Quantcast

Trouble installing Version 2.1 on Debian Jessie

classic Classic list List threaded Threaded
9 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Trouble installing Version 2.1 on Debian Jessie

Rex Kneisley-4
Hello All,

I'm trying to install version 2.1 the "Debian way".

According to dkg's web-log entry titled "GnuPG 2.1.0 in debian experimental"

I should use experimental.

so I added the experimental repository:
# Experimental repository - main, contrib and non-free branches
deb http://http.us.debian.org/debian experimental main non-free contrib
deb-src http://http.us.debian.org/debian experimental main non-free contrib

Created an apt preferences file
/etc/apt/preferences.d/my_preferences
with:
Package: *
Pin: release a=stable
Pin-Priority: 700

Package: *
Pin: release a=testing
Pin-Priority: 650

Package: *
Pin: release a=experimental
Pin-Priority: 625


Package: *
Pin: release a=unstable
Pin-Priority: 600

ran:
sudo apt-get update
checked priorities with:
rexk@debian-pc:~$ sudo apt-cache policy gnupg
gnupg:
  Installed: 1.4.18-7+deb8u3
  Candidate: 1.4.18-7+deb8u3
  Version table:
     2.1.20-3 0
        625 http://http.us.debian.org/debian/ experimental/main amd64 Packages
     2.1.18-6 0
        650 http://http.us.debian.org/debian/ testing/main amd64 Packages
        600 http://http.us.debian.org/debian/ unstable/main amd64 Packages
 *** 1.4.18-7+deb8u3 0
        700 http://ftp.us.debian.org/debian/ jessie/main amd64 Packages
        100 /var/lib/dpkg/status
     1.4.18-7+deb8u2 0
        700 http://security.debian.org/ jessie/updates/main amd64 Packages

and finally ran the commands:
cp -aT .gnupg .gnupg.bak
sudo apt install -t experimental gnupg2 gnupg-agent dirmngr gpgsm gpgv2 scdaemon

which produced the following results:
Reading package lists... Done
Building dependency tree      
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
 dirmngr : Depends: libassuan0 (>= 2.4.0) but 2.1.2-2 is to be installed
           Depends: libgcrypt20 (>= 1.7.0) but 1.6.3-2+deb8u2 is to be installed
           Depends: libgnutls30 (>= 3.5.6) but it is not going to be installed
           Depends: libksba8 (>= 1.3.4) but 1.3.2-1+deb8u1 is to be installed
           Recommends: gnupg (= 2.1.20-3) but 1.4.18-7+deb8u3 is to be installed
 gnupg-agent : Depends: libassuan0 (>= 2.3.0) but 2.1.2-2 is to be installed
               Depends: libgcrypt20 (>= 1.7.0) but 1.6.3-2+deb8u2 is to be installed
 gnupg2 : Depends: gnupg (>= 2.1.20-3) but 1.4.18-7+deb8u3 is to be installed
 gpgsm : Depends: libgcrypt20 (>= 1.7.0) but 1.6.3-2+deb8u2 is to be installed
         Depends: libksba8 (>= 1.3.4) but 1.3.2-1+deb8u1 is to be installed
 gpgv2 : Depends: gpgv (>= 2.1.20-3) but 1.4.18-7+deb8u3 is to be installed
 scdaemon : Depends: libassuan0 (>= 2.2.0) but 2.1.2-2 is to be installed
            Depends: libgcrypt20 (>= 1.7.0) but 1.6.3-2+deb8u2 is to be installed
            Depends: libksba8 (>= 1.3.4) but 1.3.2-1+deb8u1 is to be installed
E: Unable to correct problems, you have held broken packages.

Was I missing a step?

Any help would be appreciated.


--
Sincerely,


Rex Kneisley

_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Trouble installing Version 2.1 on Debian Jessie

Teemu Likonen
Rex Kneisley [2017-04-29 21:03:14-07] wrote:

> I'm trying to install version 2.1 the "Debian way".

