diff mbox

Install gpg2 as gpg

Message ID 20160613195538.GA1358@jasmine
State New
Headers show

Commit Message

Leo Famulari June 13, 2016, 7:55 p.m. UTC
There was discussion of installing the gnupg-2.1 binaries 'gpg2' and 
'gpgv2' as 'gpg' and 'gpgv' on the 'Trustable guix pull' thread [0].

If we do this, it will become impossible to install gnupg-1 and 
gnupg-2.1 in the same profile, due to collisions of 'gpg' and 'gpgv' and 
their man pages. There are no collisions without this change.

It might also require users to update their scripts.

On the other hand, Werner recommends the change.

The configuration option does not exist for gnupg-2.0.

Discussion welcome!

[0]
http://lists.gnu.org/archive/html/bug-guix/2016-06/msg00035.html

Comments

non such June 13, 2016, 8:24 p.m. UTC | #1
On 2016-06-13(03:55:38-0400), Leo Famulari wrote:
> There was discussion of installing the gnupg-2.1 binaries 'gpg2' and
> 'gpgv2' as 'gpg' and 'gpgv' on the 'Trustable guix pull' thread [0].
>
> If we do this, it will become impossible to install gnupg-1 and
> gnupg-2.1 in the same profile, due to collisions of 'gpg' and 'gpgv' and
> their man pages. There are no collisions without this change.
>
> It might also require users to update their scripts.
>
> On the other hand, Werner recommends the change.
>
> The configuration option does not exist for gnupg-2.0.
>
> Discussion welcome!

What if we patched gpg-1 to not colide with gpg-2?

For example, move gpg and gpgv and man pages of them
for gpg-1 to something which has -1 in its name.
On the other hand this would have to be consistent and be followed
straigth to not colide again. I'm not sure if this
approach will work out in the long run.

I'm in favor for the change.
I have no problem with people having to alter their
scripts, I'm waiting for gpg2.1.x with ed25519 (libgrcrypt-1.7)
to finally catch up so it can be used more widely.

> [0]
> http://lists.gnu.org/archive/html/bug-guix/2016-06/msg00035.html

> From d9da5767601a8a10ade206ff186332ed0b1a2645 Mon Sep 17 00:00:00 2001
> From: Leo Famulari <leo@famulari.name>
> Date: Mon, 13 Jun 2016 15:39:15 -0400
> Subject: [PATCH] gnu: gnupg-2.1: Install executable as 'gpg'.
>
> * gnu/packages/gnupg.scm (gnupg-2.1)[arguments]: Add '--enable-gpg2-is-gpg'
> to #:configure-flags.
> ---
>  gnu/packages/gnupg.scm | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm
> index e6583e5..849a0b6 100644
> --- a/gnu/packages/gnupg.scm
> +++ b/gnu/packages/gnupg.scm
> @@ -234,7 +234,8 @@ compatible to GNU Pth.")
>         ("sqlite" ,sqlite)
>         ("zlib" ,zlib)))
>     (arguments
> -    `(#:phases
> +    `(#:configure-flags '("--enable-gpg2-is-gpg")
> +      #:phases
>         (alist-cons-before
>          'configure 'patch-config-files
>          (lambda _
> --
> 2.8.4
>


--
♥Ⓐ ng0
For non-prism friendly talk find me on
psyced.org / loupsycedyglgamf.onion
Leo Famulari June 13, 2016, 9:07 p.m. UTC | #2
On Mon, Jun 13, 2016 at 08:24:23PM +0000, ng0 wrote:
> What if we patched gpg-1 to not colide with gpg-2?
> 
> For example, move gpg and gpgv and man pages of them
> for gpg-1 to something which has -1 in its name.
> On the other hand this would have to be consistent and be followed
> straigth to not colide again. I'm not sure if this
> approach will work out in the long run.

