gpgme is now being used in yum for tying a key to a specific repository. Thus, it's being pulled into the live images. Requiring both gnupg *and* gnupg2 seems kind of overkill...
I'll have to double-check.
Here's at least part of the scoop, in order for various parts of gpgme to work, it needs: gnupg(1): * OpenPGP protocol support (/usr/bin/gnupg) gnupg(2): * CMS (Cryptographic Message Sytax) protocol support (via /usr/bin/gpgsm) * /usr/bin/gpg-agent So, strictly speaking, gpgme doesn't *need* either of them. :) What do you think?
/usr/bin/gpg2 should be usable for openpgp afaict. And then only one version of gnupg would have to be installed
sounds like you're advocating dropping Requires: gnupg then? I'm willing to try it out, and seeing what breaks. :)
Yeah, it looks like it should be fine from some looking. Might need to pass --with-gnupg=/usr/bin/gpg2 to configure
On the surface, there may be some issues: http://koji.fedoraproject.org/koji/taskinfo?taskID=433899 I'll contact upstream to verify, it could be that some of the tests performed by 'make check' may be gnupg(1)-specific, and not indicative of problems beyond that.
Yeah, we were just looking at this here at BU. You can't use --with-gnupg=/usr/bin/gpg2 because there's a point (in just "make", not "make check", even) where it wants to do this: /usr/bin/gpg --homedir . --allow-secret-key-import \ --import Alpha/Secret.gpg Zulu/Secret.gpg and, from the gpg2 man page: --allow-secret-key-import This is an obsolete option and is not used anywhere. (Thanks, gpg2 man page! So helpful.) So it won't work.
added configure option --disable-gpg-tests since many of them were gpg(1)-specific.