> sudo apt install -t experimental gnupg2 gnupg-agent dirmngr gpgsm
> gpgv2 scdaemon

> The following packages have unmet dependencies:

I suggest using "testing" instead of "experimental" because testing is
the direct upgrade path from stable. Actually I'm not brave enough to
try even that (i.e., mixing stable and testing) but I'll give a direct
answer to your question anyway.

So, in your problem the package manager prefers the stable (jessie)
repository and tries to load some libraries from there. However, your
experimental gnupg packages require versions that are not in the stable.
Possible solutions:

  - Add those unmet dependencies to your "apt install -t experimental"
    command line.

  - Use "aptitude" command and its dependency solver interactively. It
    suggests different solutions. Choose the one that suggest loading
    all necessary packages from the experimental repository.

--
/// Teemu Likonen   - .-..   <https://keybase.io/tlikonen> //
// PGP: 4E10 55DC 84E9 DFF6 13D7 8557 719D 69D3 2453 9450 ///

_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users

signature.asc (463 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Trouble installing Version 2.1 on Debian Jessie

Wouter Verhelst
In reply to this post by Rex Kneisley-4
On Sat, Apr 29, 2017 at 09:03:14PM -0700, Rex Kneisley wrote:
> Hello All,
>
> I'm trying to install version 2.1 the "Debian way"..
>
> According to dkg's web-log entry titled "GnuPG 2.1.0 in debian experimental"
>
> I should use experimental.

This is no longer the case; GnuPG 2.1 is in Debian unstable (and has
been for a while).

Just installing that from unstable, however, will have bad side effects
for other software on your system, so I recommend against it (see also
https://wiki.debian.org/DontBreakDebian#Don.27t_make_a_FrankenDebian)

Instead, it's better to run a backport. First, remove the experimental
repositories, and add a deb-src line for testing to your sources.list.
Then, run:

apt-get build-dep gnupg
apt-get -b source gnupg

This will take a while. If all goes well, and there are no dependencies
needed from unstable (I haven't checked), you'll end up with gnupg
packages that you can install on your jessie machine.

--
< ron> I mean, the main *practical* problem with C++, is there's like a dozen
       people in the world who think they really understand all of its rules,
       and pretty much all of them are just lying to themselves too.
 -- #debian-devel, OFTC, 2016-02-12

_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
zap
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Trouble installing Version 2.1 on Debian Jessie

zap
In reply to this post by Rex Kneisley-4

You should use debian stretch if you want 2.1


but I also say that you should install lxde first if you use the rc2 installer which is what I used.


because mate install causes wifi to be nonexistant if you install that first.

If you install stretch that is...

and yes, stretch is extremely stable for me.

but I Would reinstall from scratch after saving your important files to something.


On 04/30/2017 12:03 AM, Rex Kneisley wrote:
Hello All,

I'm trying to install version 2.1 the "Debian way".

According to dkg's web-log entry titled "GnuPG 2.1.0 in debian experimental"

I should use experimental.

so I added the experimental repository:
# Experimental repository - main, contrib and non-free branches
deb http://http.us.debian.org/debian experimental main non-free contrib
deb-src http://http.us.debian.org/debian experimental main non-free contrib

Created an apt preferences file
/etc/apt/preferences.d/my_preferences
with:
Package: *
Pin: release a=stable
Pin-Priority: 700

