Requires high quality entropy on first run
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
autopkgtest (Ubuntu) |
Fix Released
|
Low
|
Martin Pitt |
Bug Description
On first run, I see:
+ gpg --homedir=
gpg: keyring `/home/
gpg: keyring `/home/
+++++.+
Not enough random bytes available. Please do some other work to give
the OS a chance to collect more entropy! (Need 222 more bytes)
I often end up running adt-run on a freshly deployed development machine, and this blocks me every time, even on bare metal. Workaround: Ctrl-C, rm -rf ~/.cache/
There is no reason for adt-run to need this level of cryptographically secure entropy. gpg key generation is expected to be run very rarely, rather than in routine development. Please could we remove this requirement? Is there a way to use [trusted=yes] in sources.list so no internal signing is required, for example, or at least to generate a key less pedantically if it must be create? I'm not sure what options exist to cause gpg to be less pedantic though.
ProblemType: Bug
DistroRelease: Ubuntu 15.04
Package: autopkgtest 3.13
ProcVersionSign
Uname: Linux 3.19.0-22-generic x86_64
ApportVersion: 2.17.2-0ubuntu1.1
Architecture: amd64
Date: Wed Jul 8 16:16:55 2015
PackageArchitec
SourcePackage: autopkgtest
UpgradeStatus: No upgrade log present (probably fresh install)
Related branches
Changed in autopkgtest (Ubuntu): | |
status: | Triaged → In Progress |
> I'm not sure what options exist to cause gpg to be less pedantic though.
I looked a long time ago, unfortunately there is no way to make gpg use /dev/urandom :-(
In most deployments I run autopkgtest from git and use --gnupg-home "$AUTOPKGTEST_ BASE/tests/ home/.cache/ autopkgtest" to use the pre-generated key from git.
But "[trusted=yes]" sounds interesting, if that works we can get rid of the whole gpg madness. Thanks for pointing out!