GnuPG 2.2 on elder Debian & Ubuntu distros
Phil Pennock
gnupg-devel at spodhuis.org
Fri Oct 27 18:24:45 CEST 2017
On 2017-10-27 at 16:06 +0200, Bernhard Reiter wrote:
> As a number of GNU distributions are still around and maintained,
> the questions comes up: How does someone get packages
> for GnuPG 2.2?
>
> Right now I focus on deb based systems:
>
> Debian Jessie, Stretch
> Ubuntu LTS 12.04, 14.06, 16.04
Because the package repo verification uses PGP and other bits of system
tooling have certain expectations of GnuPG as-installed, I have taken
the stance of "leave the system installs alone". Instead, I use
`/opt/gnupg` and I install everything under there.
I then use Vagrant to build for various different OS/distribution
releases.
Thus at <https://public-packages.pennock.tech/> I have packages for 4 of
the 5 releases you mention (amd64-only). I install the `optgnupg-gnupg`
package and I end up with:
ii optgnupg-gmp 6.1.2-pt2
ii optgnupg-gnupg 2.2.1-pt1
ii optgnupg-gnutls 3.5.15-pt2
ii optgnupg-libassuan 2.4.3-pt1
ii optgnupg-libgcrypt 1.8.1-pt1
ii optgnupg-libgpg-error 1.27-pt1
ii optgnupg-libksba 1.3.5-pt1
ii optgnupg-nettle 3.3-pt1
ii optgnupg-npth 1.5-pt1
ii optgnupg-pinentry 1.0.0-pt3
It's then just a matter of using `$PATH` for users so that I can use a
capable modern GnuPG for all my stuff, while leaving the system tooling
alone.
I'm using `aptly` for managing the apt repo setup.
There's a `swdb.lst` file (and associated signature) which tells you the
current versions of all the GnuPG software.
I have an "X depends on Y" config file which I can feed into tsort(1)
which currently produces this package dependency ordering:
libgpg-error npth gmp libassuan libksba libgcrypt nettle pinentry gnutls gnupg22
To help you get started, I've attached two JSON files which I use as
configuration for the builds, reading them should help see how things
fit together and what options are needed.
-Phil
-------------- next part --------------
A non-text attachment was scrubbed...
Name: configures.json
Type: application/json
Size: 3089 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20171027/caef4dca/attachment.json>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: versions.json
Type: application/json
Size: 748 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20171027/caef4dca/attachment-0001.json>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 996 bytes
Desc: Digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20171027/caef4dca/attachment.sig>
More information about the Gnupg-devel
mailing list