From 0d141bdb8f3e06258b43fdeea00016753c936a5b Mon Sep 17 00:00:00 2001 From: picca Date: Sat, 29 Jul 2017 17:58:06 +0000 Subject: --- doc/forum/propellor_failed_to_sign_the_commit.mdwn | 30 ++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 doc/forum/propellor_failed_to_sign_the_commit.mdwn diff --git a/doc/forum/propellor_failed_to_sign_the_commit.mdwn b/doc/forum/propellor_failed_to_sign_the_commit.mdwn new file mode 100644 index 00000000..83a4fd44 --- /dev/null +++ b/doc/forum/propellor_failed_to_sign_the_commit.mdwn @@ -0,0 +1,30 @@ +Hello since sometime on my computer gpgv1 -> gpgv2 transition on Debian + +I get this error message. (I need to say that I am using a NitroKey Pro for my gpg keys) + + Propellor build ... done + error: gpg n'a pas pu signer les données + fatal: échec de l'écriture de l'objet commit + Git commit ... failed + +reading this bug report + + https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=568375 + +Ifound that I need to define + + + https://www.gnupg.org/documentation/manuals/gnupg/Common-Problems.html + + The gpg-agent man page nowadays includes the following hint: + + It is important to set the GPG_TTY environment variable in your login + shell, for example in the ‘~/.bashrc’ init script: + + export GPG_TTY=$(tty) + +don't you think that propellor should define GPG_TTY in order to avoid this problem ? + +thanks + +Frederic -- cgit v1.2.3 From fa3637892ed034cf5f8f72f07f67cc7a9f65dcfe Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 29 Jul 2017 15:49:20 -0400 Subject: releasing package propellor version 4.7.2 --- debian/changelog | 4 ++-- propellor.cabal | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/debian/changelog b/debian/changelog index 7645b371..5c9cddd2 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -propellor (4.7.2) UNRELEASED; urgency=medium +propellor (4.7.2) unstable; urgency=medium * Added PROPELLOR_TRACE environment variable, which can be set to 1 to make propellor output serialized Propellor.Message.Trace values, @@ -6,7 +6,7 @@ propellor (4.7.2) UNRELEASED; urgency=medium * Rsync: Make rsync display its progress, in a minimal format to avoid scrolling each file down the screen. - -- Joey Hess Sat, 29 Jul 2017 14:05:30 -0400 + -- Joey Hess Sat, 29 Jul 2017 15:49:00 -0400 propellor (4.7.1) unstable; urgency=medium diff --git a/propellor.cabal b/propellor.cabal index b7668af5..0156734f 100644 --- a/propellor.cabal +++ b/propellor.cabal @@ -1,5 +1,5 @@ Name: propellor -Version: 4.7.1 +Version: 4.7.2 Cabal-Version: >= 1.20 License: BSD2 Maintainer: Joey Hess -- cgit v1.2.3 From 1c7ed564dbeac3bb5046fd597c4a7396f59be306 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 29 Jul 2017 15:49:46 -0400 Subject: add news item for propellor 4.7.2 --- doc/news/version_4.6.0.mdwn | 8 -------- doc/news/version_4.7.2.mdwn | 7 +++++++ 2 files changed, 7 insertions(+), 8 deletions(-) delete mode 100644 doc/news/version_4.6.0.mdwn create mode 100644 doc/news/version_4.7.2.mdwn diff --git a/doc/news/version_4.6.0.mdwn b/doc/news/version_4.6.0.mdwn deleted file mode 100644 index 673051ea..00000000 --- a/doc/news/version_4.6.0.mdwn +++ /dev/null @@ -1,8 +0,0 @@ -propellor 4.6.0 released with [[!toggle text="these changes"]] -[[!toggleable text=""" - * Add Typeable instance to Bootstrapper, fixing build with old versions - of ghc. - * Network.static changed to take address and gateway parameters. - If you used the old Network.static property, it has been renamed to - Network.preserveStatic. - (Minor API change)"""]] \ No newline at end of file diff --git