summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoey Hess2017-07-30 11:30:05 -0400
committerJoey Hess2017-07-30 11:30:05 -0400
commit15f292d177ee96f5a1d384ce50f5246e3f7ea630 (patch)
tree033838d01471f633534c38e5d967264ae2dda634
parent497e6b4a227dc977d6bb9fe5fe73aeeca9624244 (diff)
parent6f281e87084587987929dbb6a27671ad96858535 (diff)
Merge branch 'master' into joeyconfig
-rw-r--r--debian/changelog18
-rw-r--r--doc/forum/propellor_failed_to_sign_the_commit.mdwn30
-rw-r--r--doc/forum/propellor_failed_to_sign_the_commit/comment_1_c1dab7554841bd88d2109e9d46b31102._comment30
-rw-r--r--doc/forum/propellor_failed_to_sign_the_commit/comment_2_21ff16e0871e7069749cd6c47a6fc8fe._comment9
-rw-r--r--doc/news/version_4.6.0.mdwn8
-rw-r--r--doc/news/version_4.6.1.mdwn7
-rw-r--r--doc/news/version_4.7.2.mdwn7
-rw-r--r--doc/news/version_4.7.3.mdwn3
-rw-r--r--propellor.cabal2
-rw-r--r--src/Propellor/CmdLine.hs1
-rw-r--r--src/Propellor/Gpg.hs21
-rw-r--r--src/Propellor/Message.hs4
-rw-r--r--src/Propellor/Property/Rsync.hs2
13 files changed, 121 insertions, 21 deletions
diff --git a/debian/changelog b/debian/changelog
index 7645b371..e314a88c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,4 +1,18 @@
-propellor (4.7.2) UNRELEASED; urgency=medium
+propellor (4.7.4) UNRELEASED; urgency=medium
+
+ * Set GPG_TTY when run at a terminal, so that gpg can do password
+ prompting despite being connected by pipes to propellor (or git).
+ * Rsync: Make rsync display less verbose.
+
+ -- Joey Hess <id@joeyh.name> Sat, 29 Jul 2017 20:02:32 -0400
+
+propellor (4.7.3) unstable; urgency=medium
+
+ * Expand the Trace data type.
+
+ -- Joey Hess <id@joeyh.name> Sat, 29 Jul 2017 17:26:32 -0400
+
+propellor (4.7.2) unstable; urgency=medium
* Added PROPELLOR_TRACE environment variable, which can be set to 1 to
make propellor output serialized Propellor.Message.Trace values,
@@ -6,7 +20,7 @@ propellor (4.7.2) UNRELEASED; urgency=medium
* Rsync: Make rsync display its progress, in a minimal format to avoid
scrolling each file down the screen.
- -- Joey Hess <id@joeyh.name> Sat, 29 Jul 2017 14:05:30 -0400
+ -- Joey Hess <id@joeyh.name> Sat, 29 Jul 2017 15:49:00 -0400
propellor (4.7.1) unstable; urgency=medium
diff --git a/doc/forum/propellor_failed_to_sign_the_commit.mdwn b/doc/forum/propellor_failed_to_sign_the_commit.mdwn
new file mode 100644
index 00000000..83a4fd44
--- /dev/null
+++ b/doc/forum/propellor_failed_to_sign_the_commit.mdwn
@@ -0,0 +1,30 @@
+Hello since sometime on my computer gpgv1 -> gpgv2 transition on Debian
+
+I get this error message. (I need to say that I am using a NitroKey Pro for my gpg keys)
+
+ Propellor build ... done
+ error: gpg n'a pas pu signer les données
+ fatal: échec de l'écriture de l'objet commit
+ Git commit ... failed
+
+reading this bug report
+
+ https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=568375
+
+Ifound that I need to define
+
+
+ https://www.gnupg.org/documentation/manuals/gnupg/Common-Problems.html
+
+ The gpg-agent man page nowadays includes the following hint:
+
+ It is important to set the GPG_TTY environment variable in your login
+ shell, for example in the ‘~/.bashrc’ init script:
+
+ export GPG_TTY=$(tty)
+
+don't you think that propellor should define GPG_TTY in order to avoid this problem ?
