Ubuntu
gnupg package

gnupg: complaining about file permissions without reason

Bug #414812 reported by Olaf Zaplinski
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
gnupg (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

Binary package hint: gnupg

As you can see, ~/.gnupg is complaining about file permissions without reason:

Fetched 308B in 0s (748B/s)
Reading package lists... Done
W: GPG error: http://ppa.launchpad.net jaunty Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8420FEF1DD2B0027
W: You may want to run apt-get update to correct these problems
root@ridcully:/etc/apt#
root@ridcully:/etc/apt#
root@ridcully:/etc/apt# gpg --recv-keys 8420FEF1DD2B0027
gpg: WARNING: unsafe ownership on configuration file `/home/oz/.gnupg/gpg.conf'
gpg: keyring `/home/oz/.gnupg/secring.gpg' created
gpg: keyring `/home/oz/.gnupg/pubring.gpg' created
gpg: external program calls are disabled due to unsafe options file permissions
gpg: keyserver communications error: general error
gpg: keyserver receive failed: general error
root@ridcully:/etc/apt# gpg --recv-keys 8420FEF1DD2B0027
gpg: WARNING: unsafe ownership on configuration file `/home/oz/.gnupg/gpg.conf'
gpg: external program calls are disabled due to unsafe options file permissions
gpg: keyserver communications error: general error
gpg: keyserver receive failed: general error

root@ridcully:/etc/apt# ls -lad /home/oz/.gnupg
drwx------ 2 oz oz 4096 Aug 17 15:31 /home/oz/.gnupg
root@ridcully:/etc/apt# date
Mon Aug 17 15:32:12 CEST 2009

root@ridcully:/etc/apt# ls -l /home/oz/.gnupg/gpg.conf
-rw------- 1 oz oz 9508 Jul 31 16:16 /home/oz/.gnupg/gpg.conf

file permissions are ok!

ProblemType: Bug
Architecture: amd64
DistroRelease: Ubuntu 9.04
Package: gnupg 1.4.9-3ubuntu1
ProcEnviron:
 LANG=de_DE.UTF-8
 SHELL=/bin/bash
SourcePackage: gnupg
Uname: Linux 2.6.28-14-generic x86_64

Revision history for this message
Olaf Zaplinski (oz42) wrote :
Revision history for this message
Daniel Leidert (dleidert-deactivatedaccount) wrote :

You might want to check, why it is using ~oz instead of ~root, when you run it as root. It is probably complaining, that ~oz/.gnupg/gpg.conf is not owned by the user root, who runs the command. If that is intended, you can use --no-permission-warning to overwrite the warning. From my point of view, you're complaints are not reasonable.

Revision history for this message
Olaf Zaplinski (oz42) wrote :

it is using ~/oz because of sudo'ing an apt-get session

Revision history for this message
Michael Bienia (geser) wrote :

BTW: Please re-read the PPA instructions for how to add keys for repositories. The right command would be

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0x8420FEF1DD2B0027

Revision history for this message
Daniel Leidert (dleidert-deactivatedaccount) wrote :

sudo AFAIK doesn't change HOME, so it points to the wrong location and my guess seems to be right. Using sudo -H should solve your "problem". Closing as "Invalid" then.

Changed in gnupg (Ubuntu):
status: New → Invalid
Revision history for this message
tz (thomas-mich) wrote :

For me it is still a problem.

Just typing "gpg" will produce the message.

My .gnupg is 700, the contents are all 600.

If it complains, at least it should specify what it doesn't like. There are many complaints and no solutions from a google search.

Changed in gnupg (Ubuntu):
status: Invalid → New
Revision history for this message
tz (thomas-mich) wrote :

I could just file this as a completely new bug, but it would be the same title and issue.

It would just not involve what should be done as apt-key.

What precisely does GPG require - it should either say X needs to be Y so I can correct it or remain silent.

Changed in gnupg (Ubuntu):
status: New → Invalid
Revision history for this message
tz (thomas-mich) wrote :

My error - I did a sudo shell and didn't notice I hadn't exited. (I use multiple terminals and picked the sudoed one).

But it really should give more details - user does not own nor does group match or something.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.