mirrors/git-annex
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

Removed bundled gpg from the Linux standalone build and OSX dmg

Browse source 
Because gpg now always wants to use gpg-agent, and shipping such a daemon
in those is not a good idea.
This commit is contained in:
Joey Hess 2019-03-18 16:31:07 -04:00
parent c96e623343
commit 258e8f8f29
No known key found for this signature in database
GPG key ID: DB12DB0FF05F8F38
4 changed files with 35 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

8
Build/BundledPrograms.hs
View file

@ -24,14 +24,6 @@ bundledPrograms = preferredBundledPrograms ++ extraBundledPrograms
-} -}
extraBundledPrograms :: [FilePath] extraBundledPrograms :: [FilePath]
extraBundledPrograms = catMaybes extraBundledPrograms = catMaybes
-- The system gpg is probably better, because it may better
-- integrate with the system gpg-agent, etc.
-- On Windows, gpg is bundled with git for windows.
#ifndef mingw32_HOST_OS
[ BuildInfo.gpg
#else
[
#endif
#ifndef darwin_HOST_OS #ifndef darwin_HOST_OS
#ifndef mingw32_HOST_OS #ifndef mingw32_HOST_OS
-- OS X has ssh installed by default. -- OS X has ssh installed by default.

3
CHANGELOG
View file

@ -31,6 +31,9 @@ git-annex (7.20190220) UNRELEASED; urgency=medium
re-run git-annex init.) re-run git-annex init.)
* fsck: Detect situations where annex.thin has caused data loss * fsck: Detect situations where annex.thin has caused data loss
to the content of locked files. to the content of locked files.
* Removed bundled gpg from the Linux standalone build and OSX dmg,
because gpg now always wants to use gpg-agent, and shipping such a daemon
in those is not a good idea.
-- Joey Hess <id@joeyh.name> Wed, 20 Feb 2019 14:20:59 -0400 -- Joey Hess <id@joeyh.name> Wed, 20 Feb 2019 14:20:59 -0400

1
doc/bugs/git-annex_standalone_provides_gpg_but_not_gpg-agent.mdwn
View file

@ -2,3 +2,4 @@ In the sandbox environment used by git-annex standalone, the gpg binary exists,
If I want to use my own gpg version (compatible with my own gpg-agent), is it safe to just delete all files named 'gpg' from the git-annex.linux directory? If I want to use my own gpg version (compatible with my own gpg-agent), is it safe to just delete all files named 'gpg' from the git-annex.linux directory?
> [[fixed|done]] --[[Joey]]

31
doc/bugs/git-annex_standalone_provides_gpg_but_not_gpg-agent/comment_3_2c93bb456d7884a5cadd57b240ee42f7._comment Normal file
View file

@ -0,0 +1,31 @@
[[!comment format=mdwn
username="joey"
subject="""comment 3"""
date="2019-03-18T20:03:29Z"
content="""
If I move gpg-agent out of path and presumably reproduce the problem,
I get this output from the test suite:
crypto: gpg: failed to start agent '/usr/bin/gpg-agent': No such file or directory
gpg: can't connect to the agent: No such file or directory
gpg: error getting the KEK: No agent running
FAIL
Exception: user error (gpg ["--batch","--no-tty","--use-agent","--quiet","--trust-model","always","--import","-q"] exited 2)
Which is the kind of information I was asking for.
[[!commit aee9adbadc2f17c5b5394fc2fde6c57c26917024]] has some relevant info.
I tried making git-annex not pass --use-agent, but it still tries
to use the agent:
crypto: gpg: failed to start agent '/usr/bin/gpg-agent': No such file or directory
gpg: can't connect to the agent: No such file or directory
gpg: error getting the KEK: No agent running
FAIL
Exception: user error (gpg ["--quiet","--trust-model","always","--import","-q"] exited 2)
preferred content: wanted . ok
I guess the easist thing would be to drop gpg fraom the standalone bundle.
Including gpg-agent in there seems like a bad idea; it's a daemon that
other gpg versions than the bundled one might try to talk to.
"""]]