+
+thanks
+
+Frederic
diff --git a/doc/forum/propellor_failed_to_sign_the_commit/comment_1_c1dab7554841bd88d2109e9d46b31102._comment b/doc/forum/propellor_failed_to_sign_the_commit/comment_1_c1dab7554841bd88d2109e9d46b31102._comment
new file mode 100644
index 00000000..2d2315c0
--- /dev/null
+++ b/doc/forum/propellor_failed_to_sign_the_commit/comment_1_c1dab7554841bd88d2109e9d46b31102._comment
@@ -0,0 +1,30 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 1"""
+ date="2017-07-30T14:51:13Z"
+ content="""
+I guess the problem involves running propellor at a unix tty, not in a
+GUI's virtual terminal?
+
+My limited understanding of `GPG_TTY`, refreshed by re-reading this ooold
+thread <https://bugs.debian.org/316388> is that gpg is normally able to
+detect if it's in a GUI or at a tty, and will prompt in the tty if
+necessary. Where that may fall down is when gpg is run with its stdio
+connected to pipes, since then probably isatty fails. Although in at least
+some cases, gpg apparently then
+[falls back to /dev/tty](https://dev.gnupg.org/T1434).
+
+Propellor runs gpg with stdin and stdout piped to it when eg, decrypting
+the privdata file. I tried `propellor --list-fields` at the linux console
+and it fails there.
+
+But, when I tried `propellor --spin host` at the linux console, that worked
+ok, including making the gpg signed git commit. Of course git is running
+gpg in this case, and perhaps my version of git has its own way to avoid
+this problem.
+
+This does seems like something propellor could work around fairly
+inexpensively.
+
+(See also [[propellor_and_gpg2]].)
+"""]]
diff --git a/doc/forum/propellor_failed_to_sign_the_commit/comment_2_21ff16e0871e7069749cd6c47a6fc8fe._comment b/doc/forum/propellor_failed_to_sign_the_commit/comment_2_21ff16e0871e7069749cd6c47a6fc8fe._comment
new file mode 100644
index 00000000..41120706
--- /dev/null
+++ b/doc/forum/propellor_failed_to_sign_the_commit/comment_2_21ff16e0871e7069749cd6c47a6fc8fe._comment
@@ -0,0 +1,9 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 2"""
+ date="2017-07-30T15:15:45Z"
+ content="""
+It seems that setting `GPG_TTY` does not force gpg to prompt at a tty
+when in a GUI. At least in X with gpg 2.1, I still get a GUI prompt from
+gpg. Good.
+"""]]
diff --git a/doc/news/version_4.6.0.mdwn b/doc/news/version_4.6.0.mdwn
deleted file mode 100644
index 673051ea..00000000
--- a/doc/news/version_4.6.0.mdwn
+++ /dev/null
@@ -1,8 +0,0 @@
-propellor 4.6.0 released with [[!toggle text="these changes"]]
-[[!toggleable text="""
- * Add Typeable instance to Bootstrapper, fixing build with old versions
- of ghc.
- * Network.static changed to take address and gateway parameters.
- If you used the old Network.static property, it has been renamed to
- Network.preserveStatic.
- (Minor API change)"""]] \ No newline at end of file
diff --git a/doc/news/version_4.6.1.mdwn b/doc/news/version_4.6.1.mdwn
deleted file mode 100644
index eb7bd940..00000000
--- a/doc/news/version_4.6.1.mdwn
+++ /dev/null
@@ -1,7 +0,0 @@
-propellor 4.6.1 released with [[!toggle text="these changes"]]
-[[!toggleable text="""
- * Added Network.dhcp' and Network.static', which allow specifying
- additional options for interfaces files.
- * Fix build failure on ghc-8.2.1
- Thanks, Sergei Trofimovich.
- * DiskImage: Fix strictness bug in .parttable read/write sequence."""]] \ No newline at end of file
diff --git a/doc/news/version_4.7.2.mdwn b/doc/news/version_4.7.2.mdwn
new file mode 100644
index 00000000..a81220b7
--- /dev/null
+++ b/doc/news/version_4.7.2.mdwn
@@ -0,0 +1,7 @@
+propellor 4.7.2 released with [[!toggle text="these changes"]]
+[[!toggleable text="""
+ * Added PROPELLOR\_TRACE environment variable, which can be set to 1 to
+ make propellor output serialized Propellor.Message.Trace values,
+ for consumption by another program.
