Hi,

both patches look good to me. Killing the agent once should be enough,
i remember manually killing it many times as i was looking for a way to
generate certs and trust (configure gpgsm for the test). That is
probably why i copied it over in the first place.

Henning

Am Thu, 7 Feb 2019 22:17:44 -0500
schrieb Todd Zullinger [off-list ref]:

Hi,

Looking through the build logs for the fedora git packages, I noticed
it was missing the GPGSM prereq.  I added the necessary package to the
build requirements but GPGSM was still failing to be set.  This turned
out to be due to a use of ${GNUPGHOME} without quoting, which leads
to a non-zero exit from echo and the end of the happy && chain when
using bash as the test shell.  Fixing this allows the GPGSM test
prereq to be set.

While I was poking around I also saw an extra gpgconf call to kill
gpg-agent.  This was copied from the GPG block earlier in lib-gpg.sh,
but should not be needed (as far as I can tell).  I don't think it can
cause any real harm apart from causing gpg and gpgsm to start the
agent more often than necessary.  But I didn't run the tests with the
--stress option to look for potential issues that could be more
serious.

Lastly, the GPG test prereq was failing in two of the tests where it
was used, t5573-pull-verify-signatures and
t7612-merge-verify-signatures.  I tracked this down to an annoying
issue with gnugp-2¹, which recently became the default /bin/gpg in
fedora².

Using gnupg2 as /bin/gpg means using gpg-agent by default.  When
using a non-standard GNUPGHOME, gpg-agent defaults to putting its
socket files in GNUPGHOME and fails if the path for any of them is
longer than sun_path (108 chars on linux, 104 on OpenBSD and FreeBSD,
and likely similar on other unices).

When building in the typical fedora build tool (mock), the path to the
git test dir is "/builddir/build/BUILD/git-2.20.1/t."  That path then
has "trash directory.$TEST_NAME$TEST_STRESS_JOB_SFX" appended and a
"gpghome" directory within.  For t5573 and t7612, the gpg-agent socket
path for S.gpg-agent.browser exceeds the sun_path limit and gpg-agent
fails to start.  Sadly, this is handled poorly by gpg and makes the
tests fail to set either the GPG or GPGSM prereqs.

For the fedora packages, I decided to pass --root=/tmp/git-t.XXXX (via
mktemp, of course) to the test suite which ensures a path short enough
to keep gpg-agent happy.

I don't know if there are other packagers or builders who run into
this, so maybe it's not worth much effort to try and have the test
suite cope better.  It took me longer than I would have liked to
track it down, so I thought I'd mention it in case anyone else has
run into this or has thoughts on how to improve lib-gpg.sh while
waiting for GnuPG to improve this area.

A GIT_TEST_GNUPGHOME_ROOT var to set the root path for the GNUPGHOME
dirs in the tests is one thought I had, but didn't try to put it into
patch form.  Setting the --root test option is probably enough control
for most cases.

¹ https://dev.gnupg.org/T2964
²
https://fedoraproject.org/wiki/Changes/GnuPG2_as_default_GPG_implementation

Todd Zullinger (2):
  t/lib-gpg: quote path to ${GNUPGHOME}/trustlist.txt
  t/lib-gpg: drop redundant killing of gpg-agent

 t/lib-gpg.sh | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)