr/bin/gpg --homedir /tmp/vb.gpghome.HHC2Cw --status-file '/tmp/vbstat7670fd.txt' --import '[...]/libguestfs.gpg'
gpg: keyring `/tmp/vb.gpghome.HHC2Cw/secring.gpg' created
gpg: key E1B768A0: public key "Richard W.M. Jones <rjones>" imported
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
[...]
/usr/bin/gpg --homedir /tmp/vb.gpghome.HHC2Cw --verify --status-file '/tmp/vbstat47d902.txt' '/tmp/vbcache00e113.txt'
gpg: Signature made Tue Dec  9 20:16:40 2014 CET using RSA key ID E1B768A0
gpg: Good signature from "Richard W.M. Jones <rjones>"
gpg:                 aka "Richard W.M. Jones <rich>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: F777 4FB1 AD07 4A7E 8C87  67EA 9173 8F73 E1B7 68A0
[...]
Comment 2 Pino Toscano 2015-08-06 11:54:20 UTC 
This has been fixed with commits
a1a165e3c43d7743aa48ca18a97540b726cb0bf3
6442bcb7eb13f0a91d9933ef5f3468ac950b7a7a
41df8a2c4605de019a01a004a83fbad3521f5423
which are in libguestfs >= 1.29.42.