+ * Rsync: Make rsync display its progress, in a minimal format to avoid
+ scrolling each file down the screen."""]] \ No newline at end of file
diff --git a/doc/news/version_4.7.3.mdwn b/doc/news/version_4.7.3.mdwn
new file mode 100644
index 00000000..87c58e81
--- /dev/null
+++ b/doc/news/version_4.7.3.mdwn
@@ -0,0 +1,3 @@
+propellor 4.7.3 released with [[!toggle text="these changes"]]
+[[!toggleable text="""
+ * Expand the Trace data type."""]] \ No newline at end of file
diff --git a/propellor.cabal b/propellor.cabal
index b7668af5..0d83fd64 100644
--- a/propellor.cabal
+++ b/propellor.cabal
@@ -1,5 +1,5 @@
Name: propellor
-Version: 4.7.1
+Version: 4.7.3
Cabal-Version: >= 1.20
License: BSD2
Maintainer: Joey Hess <id@joeyh.name>
diff --git a/src/Propellor/CmdLine.hs b/src/Propellor/CmdLine.hs
index cba5991d..bd01b34c 100644
--- a/src/Propellor/CmdLine.hs
+++ b/src/Propellor/CmdLine.hs
@@ -111,6 +111,7 @@ data CanRebuild = CanRebuild | NoRebuild
defaultMain :: [Host] -> IO ()
defaultMain hostlist = withConcurrentOutput $ do
useFileSystemEncoding
+ setupGpgEnv
Shim.cleanEnv
checkDebugMode
cmdline <- processCmdLine
diff --git a/src/Propellor/Gpg.hs b/src/Propellor/Gpg.hs
index 43c4eddf..5df16389 100644
--- a/src/Propellor/Gpg.hs
+++ b/src/Propellor/Gpg.hs
@@ -1,6 +1,8 @@
module Propellor.Gpg where
import System.IO
+import System.Posix.IO
+import System.Posix.Terminal
import Data.Maybe
import Control.Monad
import Control.Applicative
@@ -19,6 +21,25 @@ import Utility.Env
import Utility.Directory
import Utility.Split
+-- | When at a tty, set GPG_TTY to point to the tty device. This is needed
+-- so that when gpg is run with stio connected to a pipe, it is still able
+-- to display password prompts at the console.
+--
+-- This should not prevent gpg from using the GUI for prompting when one is
+-- available.
+setupGpgEnv :: IO ()
+setupGpgEnv = checkhandles [stdInput, stdOutput, stdError]
+ where
+ checkhandles [] = return ()
+ checkhandles (h:hs) = do
+ isterm <- queryTerminal h
+ if isterm
+ then do
+ ttyname <- getTerminalName h
+ -- do not overwrite
+ setEnv "GPG_TTY" ttyname False
+ else checkhandles hs
+
type KeyId = String
getGpgBin :: IO String
diff --git a/src/Propellor/Message.hs b/src/Propellor/Message.hs
index 441be76e..51d9babb 100644
--- a/src/Propellor/Message.hs
+++ b/src/Propellor/Message.hs
@@ -42,7 +42,7 @@ import Utility.PartialPrelude
-- make propellor emit these to stdout, in addition to its other output.
data Trace
= ActionStart (Maybe HostName) Desc
- | ActionEnd Result
+ | ActionEnd (Maybe HostName) Desc Result
deriving (Read, Show)
-- | Given a line read from propellor, if it's a serialized Trace,
@@ -110,7 +110,7 @@ actionMessage' mhn desc a = do
, let (msg, intensity, color) = getActionResult r
in colorLine intensity color msg
]
- liftIO $ trace $ ActionEnd $ toResult r
+ liftIO $ trace $ ActionEnd mhn desc (toResult r)
return r
where
diff --git a/src/Propellor/Property/Rsync.hs b/src/Propellor/Property/Rsync.hs
index c7ff3287..d922e79f 100644
--- a/src/Propellor/Property/Rsync.hs
+++ b/src/Propellor/Property/Rsync.hs
@@ -46,7 +46,7 @@ newtype Pattern = Pattern String
-- is found, the file is processed.
syncDirFiltered :: [Filter] -> Src -> Dest -> Property (DebianLike + ArchLinux)
syncDirFiltered filters src dest = rsync $
- [ "-av"
+ [ "-a"
-- Add trailing '/' to get rsync to sync the Dest directory,
-- rather than a subdir inside it, which it will do without a
-- trailing '/'.