Unless this is a configuration option supported by upstream GnuPG, I
don't want to do that. For the same reason, my patch does not affect
gnupg-2.0.
Christopher Allan Webber June 13, 2016, 9:42 p.m. UTC | #3
Leo Famulari writes:

> There was discussion of installing the gnupg-2.1 binaries 'gpg2' and 
> 'gpgv2' as 'gpg' and 'gpgv' on the 'Trustable guix pull' thread [0].
>
> If we do this, it will become impossible to install gnupg-1 and 
> gnupg-2.1 in the same profile, due to collisions of 'gpg' and 'gpgv' and 
> their man pages. There are no collisions without this change.

Psh, that's what multiple profiles / guix environment are for, right? ;)
Andreas Enge June 14, 2016, 7:52 a.m. UTC | #4
Hello,

On Mon, Jun 13, 2016 at 05:07:08PM -0400, Leo Famulari wrote:
> On Mon, Jun 13, 2016 at 08:24:23PM +0000, ng0 wrote:
> > What if we patched gpg-1 to not colide with gpg-2?
> > 
> > For example, move gpg and gpgv and man pages of them
> > for gpg-1 to something which has -1 in its name.
> > On the other hand this would have to be consistent and be followed
> > straigth to not colide again. I'm not sure if this
> > approach will work out in the long run.
> 
> Unless this is a configuration option supported by upstream GnuPG, I
> don't want to do that. For the same reason, my patch does not affect
> gnupg-2.0.

I agree with this argument - one of our principles is to mess as little
as possible with upstream packages. In this case, since there is a special
configuration option for gnupg-2, we may use it, but then we would have
to pay the price that both gnupg-1 (or gnupg-2.0) and gnupg-2.1 could not
be installed together any more. Maybe it would then be consistent to drop
gnupg-2.0 from the distribution.

Finally I managed to make gnupg-2.1 work together with mutt, but it was
not completely straightforward... So we should document the change if we
make it.

By the way, should we maybe make pinentry a propagated input of gnupg-2.1?
If I understand correctly, gnupg-2.1 will not work without it (and mixing
pinentry from Debian with gnupg-2.1 from Guix was one of the reasons for
gnupg not working at first).

Andreas
Ludovic Courtès June 14, 2016, 12:07 p.m. UTC | #5
Hi!

Andreas Enge <andreas@enge.fr> skribis:

> By the way, should we maybe make pinentry a propagated input of gnupg-2.1?
> If I understand correctly, gnupg-2.1 will not work without it (and mixing
> pinentry from Debian with gnupg-2.1 from Guix was one of the reasons for
> gnupg not working at first).

I don’t think it would help to propagate it since one needs to
explicitly specify the pinentry program in ~/.gnupg/gpg.conf, no?
Or maybe this is only needed if none of the pinentry programs is found
in $PATH?

Ludo’.
Ludovic Courtès June 14, 2016, 12:09 p.m. UTC | #6
Leo Famulari <leo@famulari.name> skribis:

> There was discussion of installing the gnupg-2.1 binaries 'gpg2' and 
> 'gpgv2' as 'gpg' and 'gpgv' on the 'Trustable guix pull' thread [0].
>
> If we do this, it will become impossible to install gnupg-1 and 
> gnupg-2.1 in the same profile, due to collisions of 'gpg' and 'gpgv' and 
> their man pages. There are no collisions without this change.
>
> It might also require users to update their scripts.
>
> On the other hand, Werner recommends the change.

Go for it!

> The configuration option does not exist for gnupg-2.0.

Really?  Then we should do the same by hand, I guess.

Thank you!

Ludo’.
non such June 14, 2016, 12:49 p.m. UTC | #7
On 2016-06-14(09:52:46AM+0200), Andreas Enge wrote:
> Hello,
>
> On Mon, Jun 13, 2016 at 05:07:08PM -0400, Leo Famulari wrote:
> > On Mon, Jun 13, 2016 at 08:24:23PM +0000, ng0 wrote:
> > > What if we patched gpg-1 to not colide with gpg-2?
> > >
> > > For example, move gpg and gpgv and man pages of them
> > > for gpg-1 to something which has -1 in its name.
> > > On the other hand this would have to be consistent and be followed
> > > straigth to not colide again. I'm not sure if this
> > > approach will work out in the long run.
> >
> > Unless this is a configuration option supported by upstream GnuPG, I
> > don't want to do that. For the same reason, my patch does not affect
> > gnupg-2.0.

