2023-03-28 13:06:54 |
Dominik Viererbe |
bug |
|
|
added bug |
2023-03-28 13:30:18 |
Dominik Viererbe |
simplestreams (Ubuntu): assignee |
|
Dominik Viererbe (dviererbe) |
|
2023-03-28 13:30:22 |
Dominik Viererbe |
simplestreams (Ubuntu): status |
New |
In Progress |
|
2023-03-28 13:40:14 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~dviererbe/simplestreams/+git/simplestreams/+merge/439831 |
|
2023-03-28 13:41:21 |
Dominik Viererbe |
simplestreams (Ubuntu): status |
In Progress |
Fix Committed |
|
2023-05-23 08:35:26 |
Christian Ehrhardt |
simplestreams (Ubuntu): status |
Fix Committed |
Fix Released |
|
2023-05-23 08:51:13 |
Christian Ehrhardt |
nominated for series |
|
Ubuntu Jammy |
|
2023-05-23 08:51:13 |
Christian Ehrhardt |
bug task added |
|
simplestreams (Ubuntu Jammy) |
|
2023-05-23 08:51:13 |
Christian Ehrhardt |
nominated for series |
|
Ubuntu Bionic |
|
2023-05-23 08:51:13 |
Christian Ehrhardt |
bug task added |
|
simplestreams (Ubuntu Bionic) |
|
2023-05-23 08:51:13 |
Christian Ehrhardt |
nominated for series |
|
Ubuntu Kinetic |
|
2023-05-23 08:51:13 |
Christian Ehrhardt |
bug task added |
|
simplestreams (Ubuntu Kinetic) |
|
2023-05-23 08:51:13 |
Christian Ehrhardt |
nominated for series |
|
Ubuntu Focal |
|
2023-05-23 08:51:13 |
Christian Ehrhardt |
bug task added |
|
simplestreams (Ubuntu Focal) |
|
2023-05-23 08:51:26 |
Christian Ehrhardt |
simplestreams (Ubuntu Kinetic): status |
New |
Won't Fix |
|
2023-05-23 08:51:29 |
Christian Ehrhardt |
simplestreams (Ubuntu Jammy): status |
New |
Triaged |
|
2023-05-23 08:51:31 |
Christian Ehrhardt |
simplestreams (Ubuntu Focal): status |
New |
Triaged |
|
2023-05-23 08:51:33 |
Christian Ehrhardt |
simplestreams (Ubuntu Bionic): status |
New |
Triaged |
|
2023-05-23 08:51:56 |
Christian Ehrhardt |
simplestreams (Ubuntu Bionic): assignee |
|
Michał Małoszewski (michal-maloszewski99) |
|
2023-05-23 08:52:02 |
Christian Ehrhardt |
simplestreams (Ubuntu Focal): assignee |
|
Michał Małoszewski (michal-maloszewski99) |
|
2023-05-23 08:52:07 |
Christian Ehrhardt |
simplestreams (Ubuntu Jammy): assignee |
|
Michał Małoszewski (michal-maloszewski99) |
|
2023-05-24 07:53:56 |
Michał Małoszewski |
simplestreams (Ubuntu Bionic): status |
Triaged |
In Progress |
|
2023-05-24 07:54:51 |
Michał Małoszewski |
merge proposal linked |
|
https://code.launchpad.net/~michal-maloszewski99/ubuntu/+source/simplestreams/+git/simplestreams/+merge/443468 |
|
2023-05-24 08:02:03 |
Michał Małoszewski |
simplestreams (Ubuntu Focal): status |
Triaged |
In Progress |
|
2023-05-24 08:18:26 |
Michał Małoszewski |
merge proposal linked |
|
https://code.launchpad.net/~michal-maloszewski99/ubuntu/+source/simplestreams/+git/simplestreams/+merge/443471 |
|
2023-05-24 08:18:39 |
Michał Małoszewski |
simplestreams (Ubuntu Jammy): status |
Triaged |
In Progress |
|
2023-05-24 08:35:32 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~michal-maloszewski99/ubuntu/+source/simplestreams/+git/simplestreams/+merge/443475 |
|
2023-05-24 09:18:22 |
Michał Małoszewski |
description |
Running the autopkgtest fails to build the package. During the build process the example gpg key (examples/keys/example.pub and examples/keys/example.sec) gets imported. When the example key is used to test the package during build time; the build fails, because gpg fails to sign something with the expired gpg key.
How to verify:
1. Checkout the source tree
2. import examples/keys/example.pub with gpg --import examples/keys/example.pub
3. see details about key: gpg --list-keys 198E8D3C27227898CB4D413CA9714A203967536E
Should display something like this:
pub rsa1024 2013-02-26 [SCEA] [expired: 2023-02-24]
198E8D3C27227898CB4D413CA9714A203967536E
uid [ expired] Simple Streams Test User (Test Usage Only. Do Not Import.) <simplestreams@bogus.example.com>
4. Note that the key expired at 24.02.2023
5. (optional) remove key: gpg --delete-keys 198E8D3C27227898CB4D413CA9714A203967536E
How to fix this:
Generate a new key upstream or do the key generation dynamically to avoid this problem entirely. |
[Impact]
Simplestreams package fails to build on Bionic, Focal and Jammy.
That issue is caused by the expired gpg keys.
The fix is to generate a new key to avoid this problem.
[Test Plan]
Type in:
1. git ubuntu clone simplestreams
2. git checkout ubuntu/<release-name>-devel
3. sbuild -d <release-name>
*where <release-name> equals bionic, focal and jammy
Example of failed output:
[...]
dpkg-buildpackage: error: debian/rules build subprocess returned exit status 2
Example of successful output:
The package builds without any issues.
