Bug#836940: [buildd-tools-devel] Bug#836940: cowbuilder, sbuild: should behave identically in regard to default gnupg installation

Johannes Schauer josch at debian.org
Wed Sep 7 18:08:50 UTC 2016


Hi,

Quoting Mattia Rizzolo (2016-09-07 19:54:10)
> On Wed, Sep 07, 2016 at 04:40:52PM +0200, gregor herrmann wrote:
> > On Wed, 07 Sep 2016 16:05:24 +0200, Johannes Schauer wrote:
> > 
> > > > The package xmlgraphics-commons started recently failing to build from
> > > > source in a clean sbuild environment although it was built successfully
> > > > on the buildd network a few months ago. This behavior cannot be observed
> > > > in a clean cowbuilder environment though. [1]
> > 
> > > > 3. or if cowbuilder should not install gnupg by default
> > > I think it should not because I think that source packages should be compiled
> > > in an environment that is as minimal as possible for the reasons given above.
> > > But of course this is up to the cowbuilder maintainers.
> > 
> > FWIW, I don't have a /usr/bin/gpg in my {amd64,i386} {stretch,sid}
> > cowbuilder chroots. But they are present in older ones.
> > 
> > I suspect I don't have them anymore because I clean my chroots (with
> > debfoster), and others might still have gnupg installed because it
> > was originally installed but never removed.
> > 
> > (I haven't tried, but I guess creating a new cowbuilder chroot won't
> > have gnupg either.) 
> 
> The reason some people still have gnupg installed in old chroots but not
> newer is because `apt-get autoremove` won't remove packages that are:
>  * marked as installed automatically  AND
>  * with no reverse-dependencies (anymore) AND
>  * with reverse-recommends.

have a look at the options that sbuild passes to apt. You can change the
default behaviour you describe by adding:

APT::AutoRemove::RecommendsImportant "false";

This is what sbuild does and how it will remove gnupg on chroot upgrades.

> AFAIK that's because of the idea that that people could have come to rely to
> the optional feature provided by the presence of the recommended package,
> even if that recommended package was installed in a different time than the
> recommending package.

That makes sense on user's systems (hence this is the default in apt) but not
in build chroots which is why sbuild adds above option.

Thanks!

cheers, josch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: signature
URL: <http://lists.alioth.debian.org/pipermail/pbuilder-maint/attachments/20160907/4a861f5d/attachment-0001.sig>


More information about the Pbuilder-maint mailing list