search

Morganamilo / paru

Feature packed AUR helper
GNU General Public License v3.0
6.25k stars 239 forks source link

sign_pkg fails to overwrite signature when rebuilding package #1256

Open iyanmv opened 1 month ago

iyanmv commented 1 month ago

Affected Version

paru v2.0.4 - libalpm v15.0.0

Description

When paru is configured to sign local repos, if a package already exists in the repo and contains a detach signature, when rebuilding the package, the signature file is not overwritten, leading to failure later when the package is installed.

This is because the command used by sign_pkg(): gpg --detach-sign --no-armor --batch fails with the following error when the file already exists gpg: signing failed: File exists. A possible solution is to pass --yes as an additional argument.

I don't understand why this is not caught by the function as an error since gpg exists with code 2 instead of 0.

Output

paru.conf

[options]
PgpFetch
Devel
Provides
DevelSuffixes = -git -cvs -svn -bzr -darcs -always -hg -fossil
SudoLoop
Mode = arp
Rebuild = all
Provides = all

LocalRepo = iyanmv
Chroot = /home/iyan/Archlinux/chroot
Sign = 204C461FBA8C81D10327E647422E3694311E5AC1
SignDb = 204C461FBA8C81D10327E647422E3694311E5AC1

[aur-iyanmv]
Path = /home/iyan/Documents/ArchLinux/PKGBUILDs
SkipReview
iyanmv commented 1 month ago

Nevermind, I think the source code already has a solution to delete the signature before generating a new one, but this is never used because delete_sig is always passed as false.