The -as-gnupg2 option got me for a moment, I forgot that this is gnupg-1.

>
> I agree with this argument - one of our principles is to mess as little
> as possible with upstream packages. In this case, since there is a special
> configuration option for gnupg-2, we may use it, but then we would have
> to pay the price that both gnupg-1 (or gnupg-2.0) and gnupg-2.1 could not
> be installed together any more. Maybe it would then be consistent to drop
> gnupg-2.0 from the distribution.

gnupg-2.0 and gnupg-2.1 are currently individual packages which can be
installed side by side in guix?

> Finally I managed to make gnupg-2.1 work together with mutt, but it was
> not completely straightforward... So we should document the change if we
> make it.

Yes, there have been some changes, but they are documented upstream.
When this is desired for Guix, I can see if I can recall what I did
in 2015 where it went from working to broken to almost working and
now completely functional with GnuPG2.1.x

I'd be curious if it just works when I can move to GuixSD again with
libgcrypt-1.7 merged.

> By the way, should we maybe make pinentry a propagated input of gnupg-2.1?
> If I understand correctly, gnupg-2.1 will not work without it (and mixing
> pinentry from Debian with gnupg-2.1 from Guix was one of the reasons for
> gnupg not working at first).
>
> Andreas
>
>

--
♥Ⓐ ng0
For non-prism friendly talk find me on
psyced.org / loupsycedyglgamf.onion
Leo Famulari June 14, 2016, 1:37 p.m. UTC | #8
On Tue, Jun 14, 2016 at 12:49:42PM +0000, ng0 wrote:
> gnupg-2.0 and gnupg-2.1 are currently individual packages which can be
> installed side by side in guix?

They are different packages but I assume they cannot be installed
together since they both have the 'gpg2' and 'gpg2v' binaries and man
pages, so they would collide in the profile.
Leo Famulari June 14, 2016, 1:50 p.m. UTC | #9
On Tue, Jun 14, 2016 at 02:09:41PM +0200, Ludovic Courtès wrote:
> Leo Famulari <leo@famulari.name> skribis:
> 
> > There was discussion of installing the gnupg-2.1 binaries 'gpg2' and 
> > 'gpgv2' as 'gpg' and 'gpgv' on the 'Trustable guix pull' thread [0].

[...]

> > The configuration option does not exist for gnupg-2.0.
> 
> Really?  Then we should do the same by hand, I guess.

Any volunteers? ;)
Andreas Enge June 15, 2016, 12:53 p.m. UTC | #10
On Tue, Jun 14, 2016 at 09:50:01AM -0400, Leo Famulari wrote:
> On Tue, Jun 14, 2016 at 02:09:41PM +0200, Ludovic Courtès wrote:
> > Leo Famulari <leo@famulari.name> skribis:
> > 
> > > There was discussion of installing the gnupg-2.1 binaries 'gpg2' and 
> > > 'gpgv2' as 'gpg' and 'gpgv' on the 'Trustable guix pull' thread [0].
> > > The configuration option does not exist for gnupg-2.0.
> > Really?  Then we should do the same by hand, I guess.
> Any volunteers? ;)

Why not just drop gpg-2.0 then?

Andreas
Leo Famulari June 15, 2016, 3:02 p.m. UTC | #11
On Wed, Jun 15, 2016 at 02:53:00PM +0200, Andreas Enge wrote:
> On Tue, Jun 14, 2016 at 09:50:01AM -0400, Leo Famulari wrote:
> > On Tue, Jun 14, 2016 at 02:09:41PM +0200, Ludovic Courtès wrote:
> > > Leo Famulari <leo@famulari.name> skribis:
> > > 
> > > > There was discussion of installing the gnupg-2.1 binaries 'gpg2' and 
> > > > 'gpgv2' as 'gpg' and 'gpgv' on the 'Trustable guix pull' thread [0].
> > > > The configuration option does not exist for gnupg-2.0.
> > > Really?  Then we should do the same by hand, I guess.
> > Any volunteers? ;)

To clarify, I don't look forward to finding out if I'd have to patch the
man page, the info document, etc.

