sbuild 0.70.0-1 no longer installs gnupg into chroots on each build. That means that if you have an sbuild apt keypair generated, the build will fail unless you enter the source chroot and install gnupg.
It turns out that the apt keypair is only needed if you're trying to build for squeeze or older. Otherwise, you can just use sbuild without such a keypair. So we have two options to fix Sbuild.hs:
Install gnupg into chroots.
This is easy for newly created chroots.
The code to update existing chroots will be unpleasant, because we don't want to run propellor inside the sbuild chroot so that it remains standardised (that's why we create it with sbuild-createchroot).
Drop support for building for squeeze and newer, replacing the
keypairGenerated
andkeypairInsecurelyGenerated
properties with a property that ensures that the keypair directory does not exist.Squeeze is very old.
This will simplify and speed up chroot creation and builds.
I'd like feedback on these two options before preparing a patch for one of them.
--spwhitton
I think it would be fine to drop wheezy support.
After all, propellor doesn't support installing on wheezy systems generally since over a year ago. (Though these kinds of chroots used for building stuff might have good reasons to want such an old version.)
But it's really up to you.
Please consider merging my
sbuild-0.71.0
branch.The only functional change is that
Sbuild.keygen{Insecurely,}Generated
are now optional.The rest of the changes are documentation. They explain precisely when you need
Sbuild.keygenGenerated
, how to deal with the gpg->gpg2 issues that have arisen recently (not this module's fault) and make clearer some situations the module was never able to deal with (e.g. building for squeeze).