Ubuntu
dpkg-sig package

dpkg-sig failes with "E: Signing failed. Error code: 512"

Bug #1630542 reported by FreeK
26
This bug affects 5 people
Affects Status Importance Assigned to Milestone
dpkg-sig (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

We call dpkg-sig during an automated build with bamboo and when it comes to sign a package with dpkg-sig with a passphrase file, the command fails:

dpkg-sig -k 45FC2A18 -p -f ~/build_sign.pass --sign builder ../mypackage_1.0.8-46_amd64.deb -v
Processing ../mypackage_1.0.8-46_amd64.deb...
Default key: 45FC2A18
Using passphrase from /root/build_sign.pass
Signing /tmp/debsigs-ng.P1Lfxp/digests with key 45FC2A18
usage: gpg [options] --clearsign [filename]
E: Signing failed. Error code: 512

When using gpg options: '-g "--no-tty --passphrase <password>"' the signing process works.

ProblemType: Bug
ApportVersion: 2.14.1-0ubuntu3.21
Architecture: amd64
Date: Wed Oct 5 13:23:04 2016
Dependencies:
 adduser 3.113+nmu3ubuntu3
 apt-utils 1.0.1ubuntu2.14
 base-passwd 3.5.33
 busybox-initramfs 1:1.21.0-1ubuntu1
 coreutils 8.21-1ubuntu5.4
 cpio 2.11+dfsg-1ubuntu1.2
 dbus 1.6.18-0ubuntu4.3
 debconf 1.5.51ubuntu2
 debconf-i18n 1.5.51ubuntu2
 debianutils 4.4
 dpkg 1.17.5ubuntu5.7
 e2fslibs 1.42.9-3ubuntu1.3
 e2fsprogs 1.42.9-3ubuntu1.3
 findutils 4.4.2-7
 gcc-6-base 6.2.0-3ubuntu11~14.04 [origin: LP-PPA-ubuntu-toolchain-r-test]
 gnupg 1.4.16-1ubuntu2.4
 gpgv 1.4.16-1ubuntu2.4
 ifupdown 0.7.47.2ubuntu4.4
 initramfs-tools 0.103ubuntu4.4
 initramfs-tools-bin 0.103ubuntu4.4
 initscripts 2.88dsf-41ubuntu6.3
 insserv 1.14.0-5ubuntu2
 iproute2 3.12.0-2ubuntu1
 isc-dhcp-client 4.2.4-7ubuntu12.7
 isc-dhcp-common 4.2.4-7ubuntu12.7
 klibc-utils 2.0.3-0ubuntu1.14.04.1
 kmod 15-0ubuntu6
 libacl1 2.2.52-1
 libapparmor1 2.8.95~2430-0ubuntu5.3
 libapt-inst1.5 1.0.1ubuntu2.14
 libapt-pkg4.12 1.0.1ubuntu2.14
 libarchive-extract-perl 0.70-1
 libatm1 1:2.5.1-1.5
 libattr1 1:2.4.47-1ubuntu1
 libaudit-common 1:2.3.2-2ubuntu1
 libaudit1 1:2.3.2-2ubuntu1
 libblkid1 2.20.1-5.1ubuntu20.7
 libbz2-1.0 1.0.6-5
 libc6 2.19-0ubuntu6.9
 libcap2 1:2.24-0ubuntu2
 libcgmanager0 0.24-0ubuntu7.5
 libcomerr2 1.42.9-3ubuntu1.3
 libconfig-file-perl 1.50-2
 libdb5.3 5.3.28-3ubuntu3
 libdbus-1-3 1.6.18-0ubuntu4.3
 libdebconfclient0 0.187ubuntu1
 libdrm2 2.4.67-1ubuntu0.14.04.1
 libexpat1 2.1.0-4ubuntu1.3
 libgcc1 1:6.2.0-3ubuntu11~14.04 [origin: LP-PPA-ubuntu-toolchain-r-test]
 libgdbm3 1.8.3-12build1
 libgpm2 1.20.4-6.1
 libjson-c2 0.11-3ubuntu1.2
 libjson0 0.11-3ubuntu1.2
 libklibc 2.0.3-0ubuntu1.14.04.1
 libkmod2 15-0ubuntu6
 liblocale-gettext-perl 1.05-7build3
 liblog-message-simple-perl 0.10-1
 liblzma5 5.1.1alpha+20120614-2ubuntu2
 libmodule-pluggable-perl 5.1-1
 libmount1 2.20.1-5.1ubuntu20.7
 libncurses5 5.9+20140118-1ubuntu1
 libncursesw5 5.9+20140118-1ubuntu1
 libnih-dbus1 1.0.3-4ubuntu25
 libnih1 1.0.3-4ubuntu25
 libpam-modules 1.1.8-1ubuntu2.2
 libpam-modules-bin 1.1.8-1ubuntu2.2
 libpam-runtime 1.1.8-1ubuntu2.2
 libpam-systemd 204-5ubuntu20.19