> Why not just drop gpg-2.0 then?

All three GnuPG branches (1.4, 2.0, 2.1) are actively maintained. Why
drop 2.0?
Andreas Enge June 15, 2016, 3:54 p.m. UTC | #12
On Wed, Jun 15, 2016 at 11:02:58AM -0400, Leo Famulari wrote:
> All three GnuPG branches (1.4, 2.0, 2.1) are actively maintained. Why
> drop 2.0?

If we start "deprecating" gnupg-1 by calling the gnupg-2 binary "gpg" instead
of "gpg2", then we may as well drop the middle branch. Everything else would
be somewhat confusing, and I do not think we should burden ourselves with
going down the route of patching gnupg-2.0, so that it behaves like gnupg-2.1
in that its binaries look as if they were from gnupg-1 ;-)

Moreover, practically speaking, my impression was that for its ease of use,
there was a point in keeping gnupg-1, why there was less reason for sticking
with 2.0 instead of 2.1.

Andreas
Ludovic Courtès June 16, 2016, 10:56 a.m. UTC | #13
Leo Famulari <leo@famulari.name> skribis:

> On Wed, Jun 15, 2016 at 02:53:00PM +0200, Andreas Enge wrote:

[...]

>> Why not just drop gpg-2.0 then?
>
> All three GnuPG branches (1.4, 2.0, 2.1) are actively maintained. Why
> drop 2.0?

+1

Besides, I use 2.0, because for some reason 2.1 has always failed for me
(though I never took the time to investigate.)

Anyway, this patch is just about how we name the command.  That the
command is called ‘gpg2’ is a well-known annoyance, and Werner
recommends not doing that anyway.

Ludo’.
Leo Famulari June 18, 2016, 1:07 a.m. UTC | #14
On Thu, Jun 16, 2016 at 12:56:58PM +0200, Ludovic Courtès wrote:
> Leo Famulari <leo@famulari.name> skribis:
> 
> > On Wed, Jun 15, 2016 at 02:53:00PM +0200, Andreas Enge wrote:
> 
> [...]
> 
> >> Why not just drop gpg-2.0 then?
> >
> > All three GnuPG branches (1.4, 2.0, 2.1) are actively maintained. Why
> > drop 2.0?
> 
> +1
> 
> Besides, I use 2.0, because for some reason 2.1 has always failed for me
> (though I never took the time to investigate.)
> 
> Anyway, this patch is just about how we name the command.  That the
> command is called ‘gpg2’ is a well-known annoyance, and Werner
> recommends not doing that anyway.

Is there a consensus on the way forward? Should we apply this patch to
gnupg-2.1? Is anyone willing to test and maintain patches against
gnupg-2.0 (not me)?
Ludovic Courtès June 19, 2016, 2:03 p.m. UTC | #15
Leo Famulari <leo@famulari.name> skribis:

> On Thu, Jun 16, 2016 at 12:56:58PM +0200, Ludovic Courtès wrote:
>> Leo Famulari <leo@famulari.name> skribis:
>> 
>> > On Wed, Jun 15, 2016 at 02:53:00PM +0200, Andreas Enge wrote:
>> 
>> [...]
>> 
>> >> Why not just drop gpg-2.0 then?
>> >
>> > All three GnuPG branches (1.4, 2.0, 2.1) are actively maintained. Why
>> > drop 2.0?
>> 
>> +1
>> 
>> Besides, I use 2.0, because for some reason 2.1 has always failed for me
>> (though I never took the time to investigate.)
>> 
>> Anyway, this patch is just about how we name the command.  That the
>> command is called ‘gpg2’ is a well-known annoyance, and Werner
>> recommends not doing that anyway.
>
> Is there a consensus on the way forward? Should we apply this patch to
> gnupg-2.1?

