| 1 |
On Mon, 1 Aug 2022 15:49:18 +0000 (UTC) Andrey Grozin wrote: |
| 2 |
> Hello *, |
| 3 |
> |
| 4 |
> Sorry for a very naive question. |
| 5 |
> |
| 6 |
> In the past, I used |
| 7 |
> repoman commit |
| 8 |
> to commit a new ebuild. I got a text screen in my terminal where I typed my |
| 9 |
> passphraise (if I then committed something else within the timeout, I didn't |
| 10 |
> have to re-type it). |
| 11 |
> |
| 12 |
> Now we are recommended to use |
| 13 |
> pkgdev commit |
| 14 |
> instead. But it does not ask for my passphraise, just writes an error message |
| 15 |
> that it cannot sign my commit. |
| 16 |
> |
| 17 |
> If I commit something with repoman and then (within the timeout) commit |
| 18 |
> something else with pkgdev, it works. |
| 19 |
> |
| 20 |
> My .gnupg/gpg-agent.conf is |
| 21 |
> |
| 22 |
> pinentry-program /usr/bin/pinentry-curses |
| 23 |
> write-env-file |
| 24 |
> default-cache-ttl 1000000 |
| 25 |
> |
| 26 |
> My .gnupg/gpg.conf includes the line |
| 27 |
> |
| 28 |
> use-agent |
| 29 |
> |
| 30 |
> I can, of course, continue to use repoman for committing. But now it does not |
| 31 |
> add the Signed-off-by: automatically. I have to add it by hand, in nano. This is |
| 32 |
> definitely the most convenient way. |
| 33 |
|
| 34 |
I have the same problem with pkgdev. It fails to run at |
| 35 |
least CLI/TUI pinentry when password is needed. To workaround |
| 36 |
I sign some dummy file with `gpg -s file`, then within cache period |
| 37 |
I can use it for commits using pkgdev. |
| 38 |
|
| 39 |
Cache timeout can be set in gpg-agent.conf, e.g. in seconds: |
| 40 |
default-cache-ttl 7200 |
| 41 |
|
| 42 |
Furthermore I can't use `pkgdev push` to push my commits, because |
| 43 |
it fails to sign the push and the server rejects my push. I have no |
| 44 |
idea why, because `git push --signed' works perfectly fine. |
| 45 |
Regarding pushing to git (I mean git push process, not various |
| 46 |
checks), pkgdev should do the same as `git push --signed`, but it |
| 47 |
apparently does not. |
| 48 |
|
| 49 |
And last but not the least pkgdev have some problem I could not |
| 50 |
precisely identify that makes gpg socket forwarding unusable, so I |
| 51 |
can't forward nitrokey from another host. Plain gpg usually works. |
| 52 |
|
| 53 |
Best regards, |
| 54 |
Andrew Savchenko |
Archives