clone 539692 -1
reassign -1 gnupg 1.4.9-4
retitle -1 gnupg should respect default-key when --local-user matches several
private keys
retitle 539692 dpkg-buildpackage should have a config file
severity 539692 wishlist
user d...@packages.debian.org
usertags 539692 dpkg-buildpackage
thanks
On Mon, 03 Aug 2009, Santiago Vila wrote:
> I think this is because it seems to add the maintainer name if no -k
> argument is given:
>
> if ($signinterface eq 'gpg') {
> system("(cat ../$qfile ; echo '') | ".
> "$signcommand --utf8-strings --local-user "
> .quotemeta($signkey||$maintainer).
> " --clearsign --armor --textmode > ../$qfile.asc");
> }
>
> Is this really the sensible thing to do?
Well, it should be, what else can we use if no extra parameters have been
given ? We could specify no identity but this would break for all people
with several private keys and whose default key is not the Debian one.
Cloning to gpg since arguably, it's gpg that should be smarter here.
With multiple secret keys matching --local-user, it should prefer the one
listed in default-key.
> I'm considering to use a wrapper in $HOME/bin which does this:
> /usr/bin/dpkg-buildpackage -kMYNEWKEYID $@
> but it seems like a hack.
Use debuild from devscripts, it's a standard wrapper at least and since I
had a similar problem I did put “DEBSIGN_KEYID=0xF2AC729A” in my
~/.devscripts.
> Maybe dpkg-buildpackage could grep for ^default-key in gpg.conf and
> act accordingly.
That's unlikely, it would not be very clean. Some tighther integration
with gnupg is probable but it will not read its configuration file I
think.
Cheers,
--
Raphaël Hertzog
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
