Bug 905087
| Summary: | bzr gpg signing is failing | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Mats Wichmann <mats> |
| Component: | bzr | Assignee: | Toshio Ernie Kuratomi <a.badger> |
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 18 | CC: | a.badger, henrik, shahms |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | bzr-2.5.1-12.fc19 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2013-06-07 23:25:49 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Mats Wichmann
2013-01-28 14:43:15 UTC
Do you have suitable pinentry-* packages installed? pinentry-gtk-0.8.1-8.fc18.x86_64 pinentry-0.8.1-8.fc18.x86_64 (which is the same pair as on a working F17 installation) Just updating: this problem remains, updates to other packages since F18 released (there have been no bzr updates) have not made it go away. Also checked current F19 alpha bzr has same issue. Update after investigation:
the difference between a working (e.g. as released for F17) and non-working edition is a change to the gpg options.
For 64-bit Fedora, that would be in the file:
/usr/lib64/python2.7/site-packages/bzrlib/gpg.py
193c193
< '-u', key]
---
> '-u', key, '--no-tty', '--batch']
With --batch, there is no input terminal, from the gpg docs:
Use batch mode. Never ask, do not allow interactive commands.
The problem is, when bzr asks gpg to sign the data generated for commit, it may be necessary for gpg to prompt the committer for a passkey, and the --batch option makes that impossible.
I was working on a CVE update for bzr and wanted to take a look at this before pushing an update all the way back to F17. I could not reproduce with the current bzr package.
I took a look in the bzr-2.5.1-2.fc18.x86_64.rpm from the Fedora 18 release repositories and found this at gpg.py line 193:
return [self._config_stack.get('gpg_signing_command'), '--clearsign',
'-u', key, '--no-tty']
So it looks like the package itself is correct. Do you have a different version of bzr installed in site packages perhaps?
rpm -V bzr
might tell you.
Hmm.. So discovered several things -- * I think that --no-tty is to blame, not --batch. * If I run gpg --clearsign -u toshio bzr.spec then I get: gpg: gpg-agent is not available in this session gpg: Sorry, no terminal at all requested - can't get input which seems to match up with your error. * The change was introduced to fix a bug with gpg signatures in bzr-explorer: https://bugs.launchpad.net/bzr/+bug/847388 and was reverted because of what looks like the same error as here: https://bugs.launchpad.net/bzr/+bug/1014570 I'm going to patch out the --no-tty flag in our version of bzr as well. bzr-2.5.1-12.fc17 has been submitted as an update for Fedora 17. https://admin.fedoraproject.org/updates/bzr-2.5.1-12.fc17 bzr-2.5.1-12.fc18 has been submitted as an update for Fedora 18. https://admin.fedoraproject.org/updates/bzr-2.5.1-12.fc18 bzr-2.5.1-12.fc19 has been submitted as an update for Fedora 19. https://admin.fedoraproject.org/updates/bzr-2.5.1-12.fc19 Package bzr-2.5.1-12.fc19: * should fix your issue, * was pushed to the Fedora 19 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing bzr-2.5.1-12.fc19' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2013-9537/bzr-2.5.1-12.fc19 then log in and leave karma (feedback). bzr-2.5.1-12.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report. bzr-2.5.1-12.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report. bzr-2.5.1-12.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report. |