1180170 – virt-builder gives GPG warning message with gnupg2

Bug 1180170 - virt-builder gives GPG warning message with gnupg2

Summary: virt-builder gives GPG warning message with gnupg2

Keywords:
Status:	CLOSED UPSTREAM
Alias:	None
Product:	Virtualization Tools
Classification:	Community
Component:	libguestfs
Sub Component:
Version:	unspecified
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Richard W.M. Jones
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1099976
TreeView+	depends on / blocked

Reported:	2015-01-08 14:52 UTC by Pino Toscano
Modified:	2015-08-06 11:54 UTC (History)
CC List:	8 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:	1099976
Environment:
Last Closed:	2015-08-06 11:54:20 UTC
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Pino Toscano 2015-01-08 14:52:05 UTC

+++ This bug was initially created as a clone of Bug #1099976 +++

Description of problem:

Note this is when using the RHEL 7.1 preview packages from:
https://www.redhat.com/archives/libguestfs/2014-May/msg00090.html
It is NOT a bug in any released version of RHEL or libguestfs.

$ virt-builder -l
gpg: Signature made Sat 10 May 2014 12:39:51 BST using RSA key ID E1B768A0
gpg: Good signature from "Richard W.M. Jones <rjones>"
gpg:                 aka "Richard W.M. Jones <rich>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: F777 4FB1 AD07 4A7E 8C87  67EA 9173 8F73 E1B7 68A0
centos-6                 x86_64     CentOS 6.5
cirros-0.3.1             x86_64     CirrOS 0.3.1
debian-6                 x86_64     Debian 6 (Squeeze)
debian-7                 x86_64     Debian 7 (Wheezy)
fedora-18                x86_64     Fedora® 18
fedora-19                x86_64     Fedora® 19
fedora-20                x86_64     Fedora® 20
[etc]

Why is the GPG warning printed?

Version-Release number of selected component (if applicable):

libguestfs-1.27.11-3.1.el7.x86_64

--- Additional comment from Pino Toscano on 2015-01-08 15:41:38 CET ---

This also happens when using gnupg2 (i.e. `gpg2`) for virt-builder's --gpg.

For example on a Fedora 20 box I get:

$ virt-builder --gpg /usr/bin/gpg -l
centos-6                 x86_64     CentOS 6.6
centos-7.0               x86_64     CentOS 7.0
cirros-0.3.1             x86_64     CirrOS 0.3.1
debian-6                 x86_64     Debian 6 (Squeeze)
debian-7                 x86_64     Debian 7 (Wheezy)
fedora-18                x86_64     Fedora® 18
fedora-19                x86_64     Fedora® 19
fedora-20                x86_64     Fedora® 20
fedora-21                x86_64     Fedora® 21 Server
scientificlinux-6        x86_64     Scientific Linux 6.5
ubuntu-10.04             x86_64     Ubuntu 10.04 (Lucid)
ubuntu-12.04             x86_64     Ubuntu 12.04 (Precise)
ubuntu-14.04             x86_64     Ubuntu 14.04 (Trusty)

$ virt-builder --gpg /usr/bin/gpg2 -l
gpg: Signature made Tue Dec  9 20:16:40 2014 CET using RSA key ID E1B768A0
gpg: Good signature from "Richard W.M. Jones <rjones>" [unknown]
gpg:                 aka "Richard W.M. Jones <rich>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: F777 4FB1 AD07 4A7E 8C87  67EA 9173 8F73 E1B7 68A0
centos-6                 x86_64     CentOS 6.6
centos-7.0               x86_64     CentOS 7.0
cirros-0.3.1             x86_64     CirrOS 0.3.1
debian-6                 x86_64     Debian 6 (Squeeze)
debian-7                 x86_64     Debian 7 (Wheezy)
fedora-18                x86_64     Fedora® 18
fedora-19                x86_64     Fedora® 19
fedora-20                x86_64     Fedora® 20
fedora-21                x86_64     Fedora® 21 Server
scientificlinux-6        x86_64     Scientific Linux 6.5
ubuntu-10.04             x86_64     Ubuntu 10.04 (Lucid)
ubuntu-12.04             x86_64     Ubuntu 12.04 (Precise)
ubuntu-14.04             x86_64     Ubuntu 14.04 (Trusty)

Comment 1 Pino Toscano 2015-01-08 17:57:32 UTC

Actually, even gnupg 1.x prints that, but it is sent to /dev/null when not verbose (because "-q --logger-file /dev/null" are passed as arguments to gpg).

$ virt-builder --gpg /usr/bin/gpg -l -v
command line: virt-builder --gpg /usr/bin/gpg -l -v
virt-builder: trying to read [...]/libguestfs.conf
virt-builder: ... read 1 sources
/usr/bin/gpg --homedir /tmp/vb.gpghome.HHC2Cw --list-keys
gpg: keyring `/tmp/vb.gpghome.HHC2Cw/pubring.gpg' created
gpg: /tmp/vb.gpghome.HHC2Cw/trustdb.gpg: trustdb created
/usr/bin/gpg --homedir /tmp/vb.gpghome.HHC2Cw --status-file '/tmp/vbstat7670fd.txt' --import '[...]/libguestfs.gpg'
gpg: keyring `/tmp/vb.gpghome.HHC2Cw/secring.gpg' created
gpg: key E1B768A0: public key "Richard W.M. Jones <rjones>" imported
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
[...]
/usr/bin/gpg --homedir /tmp/vb.gpghome.HHC2Cw --verify --status-file '/tmp/vbstat47d902.txt' '/tmp/vbcache00e113.txt'
gpg: Signature made Tue Dec  9 20:16:40 2014 CET using RSA key ID E1B768A0
gpg: Good signature from "Richard W.M. Jones <rjones>"
gpg:                 aka "Richard W.M. Jones <rich>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: F777 4FB1 AD07 4A7E 8C87  67EA 9173 8F73 E1B7 68A0
[...]

Comment 2 Pino Toscano 2015-08-06 11:54:20 UTC

This has been fixed with commits
a1a165e3c43d7743aa48ca18a97540b726cb0bf3
6442bcb7eb13f0a91d9933ef5f3468ac950b7a7a
41df8a2c4605de019a01a004a83fbad3521f5423
which are in libguestfs >= 1.29.42.

Note You need to log in before you can comment on or make changes to this bug.