 libpam0g 1.1.8-1ubuntu2.2
 libpcre3 1:8.31-2ubuntu2.3
 libplymouth2 0.8.8-0ubuntu17.1
 libpng12-0 1.2.50-1ubuntu2.14.04.2
 libpod-latex-perl 0.61-1
 libprocps3 1:3.3.9-1ubuntu2.2
 libreadline6 6.3-4ubuntu2
 libselinux1 2.2.2-1ubuntu0.1
 libsemanage-common 2.2-1
 libsemanage1 2.2-1
 libsepol1 2.2-1ubuntu0.1
 libslang2 2.2.4-15ubuntu1
 libss2 1.42.9-3ubuntu1.3
 libstdc++6 6.2.0-3ubuntu11~14.04 [origin: LP-PPA-ubuntu-toolchain-r-test]
 libsystemd-daemon0 204-5ubuntu20.19
 libsystemd-login0 204-5ubuntu20.19
 libterm-ui-perl 0.42-1
 libtext-charwidth-perl 0.04-7build3
 libtext-iconv-perl 1.7-5build2
 libtext-soundex-perl 3.4-1build1
 libtext-wrapi18n-perl 0.06-7
 libtinfo5 5.9+20140118-1ubuntu1
 libudev1 204-5ubuntu20.19
 libusb-0.1-4 2:0.1.12-23.3ubuntu1
 libustr-1.0-1 1.0.4-3ubuntu2
 libuuid1 2.20.1-5.1ubuntu20.7
 libxtables10 1.4.21-1ubuntu1
 lsb-base 4.1+Debian11ubuntu6.2
 makedev 2.3.1-93ubuntu1
 module-init-tools 15-0ubuntu6
 mount 2.20.1-5.1ubuntu20.7
 mountall 2.53
 multiarch-support 2.19-0ubuntu6.9
 netbase 5.2
 passwd 1:4.1.5.1-1ubuntu9.2
 perl 5.18.2-2ubuntu1.1
 perl-base 5.18.2-2ubuntu1.1
 perl-modules 5.18.2-2ubuntu1.1
 plymouth 0.8.8-0ubuntu17.1
 plymouth-theme-ubuntu-text 0.8.8-0ubuntu17.1
 procps 1:3.3.9-1ubuntu2.2
 psmisc 22.20-1ubuntu2
 readline-common 6.3-4ubuntu2
 sensible-utils 0.0.9
 systemd-services 204-5ubuntu20.19
 sysv-rc 2.88dsf-41ubuntu6.3
 sysvinit-utils 2.88dsf-41ubuntu6.3
 tar 1.27.1-1
 tzdata 2016f-0ubuntu0.14.04
 udev 204-5ubuntu20.19
 upstart 1.12.1-0ubuntu4.2
 util-linux 2.20.1-5.1ubuntu20.7
 uuid-runtime 2.20.1-5.1ubuntu20.7
 zlib1g 1:1.2.8.dfsg-1ubuntu1
DistroRelease: Ubuntu 14.04
InstallationDate: Installed on 2012-08-24 (1502 days ago)
InstallationMedia: Ubuntu-Server 12.04 LTS "Precise Pangolin" - Release amd64 (20120424.1)
Package: dpkg-sig 0.13.1+nmu1
PackageArchitecture: all
ProcEnviron:
 LANGUAGE=en_US
 TERM=xterm
 PATH=(custom, no user)
 XDG_RUNTIME_DIR=<set>
 LANG=en_US
 SHELL=/bin/bash
ProcVersionSignature: Ubuntu 3.13.0-93.140-generic 3.13.11-ckt39
SourcePackage: dpkg-sig
Tags: third-party-packages trusty
Uname: Linux 3.13.0-93-generic x86_64
UpgradeStatus: Upgraded to trusty on 2014-12-30 (645 days ago)
_MarkForUpload: True

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in dpkg-sig (Ubuntu):
status: New → Confirmed
Revision history for this message
Stefano Sabatini (saste) wrote :

Confirm that the same is happening here on Ubuntu 16.04, version of dpkg-sig is 0.13.1+nmu2.

Also the root cause seems to be the following code which passes the --passphrase-fd option to gpg in the code:

  if ($pass_file) {
                push (@cmdline, "--no-tty", "--batch", "--passphrase-fd", "42", "42<$pass_file");
                print "Using passphrase from $pass_file\n" if $verbose;
        } elsif ($passphrase) {

line 1612, in the sign_file() sub.

Workaround: use -g '--passphrase-file FILE' to bypass dpkg-sig erroneous handling and send the passphrase file directly to gpg.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.