git@vger.kernel.org mailing list mirror (one of many)
 help / color / mirror / code / Atom feed
From: Henning Schild <henning.schild@siemens.com>
To: Todd Zullinger <tmz@pobox.com>
Cc: <git@vger.kernel.org>
Subject: Re: [PATCH 0/2] t/lib-gpg: a gpgsm fix, a minor improvement, and a question
Date: Fri, 8 Feb 2019 09:33:24 +0100	[thread overview]
Message-ID: <20190208093324.7b17f270@md1za8fc.ad001.siemens.net> (raw)
In-Reply-To: <20190208031746.22683-1-tmz@pobox.com>

Hi,

both patches look good to me. Killing the agent once should be enough,
i remember manually killing it many times as i was looking for a way to
generate certs and trust (configure gpgsm for the test). That is
probably why i copied it over in the first place.

Henning

Am Thu, 7 Feb 2019 22:17:44 -0500
schrieb Todd Zullinger <tmz@pobox.com>:

> Hi,
> 
> Looking through the build logs for the fedora git packages, I noticed
> it was missing the GPGSM prereq.  I added the necessary package to the
> build requirements but GPGSM was still failing to be set.  This turned
> out to be due to a use of ${GNUPGHOME} without quoting, which leads
> to a non-zero exit from echo and the end of the happy && chain when
> using bash as the test shell.  Fixing this allows the GPGSM test
> prereq to be set.
> 
> While I was poking around I also saw an extra gpgconf call to kill
> gpg-agent.  This was copied from the GPG block earlier in lib-gpg.sh,
> but should not be needed (as far as I can tell).  I don't think it can
> cause any real harm apart from causing gpg and gpgsm to start the
> agent more often than necessary.  But I didn't run the tests with the
> --stress option to look for potential issues that could be more
> serious.
> 
> Lastly, the GPG test prereq was failing in two of the tests where it
> was used, t5573-pull-verify-signatures and
> t7612-merge-verify-signatures.  I tracked this down to an annoying
> issue with gnugp-2¹, which recently became the default /bin/gpg in
> fedora².
> 
> Using gnupg2 as /bin/gpg means using gpg-agent by default.  When
> using a non-standard GNUPGHOME, gpg-agent defaults to putting its
> socket files in GNUPGHOME and fails if the path for any of them is
> longer than sun_path (108 chars on linux, 104 on OpenBSD and FreeBSD,
> and likely similar on other unices).
> 
> When building in the typical fedora build tool (mock), the path to the
> git test dir is "/builddir/build/BUILD/git-2.20.1/t."  That path then
> has "trash directory.$TEST_NAME$TEST_STRESS_JOB_SFX" appended and a
> "gpghome" directory within.  For t5573 and t7612, the gpg-agent socket
> path for S.gpg-agent.browser exceeds the sun_path limit and gpg-agent
> fails to start.  Sadly, this is handled poorly by gpg and makes the
> tests fail to set either the GPG or GPGSM prereqs.
> 
> For the fedora packages, I decided to pass --root=/tmp/git-t.XXXX (via
> mktemp, of course) to the test suite which ensures a path short enough
> to keep gpg-agent happy.
> 
> I don't know if there are other packagers or builders who run into
> this, so maybe it's not worth much effort to try and have the test
> suite cope better.  It took me longer than I would have liked to
> track it down, so I thought I'd mention it in case anyone else has
> run into this or has thoughts on how to improve lib-gpg.sh while
> waiting for GnuPG to improve this area.
> 
> A GIT_TEST_GNUPGHOME_ROOT var to set the root path for the GNUPGHOME
> dirs in the tests is one thought I had, but didn't try to put it into
> patch form.  Setting the --root test option is probably enough control
> for most cases.
> 
> ¹ https://dev.gnupg.org/T2964
> ²
> https://fedoraproject.org/wiki/Changes/GnuPG2_as_default_GPG_implementation
> 
> Todd Zullinger (2):
>   t/lib-gpg: quote path to ${GNUPGHOME}/trustlist.txt
>   t/lib-gpg: drop redundant killing of gpg-agent
> 
>  t/lib-gpg.sh | 3 +--
>  1 file changed, 1 insertion(+), 2 deletions(-)
> 


  parent reply	other threads:[~2019-02-08  8:39 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-02-08  3:17 [PATCH 0/2] t/lib-gpg: a gpgsm fix, a minor improvement, and a question Todd Zullinger
2019-02-08  3:17 ` [PATCH 1/2] t/lib-gpg: quote path to ${GNUPGHOME}/trustlist.txt Todd Zullinger
2019-02-08 20:11   ` SZEDER Gábor
2019-02-08 20:25     ` Todd Zullinger
2019-02-08 20:35       ` SZEDER Gábor
2019-02-08  3:17 ` [PATCH 2/2] t/lib-gpg: drop redundant killing of gpg-agent Todd Zullinger
2019-02-08  8:33 ` Henning Schild [this message]
2019-02-08 18:04   ` [PATCH 0/2] t/lib-gpg: a gpgsm fix, a minor improvement, and a question Junio C Hamano
2019-02-09 14:06 ` SZEDER Gábor
2019-02-09 23:05   ` Todd Zullinger
2019-02-11 19:51     ` SZEDER Gábor
2019-02-14  6:32       ` Todd Zullinger
2019-02-12  0:44   ` Jeff King
2019-02-12  2:38     ` Junio C Hamano
2019-02-12  2:45     ` SZEDER Gábor

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: http://vger.kernel.org/majordomo-info.html

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190208093324.7b17f270@md1za8fc.ad001.siemens.net \
    --to=henning.schild@siemens.com \
    --cc=git@vger.kernel.org \
    --cc=tmz@pobox.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
Code repositories for project(s) associated with this public inbox

	https://80x24.org/mirrors/git.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).