Bug 2255810

Summary: duply 2.5.1 fails with F39, not with F38
Product: [Fedora] Fedora Reporter: pindakoe
Component: duplyAssignee: Thomas Moschny <thomas.moschny>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 39CC: thomas.moschny
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: duply-2.5.2-1.fc39 Doc Type: ---
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2024-01-09 01:44:22 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description pindakoe 2023-12-25 13:52:42 UTC 
Since upgrading from F38 to F39 duply/duplicity error our (details below Actual Results). There has been no change to duply or duplicity configuration and this had been stable / running well for years. Downloading duply 2.5.2 from duply.net and installing this locally fixed the issue.

I strongly suspect that this is related to fact that my password for the gpg-key contains a $-sign; this looks very similar to bug #139 listed in the duply changelog. It may well be that the version jump of duplicity (1.2.3 in F38; 2.1.4 in F39) is the true root cause and that duply 2.5.2 prevents this. 

Packaging duply 2.5.2 in F39 looks like a simple fix.

Reproducible: Always

Steps to Reproduce:
1. duply bkp test
2.
3.
Actual Results:  
Dec 25 11:23:02 bash[14062]:   Test - Encrypt to '66695CD6' & Sign with '66695CD6' (FAILED)
Dec 25 11:23:02 bash[14062]:   Sorry. A fatal ERROR occured:
Dec 25 11:23:02 bash[14062]:   Encryption failed (Code 2).
Dec 25 11:23:02 bash[14062]:   gpg: using "66695CD6" as default secret key for signing
Dec 25 11:23:02 bash[14062]:   [GNUPG:] KEY_CONSIDERED 6924FE264C77AC61BC07E2CBE5FF8D0966695CD6 2
Dec 25 11:23:02 bash[14062]:   [GNUPG:] KEY_CONSIDERED 6924FE264C77AC61BC07E2CBE5FF8D0966695CD6 0
Dec 25 11:23:02 bash[14062]:   [GNUPG:] BEGIN_ENCRYPTION 2 9
Dec 25 11:23:02 bash[14062]:   [GNUPG:] BEGIN_SIGNING H8
Dec 25 11:23:02 bash[14062]:   gpg: signing failed: Bad passphrase
Dec 25 11:23:02 bash[14062]:   [GNUPG:] FAILURE sign-encrypt 67108875
Dec 25 11:23:02 bash[14062]:   gpg: /usr/bin/duply: sign+encrypt failed: Bad passphrase

Expected Results:  
duply kicks off duplicity to do an backup using the configuration in /etc/duply/test/conf.



Contents of /etc/duply/test/conf (details left out):

GPG_KEY='66695CD6'
GPG_PW='XXXXXXXXXX'
TARGET='XXXXXXXXXX'
TARGET_USER='XXXXXXXXXX'
TARGET_PASS='XXXXXXXXXX'
SOURCE='/'
MAX_FULL_BACKUPS=4
MAX_FULLBKP_AGE=4W
DUPL_PARAMS="$DUPL_PARAMS --full-if-older-than $MAX_FULLBKP_AGE " 
VERBOSITY=5
TEMP_DIR=$(systemd-path temporary-large)
ARCH_DIR=/mnt/althome/tmp/duplicity
DUPL_PARAMS="$DUPL_PARAMS --num-retries 1 --allow-source-mismatch "
Comment 1 Fedora Update System 2023-12-31 12:02:59 UTC 
FEDORA-2023-84a3bc38b1 has been submitted as an update to Fedora 39. https://bodhi.fedoraproject.org/updates/FEDORA-2023-84a3bc38b1
Comment 2 Fedora Update System 2024-01-01 01:45:43 UTC 
FEDORA-2023-84a3bc38b1 has been pushed to the Fedora 39 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2023-84a3bc38b1`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2023-84a3bc38b1

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 3 Fedora Update System 2024-01-09 01:44:22 UTC 
FEDORA-2023-84a3bc38b1 has been pushed to the Fedora 39 stable repository.
If problem still persists, please make note of it in this bug report.