[Where problems could occur]
The regression possibilities here are really low.
It is unlikely but possible that users could hardcode valid gpg keys into a file. In that case if the same user wants to install simplestreams, there is a high risk that a warning message will appear and there is a necessity to unify the keys by removing it and installing the package again.
---------------------original bug description-----------------------------
Running the autopkgtest fails to build the package. During the build process the example gpg key (examples/keys/example.pub and examples/keys/example.sec) gets imported. When the example key is used to test the package during build time; the build fails, because gpg fails to sign something with the expired gpg key.
How to verify:
1. Checkout the source tree
2. import examples/keys/example.pub with gpg --import examples/keys/example.pub
3. see details about key: gpg --list-keys 198E8D3C27227898CB4D413CA9714A203967536E
Should display something like this:
pub rsa1024 2013-02-26 [SCEA] [expired: 2023-02-24]
198E8D3C27227898CB4D413CA9714A203967536E
uid [ expired] Simple Streams Test User (Test Usage Only. Do Not Import.) <simplestreams@bogus.example.com>
4. Note that the key expired at 24.02.2023
5. (optional) remove key: gpg --delete-keys 198E8D3C27227898CB4D413CA9714A203967536E
How to fix this:
Generate a new key upstream or do the key generation dynamically to avoid this problem entirely. |
|
2023-05-24 11:36:40 |
Michał Małoszewski |
description |
[Impact]
Simplestreams package fails to build on Bionic, Focal and Jammy.
That issue is caused by the expired gpg keys.
The fix is to generate a new key to avoid this problem.
[Test Plan]
Type in:
1. git ubuntu clone simplestreams
2. git checkout ubuntu/<release-name>-devel
3. sbuild -d <release-name>
*where <release-name> equals bionic, focal and jammy
Example of failed output:
[...]
dpkg-buildpackage: error: debian/rules build subprocess returned exit status 2
Example of successful output:
The package builds without any issues.
[Where problems could occur]
The regression possibilities here are really low.
It is unlikely but possible that users could hardcode valid gpg keys into a file. In that case if the same user wants to install simplestreams, there is a high risk that a warning message will appear and there is a necessity to unify the keys by removing it and installing the package again.
---------------------original bug description-----------------------------
Running the autopkgtest fails to build the package. During the build process the example gpg key (examples/keys/example.pub and examples/keys/example.sec) gets imported. When the example key is used to test the package during build time; the build fails, because gpg fails to sign something with the expired gpg key.
How to verify:
1. Checkout the source tree
2. import examples/keys/example.pub with gpg --import examples/keys/example.pub
3. see details about key: gpg --list-keys 198E8D3C27227898CB4D413CA9714A203967536E
Should display something like this:
pub rsa1024 2013-02-26 [SCEA] [expired: 2023-02-24]
198E8D3C27227898CB4D413CA9714A203967536E
uid [ expired] Simple Streams Test User (Test Usage Only. Do Not Import.) <simplestreams@bogus.example.com>
4. Note that the key expired at 24.02.2023
5. (optional) remove key: gpg --delete-keys 198E8D3C27227898CB4D413CA9714A203967536E
How to fix this:
Generate a new key upstream or do the key generation dynamically to avoid this problem entirely. |
[Impact]
Simplestreams package fails to build on Bionic, Focal and Jammy.
That issue is caused by the expired gpg keys.
The fix is to generate a new keys to avoid this problem.
[Test Plan]
Type in:
1. git ubuntu clone simplestreams
2. git checkout ubuntu/<release-name>-devel
3. sbuild -d <release-name>
*where <release-name> equals bionic, focal and jammy
Example of failed output:
[...]
dpkg-buildpackage: error: debian/rules build subprocess returned exit status 2
Example of successful output:
The package builds without any issues.
[Where problems could occur]
The regression possibilities here are really low.
It is unlikely but possible that users could hardcode valid gpg keys into a file. In that case if the same user wants to install simplestreams, there is a high risk that a warning message will appear and there is a necessity to unify the keys by removing it and installing the package again.
---------------------original bug description-----------------------------
Running the autopkgtest fails to build the package. During the build process the example gpg key (examples/keys/example.pub and examples/keys/example.sec) gets imported. When the example key is used to test the package during build time; the build fails, because gpg fails to sign something with the expired gpg key.
How to verify:
1. Checkout the source tree
2. import examples/keys/example.pub with gpg --import examples/keys/example.pub
3. see details about key: gpg --list-keys 198E8D3C27227898CB4D413CA9714A203967536E
Should display something like this:
pub rsa1024 2013-02-26 [SCEA] [expired: 2023-02-24]
198E8D3C27227898CB4D413CA9714A203967536E
uid [ expired] Simple Streams Test User (Test Usage Only. Do Not Import.) <simplestreams@bogus.example.com>
4. Note that the key expired at 24.02.2023
5. (optional) remove key: gpg --delete-keys 198E8D3C27227898CB4D413CA9714A203967536E
How to fix this:
Generate a new key upstream or do the key generation dynamically to avoid this problem entirely. |
|
2023-05-24 14:41:31 |
Michał Małoszewski |
tags |
|
server-todo |
|
2023-05-25 15:14:32 |
Michał Małoszewski |
description |
[Impact]
Simplestreams package fails to build on Bionic, Focal and Jammy.
That issue is caused by the expired gpg keys.
The fix is to generate a new keys to avoid this problem.
[Test Plan]
Type in:
1. git ubuntu clone simplestreams
2. git checkout ubuntu/<release-name>-devel
3. sbuild -d <release-name>
*where <release-name> equals bionic, focal and jammy
Example of failed output:
[...]
dpkg-buildpackage: error: debian/rules build subprocess returned exit status 2
Example of successful output:
The package builds without any issues.
