FS#43154 - [gnupg] gpg incorrectly symlinked to gpg2 binary
Attached to Project:
Arch Linux
Opened by Matthew Treinish (mtreinish) - Friday, 19 December 2014, 01:10 GMT
Last edited by Gaetan Bisson (vesath) - Sunday, 18 January 2015, 21:10 GMT
Opened by Matthew Treinish (mtreinish) - Friday, 19 December 2014, 01:10 GMT
Last edited by Gaetan Bisson (vesath) - Sunday, 18 January 2015, 21:10 GMT
|
Details
Description: The gnupg package symlinks /usr/bin/gpg to
gpg2. However gpg2 and gpg are different commands with
different use cases. Gpg2 is targetted for desktop users and
brings in a lot of extra dependencies, while gpg is a
standalone binary which brings in less deps and is often
used in embedded systems. For those familiar with using the
2 different binaries they expect that gpg refers to 1.x and
gpg2 is for 2.x.
This is corroborated with the gnupg official docs: https://www.gnupg.org/documentation/manuals/gnupg/Invoking-GPG.html Additional info: * Applies to 2.1.0-7 and checking the PKGBUILD for 2.1.1-1 in testingthe same symlink is performed there |
This task depends upon
Closed by Gaetan Bisson (vesath)
Sunday, 18 January 2015, 21:10 GMT
Reason for closing: Won't implement
Additional comments about closing: Arch uses the modern version of gnupg. Older versions can be found on the AUR, and any developer or trusted user that cares is free to bring them to the official repo.
Sunday, 18 January 2015, 21:10 GMT
Reason for closing: Won't implement
Additional comments about closing: Arch uses the modern version of gnupg. Older versions can be found on the AUR, and any developer or trusted user that cares is free to bring them to the official repo.
The symlink is there to allow scripts to find GnuPG when they do not care what version they get.
You may install GnuPG-1 on your system and use /usr/bin/gpg1. There is for instance a PKGBUILD on the AUR for that.
What I was saying is that while you added a symlink for software which doesn't care about the version that is an inherently flawed assumption. This is because the official gnupg docs say that gpg is used for v1.X and gpg2 is for 2.x. Since things are not 100% compatible between versions, by doing this you actually risk breaking scripts which are written using that as a guide. Which is contrary to your intended goal for adding the symlink.
Redhat solved it this way: http://pkgs.fedoraproject.org/cgit/seahorse.git/commit/?h=f21&id=32a5dd3ad58389f9573edea28b66ceb26424db28
IMHO we should let these packages co-exist without adding symlinks that break backwards compatibility.