2.1.19 testing failures on the debian build daemons

Daniel Kahn Gillmor dkg at fifthhorseman.net
Sun Mar 19 23:48:59 CET 2017


Hi Justus--

On Fri 2017-03-17 15:09:59 -0400, Justus Winter wrote:
> Daniel Kahn Gillmor <dkg at fifthhorseman.net> writes:
>
>> the debian build daemons are all failing to build 2.1.19-1 (which
>> includes many post-release bugfix patches, on top of 2.1.19 itself):
>
> I bet gpgconf --create-socketdir fails.  Can you arrange make check to
> be invoked with verbose=3?

sure, will do.

I'm quite sure that --create-socketdir fails, fwiw.  I just tested this
on a user account which had a deliberately-locked-out /run/user/$(id -u)
directory.  That test failed in the same way.  if you care, trying to
run these commands directly looks like this:

0 abc123 at testsystem:~$ gpgconf --create-socketdir
gpgconf: socketdir is '/home/abc123/.gnupg'
gpgconf: 	general error
gpgconf: 	bad permissions
gpgconf: 	using homedir as fallback
gpgconf: error creating socket directory
gpgconf: fatal error (exit status 1)
1 abc123 at testsystem:~$ GNUPGHOME=$(mktemp -d) gpgconf --create-socketdir
gpgconf: socketdir is '/tmp/tmp.CHRspkaiJX'
gpgconf: 	general error
gpgconf: 	bad permissions
gpgconf: 	using homedir as fallback
gpgconf: error creating socket directory
gpgconf: fatal error (exit status 1)
1 abc123 at testsystem:~$


I believe that the debian build daemons are not guaranteed to have
/run/user/$(id -u) available during the build process.  The build may be
done inside of a chroot, or in some other particularly constrained
container that does not guarantee the presence of /run at all.

So i'm wondering what you think i should do about this.  I see a few
options (i'd be happy to entertain others if you can suggest them):

 a) i can try to update the debian builder infrastructure to always
    supply /run/user/$(id -u) as part of any package build process

 b) the GnuPG source can not require it as a part of the test suite

 c) i can just have the GnuPG package skip the test suite entirely.

 d) i can configure the GnuPG package to deliberately skip the parts of
    the test suite that require an active and present /run/user/$(id -u)


(a) is likely to take quite a long time (if it succeeds at all; i don't
know what kinds of pushback i'm likely to get).  If this is the desired
outcome, it may be a while before a new version of GnuPG is buildable on
debian's infrastructure.

(c) is easiest for me to do, but it sounds like a terrible plan -- the
test suite is a great thing for the GnuPG project, and i like the idea
of running it in as many environments as possible.

So i think that (b) would be my preference, though if there was a
straightforward way to do (d) i'd be willing to accept it as an interim
step.

        --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: </pipermail/attachments/20170319/65e5cfc8/attachment.sig>


More information about the Gnupg-devel mailing list