[Where problems could occur]
The regression possibilities here are really low.
It is unlikely but possible that users could hardcode valid gpg keys into a file. In that case if the same user wants to install simplestreams, there is a high risk that a warning message will appear and there is a necessity to unify the keys by removing it and installing the package again.
---------------------original bug description-----------------------------
Running the autopkgtest fails to build the package. During the build process the example gpg key (examples/keys/example.pub and examples/keys/example.sec) gets imported. When the example key is used to test the package during build time; the build fails, because gpg fails to sign something with the expired gpg key.
How to verify:
1. Checkout the source tree
2. import examples/keys/example.pub with gpg --import examples/keys/example.pub
3. see details about key: gpg --list-keys 198E8D3C27227898CB4D413CA9714A203967536E
Should display something like this:
pub rsa1024 2013-02-26 [SCEA] [expired: 2023-02-24]
198E8D3C27227898CB4D413CA9714A203967536E
uid [ expired] Simple Streams Test User (Test Usage Only. Do Not Import.) <simplestreams@bogus.example.com>
4. Note that the key expired at 24.02.2023
5. (optional) remove key: gpg --delete-keys 198E8D3C27227898CB4D413CA9714A203967536E
How to fix this:
Generate a new key upstream or do the key generation dynamically to avoid this problem entirely. |
[Impact]
Simplestreams package fails to build on Bionic, Focal and Jammy.
That issue is caused by the expired gpg keys.
The fix is to generate a new keys to avoid this problem.
[Test Plan]
Type in:
1. git ubuntu clone simplestreams
2. git checkout ubuntu/<release-name>-devel
3. sbuild -d <release-name>
*where <release-name> equals bionic, focal and jammy
Example of failed output:
make[1]: Entering directory '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460'
./tools/create-gpgdir
creating GNUPGHOME dir in /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/gnupg.
pubkey '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.pub'
secret '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.sec'
pubkeys: /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.pub
imported secret key /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.sec
imported pubkey /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.pub
./tools/tenv ./tools/sign-examples
Traceback (most recent call last):
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/tools/js2signed", line 53, in <module>
main()
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/tools/js2signed", line 41, in main
signjson_file(path, force=force)
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/tools/sign_helper.py", line 25, in signjson_file
util.sign_file(fname, inline=False)
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/simplestreams/util.py", line 546, in sign_file
return subp(get_sign_cmd(path=fname, output=outfile, inline=inline))[0]
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/simplestreams/util.py", line 458, in subp
raise subprocess.CalledProcessError(rc, args, output=(out, err))
subprocess.CalledProcessError: Command '['gpg', '--batch', '--output', '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/cirros/streams/v1/index.json.gpg', '--armor', '--detach-sign', '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/cirros/streams/v1/index.json']' returned non-zero exit status 2
Makefile:39: recipe for target 'examples-sign' failed
make[1]: *** [examples-sign] Error 1
make[1]: Leaving directory '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460'
dh_auto_test: make -j1 test returned exit code 2
debian/rules:7: recipe for target 'build' failed
make: *** [build] Error 2
dpkg-buildpackage: error: debian/rules build subprocess returned exit status 2
--------------------------------------------------------------------------------
Example of successful output:
The package builds without any issues.
[Where problems could occur]
The regression possibilities here are really low.
It is unlikely but possible that users could hardcode valid gpg keys into a file. In that case if the same user wants to install simplestreams, there is a high risk that a warning message will appear and there is a necessity to unify the keys by removing it and installing the package again.
---------------------original bug description-----------------------------
Running the autopkgtest fails to build the package. During the build process the example gpg key (examples/keys/example.pub and examples/keys/example.sec) gets imported. When the example key is used to test the package during build time; the build fails, because gpg fails to sign something with the expired gpg key.
How to verify:
1. Checkout the source tree
2. import examples/keys/example.pub with gpg --import examples/keys/example.pub
3. see details about key: gpg --list-keys 198E8D3C27227898CB4D413CA9714A203967536E
Should display something like this:
pub rsa1024 2013-02-26 [SCEA] [expired: 2023-02-24]
198E8D3C27227898CB4D413CA9714A203967536E
uid [ expired] Simple Streams Test User (Test Usage Only. Do Not Import.) <simplestreams@bogus.example.com>
4. Note that the key expired at 24.02.2023
5. (optional) remove key: gpg --delete-keys 198E8D3C27227898CB4D413CA9714A203967536E
How to fix this:
Generate a new key upstream or do the key generation dynamically to avoid this problem entirely. |
|
2023-05-25 15:19:48 |
Michał Małoszewski |
description |
[Impact]
Simplestreams package fails to build on Bionic, Focal and Jammy.
That issue is caused by the expired gpg keys.
The fix is to generate a new keys to avoid this problem.
[Test Plan]
Type in:
1. git ubuntu clone simplestreams
2. git checkout ubuntu/<release-name>-devel
3. sbuild -d <release-name>
*where <release-name> equals bionic, focal and jammy
Example of failed output:
make[1]: Entering directory '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460'
./tools/create-gpgdir
creating GNUPGHOME dir in /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/gnupg.
pubkey '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.pub'
secret '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.sec'
pubkeys: /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.pub
imported secret key /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.sec
imported pubkey /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.pub
./tools/tenv ./tools/sign-examples
Traceback (most recent call last):
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/tools/js2signed", line 53, in <module>
main()
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/tools/js2signed", line 41, in main
signjson_file(path, force=force)
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/tools/sign_helper.py", line 25, in signjson_file
util.sign_file(fname, inline=False)
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/simplestreams/util.py", line 546, in sign_file
return subp(get_sign_cmd(path=fname, output=outfile, inline=inline))[0]
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/simplestreams/util.py", line 458, in subp
raise subprocess.CalledProcessError(rc, args, output=(out, err))
subprocess.CalledProcessError: Command '['gpg', '--batch', '--output', '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/cirros/streams/v1/index.json.gpg', '--armor', '--detach-sign', '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/cirros/streams/v1/index.json']' returned non-zero exit status 2
Makefile:39: recipe for target 'examples-sign' failed
make[1]: *** [examples-sign] Error 1
make[1]: Leaving directory '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460'
dh_auto_test: make -j1 test returned exit code 2
debian/rules:7: recipe for target 'build' failed
make: *** [build] Error 2
dpkg-buildpackage: error: debian/rules build subprocess returned exit status 2
--------------------------------------------------------------------------------
Example of successful output:
The package builds without any issues.