a/doc/news/version_4.7.2.mdwn b/doc/news/version_4.7.2.mdwn new file mode 100644 index 00000000..a81220b7 --- /dev/null +++ b/doc/news/version_4.7.2.mdwn @@ -0,0 +1,7 @@ +propellor 4.7.2 released with [[!toggle text="these changes"]] +[[!toggleable text=""" + * Added PROPELLOR\_TRACE environment variable, which can be set to 1 to + make propellor output serialized Propellor.Message.Trace values, + for consumption by another program. + * Rsync: Make rsync display its progress, in a minimal format to avoid + scrolling each file down the screen."""]] \ No newline at end of file -- cgit v1.2.3 From 236ba63c7eece6adccae589fc0acc1425918d4eb Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 29 Jul 2017 17:24:24 -0400 Subject: Expand the Trace data type. Technically this is an API change, but the only thing I'm breaking at this point is my own unreleased software. --- debian/changelog | 6 ++++++ src/Propellor/Message.hs | 4 ++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/debian/changelog b/debian/changelog index 5c9cddd2..188c34c6 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +propellor (4.7.3) UNRELEASED; urgency=medium + + * Expand the Trace data type. + + -- Joey Hess Sat, 29 Jul 2017 17:23:44 -0400 + propellor (4.7.2) unstable; urgency=medium * Added PROPELLOR_TRACE environment variable, which can be set to 1 to diff --git a/src/Propellor/Message.hs b/src/Propellor/Message.hs index 690056e4..435a12b2 100644 --- a/src/Propellor/Message.hs +++ b/src/Propellor/Message.hs @@ -42,7 +42,7 @@ import Utility.PartialPrelude -- make propellor emit these to stdout, in addition to its other output. data Trace = ActionStart (Maybe HostName) Desc - | ActionEnd Result + | ActionEnd (Maybe HostName) Desc Result deriving (Read, Show) -- | Given a line read from propellor, if it's a serialized Trace, @@ -101,7 +101,7 @@ actionMessage' mhn desc a = do liftIO $ trace $ ActionStart mhn desc r <- a - liftIO $ trace $ ActionEnd $ toResult r + liftIO $ trace $ ActionEnd mhn desc (toResult r) liftIO $ outputConcurrent . concat =<< sequence [ whenConsole $ -- cgit v1.2.3 From 9290ab7401983cae33827ca5698fc4c647c4fb4d Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 29 Jul 2017 17:26:41 -0400 Subject: releasing package propellor version 4.7.3 --- debian/changelog | 4 ++-- propellor.cabal | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/debian/changelog b/debian/changelog index 188c34c6..26d2e515 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,8 +1,8 @@ -propellor (4.7.3) UNRELEASED; urgency=medium +propellor (4.7.3) unstable; urgency=medium * Expand the Trace data type. - -- Joey Hess Sat, 29 Jul 2017 17:23:44 -0400 + -- Joey Hess Sat, 29 Jul 2017 17:26:32 -0400 propellor (4.7.2) unstable; urgency=medium diff --git a/propellor.cabal b/propellor.cabal index 0156734f..0d83fd64 100644 --- a/propellor.cabal +++ b/propellor.cabal @@ -1,5 +1,5 @@ Name: propellor -Version: 4.7.2 +Version: 4.7.3 Cabal-Version: >= 1.20 License: BSD2 Maintainer: Joey Hess -- cgit v1.2.3 From 4654d93aea404afe312318468be89ae6d3198555 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 29 Jul 2017 17:27:03 -0400 Subject: add news item for propellor 4.7.3 --- doc/news/version_4.6.1.mdwn | 7 ------- doc/news/version_4.7.3.mdwn | 3 +++ 2 files changed, 3 insertions(+), 7 deletions(-) delete mode 100644 doc/news/version_4.6.1.mdwn create mode 100644 doc/news/version_4.7.3.mdwn diff --git a/doc/news/version_4.6.1.mdwn b/doc/news/version_4.6.1.mdwn deleted file mode 100644 index eb7bd940..00000000 --- a/doc/news/version_4.6.1.mdwn +++ /dev/null @@ -1,7 +0,0 @@ -propellor 4.6.1 released with [[!toggle text="these changes"]] -[[!toggleable text=""" - * Added Network.dhcp' and Network.static', which allow specifying - additional options for interfaces files. - * Fix build failure on ghc-8.2.1 - Thanks, Sergei Trofimovich. - * DiskImage: Fix strictness bug in .parttable read/write sequence."""]] \ No newline at end of file diff --git a/doc/news/version_4.7.3.mdwn b/doc/news/version_4.7.3.mdwn new file mode 100644 index 00000000..87c58e81 --- /dev/null +++ b/doc/news/version_4.7.3.mdwn @@ -0,0 +1,3 @@ +propellor 4.7.3 released with [[!toggle text="these changes"]] +[[!toggleable text=""" + * Expand the Trace data type."""]] \ No newline at end of file -- cgit v1.2.3 From 7c82cb564358f8623ea584f5bea1c17b8ac29e38 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 29 Jul 2017 20:02:49 -0400 Subject: Rsync: Make rsync display less verbose. --- debian/changelog | 6 ++++++ src/Propellor/Property/Rsync.hs | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/debian/changelog b/debian/changelog index 26d2e515..43abea1c 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +propellor (4.7.4) UNRELEASED; urgency=medium + + * Rsync: Make rsync display less verbose. + + -- Joey Hess Sat, 29 Jul 2017 20:02:32 -0400 + propellor (4.7.3) unstable; urgency=medium * Expand the Trace data type. diff --git a/src/Propellor/Property/Rsync.hs b/src/Propellor/Property/Rsync.hs index c7ff3287..d922e79f 100644 --- a/src/Propellor/Property/Rsync.hs +++ b/src/Propellor/Property/Rsync.hs @@ -46,7 +46,7 @@ newtype Pattern = Pattern String -- is found, the file is processed. syncDirFiltered :: [Filter] -> Src -> Dest -> Property (DebianLike + ArchLinux) syncDirFiltered filters src dest = rsync $ - [ "-av" + [ "-a" -- Add trailing '/' to get rsync to sync the Dest directory, -- rather than a subdir inside it, which it will do without a -- trailing '/'. -- cgit v1.2.3 From abf589daa0232fdb9c8e4525bcfc952d0ee42c4e Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 30 Jul 2017 11:13:15 -0400 Subject: comment --- ...ent_1_c1dab7554841bd88d2109e9d46b31102._comment | 30 ++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 doc/forum/propellor_failed_to_sign_the_commit/comment_1_c1dab7554841bd88d2109e9d46b31102._comment diff --git a/doc/forum/propellor_failed_to_sign_the_commit/comment_1_c1dab7554841bd88d2109e9d46b31102._comment b/doc/forum/propellor_failed_to_sign_the_commit/comment_1_c1dab7554841bd88d2109e9d46b31102._comment new file mode 100644 index 00000000..2d2315c0 --- /dev/null +++ b/doc/forum/propellor_failed_to_sign_the_commit/comment_1_c1dab7554841bd88d2109e9d46b31102._comment @@ -0,0 +1,30 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 1""" + date="2017-07-30T14:51:13Z" + content=""" +I guess the problem involves running propellor at a unix tty, not in a +GUI's virtual terminal? + +My limited understanding of `GPG_TTY`, refreshed by re-reading this ooold +thread is that gpg is normally able to +detect if it's in a GUI or at a tty, and will prompt in the tty if +necessary. Where that may fall down is when gpg is run with its stdio +connected to pipes, since then probably isatty fails. Although in at least +some cases, gpg apparently then +[falls back to /dev/tty](https://dev.gnupg.org/T1434). + +Propellor runs gpg with stdin and stdout piped to it when eg, decrypting +the privdata file. I tried `propellor --list-fields` at the linux console +and it fails there. + +But, when I tried `propellor --spin host` at the linux console, that worked +ok, including making the gpg