Duplicity

Restarts fail because comparing long key ID to short key ID

Bug #1631414 reported by Dan Watkins
20
This bug affects 4 people
Affects Status Importance Assigned to Milestone
Duplicity
New
Undecided
Unassigned

Bug Description

Using duplicity 0.7.10 on Ubuntu yakkety, when a restart is attempted, I see a failure because the 8 character key ID is being compared against the 16 character key ID. See the relevant part of my log below:

--- Start running command BKP at 16:24:00.197 ---
Reading globbing filelist <snip>/exclude
Synchronising remote metadata to local cache...
Copying duplicity-inc.20161006T075558Z.to.20161007T091252Z.manifest.gpg to local cache.
Copying duplicity-new-signatures.20161005T135758Z.to.20161006T075558Z.sigtar.gpg to local cache.
Copying duplicity-new-signatures.20161006T075558Z.to.20161007T091252Z.sigtar.gpg to local cache.
Last full backup left a partial set, restarting.
Last full backup date: Fri Oct 7 15:19:21 2016
Reuse configured PASSPHRASE as SIGN_PASSPHRASE
RESTART: Volumes 3 to 3 failed to upload before termination.
         Restarting backup at volume 3.
Volume was signed by key 52DA9A50, not 4F07B22452DA9A50
16:25:53.466 Task 'BKP' failed with exit code '22'.
--- Finished state FAILED 'code 22' at 16:25:53.466 - Runtime 00:01:53.269 ---

Revision history for this message
Kevin R (squidpickles) wrote :

I was able to edit the configuration, where I replaced all instances of the 8 digit key identifier with a 16 digit identifier, and it worked after that.

It could help, perhaps, to print a more specific error message if the last 8 characters match, but the strings are not identical.

Revision history for this message
Daniel Thomas (drt24) wrote :

This was supposed to be fixed by this commit:
https://bazaar.launchpad.net/~duplicity-team/duplicity/0.7-series/revision/1246
as that change removes the truncation of the value returned by gpg to 8 characters.
Unfortunately this doesn't work (I still get this problem) as it seems that GOODSIG sometimes does not contain the full 40 character fingerprint but only 16 characters of it.
It looks like "VALIDSIG" contains the right content.

In general the 8 character key ID should never be used as it is trivial to create multiple keys with the same 8 character key ID and thousands such keys exist. It gets very confusing when someone else creates a key with a matching 8 character key ID for one of your keys.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.