--passphrase-file option is broken with gpg version >= 2.1

Bug #1933267 reported by Joshua Boudreau
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
dpkg-sig (Ubuntu)
New
Undecided
Unassigned

Bug Description

After gpg v2.1, the --pinentry-mode=loopback flag is required to use the --passphrase, --passphrase-fd, and --passphrase-file flags with gpg. `--pinentry-mode=loopback` will need to be added to the command line arguments for gpg during signing for the case where a passphrase file is passed. Without this extra flag, gpg tries to prompt for pin entry. Also instead of opening the passphrase file as file descriptor 42 in the perl script, just pass the file path to the --passphrase-file gpg option.

lsb_release -rd:
Description: Ubuntu 20.04.2 LTS
Release: 20.04

apt-cache policy dpkg-sig:
dpkg-sig:
 Installed: 0.13.1+nmu4
 Candidate: 0.13.1+nmu4
 Version table:
 *** 0.13.1+nmu4 500
       500 http://ca.archive.ubuntu.com/ubuntu focal/universe amd64 Packages
       100 /var/lib/dpkg/status

What I expected:
dpkg-sig to use the provided passphrase file to sign the package

What happened instead:
$ dpkg-sig -v -k GPG_KEY --passphrase-file passphrase.txt --sign builder PACKAGE.deb

Processing PACKAGE.deb...
Default key: GPG_KEY
Using passphrase from passphrase.txt
Signing /tmp/debsigs-ng.G5mxne/digests with key GPG_KEY
gpg: Fatal: passphrase-fd is invalid: Bad file descriptor
E: Signing failed. Error code: 512

Tags: patch
Revision history for this message
Joshua Boudreau (joshuaboud) wrote :
Revision history for this message
Ubuntu Foundations Team Bug Bot (crichton) wrote :

The attachment "patch for perl script to fix --passphrase-file option" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.]

tags: added: patch
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.