To me it seems the answer is “yes”.  If you want to be sure, please
leave another couple of days before pushing.  :-)

> Is anyone willing to test and maintain patches against gnupg-2.0 (not
> me)?

I can try to do that “eventually”, if nobody beats me at it.

Thanks,
Ludo’.
Ludovic Courtès July 24, 2016, 8:56 p.m. UTC | #16
ludo@gnu.org (Ludovic Courtès) skribis:

> Leo Famulari <leo@famulari.name> skribis:
>
>> On Thu, Jun 16, 2016 at 12:56:58PM +0200, Ludovic Courtès wrote:

[...]

>>> Anyway, this patch is just about how we name the command.  That the
>>> command is called ‘gpg2’ is a well-known annoyance, and Werner
>>> recommends not doing that anyway.
>>
>> Is there a consensus on the way forward? Should we apply this patch to
>> gnupg-2.1?
>
> To me it seems the answer is “yes”.  If you want to be sure, please
> leave another couple of days before pushing.  :-)
>
>> Is anyone willing to test and maintain patches against gnupg-2.0 (not
>> me)?

I finally did that in commit bc85b127df622575988f8e760f72d608d0900a75.

Now, gnupg@2.0 provides the ‘gpg’ and ‘gpgv’ commands, in addition to
‘gpg2’ and ‘gpgv2’ (to ease transition).

Update your aliases and workarounds!

Ludo’.
Leo Famulari July 24, 2016, 9:10 p.m. UTC | #17
On Sun, Jul 24, 2016 at 10:56:05PM +0200, Ludovic Courtès wrote:
> ludo@gnu.org (Ludovic Courtès) skribis:
> 
> > Leo Famulari <leo@famulari.name> skribis:
> >
> >> On Thu, Jun 16, 2016 at 12:56:58PM +0200, Ludovic Courtès wrote:
> 
> [...]
> 
> >>> Anyway, this patch is just about how we name the command.  That the
> >>> command is called ‘gpg2’ is a well-known annoyance, and Werner
> >>> recommends not doing that anyway.
> >>
> >> Is there a consensus on the way forward? Should we apply this patch to
> >> gnupg-2.1?
> >
> > To me it seems the answer is “yes”.  If you want to be sure, please
> > leave another couple of days before pushing.  :-)
> >
> >> Is anyone willing to test and maintain patches against gnupg-2.0 (not
> >> me)?
> 
> I finally did that in commit bc85b127df622575988f8e760f72d608d0900a75.
> 
> Now, gnupg@2.0 provides the ‘gpg’ and ‘gpgv’ commands, in addition to
> ‘gpg2’ and ‘gpgv2’ (to ease transition).

And I just pushed a change that has a similar effect for gnupg@2.1 as
163708a66.
diff mbox

Patch

From d9da5767601a8a10ade206ff186332ed0b1a2645 Mon Sep 17 00:00:00 2001
From: Leo Famulari <leo@famulari.name>
Date: Mon, 13 Jun 2016 15:39:15 -0400
Subject: [PATCH] gnu: gnupg-2.1: Install executable as 'gpg'.

* gnu/packages/gnupg.scm (gnupg-2.1)[arguments]: Add '--enable-gpg2-is-gpg'
to #:configure-flags.
---
 gnu/packages/gnupg.scm | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm
index e6583e5..849a0b6 100644
--- a/gnu/packages/gnupg.scm
+++ b/gnu/packages/gnupg.scm
@@ -234,7 +234,8 @@  compatible to GNU Pth.")
        ("sqlite" ,sqlite)
        ("zlib" ,zlib)))
    (arguments
-    `(#:phases
+    `(#:configure-flags '("--enable-gpg2-is-gpg")
+      #:phases
        (alist-cons-before
         'configure 'patch-config-files
         (lambda _
-- 
2.8.4