Problem Solved (was Re: [darcs-users] Re: darcs and GnuPG)

Nimrod A. Abing nimrod.abing at gmail.com
Sat Dec 11 03:09:34 UTC 2004


On Fri, 10 Dec 2004 09:01:50 -0500, David Roundy
<droundy at abridgegame.org> wrote:
> On Fri, Dec 10, 2004 at 11:25:05AM +0800, Nimrod A. Abing wrote:
> > Someone please clarify on whether or not this is a known issue, my gpg
> > key is open without a passphrase and the private key is stored on a
> > machine shared with other co-workers. If this is a known issue and no
> > workarounds are present, then I would have to create a separate key
> > for signing patches.
> 
> It's not a known issue.  I've certainly never seen this problem myself.
> 
> It seems that gpg is returning an error value, which is weird.  If you can
> add to your darcs the following change:
> 
> {
> hunk ./External.hs 400
>          rval <- exec c args tn on
>          if rval == ExitSuccess
>             then readDocBinFile on
> -           else fail $ "Error running external program '"++c++"'"
> +           else fail $ "Error running external program '"++c++"' "++show rval
> 
>  -- The following is needed for diff, which returns non-zero whenever
>  -- the files differ.
> }

I did this for darcs-1.0.1pre1, here are the results of the test run:
[--
nimrod at midway:~/trees/tests/sample2> darcs send --sign
Creating patch to ../sample...
Sending by email to Sample <nimrod at sti-capiz.dyndns.info>

Sat Dec 11 10:47:12 PHT 2004  nimrod.abing at gmail.com
  * test5
Shall I send this patch? (1/1) [ynWvxqadjk], or ? for help: a

You need a passphrase to unlock the secret key for
user: "Nimrod A. Abing (Office) <nimrod at sti-capiz.dyndns.info>"
1024-bit DSA key, ID F1FC17FA, created 2004-12-08


darcs failed:  Error running external program 'gpg'
Exit code: ExitFailure 2
--]

Invoking gpg manually gives me:
[--
nimrod at midway:~/trees/tests/sample2> cat patch|gpg --clearsign --verbose

You need a passphrase to unlock the secret key for
user: "Nimrod A. Abing (Office) <nimrod at sti-capiz.dyndns.info>"
1024-bit DSA key, ID F1FC17FA, created 2004-12-08

gpg: gpg-agent is not available in this session
gpg: writing to stdout
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


New patches:

[test5
nimrod.abing at gmail.com**20041211024712] {
addfile ./test4
}



Context:

[test3
nimrod.abing at gmail.com**20041210031430]
[test3
nimrod.abing at gmail.com**20041210025824]
[test2
nimrod.abing at gmail.com**20041209052212]
[test
nimrod.abing at gmail.com**20041209032208]

Patch bundle hash:
c255c82df9cd3523fc4e826c15ba58adfd204a01
gpg: DSA signature from: "F1FC17FA Nimrod A. Abing (Office)
<nimrod at sti-capiz.dyndns.info>"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFBumEIi4/Cj/H8F/oRAuUSAKCAInsk8g5ni4z2Rfg6qpUCUCLoHwCcC1lW
oBRI0IWjiBVKe8MgmwZtwMQ=
=relp
-----END PGP SIGNATURE-----
nimrod at midway:~/trees/tests/sample2> echo $?
2
--]

I looked into it further and noticed the line:
[--
gpg: gpg-agent is not available in this session
--]

I invoked gpg manually again:
[--
nimrod at midway:~/trees/tests/sample2> cat patch|gpg --clearsign --verbose

You need a passphrase to unlock the secret key for
user: "Nimrod A. Abing (Office) <nimrod at sti-capiz.dyndns.info>"
1024-bit DSA key, ID F1FC17FA, created 2004-12-08

gpg: writing to stdout
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


New patches:

[test5
nimrod.abing at gmail.com**20041211024712] {
addfile ./test4
}



Context:

[test3
nimrod.abing at gmail.com**20041210031430]
[test3
nimrod.abing at gmail.com**20041210025824]
[test2
nimrod.abing at gmail.com**20041209052212]
[test
nimrod.abing at gmail.com**20041209032208]

Patch bundle hash:
c255c82df9cd3523fc4e826c15ba58adfd204a01
gpg: DSA signature from: "F1FC17FA Nimrod A. Abing (Office)
<nimrod at sti-capiz.dyndns.info>"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFBumILi4/Cj/H8F/oRAsMuAJ9D4wJguRNK4da7ZZGPnQzlzGoIJwCfTQwc
IDOwjusCTBovkShjPBPIILI=
=ZHp3
-----END PGP SIGNATURE-----
nimrod at midway:~/trees/tests/sample2> darcs send --sign
Creating patch to ../sample...
Sending by email to Sample <nimrod at sti-capiz.dyndns.info>

Sat Dec 11 10:47:12 PHT 2004  nimrod.abing at gmail.com
  * test5
Shall I send this patch? (1/1) [ynWvxqadjk], or ? for help: x
A ./test4

Sat Dec 11 10:47:12 PHT 2004  nimrod.abing at gmail.com
  * test5
Shall I send this patch? (1/1) [ynWvxqadjk], or ? for help: a

You need a passphrase to unlock the secret key for
user: "Nimrod A. Abing (Office) <nimrod at sti-capiz.dyndns.info>"
1024-bit DSA key, ID F1FC17FA, created 2004-12-08

Successfully sent patch bundle to Sample <nimrod at sti-capiz.dyndns.info>.
nimrod at midway:~/trees/tests/sample2> cat patch|gpg --clearsign
--verbose --no-use-agent

You need a passphrase to unlock the secret key for
user: "Nimrod A. Abing (Office) <nimrod at sti-capiz.dyndns.info>"
1024-bit DSA key, ID F1FC17FA, created 2004-12-08

gpg: writing to stdout
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


New patches:

[test5
nimrod.abing at gmail.com**20041211024712] {
addfile ./test4
}



Context:

[test3
nimrod.abing at gmail.com**20041210031430]
[test3
nimrod.abing at gmail.com**20041210025824]
[test2
nimrod.abing at gmail.com**20041209052212]
[test
nimrod.abing at gmail.com**20041209032208]

Patch bundle hash:
c255c82df9cd3523fc4e826c15ba58adfd204a01
gpg: DSA signature from: "F1FC17FA Nimrod A. Abing (Office)
<nimrod at sti-capiz.dyndns.info>"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFBumJzi4/Cj/H8F/oRAs1zAJ9zJSuJ/QXXAy+quCkeAPpmgKBh2wCaAyfk
EuycZLkEqV9i6ET6zhPxqWg=
=nxfz
-----END PGP SIGNATURE-----
nimrod at midway:~/trees/tests/sample2> echo $?
0
--]

Yay!!! :)

I edit ~/.gnupg/gpg.conf and change the line use-agent to no-use-agent
just in case SuSE version of gpg has it hard coded to use-agent by
default.

Perhaps this should be mentioned in the darcs documentation?
Particularly in the part where you setup GnuPG?

I'm keeping the patch for displaying the error code btw. Just in case
my setup causes any more problems.
-- 
_nimrod_a_abing_




More information about the darcs-users mailing list