From d1edab680fedfa3fcd75b361efff341f3f799819 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Fri, 15 Jun 2018 21:05:08 -0300 Subject: Updates source checking instructions (2) --- .devscripts | 3 ++- Makefile | 2 +- checking.md | 12 ++++-------- 3 files changed, 7 insertions(+), 10 deletions(-) diff --git a/.devscripts b/.devscripts index d095dac..a5b0c86 100644 --- a/.devscripts +++ b/.devscripts @@ -1 +1,2 @@ -DSCVERIFY_KEYRINGS="/usr/share/keyrings/debian-keyring.gpg:/usr/share/keyrings/debian-maintainers.gpg:~/keyrings/debian-keyring.gpg:~/keyrings/debian-maintainers.gpg" +#DSCVERIFY_KEYRINGS="/usr/share/keyrings/debian-keyring.gpg:/usr/share/keyrings/debian-maintainers.gpg:~/keyrings/debian-keyring.gpg:~/keyrings/debian-maintainers.gpg" +DSCVERIFY_KEYRINGS="/usr/share/keyrings/debian-keyring.gpg:/usr/share/keyrings/debian-maintainers.gpg:~/.gnupg/trustedkeys.kbx" diff --git a/Makefile b/Makefile index 458ab42..47893ec 100644 --- a/Makefile +++ b/Makefile @@ -28,7 +28,7 @@ keyring: @rsync -az --progress keyring.debian.org::keyrings/ keyring/ @gpg --verify keyring/sha512sums.txt @cd keyring > /dev/null && sha512sum -c sha512sums.txt - @cd keyring > /dev/null && chmod 700 keyrings && ln -sf keyrings .gnupg #&& cd .gnupg && ln -sf debian-keyring.gpg trustedkeys.gpg + @cd keyring > /dev/null && mkdir .gnupg && chmod 700 .gnupg @cp .devscripts keyring/ @gpg --no-default-keyring --keyring keyring/keyrings/debian-keyring.gpg --export | HOME=keyring/ gpg --import @gpg --no-default-keyring --keyring keyring/keyrings/debian-maintainers.gpg --export | HOME=keyring/ gpg --import diff --git a/checking.md b/checking.md index c30a27d..8fb3cd1 100644 --- a/checking.md +++ b/checking.md @@ -61,7 +61,8 @@ Things get even trickier when you try to use `dpkg-source`. See [Debian Bug repo type of key resource 'trustedkeys.kbx'](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852019) for details. -Even if you symlink `keyring/keyrings/debian-keyring.gpg` as `keyring/keyrings/trustedkeys.gpg` +Even if you merge both `keyring/keyrings/debian-keyring.gpg` `keyring/keyrings/debian-maintainers.gpg` +into some file like `keyring/keyrings/pubring.kbx`, symlink it as `keyring/keyrings/trustedkeys.gpg` and point `GNUPGHOME` to this folder you'll still get a weird behavior: 0 $ dget http://ftp.de.debian.org/debian/pool/main/r/ruby-childprocess/ruby-childprocess_0.5.2-1.dsc @@ -102,14 +103,9 @@ and `dpkg-source` with HOME=/path/to/debian/keyring/ dpkg-source -x $package*dsc HOME=/path/to/debian/keyring/ dget -For this trick to work, you'll need to run `make keyring` or manually run this: +For this trick to work, you'll need to run - ( cd /path/to/debian/keyring/ && chmod 700 keyrings && ln -sf keyrings .gnupg && cd .gnupg && ln -sf debian-keyring.gpg trustedkeys.gpg ) - -If you're doing manually, make sure to add into `/path/to/debian/keyring/.devscripts` the following content: - - DSCVERIFY_KEYRINGS="/usr/share/keyrings/debian-keyring.gpg:/usr/share/keyrings/debian-maintainers.gpg: - ~/keyrings/debian-keyring.gpg:~/keyrings/debian-maintainers.gpg" + make keyring Again, you might set two handy aliases for your shell: -- cgit v1.2.3