git@vger.kernel.org list mirror (unofficial, one of many)
 help / color / Atom feed
From: Todd Zullinger <tmz@pobox.com>
To: git@vger.kernel.org
Cc: Henning Schild <henning.schild@siemens.com>
Subject: [PATCH 0/2] t/lib-gpg: a gpgsm fix, a minor improvement, and a question
Date: Thu,  7 Feb 2019 22:17:44 -0500
Message-ID: <20190208031746.22683-1-tmz@pobox.com> (raw)

Hi,

Looking through the build logs for the fedora git packages, I noticed it
was missing the GPGSM prereq.  I added the necessary package to the
build requirements but GPGSM was still failing to be set.  This turned
out to be due to a use of ${GNUPGHOME} without quoting, which leads to a
non-zero exit from echo and the end of the happy && chain when using
bash as the test shell.  Fixing this allows the GPGSM test prereq to be
set.

While I was poking around I also saw an extra gpgconf call to kill
gpg-agent.  This was copied from the GPG block earlier in lib-gpg.sh,
but should not be needed (as far as I can tell).  I don't think it can
cause any real harm apart from causing gpg and gpgsm to start the agent
more often than necessary.  But I didn't run the tests with the --stress
option to look for potential issues that could be more serious.

Lastly, the GPG test prereq was failing in two of the tests where it was
used, t5573-pull-verify-signatures and t7612-merge-verify-signatures.  I
tracked this down to an annoying issue with gnugp-2¹, which recently
became the default /bin/gpg in fedora².

Using gnupg2 as /bin/gpg means using gpg-agent by default.  When using a
non-standard GNUPGHOME, gpg-agent defaults to putting its socket files
in GNUPGHOME and fails if the path for any of them is longer than
sun_path (108 chars on linux, 104 on OpenBSD and FreeBSD, and likely
similar on other unices).

When building in the typical fedora build tool (mock), the path to the
git test dir is "/builddir/build/BUILD/git-2.20.1/t."  That path then
has "trash directory.$TEST_NAME$TEST_STRESS_JOB_SFX" appended and a
"gpghome" directory within.  For t5573 and t7612, the gpg-agent socket
path for S.gpg-agent.browser exceeds the sun_path limit and gpg-agent
fails to start.  Sadly, this is handled poorly by gpg and makes the
tests fail to set either the GPG or GPGSM prereqs.

For the fedora packages, I decided to pass --root=/tmp/git-t.XXXX (via
mktemp, of course) to the test suite which ensures a path short enough
to keep gpg-agent happy.

I don't know if there are other packagers or builders who run into this,
so maybe it's not worth much effort to try and have the test suite cope
better.  It took me longer than I would have liked to track it down, so
I thought I'd mention it in case anyone else has run into this or has
thoughts on how to improve lib-gpg.sh while waiting for GnuPG to improve
this area.

A GIT_TEST_GNUPGHOME_ROOT var to set the root path for the GNUPGHOME
dirs in the tests is one thought I had, but didn't try to put it into
patch form.  Setting the --root test option is probably enough control
for most cases.

¹ https://dev.gnupg.org/T2964
² https://fedoraproject.org/wiki/Changes/GnuPG2_as_default_GPG_implementation

Todd Zullinger (2):
  t/lib-gpg: quote path to ${GNUPGHOME}/trustlist.txt
  t/lib-gpg: drop redundant killing of gpg-agent

 t/lib-gpg.sh | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

-- 
Todd

             reply index

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-02-08  3:17 Todd Zullinger [this message]
2019-02-08  3:17 ` [PATCH 1/2] t/lib-gpg: quote path to ${GNUPGHOME}/trustlist.txt Todd Zullinger
2019-02-08 20:11   ` SZEDER Gábor
2019-02-08 20:25     ` Todd Zullinger
2019-02-08 20:35       ` SZEDER Gábor
2019-02-08  3:17 ` [PATCH 2/2] t/lib-gpg: drop redundant killing of gpg-agent Todd Zullinger
2019-02-08  8:33 ` [PATCH 0/2] t/lib-gpg: a gpgsm fix, a minor improvement, and a question Henning Schild
2019-02-08 18:04   ` Junio C Hamano
2019-02-09 14:06 ` SZEDER Gábor
2019-02-09 23:05   ` Todd Zullinger
2019-02-11 19:51     ` SZEDER Gábor
2019-02-14  6:32       ` Todd Zullinger
2019-02-12  0:44   ` Jeff King
2019-02-12  2:38     ` Junio C Hamano
2019-02-12  2:45     ` SZEDER Gábor

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: http://vger.kernel.org/majordomo-info.html

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190208031746.22683-1-tmz@pobox.com \
    --to=tmz@pobox.com \
    --cc=git@vger.kernel.org \
    --cc=henning.schild@siemens.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

git@vger.kernel.org list mirror (unofficial, one of many)

Archives are clonable:
	git clone --mirror https://public-inbox.org/git
	git clone --mirror http://ou63pmih66umazou.onion/git
	git clone --mirror http://czquwvybam4bgbro.onion/git
	git clone --mirror http://hjrcffqmbrq6wope.onion/git

Newsgroups are available over NNTP:
	nntp://news.public-inbox.org/inbox.comp.version-control.git
	nntp://ou63pmih66umazou.onion/inbox.comp.version-control.git
	nntp://czquwvybam4bgbro.onion/inbox.comp.version-control.git
	nntp://hjrcffqmbrq6wope.onion/inbox.comp.version-control.git
	nntp://news.gmane.org/gmane.comp.version-control.git

 note: .onion URLs require Tor: https://www.torproject.org/

AGPL code for this site: git clone https://public-inbox.org/ public-inbox