Package: *
Pin: release a=testing
Pin-Priority: 650

Package: *
Pin: release a=experimental
Pin-Priority: 625


Package: *
Pin: release a=unstable
Pin-Priority: 600

ran:
sudo apt-get update
checked priorities with:
rexk@debian-pc:~$ sudo apt-cache policy gnupg
gnupg:
  Installed: 1.4.18-7+deb8u3
  Candidate: 1.4.18-7+deb8u3
  Version table:
     2.1.20-3 0
        625 http://http.us.debian.org/debian/ experimental/main amd64 Packages
     2.1.18-6 0
        650 http://http.us.debian.org/debian/ testing/main amd64 Packages
        600 http://http.us.debian.org/debian/ unstable/main amd64 Packages
 *** 1.4.18-7+deb8u3 0
        700 http://ftp.us.debian.org/debian/ jessie/main amd64 Packages
        100 /var/lib/dpkg/status
     1.4.18-7+deb8u2 0
        700 http://security.debian.org/ jessie/updates/main amd64 Packages

and finally ran the commands:
cp -aT .gnupg .gnupg.bak
sudo apt install -t experimental gnupg2 gnupg-agent dirmngr gpgsm gpgv2 scdaemon

which produced the following results:
Reading package lists... Done
Building dependency tree      
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
 dirmngr : Depends: libassuan0 (>= 2.4.0) but 2.1.2-2 is to be installed
           Depends: libgcrypt20 (>= 1.7.0) but 1.6.3-2+deb8u2 is to be installed
           Depends: libgnutls30 (>= 3.5.6) but it is not going to be installed
           Depends: libksba8 (>= 1.3.4) but 1.3.2-1+deb8u1 is to be installed
           Recommends: gnupg (= 2.1.20-3) but 1.4.18-7+deb8u3 is to be installed
 gnupg-agent : Depends: libassuan0 (>= 2.3.0) but 2.1.2-2 is to be installed
               Depends: libgcrypt20 (>= 1.7.0) but 1.6.3-2+deb8u2 is to be installed
 gnupg2 : Depends: gnupg (>= 2.1.20-3) but 1.4.18-7+deb8u3 is to be installed
 gpgsm : Depends: libgcrypt20 (>= 1.7.0) but 1.6.3-2+deb8u2 is to be installed
         Depends: libksba8 (>= 1.3.4) but 1.3.2-1+deb8u1 is to be installed
 gpgv2 : Depends: gpgv (>= 2.1.20-3) but 1.4.18-7+deb8u3 is to be installed
 scdaemon : Depends: libassuan0 (>= 2.2.0) but 2.1.2-2 is to be installed
            Depends: libgcrypt20 (>= 1.7.0) but 1.6.3-2+deb8u2 is to be installed
            Depends: libksba8 (>= 1.3.4) but 1.3.2-1+deb8u1 is to be installed
E: Unable to correct problems, you have held broken packages.

Was I missing a step?

Any help would be appreciated.


--
Sincerely,


Rex Kneisley


_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users


_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Trouble installing Version 2.1 on Debian Jessie

Daniel Kahn Gillmor-7
In reply to this post by Wouter Verhelst
On Sun 2017-04-30 11:45:12 +0200, Wouter Verhelst wrote:
> This is no longer the case; GnuPG 2.1 is in Debian unstable (and has
> been for a while).
>
> Just installing that from unstable, however, will have bad side effects
> for other software on your system, so I recommend against it (see also
> https://wiki.debian.org/DontBreakDebian#Don.27t_make_a_FrankenDebian)

I agree with Wouter here.

> Instead, it's better to run a backport. First, remove the experimental
> repositories, and add a deb-src line for testing to your sources.list.
> Then, run:
>
> apt-get build-dep gnupg
> apt-get -b source gnupg
>
> This will take a while. If all goes well, and there are no dependencies
> needed from unstable (I haven't checked), you'll end up with gnupg
> packages that you can install on your jessie machine.
There are actually several different backports needed to make this work,
and it's non-trivial, which is why i haven't gone ahead with the full
backport myself yet -- my focus is currently on upstream and on stretch
itself.

I agree with the other poster in this thread that if you want GnuPG 2.1
on debian, you should really be using stretch itself today.

   --dkg

_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users

signature.asc (847 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Trouble installing Version 2.1 on Debian Jessie

Peter Lebbing
In reply to this post by Rex Kneisley-4
On 30/04/17 06:03, Rex Kneisley wrote:
> I should use experimental.

