{ "content": [ { "type": "text", "text": "# debsign (man)\n\n## NAME\n\ndebsign - sign a Debian .changes and .dsc file pair using GPG\n\n## SYNOPSIS\n\ndebsign [options] [changes-file|dsc-file|commands-file ...]\n\n## DESCRIPTION\n\ndebsign mimics the signing aspects (and bugs) of dpkg-buildpackage(1). It takes a .dsc,\n.buildinfo, or .changes file and signs it, and any child .dsc, .buildinfo, or .changes files\ndirectly or indirectly referenced by it, using the GNU Privacy Guard. It is careful to calcu‐\nlate the size and checksums of any newly signed child files and replace the original values\nin the parent file.\n\n## Sections\n\n- **NAME**\n- **SYNOPSIS**\n- **DESCRIPTION**\n- **OPTIONS** (9 subsections)\n- **CONFIGURATION VARIABLES**\n- **SEE ALSO**\n- **AUTHOR**\n\nUse structuredContent.sections for detailed options, examples, and full documentation.\n" } ], "structuredContent": { "command": "debsign", "section": "", "mode": "man", "summary": "debsign - sign a Debian .changes and .dsc file pair using GPG", "synopsis": "debsign [options] [changes-file|dsc-file|commands-file ...]", "tldr_summary": null, "tldr_examples": [], "tldr_source": null, "flags": [ { "flag": "-r", "long": null, "arg": null, "description": "The files to be signed live on the specified remote host. In this case, a .dsc, .buildinfo or .changes file must be explicitly named, with an absolute directory or one relative to the remote home directory. scp will be used for the copying. The [username@]remotehost:filename syntax is permitted as an alternative. Wildcards (* etc.) are allowed." }, { "flag": "-p", "long": null, "arg": null, "description": "When debsign needs to execute GPG to sign it will run progname (searching the PATH if necessary), instead of gpg." }, { "flag": "-m", "long": null, "arg": null, "description": "Specify the maintainer name to be used for signing. (See dpkg-buildpackage(1) for more information about the differences between -m, -e and -k when building packages; debsign makes no use of these distinctions except with respect to the precedence of the various options. These multiple options are provided so that the program will be‐ have as expected when called by debuild(1).)" }, { "flag": "-e", "long": null, "arg": null, "description": "Same as -m but takes precedence over it." }, { "flag": "-k", "long": null, "arg": null, "description": "Specify the key ID to be used for signing; overrides any -m and -e options." }, { "flag": "-S", "long": null, "arg": null, "description": "" }, { "flag": "-t", "long": null, "arg": null, "description": "See dpkg-architecture(1) for a description of these options. They affect the search for the .changes file. They are provided to mimic the behaviour of dpkg-buildpackage when determining the name of the .changes file." }, { "flag": "", "long": "--multi", "arg": null, "description": "Multiarch .changes mode: This signifies that debsign should use the most recent file with the name pattern packageversion*+*.changes as the .changes file, allowing for the .changes files produced by dpkg-cross. --re-sign, --no-re-sign Recreate signature, respectively use the existing signature, if the file has been signed already. If neither option is given and an already signed file is found the user is asked if he or she likes to use the current signature. --debs-dir DIR Look for the files to be signed in directory DIR instead of the parent of the source directory. This should either be an absolute path or relative to the top of the source directory. --no-conf, --noconf Do not read any configuration files. This can only be used as the first option given on the command-line. --help, -h Display a help message and exit successfully." }, { "flag": "", "long": "--version", "arg": null, "description": "Display version and copyright information and exit successfully." } ], "examples": [], "see_also": [ { "name": "debrsign", "section": "1", "url": "https://www.chedong.com/phpMan.php/man/debrsign/1/json" }, { "name": "debuild", "section": "1", "url": "https://www.chedong.com/phpMan.php/man/debuild/1/json" }, { "name": "dpkg-architecture", "section": "1", "url": "https://www.chedong.com/phpMan.php/man/dpkg-architecture/1/json" }, { "name": "dpkg-buildpackage", "section": "1", "url": "https://www.chedong.com/phpMan.php/man/dpkg-buildpackage/1/json" }, { "name": "gpg", "section": "1", "url": "https://www.chedong.com/phpMan.php/man/gpg/1/json" }, { "name": "gpg2", "section": "1", "url": "https://www.chedong.com/phpMan.php/man/gpg2/1/json" }, { "name": "md5sum", "section": "1", "url": "https://www.chedong.com/phpMan.php/man/md5sum/1/json" }, { "name": "sha1sum", "section": "1", "url": "https://www.chedong.com/phpMan.php/man/sha1sum/1/json" }, { "name": "sha256sum", "section": "1", "url": "https://www.chedong.com/phpMan.php/man/sha256sum/1/json" }, { "name": "scp", "section": "1", "url": "https://www.chedong.com/phpMan.php/man/scp/1/json" }, { "name": "devscripts.conf", "section": "5", "url": "https://www.chedong.com/phpMan.php/man/devscripts.conf/5/json" } ], "section_outline": [ { "name": "NAME", "lines": 2, "subsections": [] }, { "name": "SYNOPSIS", "lines": 2, "subsections": [] }, { "name": "DESCRIPTION", "lines": 26, "subsections": [] }, { "name": "OPTIONS", "lines": 1, "subsections": [ { "name": "-r", "lines": 6, "flag": "-r" }, { "name": "-p", "lines": 3, "flag": "-p" }, { "name": "-m", "lines": 6, "flag": "-m" }, { "name": "-e", "lines": 2, "flag": "-e" }, { "name": "-k", "lines": 2, "flag": "-k" }, { "name": "-S", "lines": 1, "flag": "-S" }, { "name": "-a -t", "lines": 4, "flag": "-t" }, { "name": "--multi", "lines": 21, "long": "--multi" }, { "name": "--version", "lines": 2, "long": "--version" } ] }, { "name": "CONFIGURATION VARIABLES", "lines": 24, "subsections": [] }, { "name": "SEE ALSO", "lines": 3, "subsections": [] }, { "name": "AUTHOR", "lines": 6, "subsections": [] } ], "sections": { "NAME": { "content": "debsign - sign a Debian .changes and .dsc file pair using GPG\n", "subsections": [] }, "SYNOPSIS": { "content": "debsign [options] [changes-file|dsc-file|commands-file ...]\n", "subsections": [] }, "DESCRIPTION": { "content": "debsign mimics the signing aspects (and bugs) of dpkg-buildpackage(1). It takes a .dsc,\n.buildinfo, or .changes file and signs it, and any child .dsc, .buildinfo, or .changes files\ndirectly or indirectly referenced by it, using the GNU Privacy Guard. It is careful to calcu‐\nlate the size and checksums of any newly signed child files and replace the original values\nin the parent file.\n\nIf no file is specified, debian/changelog is parsed to determine the name of the .changes\nfile to look for in the parent directory.\n\nIf a .commands file is specified it is first validated (see the details at ftp://ftp.up‐\nload.debian.org/pub/UploadQueue/README), and the name specified in the Uploader field is used\nfor signing.\n\nThis utility is useful if a developer must build a package on one machine where it is unsafe\nto sign it; they need then only transfer the small .dsc, .buildinfo and .changes files to a\nsafe machine and then use the debsign program to sign them before transferring them back.\nThis process can be automated in two ways. If the files to be signed live on the remote ma‐\nchine, the -r option may be used to copy them to the local machine and back again after sign‐\ning. If the files live on the local machine, then they may be transferred to the remote ma‐\nchine for signing using debrsign(1). However note that it is probably safer to have your\ntrusted signing machine use debsign to connect to the untrusted non-signing machine, rather\nthan using debrsign to make the connection in the reverse direction.\n\nThis program can take default settings from the devscripts configuration files, as described\nbelow.