[Where problems could occur]
The regression possibilities here are really low.
It is unlikely but possible that users could hardcode valid gpg keys into a file. In that case if the same user wants to install simplestreams, there is a high risk that a warning message will appear and there is a necessity to unify the keys by removing it and installing the package again.
---------------------original bug description-----------------------------
Running the autopkgtest fails to build the package. During the build process the example gpg key (examples/keys/example.pub and examples/keys/example.sec) gets imported. When the example key is used to test the package during build time; the build fails, because gpg fails to sign something with the expired gpg key.
How to verify:
1. Checkout the source tree
2. import examples/keys/example.pub with gpg --import examples/keys/example.pub
3. see details about key: gpg --list-keys 198E8D3C27227898CB4D413CA9714A203967536E
Should display something like this:
pub rsa1024 2013-02-26 [SCEA] [expired: 2023-02-24]
198E8D3C27227898CB4D413CA9714A203967536E
uid [ expired] Simple Streams Test User (Test Usage Only. Do Not Import.) <simplestreams@bogus.example.com>
4. Note that the key expired at 24.02.2023
5. (optional) remove key: gpg --delete-keys 198E8D3C27227898CB4D413CA9714A203967536E
How to fix this:
Generate a new key upstream or do the key generation dynamically to avoid this problem entirely. |
[Impact]
Simplestreams package fails to build on Bionic, Focal and Jammy.
That issue is caused by the expired gpg keys in tests.
The fix is to generate a new keys to avoid this problem.
[Test Plan]
Type in:
1. git ubuntu clone simplestreams
2. git checkout ubuntu/<release-name>-devel
3. sbuild -d <release-name>
*where <release-name> equals bionic, focal and jammy
Example of failed output:
make[1]: Entering directory '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460'
./tools/create-gpgdir
creating GNUPGHOME dir in /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/gnupg.
pubkey '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.pub'
secret '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.sec'
pubkeys: /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.pub
imported secret key /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.sec
imported pubkey /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.pub
./tools/tenv ./tools/sign-examples
Traceback (most recent call last):
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/tools/js2signed", line 53, in <module>
main()
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/tools/js2signed", line 41, in main
signjson_file(path, force=force)
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/tools/sign_helper.py", line 25, in signjson_file
util.sign_file(fname, inline=False)
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/simplestreams/util.py", line 546, in sign_file
return subp(get_sign_cmd(path=fname, output=outfile, inline=inline))[0]
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/simplestreams/util.py", line 458, in subp
raise subprocess.CalledProcessError(rc, args, output=(out, err))
subprocess.CalledProcessError: Command '['gpg', '--batch', '--output', '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/cirros/streams/v1/index.json.gpg', '--armor', '--detach-sign', '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/cirros/streams/v1/index.json']' returned non-zero exit status 2
Makefile:39: recipe for target 'examples-sign' failed
make[1]: *** [examples-sign] Error 1
make[1]: Leaving directory '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460'
dh_auto_test: make -j1 test returned exit code 2
debian/rules:7: recipe for target 'build' failed
make: *** [build] Error 2
dpkg-buildpackage: error: debian/rules build subprocess returned exit status 2
--------------------------------------------------------------------------------
Example of successful output:
The package builds without any issues.
[Where problems could occur]
The regression possibilities here are really low.
It is unlikely but possible that users could hardcode valid gpg keys into a file. In that case if the same user wants to install simplestreams, there is a high risk that a warning message will appear and there is a necessity to unify the keys by removing it and installing the package again.
---------------------original bug description-----------------------------
Running the autopkgtest fails to build the package. During the build process the example gpg key (examples/keys/example.pub and examples/keys/example.sec) gets imported. When the example key is used to test the package during build time; the build fails, because gpg fails to sign something with the expired gpg key.
How to verify:
1. Checkout the source tree
2. import examples/keys/example.pub with gpg --import examples/keys/example.pub
3. see details about key: gpg --list-keys 198E8D3C27227898CB4D413CA9714A203967536E
Should display something like this:
pub rsa1024 2013-02-26 [SCEA] [expired: 2023-02-24]
198E8D3C27227898CB4D413CA9714A203967536E
uid [ expired] Simple Streams Test User (Test Usage Only. Do Not Import.) <simplestreams@bogus.example.com>
4. Note that the key expired at 24.02.2023
5. (optional) remove key: gpg --delete-keys 198E8D3C27227898CB4D413CA9714A203967536E
How to fix this:
Generate a new key upstream or do the key generation dynamically to avoid this problem entirely. |
|
2023-05-25 15:24:45 |
Michał Małoszewski |
description |
[Impact]
Simplestreams package fails to build on Bionic, Focal and Jammy.
That issue is caused by the expired gpg keys in tests.
The fix is to generate a new keys to avoid this problem.