As others said, I'd use the packages from stretch/testing, as they have
already percolated down that far.

> Created an apt preferences file
> /etc/apt/preferences.d/my_preferences
> [...]
> sudo apt install -t experimental gnupg2 gnupg-agent dirmngr gpgsm gpgv2 scdaemon

Perhaps your pinning in apt-preferences is interfering with the -t
option, because I think the -t option should promote dependencies to be
downloaded from the specified suite as well.

(Do you mean "apt-get" instead of "apt", by the way?)

What I do when I seem to get the wrong results regarding dependencies,
is just select all the specific versions of dependencies I want manually
with aptitude's visual mode. It helps tremendously to set the following
option in aptitude:

Options -> Preferences -> "The display format for the status line":
%d %t

That way it shows what suite a package version belongs to in the status
line. The config file version of this is:

$ cat ~/.aptitude/config
[...]
aptitude::UI::Package-Status-Format "%d %t";

The available versions of a package are right at the bottom of the
package information in aptitude.

Anyway, if you install GnuPG 2.1 from stretch/sid/experimental, it will
*replace* your GnuPG 1.4. But packages using GnuPG 1.4 in Debian jessie
do not expect this to be the case, and might malfunction. Another option
is to install my backport of GnuPG 2.1 which comes in the place of GnuPG
2.0 instead. I've put it on GitLab here:
<https://gitlab.com/DigitalBrains1/alt-debian-gnupg2>
get
My README.md is a bit alarming, I know, but I don't want to be
responsible for goofs. I tried my best, and to the best of my knowledge
it is in fine shape. I use it myself. You could look at the differences
compared to the Git repository at:
<https://anonscm.debian.org/git/pkg-gnupg/gnupg2.git>
to check it for yourself (my tag dbbp/2.1.19-3-dbbp8+1 is based on
debian/2.1.19-3 from upstream; this similarity will generally be the
case). [1] As you can see, I'm a bit behind, but not much.

It is your decision to use it or not. I'm just providing it as a way for
people to avoid the chore of doing the changes themselves. The changes
that there are can be reviewed quickly. (It's a pity the quilt patch
files are so chatty in their irrelevant differences.)

Anyway. While this means that packages depending on 1.4 can keep using
it, it also means you'll have both 1.4 and 2.1 installed. Try to avoid
actually using both versions for yourself. The keystores can go out of
sync and confuse you. So if a system package (like apt itself or some
system daemon) uses GnuPG 1.4, that's fine. But if your e-mail plugin
uses GnuPG 1.4, you'll probably get confused.

HTH,

Peter.

[1] If you've got the git repository locally:

$ git diff debian/2.1.9-3 dbbp/2.1.19-3-dbbp8+1

Furthermore, note both tags are signed:

$ git tag -v debian/2.1.19-3 dbbp/2.1.19-3-dbbp8+1
object 372c9126144cb0e80613a317f46479a872f93b0a
type commit
tag debian/2.1.19-3
tagger Daniel Kahn Gillmor <[hidden email]> 1490114759 -0400

gnupg2 Debian release 2.1.19-3
gpg: Signature made Tue 21 Mar 2017 17:45:59 CET
gpg:                using RSA key 38276051EA477FA3E49539321498ADC6C1923237
gpg:                issuer "[hidden email]"
gpg: Good signature from "Daniel Kahn Gillmor <[hidden email]>"
[full]
gpg:                 aka "Daniel Kahn Gillmor <[hidden email]>" [full]
gpg:                 aka "Daniel Kahn Gillmor <[hidden email]>" [full]
gpg:                 aka "[jpeg image of size 3515]" [never]
gpg:                 aka "Daniel Kahn Gillmor <[hidden email]>" [full]
[...]
object 4d66ca8885602e78b96a14f5e2a7fcb7f9bdead9
type commit
tag dbbp/2.1.19-3-dbbp8+1
tagger Peter Lebbing <[hidden email]> 1493556629 +0200

gnupg2 jessie backport 2.1.19-3~dbbp8+1
gpg: Signature made Sun 30 Apr 2017 14:50:48 CEST
gpg:                using RSA key 65008DC220AAE2A2574D6CD5969E018FDE6CDCA1
gpg:                issuer "[hidden email]"
gpg: Good signature from "Peter Lebbing <[hidden email]>"
[ultimate]

