swdb.lst, gnupg21 and gnupg-2.2.0

Phil Pennock gnupg-devel at spodhuis.org
Tue Sep 5 17:45:40 CEST 2017

On 2017-09-05 at 10:38 +0200, Andre Heinecke wrote:
> IMO we should declare the swdb.lst as an internal format and request users to 
> use gpgconf --query-swdb.

Doesn't help when you're building the packages which would provide
gpgconf and want to get and verify the current versions automatically.

Ubuntu Xenial ships with `gpgconf (GnuPG) 2.1.11` which does not support
the `--query-swdb` flag.  That's the current Long Term Support release.
Ubuntu Trusty is still supported until 2019, but ships with
`gpgconf (GnuPG) 2.0.22` in its `gnupg2` package.

The tooling I have is creating/maintaining packages which install into
/opt/gnupg and leave the OS vendor's packages alone (to avoid breaking
system scripts) while providing "current upstream with as few patches as
possible" for Xenial, Trusty and Debian Jessie.

So this is used in scripts run inside Vagrant-managed VMs to create the
packages (with `fpm`) which end up at:

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 996 bytes
Desc: Digital signature
URL: </pipermail/attachments/20170905/246e4bf6/attachment.sig>

More information about the Gnupg-devel mailing list