Package: aptly
Version: 1.4.0+ds1-4+b3
Severity: normal
As soon as gpg1 (package gnupg1) and gpgv (from gnupg 2) are
installed, aptly fails to run. I think aptly should "Conflicts:
gnupg1", but maybe there is a better fix.
$ aptly repo add stretch sl_5.02-1+b1_amd64.deb
panic: gpg and gpgv versions don't match [recovered]
panic: gpg and gpgv versions don't match
goroutine 1 [running]:
github.com/aptly-dev/aptly/cmd.Run.func1(0xc00039ff70)
github.com/aptly-dev/aptly/cmd/run.go:17 +0x10f
panic(0xe0f5c0, 0xc00009c130)
runtime/panic.go:969 +0x1b9
github.com/aptly-dev/aptly/pgp.NewGpgVerifier(0x10df1c0, 0xc0004dca50, 0x3)
github.com/aptly-dev/aptly/pgp/gnupg.go:160 +0x191
github.com/aptly-dev/aptly/context.(*AptlyContext).GetVerifier(0xc0004ea000,
0x0, 0x0)
github.com/aptly-dev/aptly/context/context.go:438 +0xb2
github.com/aptly-dev/aptly/cmd.aptlyRepoAdd(0xc0004d2d80, 0xc0004d8a20, 0x2,
0x2, 0x10d5e80, 0xc0004e80e0)
github.com/aptly-dev/aptly/cmd/repo_add.go:23 +0x79
github.com/smira/commander.(*Command).Dispatch(0xc0004d2d80, 0xc0004d8a20, 0x2,
0x2, 0xc00039fe10, 0x59e3da)
github.com/smira/commander/commands.go:305 +0x27e
github.com/smira/commander.(*Command).Dispatch(0xc0004d3c20, 0xc0004d8a10, 0x3,
0x3, 0x4100b8, 0x30)
github.com/smira/commander/commands.go:283 +0x131
github.com/smira/commander.(*Command).Dispatch(0xc0004d5e60, 0xc0004d8a00, 0x4,
0x4, 0xc0004e00e0, 0xc0004d8a00)
github.com/smira/commander/commands.go:283 +0x131
github.com/aptly-dev/aptly/cmd.Run(0xc0004d5e60, 0xc0000320b0, 0x4, 0x4,
0xffffff01, 0x0)
github.com/aptly-dev/aptly/cmd/run.go:41 +0x21c
main.main()
github.com/aptly-dev/aptly/main.go:24 +0x13b
There is a switch to configure the gnupg version per repo, but it
doesn't have any effect:
aptly repo edit -gpg-provider=gpg1 stretch
aptly repo edit -gpg-provider=gpg2 stretch
$ gpg --version
gpg (GnuPG) 2.2.27
libgcrypt 1.8.8
Copyright (C) 2021 Free Software Foundation, Inc.
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Home: /home/cbe/.gnupg
Unterstützte Verfahren:
Öff. Schlüssel: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Verschlü.: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Komprimierung: nicht komprimiert, ZIP, ZLIB, BZIP2
$ gpgv --version
gpgv (GnuPG) 2.2.27
libgcrypt 1.8.8
Copyright (C) 2021 Free Software Foundation, Inc.
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
$ gpg1 --version
gpg (GnuPG) 1.4.23
Copyright (C) 2015 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
-- System Information:
Debian Release: 11.0
APT prefers testing
APT policy: (700, 'testing'), (600, 'unstable'), (500, 'testing-security'),
(150, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 5.10.0-7-amd64 (SMP w/4 CPU threads)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8),
LANGUAGE=de:en_US:en
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages aptly depends on:
ii bzip2 1.0.8-4
ii gnupg 2.2.27-2
ii gpgv 2.2.27-2
ii libc6 2.31-12
ii xz-utils 5.2.5-2
aptly recommends no packages.
Versions of packages aptly suggests:
ii graphviz 2.42.2-5
-- no debconf information
Christoph