[Test Plan]
Type in:
1. git ubuntu clone simplestreams
2. git checkout ubuntu/<release-name>-devel
3. sbuild -d <release-name>
*where <release-name> equals bionic, focal and jammy
Example of failed output:
make[1]: Entering directory '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460'
./tools/create-gpgdir
creating GNUPGHOME dir in /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/gnupg.
pubkey '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.pub'
secret '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.sec'
pubkeys: /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.pub
imported secret key /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.sec
imported pubkey /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.pub
./tools/tenv ./tools/sign-examples
Traceback (most recent call last):
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/tools/js2signed", line 53, in <module>
main()
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/tools/js2signed", line 41, in main
signjson_file(path, force=force)
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/tools/sign_helper.py", line 25, in signjson_file
util.sign_file(fname, inline=False)
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/simplestreams/util.py", line 546, in sign_file
return subp(get_sign_cmd(path=fname, output=outfile, inline=inline))[0]
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/simplestreams/util.py", line 458, in subp
raise subprocess.CalledProcessError(rc, args, output=(out, err))
subprocess.CalledProcessError: Command '['gpg', '--batch', '--output', '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/cirros/streams/v1/index.json.gpg', '--armor', '--detach-sign', '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/cirros/streams/v1/index.json']' returned non-zero exit status 2
Makefile:39: recipe for target 'examples-sign' failed
make[1]: *** [examples-sign] Error 1
make[1]: Leaving directory '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460'
dh_auto_test: make -j1 test returned exit code 2
debian/rules:7: recipe for target 'build' failed
make: *** [build] Error 2
dpkg-buildpackage: error: debian/rules build subprocess returned exit status 2
--------------------------------------------------------------------------------
Example of successful output:
The package builds without any issues.
[Where problems could occur]
The regression possibilities here are really low.
It is unlikely but possible that users could hardcode valid gpg keys into a file. In that case if the same user wants to install simplestreams, there is a high risk that a warning message will appear and there is a necessity to unify the keys by removing it and installing the package again.
---------------------original bug description-----------------------------
Running the autopkgtest fails to build the package. During the build process the example gpg key (examples/keys/example.pub and examples/keys/example.sec) gets imported. When the example key is used to test the package during build time; the build fails, because gpg fails to sign something with the expired gpg key.
How to verify:
1. Checkout the source tree
2. import examples/keys/example.pub with gpg --import examples/keys/example.pub
3. see details about key: gpg --list-keys 198E8D3C27227898CB4D413CA9714A203967536E
Should display something like this:
pub rsa1024 2013-02-26 [SCEA] [expired: 2023-02-24]
198E8D3C27227898CB4D413CA9714A203967536E
uid [ expired] Simple Streams Test User (Test Usage Only. Do Not Import.) <simplestreams@bogus.example.com>
4. Note that the key expired at 24.02.2023
5. (optional) remove key: gpg --delete-keys 198E8D3C27227898CB4D413CA9714A203967536E
How to fix this:
Generate a new key upstream or do the key generation dynamically to avoid this problem entirely. |
[Impact]
Simplestreams package fails to build on Bionic, Focal and Jammy.
That issue is caused by the expired gpg test keys.
The fix is to generate a new keys to avoid this problem.
[Test Plan]
Type in:
1. git ubuntu clone simplestreams
2. git checkout ubuntu/<release-name>-devel
3. sbuild -d <release-name>
*where <release-name> equals bionic, focal and jammy
Example of failed output:
make[1]: Entering directory '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460'
./tools/create-gpgdir
creating GNUPGHOME dir in /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/gnupg.
pubkey '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.pub'
secret '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.sec'
pubkeys: /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.pub
imported secret key /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.sec
imported pubkey /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.pub
./tools/tenv ./tools/sign-examples
Traceback (most recent call last):
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/tools/js2signed", line 53, in <module>
main()
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/tools/js2signed", line 41, in main
signjson_file(path, force=force)
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/tools/sign_helper.py", line 25, in signjson_file
util.sign_file(fname, inline=False)
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/simplestreams/util.py", line 546, in sign_file
return subp(get_sign_cmd(path=fname, output=outfile, inline=inline))[0]
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/simplestreams/util.py", line 458, in subp
raise subprocess.CalledProcessError(rc, args, output=(out, err))
subprocess.CalledProcessError: Command '['gpg', '--batch', '--output', '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/cirros/streams/v1/index.json.gpg', '--armor', '--detach-sign', '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/cirros/streams/v1/index.json']' returned non-zero exit status 2
Makefile:39: recipe for target 'examples-sign' failed
make[1]: *** [examples-sign] Error 1
make[1]: Leaving directory '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460'
dh_auto_test: make -j1 test returned exit code 2
debian/rules:7: recipe for target 'build' failed
make: *** [build] Error 2
dpkg-buildpackage: error: debian/rules build subprocess returned exit status 2
--------------------------------------------------------------------------------
Example of successful output:
The package builds without any issues.
[Where problems could occur]
The regression possibilities here are really low.
It is unlikely but possible that users could hardcode valid gpg keys into a file. In that case if the same user wants to install simplestreams, there is a high risk that a warning message will appear and there is a necessity to unify the keys by removing it and installing the package again.
---------------------original bug description-----------------------------
Running the autopkgtest fails to build the package. During the build process the example gpg key (examples/keys/example.pub and examples/keys/example.sec) gets imported. When the example key is used to test the package during build time; the build fails, because gpg fails to sign something with the expired gpg key.