signed git commit. Of course git is running +gpg in this case, and perhaps my version of git has its own way to avoid +this problem. + +This does seems like something propellor could work around fairly +inexpensively. + +(See also [[propellor_and_gpg2]].) +"""]] -- cgit v1.2.3 From 31709484a6fe162cd66d38f61858fb14be9efddd Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 30 Jul 2017 11:17:50 -0400 Subject: comment --- .../comment_2_21ff16e0871e7069749cd6c47a6fc8fe._comment | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 doc/forum/propellor_failed_to_sign_the_commit/comment_2_21ff16e0871e7069749cd6c47a6fc8fe._comment diff --git a/doc/forum/propellor_failed_to_sign_the_commit/comment_2_21ff16e0871e7069749cd6c47a6fc8fe._comment b/doc/forum/propellor_failed_to_sign_the_commit/comment_2_21ff16e0871e7069749cd6c47a6fc8fe._comment new file mode 100644 index 00000000..41120706 --- /dev/null +++ b/doc/forum/propellor_failed_to_sign_the_commit/comment_2_21ff16e0871e7069749cd6c47a6fc8fe._comment @@ -0,0 +1,9 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 2""" + date="2017-07-30T15:15:45Z" + content=""" +It seems that setting `GPG_TTY` does not force gpg to prompt at a tty +when in a GUI. At least in X with gpg 2.1, I still get a GUI prompt from +gpg. Good. +"""]] -- cgit v1.2.3 From 6f281e87084587987929dbb6a27671ad96858535 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 30 Jul 2017 11:29:12 -0400 Subject: Set GPG_TTY when run at a terminal so that gpg can do password prompting despite being connected by pipes to propellor (or git). --- debian/changelog | 2 ++ src/Propellor/CmdLine.hs | 1 + src/Propellor/Gpg.hs | 21 +++++++++++++++++++++ 3 files changed, 24 insertions(+) diff --git a/debian/changelog b/debian/changelog index 43abea1c..e314a88c 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,5 +1,7 @@ propellor (4.7.4) UNRELEASED; urgency=medium + * Set GPG_TTY when run at a terminal, so that gpg can do password + prompting despite being connected by pipes to propellor (or git). * Rsync: Make rsync display less verbose. -- Joey Hess Sat, 29 Jul 2017 20:02:32 -0400 diff --git a/src/Propellor/CmdLine.hs b/src/Propellor/CmdLine.hs index cba5991d..bd01b34c 100644 --- a/src/Propellor/CmdLine.hs +++ b/src/Propellor/CmdLine.hs @@ -111,6 +111,7 @@ data CanRebuild = CanRebuild | NoRebuild defaultMain :: [Host] -> IO () defaultMain hostlist = withConcurrentOutput $ do useFileSystemEncoding + setupGpgEnv Shim.cleanEnv checkDebugMode cmdline <- processCmdLine diff --git a/src/Propellor/Gpg.hs b/src/Propellor/Gpg.hs index 43c4eddf..5df16389 100644 --- a/src/Propellor/Gpg.hs +++ b/src/Propellor/Gpg.hs @@ -1,6 +1,8 @@ module Propellor.Gpg where import System.IO +import System.Posix.IO +import System.Posix.Terminal import Data.Maybe import Control.Monad import Control.Applicative @@ -19,6 +21,25 @@ import Utility.Env import Utility.Directory import Utility.Split +-- | When at a tty, set GPG_TTY to point to the tty device. This is needed +-- so that when gpg is run with stio connected to a pipe, it is still able +-- to display password prompts at the console. +-- +-- This should not prevent gpg from using the GUI for prompting when one is +-- available. +setupGpgEnv :: IO () +setupGpgEnv = checkhandles [stdInput, stdOutput, stdError] + where + checkhandles [] = return () + checkhandles (h:hs) = do + isterm <- queryTerminal h + if isterm + then do + ttyname <- getTerminalName h + -- do not overwrite + setEnv "GPG_TTY" ttyname False + else checkhandles hs + type KeyId = String getGpgBin :: IO String -- cgit v1.2.3