\n", "subsections": [] }, "OPTIONS": { "content": "", "subsections": [ { "name": "-r", "content": "The files to be signed live on the specified remote host. In this case, a .dsc,\n.buildinfo or .changes file must be explicitly named, with an absolute directory or\none relative to the remote home directory. scp will be used for the copying. The\n[username@]remotehost:filename syntax is permitted as an alternative. Wildcards (*\netc.) are allowed.\n", "flag": "-r" }, { "name": "-p", "content": "When debsign needs to execute GPG to sign it will run progname (searching the PATH if\nnecessary), instead of gpg.\n", "flag": "-p" }, { "name": "-m", "content": "Specify the maintainer name to be used for signing. (See dpkg-buildpackage(1) for\nmore information about the differences between -m, -e and -k when building packages;\ndebsign makes no use of these distinctions except with respect to the precedence of\nthe various options. These multiple options are provided so that the program will be‐\nhave as expected when called by debuild(1).)\n", "flag": "-m" }, { "name": "-e", "content": "Same as -m but takes precedence over it.\n", "flag": "-e" }, { "name": "-k", "content": "Specify the key ID to be used for signing; overrides any -m and -e options.\n", "flag": "-k" }, { "name": "-S", "content": "", "flag": "-S" }, { "name": "-a -t", "content": "See dpkg-architecture(1) for a description of these options. They affect the search\nfor the .changes file. They are provided to mimic the behaviour of dpkg-buildpackage\nwhen determining the name of the .changes file.\n", "flag": "-t" }, { "name": "--multi", "content": "Multiarch .changes mode: This signifies that debsign should use the most recent file\nwith the name pattern packageversion*+*.changes as the .changes file, allowing for\nthe .changes files produced by dpkg-cross.\n\n--re-sign, --no-re-sign\nRecreate signature, respectively use the existing signature, if the file has been\nsigned already. If neither option is given and an already signed file is found the\nuser is asked if he or she likes to use the current signature.\n\n--debs-dir DIR\nLook for the files to be signed in directory DIR instead of the parent of the source\ndirectory. This should either be an absolute path or relative to the top of the\nsource directory.\n\n--no-conf, --noconf\nDo not read any configuration files. This can only be used as the first option given\non the command-line.\n\n--help, -h\nDisplay a help message and exit successfully.\n", "long": "--multi" }, { "name": "--version", "content": "Display version and copyright information and exit successfully.\n", "long": "--version" } ] }, "CONFIGURATION VARIABLES": { "content": "The two configuration files /etc/devscripts.conf and ~/.devscripts are sourced in that order\nto set configuration variables. Command line options can be used to override configuration\nfile settings. Environment variable settings are ignored for this purpose. The currently\nrecognised variables are:\n\nDEBSIGNPROGRAM\nSetting this is equivalent to giving a -p option.\n\nDEBSIGNMAINT\nThis is the -m option.\n\nDEBSIGNKEYID\nAnd this is the -k option.\n\nDEBSIGNALWAYSRESIGN\nAlways re-sign files even if they are already signed, without prompting.\n\nDEBRELEASEDEBSDIR\nThis specifies the directory in which to look for the files to be signed, and is ei‐\nther an absolute path or relative to the top of the source tree. This corresponds to\nthe --debs-dir command line option. This directive could be used, for example, if you\nalways use pbuilder or svn-buildpackage to build your packages. Note that it also af‐\nfects debrelease(1) in the same way, hence the strange name of the option.\n", "subsections": [] }, "SEE ALSO": { "content": "debrsign(1), debuild(1), dpkg-architecture(1), dpkg-buildpackage(1), gpg(1), gpg2(1),\nmd5sum(1), sha1sum(1), sha256sum(1), scp(1), devscripts.conf(5)\n", "subsections": [] }, "AUTHOR": { "content": "This program was written by Julian Gilbey and is copyright under the GPL,\nversion 2 or later.\n\n\n\nDEBIAN Debian Utilities DEBSIGN(1)", "subsections": [] } } } }