On Thu, Feb 14, 2013 at 05:25:47PM -0500, Nathan Scott wrote:
> ----- Original Message -----
> > ...
> > 'make deb' failed for me like this:
> > signfile xfsprogs_3.1.9.dsc
> > gpg: skipped "Nathan Scott <nathans@xxxxxxxxxx>": secret key not
> > available
> > gpg: [stdin]: clearsign failed: secret key not available
> > dpkg-genchanges >../xfsprogs_3.1.9_amd64.changes
> > dpkg-genchanges: including full source code in upload
> > dpkg-buildpackage: full upload; Debian-native package (full source is
> > included)
> > dpkg-buildpackage: warning: Failed to sign .dsc and .changes file
> > make: *** [deb] Error 1
> > Secure-by-default is a great idea but it seems that in this case it
> > also
> > requires that anyone who wants to do a build for debian has to do it
> > on a
> > machine with a keyring containing your secret key. ;)
> Awkward. :)
Really I don't mind. What was your passphrase again?
> > I think it is also reasonable for devs to be able to build test debs
> *nod* ... not sure what trickery Dave had used.
I tried setting DEB_BUILD_OPTIONS="-us -uc" but no luck.
> But, perhaps a better
> way to tackle this would be similar to the way the build allows extra
> configure options to be passed in.
> include/builddefs: configure
> ./configure $$LOCAL_CONFIGURE_OPTIONS
> so, perhaps something like this...
> # LOCAL_BUILDPACKAGE_OPTIONS="-us -uc" for unsigned debs
> deb: include/builddefs include/platform_defs.h
> $(Q)cd $(SRCDIR) && dpkg-buildpackage $$LOCAL_BUILDPACKAGE_OPTIONS
Gotcha. I'll take a look. Thanks for the reviews!