[Gambas-user] Feature request

willy at ...3474... willy at ...3474...
Fri Jun 19 02:40:24 CEST 2015 

On 2015-06-19 02:12, Benoît Minisini wrote:
> Le 18/06/2015 23:05, willy at ...3474... a écrit :
>> Hi all,
>> 
>> I have been looking at the Gambas IDE package code (in
>> app/.src/gambas3/.src/packager folder)
>> In the package module I see that packages for debain/ubuntu are made
>> with:
>> dpkg-buildpackage -d -rfakeroot
>> 
>> Request 1:
>> Could a simple -k<keyid> option be added to 'dpkg-buildpackage -d
>> -rfakeroot' for debian/ubuntu, so packages can be signed.
>> This could be set as a preference in IDE where you could select 
>> 'package
>> with key' and enter the key in a field and select the distro the key 
>> has
>> to be used for when signing.
>> 
>> Maybe it should be possible to have multople seperate key like one for
>> Debian and one for Ubuntu to sign with (just thinking out loud)
> 
> Is the signature something associated with the user, i.e. the same
> signature will theoritically be used for all projects for the same 
> system?

Well, you can generate signing keys with gpg.
These can be used for signing.
Just fine for private/intranet repositories.

You can associate them with whatever mail addres you would like it to be 
associated with.

If you package for Debian or Ubuntu repo's, you can generate a key as 
well with gpg and have it signed by one or more maintainers.
Next you can use the signed key to sign packages for uploading to 
official Debian/Ubuntu repositories.

In my case it is about two things:
1. Setting up an intranet repository with Gambas 3.6.2 for wheezy and 
internal developed Gambas applications (this is at work)
2. Setting up a GambOS own distro repository holding more recent Gambas3 
version and Gambas applications developed for GambOS.

Both need a different key to sign with.
Since keys can be exported/imported, you can have multiple signing keys 
on one system.

If you have a look at the keys they look something like this (dummie 
example, no real key):

$ gpg --list-keys
/home/joe/.gnupg/pubring.gpg
-------------------------------
pub   2048R/E123D553 2011-08-03 [expires: 2012-08-02]
uid                  Joe User (Some organization) <joe.user at ...3487...>
sub   2048R/F2495744 2011-08-03 [expires: 2012-08-02]

In this case F2495744 is the key id to sign with.

So a 'dpkg-buildpackage -d -rfakeroot -kF2495744'would sign the packages 
made.
Best is the key has the same mail address as used in the debian/control 
file uploader field and same mail address as used in debian/changelog.

> 
> Note that packager can only make a difference between the provided
> distributions.

That is no problem as packages for Debian will run on any Debian based 
distro, same goed for Ubuntu.

> 
>> 
>> I have no idea how signing rpm packages works, but I guess it might be
>> useful there as well.
> 
> This is needed, I should implement signing for all packages: deb, rmp,
> but also ArchLinux and Slackware! Not just for Debian...
> 
>> 
>> Request 2:
>> I have noticed that some of the own application when packaged on i386
>> system (architecture for package by IDE is set to all) and installed 
>> on
>> an armhf, they do not alway run, but crash without any GUI to be seen.
>> If I next package that application on armhf (again as an all package)
>> and install it on armhf it does run!!
> 
> This is a bug, as the Gambas executable are (or should be)
> architecture-independant. Can you provide me the i386 and the armhf
> packages?

First, it will have to wait until monday because the code is at my 
system at work.
Secondly, the application requires a internal database to run.
Thirdly, internal company database content is required by contract to 
stay internal company data

So, I will have to try and reproduce the problem in some small project 
and send that one.
It may take a while but I will get back to that.

The armhf system I'm running is a Lubuntu 14.04
The i386 systems are running Lubuntu 12.04 and Linux Mint 17.1 Mate

More information about the User mailing list