Have you ever had the problem that you could not build and sign a debian package because gpg/debsign/dpkg-buildpackage did claim that your secret key was not available although the key was there and you used the -k option to tell dpkg which key to use and the environment variable DEBFULLNAME and DEBEMAIL were set?
Well, dpkg does something very stupid: It takes the Name and Email from the last changelog entry (Ok, so far) and does a full string match (Ouch!!!)! Why is this stupid? Because my key contains an alias, and if you’re reading this yours probably, too.
I don’t want my alias in the changelog entry, but until now this is the only solution I’ve found for this issue.
So, if you get errors like this:
Now signing changes and any dsc files…
signfile package_0.1-1.dsc Firstname Lastname <email@example.com>
gpg: skipped “Firstname Lastname <firstname.lastname@example.org>”: secret key not available
gpg: /tmp/debsign.XdvV0Yi2/package_0.1-1.dsc: clearsign failed: secret key not available
debsign: gpg error occurred! Aborting….
debuild: fatal error at line 1246:
running debsign failed
debuild -i -I returned 29
Couldn’t run ‘debuild -i -I’
Then you should look at the output of gpg -K and the last debian/changelog entry:
sec 2048D/DEADBEEF 2010-01-01
uid Firstname Lastname (nickname) <email@example.com>
package (0.0.1-1) unstable; urgency=low
* Initial release
– Firstname Lastname <firstname.lastname@example.org> Mon, 06 Dec 2010 18:22:40 +0100
The problem here was the last line of the latest changelog entry. After changing it to
– Firstname Lastname (nickname) <email@example.com> Mon, 06 Dec 2010 18:22:40 +0100
If you ask me: This is a bug with dpkg which should be fixed.