How to verify:
1. Checkout the source tree
2. import examples/keys/example.pub with gpg --import examples/keys/example.pub
3. see details about key: gpg --list-keys 198E8D3C27227898CB4D413CA9714A203967536E
Should display something like this:
pub rsa1024 2013-02-26 [SCEA] [expired: 2023-02-24]
198E8D3C27227898CB4D413CA9714A203967536E
uid [ expired] Simple Streams Test User (Test Usage Only. Do Not Import.) <simplestreams@bogus.example.com>
4. Note that the key expired at 24.02.2023
5. (optional) remove key: gpg --delete-keys 198E8D3C27227898CB4D413CA9714A203967536E
How to fix this:
Generate a new key upstream or do the key generation dynamically to avoid this problem entirely. |
|
2023-05-25 15:27:11 |
Michał Małoszewski |
description |
[Impact]
Simplestreams package fails to build on Bionic, Focal and Jammy.
That issue is caused by the expired gpg test keys.
The fix is to generate a new keys to avoid this problem.
[Test Plan]
Type in:
1. git ubuntu clone simplestreams
2. git checkout ubuntu/<release-name>-devel
3. sbuild -d <release-name>
*where <release-name> equals bionic, focal and jammy
Example of failed output:
make[1]: Entering directory '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460'
./tools/create-gpgdir
creating GNUPGHOME dir in /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/gnupg.
pubkey '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.pub'
secret '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.sec'
pubkeys: /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.pub
imported secret key /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.sec
imported pubkey /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.pub
./tools/tenv ./tools/sign-examples
Traceback (most recent call last):
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/tools/js2signed", line 53, in <module>
main()
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/tools/js2signed", line 41, in main
signjson_file(path, force=force)
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/tools/sign_helper.py", line 25, in signjson_file
util.sign_file(fname, inline=False)
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/simplestreams/util.py", line 546, in sign_file
return subp(get_sign_cmd(path=fname, output=outfile, inline=inline))[0]
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/simplestreams/util.py", line 458, in subp
raise subprocess.CalledProcessError(rc, args, output=(out, err))
subprocess.CalledProcessError: Command '['gpg', '--batch', '--output', '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/cirros/streams/v1/index.json.gpg', '--armor', '--detach-sign', '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/cirros/streams/v1/index.json']' returned non-zero exit status 2
Makefile:39: recipe for target 'examples-sign' failed
make[1]: *** [examples-sign] Error 1
make[1]: Leaving directory '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460'
dh_auto_test: make -j1 test returned exit code 2
debian/rules:7: recipe for target 'build' failed
make: *** [build] Error 2
dpkg-buildpackage: error: debian/rules build subprocess returned exit status 2
--------------------------------------------------------------------------------
Example of successful output:
The package builds without any issues.
[Where problems could occur]
The regression possibilities here are really low.
It is unlikely but possible that users could hardcode valid gpg keys into a file. In that case if the same user wants to install simplestreams, there is a high risk that a warning message will appear and there is a necessity to unify the keys by removing it and installing the package again.
---------------------original bug description-----------------------------
Running the autopkgtest fails to build the package. During the build process the example gpg key (examples/keys/example.pub and examples/keys/example.sec) gets imported. When the example key is used to test the package during build time; the build fails, because gpg fails to sign something with the expired gpg key.
How to verify:
1. Checkout the source tree
2. import examples/keys/example.pub with gpg --import examples/keys/example.pub
3. see details about key: gpg --list-keys 198E8D3C27227898CB4D413CA9714A203967536E
Should display something like this:
pub rsa1024 2013-02-26 [SCEA] [expired: 2023-02-24]
198E8D3C27227898CB4D413CA9714A203967536E
uid [ expired] Simple Streams Test User (Test Usage Only. Do Not Import.) <simplestreams@bogus.example.com>
4. Note that the key expired at 24.02.2023
5. (optional) remove key: gpg --delete-keys 198E8D3C27227898CB4D413CA9714A203967536E
How to fix this:
Generate a new key upstream or do the key generation dynamically to avoid this problem entirely. |
[Impact]
Simplestreams package fails to build on Bionic, Focal and Jammy.
That issue is caused by the expired test gpg keys.
The fix is to generate a new keys to avoid this problem.
[Test Plan]
Type in:
1. git ubuntu clone simplestreams
2. git checkout ubuntu/<release-name>-devel
3. sbuild -d <release-name>
*where <release-name> equals bionic, focal and jammy
Example of failed output:
make[1]: Entering directory '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460'
./tools/create-gpgdir
creating GNUPGHOME dir in /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/gnupg.
pubkey '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.pub'
secret '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.sec'
pubkeys: /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.pub
imported secret key /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.sec
imported pubkey /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.pub
./tools/tenv ./tools/sign-examples
Traceback (most recent call last):
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/tools/js2signed", line 53, in <module>
main()
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/tools/js2signed", line 41, in main
signjson_file(path, force=force)
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/tools/sign_helper.py", line 25, in signjson_file
util.sign_file(fname, inline=False)
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/simplestreams/util.py", line 546, in sign_file
return subp(get_sign_cmd(path=fname, output=outfile, inline=inline))[0]
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/simplestreams/util.py", line 458, in subp
raise subprocess.CalledProcessError(rc, args, output=(out, err))
subprocess.CalledProcessError: Command '['gpg', '--batch', '--output', '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/cirros/streams/v1/index.json.gpg', '--armor', '--detach-sign', '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/cirros/streams/v1/index.json']' returned non-zero exit status 2
Makefile:39: recipe for target 'examples-sign' failed
make[1]: *** [examples-sign] Error 1
make[1]: Leaving directory '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460'
dh_auto_test: make -j1 test returned exit code 2
debian/rules:7: recipe for target 'build' failed
make: *** [build] Error 2
dpkg-buildpackage: error: debian/rules build subprocess returned exit status 2
--------------------------------------------------------------------------------
Example of successful output:
The package builds without any issues.
[Where problems could occur]
The regression possibilities here are really low.
It is unlikely but possible that users could hardcode valid gpg keys into a file. In that case if the same user wants to install simplestreams, there is a high risk that a warning message will appear and there is a necessity to unify the keys by removing it and installing the package again.
