Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 791556 - net-misc/chrony-4.0-r2 with USE flag verify-sig broken
Summary: net-misc/chrony-4.0-r2 with USE flag verify-sig broken
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Sam James
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2021-05-23 01:05 UTC by Reed Riley
Modified: 2021-05-24 03:12 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Reed Riley 2021-05-23 01:05:20 UTC 
I get this error message:

 * Verifying chrony-4.0.tar.gz ...
gpg: Signature made Wed 07 Oct 2020 11:29:25 AM EDT
gpg:                using DSA key 8B1F4A9ADA73D401E3085A0B5FF06F29BA1E013B
gpg: Can't check signature: No public key
 * ERROR: net-misc/chrony-4.0-r2::gentoo failed (unpack phase):
 *   PGP signature verification failed


Reproducible: Always

Steps to Reproduce:
1. emerge net-misc/chrony-4.0-r2 with the USE flag verify-sig
Actual Results:  
Fails to verify the signature.

Expected Results:  
Succeeds in verifying the signature.

Error does not reproduce when building net-misc/chrony-4.1-r1 with verify-sig.

I suspect the key installed by app-crypt/openpgp-keys-mlichvar has changed since chrony-4.0-r2 and the latest version no longer suffices to verify this package.

If so; modifying the chrony-4.0-r2 ebuild to specify <app-crypt/openpgp-keys-mlichvar-20210513 would probably resolve the issue.
Comment 1 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-05-24 03:10:45 UTC 
Oh, I see what I did.
Comment 2 Larry the Git Cow gentoo-dev 2021-05-24 03:12:33 UTC 
The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1d4f3fcde4b8c47c2710ec793736b3b024ad3e7f

commit 1d4f3fcde4b8c47c2710ec793736b3b024ad3e7f
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2021-05-24 03:11:43 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2021-05-24 03:11:43 +0000

    app-crypt/openpgp-keys-mlichvar: destabilize 20210513
    
    Closes: https://bugs.gentoo.org/791556
    Signed-off-by: Sam James <sam@gentoo.org>

 app-crypt/openpgp-keys-mlichvar/openpgp-keys-mlichvar-20210513.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Additionally, it has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=88ab59d7c141508d5079f1d58f921607b8360bc5

commit 88ab59d7c141508d5079f1d58f921607b8360bc5
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2021-05-24 03:11:06 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2021-05-24 03:11:06 +0000

    net-misc/chrony: add upper bound on keys for 4.0-r2
    
    Bug: https://bugs.gentoo.org/791556
    Signed-off-by: Sam James <sam@gentoo.org>

 net-misc/chrony/chrony-4.0-r2.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)