Spec Name or Url: http://domsch.com/linux/fedora/extras/pgp-tools/pgp-tools.spec SRPM Name or Url: http://domsch.com/linux/fedora/extras/pgp-tools/pgp-tools-0.4.4-1.src.rpm Description: This is a collection of several projects relating to OpenPGP. * caff: CA - Fire and Forget signs and mails a key * pgp-clean: removes all non-self signatures from key * pgp-fixkey: removes broken packets from keys * gpg-mailkeys: simply mail out a signed key to its owner * gpg-key2ps: generate PostScript file with fingerprint paper strips * gpglist: show who signed which of your UIDs * gpgsigs: annotates list of GnuPG keys with already done signatures * keylookup: ncurses wrapper around gpg --search In particular, caff has become the most accepted and simplest way to sign keys following a keysigning party.
Any chance of this making Core?
Remarks & nitpicks: - remove leading "A" from Summary. - IMHO Group should be Applications/System (the same as for gnupg) - it is better to simplify License field (assume BSD,GPL is enough) - Source0 is not full URL. If it is impossible to obtain the tarball at some Internet location, write a comment how to obtain this tarball by svn ... - use "/usr/sbin/sendmail" instead of "sendmail" for Requires tag: /usr/sbin/sendmail is actually needed, and it can be provided by different mail packages (sendmail, postfix, exim, etc.) - license file for GPL looks messy (extra text present). May be just use "keylookup/COPYING" instead? - use macros instead of hardcoded path (/usr/bin, /usr/share/man) - %install and pre-%doc-preparing can be made more easily - only "debian/copyright" seems to be actually useful from the debian/ subdirectory
Created attachment 121452 [details] Suggested changes for the spec-file
Changes applied, updated checkout from subversion, added comment about how to get source from subversion, and modified name per PackageNamingGuidelines for post-release packages. http://domsch.com/linux/fedora/extras/pgp-tools/pgp-tools.spec http://domsch.com/linux/fedora/extras/pgp-tools/pgp-tools-0.4.4-2.20051123svn.src.rpm
> modified name per PackageNamingGuidelines OK - caff: ??? yet no idea how to check this - gpg-key2ps: works (it would be useful to have an option to print US Dollars too :-)) - gpg-mailkeys: works - gpglist: works - gpgsigs: ??? yet no idea how to check this - keylookup: does NOT work. 'gpg --search ...' works, but keylookup does not work :( - pgp-clean: does NOT work. Produces: "Can't locate GnuPG/Interface.pm in @INC" ... - pgp-fixkey: does NOT work. The same as above: "Can't locate GnuPG/Interface.pm in @INC" ... Perhaps some "Requires" are needed for pgp-{clean|fixkey}. Could you any idea how I can easily test "caff" and "gpgsign" ?
pgp-clean and pgp-fixkey work for me, as I've got the perl-GnuPG-Interface package installed, which the pgp-tools package lists as an rpm Requires auto- generated. keylookup works for me too, after fixing the permissions on files in ~/.gnupg/* so that gpg didn't complain. These are all on x86_64 FC4. gpgsigs needs recode, which I missed as a dependency. I'll fix that. I'll see about test processes for caff and gpgsigs.
> which the pgp-tools package lists as an rpm Requires auto-generated. Oops. Sorry. :) > keylookup works for me too, after fixing the permissions on files > in ~/.gnupg/* so that gpg didn't complain. Hmmm. My gpg say nothing bad when I do 'gpg --search'. What is your permissions exactly?
~/.gnupg 0700 ~/.gnupg/* 0600
to test caff, I generated a new key, and used caff to sign it. (I didn't push the test key to the keyservers, but manually imported it into caff's keyring). This worked as expected. As for testing gpgsigs, here's what I did, this worked as expected. $ gpg --list-keys pgp-tools-test > /tmp/to-sign $ gpgsigs 92F0FC09 /tmp/to-sign /tmp/signed Running --list-sigs, this will take a while . Annotating /tmp/to-sign, writing into /tmp/signed [mdomsch@pws370 ~]$ cat /tmp/signed pub 1024D/50765F1F 2005-11-29 (S) uid Fedora pgp-tools test key <pgp-tools-test> sub 2048g/457DBB5A 2005-11-29 Legend: (S) signed with 92F0FC09
Requires: perl(Locale::Recode) added for gpgsigs. http://domsch.com/linux/fedora/extras/pgp-tools/pgp-tools.spec http://domsch.com/linux/fedora/extras/pgp-tools/pgp-tools-0.4.4- 2.20051123svn.src.rpm
keylookup still is an issue for me: > ~/.gnupg 0700 > ~/.gnupg/* 0600 the same [buc@buc buc]$ gpg --keyserver=pgp.mit.edu --search dmitry gpg: searching for "dmitry" from HKP server pgp.mit.edu Keys 1-1 of 1 for "dmitry" (1) Dmitry Butskoy (buc) <dmitry> 1024 bit DSA key 4F33DE20, created 2005-08-03 Enter number(s), N)ext, or Q)uit > q [buc@buc buc]$ [buc@buc buc]$ keylookup --keyserver=pgp.mit.edu dmitry gpg: searching for "dmitry" from HKP server pgp.mit.edu GnuPG did not find any keys matching your search string. [buc@buc buc]$ i.e. gpg works, keylookup not... pgp-clean: invokes "gpg" which read stdin (according to strace(1) tracing), but nothing happen... pgp-fixkey: seems to work gpgsign: works caff: seems to work
For me: $ keyserver --keyserver=pgp.mit.edu dmitry (insert pretty ncurses screenshot showing me your key) local problem?
$ pgp-clean 92F0FC09 outputs to stdout my armored key, stripped of sigs.
> (insert pretty ncurses screenshot showing me your key) It is from "keylookup" to you, or from you to me? :) > pgp-clean 92F0FC09 import your key, invoke "pgp-clean 92F0FC09", the same silence results. My distro is FC3. Maybe something is missed in Requires (like for Locale::Recode) ?
Actually, keylookup invokes "gpg" as this: gpg --keyserver=pgp.mit.edu --command-fd=0 --batch --no-tty --with-colons --fixed-list-mode --search dmitry (and then type Ctrl-D) For me it outputs: gpg: searching for "dmitry" from HKP server pgp.mit.edu Keys 1-1 of 1 for "dmitry" (1) Dmitry Butskoy (buc) <dmitry> 1024 bit DSA key 4F33DE20, created 2005-08-03 Q What "gpg" outputs exactly with the same cmdline for you?
$ gpg --keyserver=pgp.mit.edu --command-fd=0 --batch --no-tty --with-colons -- fixed-list-mode --search dmitry gpg: searching for "dmitry" from hkp server pgp.mit.edu pub:4F33DE20:17:1024:1123156023:: uid:Dmitry Butskoy (buc) <dmitry> Q I think this is because FC3 has gnupg 1.2, and FC4 has gnupg 1.4. perl-GnuPG- Interface had to have patch on the FC3 branch to deal with this. I'm inclined not to put pgp-tools on FC3 and ignore this. :-)
OK MUST/SHOULD items OK Works (assume) fine. APPROVED!
Builds for FC-4 and devel branches complete. Closing.
Package Change Request ====================== Package Name: pgp-tools New Branches: el-5, el-6 Owners: s4504kr
EL branches already exist.