---------------------original bug description-----------------------------
Running the autopkgtest fails to build the package. During the build process the example gpg key (examples/keys/example.pub and examples/keys/example.sec) gets imported. When the example key is used to test the package during build time; the build fails, because gpg fails to sign something with the expired gpg key.
How to verify:
1. Checkout the source tree
2. import examples/keys/example.pub with gpg --import examples/keys/example.pub
3. see details about key: gpg --list-keys 198E8D3C27227898CB4D413CA9714A203967536E
Should display something like this:
pub rsa1024 2013-02-26 [SCEA] [expired: 2023-02-24]
198E8D3C27227898CB4D413CA9714A203967536E
uid [ expired] Simple Streams Test User (Test Usage Only. Do Not Import.) <simplestreams@bogus.example.com>
4. Note that the key expired at 24.02.2023
5. (optional) remove key: gpg --delete-keys 198E8D3C27227898CB4D413CA9714A203967536E
How to fix this:
Generate a new key upstream or do the key generation dynamically to avoid this problem entirely. |
|
2023-05-31 13:31:07 |
Michał Małoszewski |
description |
[Impact]
Simplestreams package fails to build on Bionic, Focal and Jammy.
That issue is caused by the expired test gpg keys.
The fix is to generate a new keys to avoid this problem.
[Test Plan]
Type in:
1. git ubuntu clone simplestreams
2. git checkout ubuntu/<release-name>-devel
3. sbuild -d <release-name>
*where <release-name> equals bionic, focal and jammy
Example of failed output:
make[1]: Entering directory '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460'
./tools/create-gpgdir
creating GNUPGHOME dir in /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/gnupg.
pubkey '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.pub'
secret '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.sec'
pubkeys: /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.pub
imported secret key /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.sec
imported pubkey /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.pub
./tools/tenv ./tools/sign-examples
Traceback (most recent call last):
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/tools/js2signed", line 53, in <module>
main()
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/tools/js2signed", line 41, in main
signjson_file(path, force=force)
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/tools/sign_helper.py", line 25, in signjson_file
util.sign_file(fname, inline=False)
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/simplestreams/util.py", line 546, in sign_file
return subp(get_sign_cmd(path=fname, output=outfile, inline=inline))[0]
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/simplestreams/util.py", line 458, in subp
raise subprocess.CalledProcessError(rc, args, output=(out, err))
subprocess.CalledProcessError: Command '['gpg', '--batch', '--output', '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/cirros/streams/v1/index.json.gpg', '--armor', '--detach-sign', '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/cirros/streams/v1/index.json']' returned non-zero exit status 2
Makefile:39: recipe for target 'examples-sign' failed
make[1]: *** [examples-sign] Error 1
make[1]: Leaving directory '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460'
dh_auto_test: make -j1 test returned exit code 2
debian/rules:7: recipe for target 'build' failed
make: *** [build] Error 2
dpkg-buildpackage: error: debian/rules build subprocess returned exit status 2
--------------------------------------------------------------------------------
Example of successful output:
The package builds without any issues.
[Where problems could occur]
The regression possibilities here are really low.
It is unlikely but possible that users could hardcode valid gpg keys into a file. In that case if the same user wants to install simplestreams, there is a high risk that a warning message will appear and there is a necessity to unify the keys by removing it and installing the package again.
---------------------original bug description-----------------------------
Running the autopkgtest fails to build the package. During the build process the example gpg key (examples/keys/example.pub and examples/keys/example.sec) gets imported. When the example key is used to test the package during build time; the build fails, because gpg fails to sign something with the expired gpg key.
How to verify:
1. Checkout the source tree
2. import examples/keys/example.pub with gpg --import examples/keys/example.pub
3. see details about key: gpg --list-keys 198E8D3C27227898CB4D413CA9714A203967536E
Should display something like this:
pub rsa1024 2013-02-26 [SCEA] [expired: 2023-02-24]
198E8D3C27227898CB4D413CA9714A203967536E
uid [ expired] Simple Streams Test User (Test Usage Only. Do Not Import.) <simplestreams@bogus.example.com>
4. Note that the key expired at 24.02.2023
5. (optional) remove key: gpg --delete-keys 198E8D3C27227898CB4D413CA9714A203967536E
How to fix this:
Generate a new key upstream or do the key generation dynamically to avoid this problem entirely. |
[Impact]
Simplestreams package fails to build on Bionic, Focal and Jammy.
That issue is caused by the expired test gpg keys.
The fix is to generate a new keys to avoid this problem.
[Test Plan]
Type in:
1. git ubuntu clone simplestreams
2. pull-lp-source -d simplestreams <release-name>
3. cd simplestreams
4. git checkout ubuntu/<release-name>-devel
5. dpkg-buildpackage -S -I -i -nc -d -uc -us
6. cd ..