However, it remains for you to establish trust in these signatures,
otherwise it's like "someone on the internet said it, so it must be true".

--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>


_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users

signature.asc (499 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Trouble installing Version 2.1 on Debian Jessie

Peter Lebbing
On 30/04/17 20:04, Peter Lebbing wrote:
> Perhaps your pinning in apt-preferences is interfering with the -t
> option, because I think the -t option should promote dependencies to be
> downloaded from the specified suite as well.

Silly me. These dependencies are not to be found in experimental, so the
-t option will do you no good. Experimental is a bit special; it does
not contain a complete suite but only a few packages. If you would have
specified a full suite like stretch or sid, it can find its dependencies
there.

Still, just resolving all dependencies manually with aptitude's visual
mode is something that will always work. Since the whole idea of a
FrankenDebian is to use as few body parts from different suites as
possible, it shouldn't be a lot of manual labor.

Oh, mark dependencies as automatically installed with the M key (capital
m) when you install them. So press + to install, and them immediately
press Shift-M to mark it as auto. That way, they will be automatically
be removed if nothing still depends on them.

I agree that usually a FrankenDebian is a bad idea. You run a real risk
of breaking library dependencies[1], or confusing the APT system. Still,
I do it myself anyway, but only on desktops where breakage is not a
catastrophe. I can't recommend it, but I also won't say "oh, you
definitely shouldn't do that". It depends on your skill and willingness
to suffer breakage.

HTH,

Peter.

[1] Packages built in stretch and sid are compiled against the -dev
packages in those distributions, but its dependencies might be met by
packages in stable. This means the library built against is different
than the library that is loaded at runtime.

--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>


_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users

signature.asc (499 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Trouble installing Version 2.1 on Debian Jessie

Peter Lebbing
In reply to this post by Daniel Kahn Gillmor-7
On 30/04/17 18:01, Daniel Kahn Gillmor wrote:
> There are actually several different backports needed to make this work

Actually, all dependencies are now in jessie-backports. To be exact:
- debhelper and its dependencies
- libassuan-dev, libassuan, libgcrypt20-dev, libgcrypt20,
libgpg-error-dev, libgpg-error0, libksba-dev, libksba8, libnpth0-dev and
libntph0

HTH,

Peter.

--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>


_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users

signature.asc (499 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Trouble installing Version 2.1 on Debian Jessie

Peter Lebbing
On 02/05/17 11:22, Peter Lebbing wrote:
> Actually, all dependencies are now in jessie-backports.

Oh wait, unless of course you mean if you want GnuPG 2.1 to provide the
/usr/bin/gpg binary that in jessie is provided by GnuPG 1.4. I suspect
that's what you meant, because all the libraries were just a recompile
away from a backport, AFAIK.

By the way, your contribution to this thread got held up for almost a
day before it went through:

> Received: from fifthhorseman.net (unknown [38.109.115.130])
>  by che.mayfirst.org (Postfix) with ESMTPSA id D3EF5F993;
>  Mon,  1 May 2017 09:17:55 -0400 (EDT)
> Received: by fifthhorseman.net (Postfix, from userid 1000)
>  id D20C82002E; Sun, 30 Apr 2017 09:01:16 -0700 (MST)

Cheers,

Peter.

--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>


_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users

signature.asc (499 bytes) Download Attachment
Loading...