7. sbuild -d <release-name>-amd64 simplestreams_<version>.dsc
*where <release-name> equals bionic, focal and jammy
Example of failed output:
make[1]: Entering directory '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460'
./tools/create-gpgdir
creating GNUPGHOME dir in /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/gnupg.
pubkey '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.pub'
secret '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.sec'
pubkeys: /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.pub
imported secret key /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.sec
imported pubkey /build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/keys/example.pub
./tools/tenv ./tools/sign-examples
Traceback (most recent call last):
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/tools/js2signed", line 53, in <module>
main()
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/tools/js2signed", line 41, in main
signjson_file(path, force=force)
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/tools/sign_helper.py", line 25, in signjson_file
util.sign_file(fname, inline=False)
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/simplestreams/util.py", line 546, in sign_file
return subp(get_sign_cmd(path=fname, output=outfile, inline=inline))[0]
File "/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/simplestreams/util.py", line 458, in subp
raise subprocess.CalledProcessError(rc, args, output=(out, err))
subprocess.CalledProcessError: Command '['gpg', '--batch', '--output', '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/cirros/streams/v1/index.json.gpg', '--armor', '--detach-sign', '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460/examples/cirros/streams/v1/index.json']' returned non-zero exit status 2
Makefile:39: recipe for target 'examples-sign' failed
make[1]: *** [examples-sign] Error 1
make[1]: Leaving directory '/build/simplestreams-83uOzI/simplestreams-0.1.0~bzr460'
dh_auto_test: make -j1 test returned exit code 2
debian/rules:7: recipe for target 'build' failed
make: *** [build] Error 2
dpkg-buildpackage: error: debian/rules build subprocess returned exit status 2
--------------------------------------------------------------------------------
Example of successful output:
The package builds without any issues.
[Where problems could occur]
The regression possibilities here are really low.
It is unlikely but possible that users could hardcode valid gpg keys into a file. In that case if the same user wants to install simplestreams, there is a high risk that a warning message will appear and there is a necessity to unify the keys by removing it and installing the package again.
---------------------original bug description-----------------------------
Running the autopkgtest fails to build the package. During the build process the example gpg key (examples/keys/example.pub and examples/keys/example.sec) gets imported. When the example key is used to test the package during build time; the build fails, because gpg fails to sign something with the expired gpg key.
How to verify:
1. Checkout the source tree
2. import examples/keys/example.pub with gpg --import examples/keys/example.pub
3. see details about key: gpg --list-keys 198E8D3C27227898CB4D413CA9714A203967536E
Should display something like this:
pub rsa1024 2013-02-26 [SCEA] [expired: 2023-02-24]
198E8D3C27227898CB4D413CA9714A203967536E
uid [ expired] Simple Streams Test User (Test Usage Only. Do Not Import.) <simplestreams@bogus.example.com>
4. Note that the key expired at 24.02.2023
5. (optional) remove key: gpg --delete-keys 198E8D3C27227898CB4D413CA9714A203967536E
How to fix this:
Generate a new key upstream or do the key generation dynamically to avoid this problem entirely. |
|
2023-06-01 16:05:28 |
Ubuntu Archive Robot |
bug |
|
|
added subscriber Lucas Kanashiro |
2023-06-02 19:26:07 |
Steve Langasek |
tags |
server-todo |
block-proposed-jammy server-todo |
|
2023-06-02 19:26:15 |
Steve Langasek |
simplestreams (Ubuntu Jammy): status |
In Progress |
Fix Committed |
|
2023-06-02 19:26:16 |
Steve Langasek |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2023-06-02 19:26:18 |
Steve Langasek |
bug |
|
|
added subscriber SRU Verification |
2023-06-02 19:26:21 |
Steve Langasek |
tags |
block-proposed-jammy server-todo |
block-proposed-jammy server-todo verification-needed verification-needed-jammy |
|
2023-06-02 19:27:39 |
Steve Langasek |
simplestreams (Ubuntu Focal): status |
In Progress |
Fix Committed |
|
2023-06-02 19:27:44 |
Steve Langasek |
tags |
block-proposed-jammy server-todo verification-needed verification-needed-jammy |
block-proposed-jammy server-todo verification-needed verification-needed-focal verification-needed-jammy |
|
2023-06-02 19:27:52 |
Steve Langasek |
tags |
block-proposed-jammy server-todo verification-needed verification-needed-focal verification-needed-jammy |
block-proposed-focal block-proposed-jammy server-todo verification-needed verification-needed-jammy |
|
2023-06-12 14:53:56 |
Michał Małoszewski |
tags |
block-proposed-focal block-proposed-jammy server-todo verification-needed verification-needed-jammy |
block-proposed-focal block-proposed-jammy server-todo verification-done verification-done-jammy |
|
2023-06-13 08:47:40 |
Christian Ehrhardt |
tags |
block-proposed-focal block-proposed-jammy server-todo verification-done verification-done-jammy |
block-proposed-focal block-proposed-jammy server-todo verification-done verification-done-focal verification-done-jammy |
|
2023-06-13 08:48:23 |
Christian Ehrhardt |
simplestreams (Ubuntu Bionic): status |
In Progress |
Won't Fix |
|
2023-06-13 08:58:51 |
Michał Małoszewski |
simplestreams (Ubuntu Bionic): assignee |
Michał Małoszewski (michal-maloszewski99) |
|
|
2023-06-13 08:58:53 |
Michał Małoszewski |
simplestreams (Ubuntu Focal): assignee |
Michał Małoszewski (michal-maloszewski99) |
|
|
2023-06-13 08:58:55 |
Michał Małoszewski |
simplestreams (Ubuntu Jammy): assignee |
Michał Małoszewski (michal-maloszewski99) |
|
|
2023-06-13 08:59:13 |
Michał Małoszewski |
tags |
block-proposed-focal block-proposed-jammy server-todo verification-done verification-done-focal verification-done-jammy |
block-proposed-focal block-proposed-jammy verification-done verification-done-jammy |
|
2023-06-13 08:59:41 |
Michał Małoszewski |
tags |
block-proposed-focal block-proposed-jammy verification-done verification-done-jammy |
block-proposed-focal block-proposed-jammy verification-done verification-done-focal verification-done-jammy |
|
2024-04-11 15:43:03 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~aciba/simplestreams/+git/simplestreams/+merge/464124 |
|
2024-04-12 07:33:50 |
Launchpad Janitor |
merge proposal unlinked |
https://code.launchpad.net/~aciba/simplestreams/+git/simplestreams/+merge/464124 |
|
|