Bug 167392

Summary: initial gpg run doesn't create .gnupg/secring.gpg
Product: Red Hat Enterprise Linux 3 Reporter: Peter Bieringer <pb>
Component: gnupgAssignee: Nalin Dahyabhai <nalin>
Status: CLOSED ERRATA QA Contact: Mike McLean <mikem>
Severity: medium Docs Contact:
Priority: medium    
Version: 3.0CC: benl
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: RHSA-2006-0266 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-03-15 16:31:12 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Peter Bieringer 2005-09-02 10:20:10 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; de-DE; rv:1.7.10) Gecko/20050720 Fedora/1.0.6-1.1.fc4 Firefox/1.0.6

Description of problem:
on initial gpg run, secring.gpg isn't created at all, which causes major problems on --key-gen

Version-Release number of selected component (if applicable):
gnupg-1.2.1-10

How reproducible:
Always

Steps to Reproduce:
host:~ $> rm -rf .gnupg/
host:~ $> gpg --gen-key
gpg (GnuPG) 1.2.1; Copyright (C) 2002 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.

gpg: WARNING: using insecure memory!
gpg: please see http://www.gnupg.org/faq.html for more information
gpg: /home/test/.gnupg: directory created
gpg: new configuration file `/home/test/.gnupg/gpg.conf' created
gpg: keyblock resource `/home/test/.gnupg/secring.gpg': file open error
gpg: keyring `/home/test/.gnupg/pubring.gpg' created
Please select what kind of key you want:
   (1) DSA and ElGamal (default)
   (2) DSA (sign only)
   (5) RSA (sign only)
Your selection? 1
DSA keypair will have 1024 bits.
About to generate a new ELG-E keypair.
              minimum keysize is  768 bits
              default keysize is 1024 bits
    highest suggested keysize is 2048 bits
What keysize do you want? (1024) 2048
Requested keysize is 2048 bits
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0) 3y
Key expires at Mon 01 Sep 2008 12:04:11 PM CEST
Is this correct (y/n)? y

You need a User-ID to identify your key; the software constructs the user id
from Real Name, Comment and Email Address in this form:
    "Heinrich Heine (Der Dichter) <heinrichh>"

Real name: test
Email address: test
Comment:
You selected this USER-ID:
    "test <test>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.

You don't want a passphrase - this is probably a *bad* idea!
I will do it anyway.  You can change your passphrase at any time,
using this program with the option "--edit-key".

We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
.++++++++++++++++++++++++++++++++++++++++.++++++++++..+++++..++++++++++++++++++++++++++++++++++++++++.+++++.+++++.+++++++++++++++.++++++++++>++++++++++.....................................................+++++

Not enough random bytes available.  Please do some other work to give
the OS a chance to collect more entropy! (Need 130 more bytes)
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
.+++++.+++++++++++++++.++++++++++++++++++++.++++++++++++++++++++.+++++++++++++++.+++++...++++++++++..++++++++++++++++++++..++++++++++.+++++++++++++++++++++++++>++++++++++>+++++......>.+++++<+++++>+++++...........................+++++^^^
gpg: no writable secret keyring found: eof
Key generation failed: eof

host:~ $> rm -rf .gnupg/
host:~ $> gpg
gpg: WARNING: using insecure memory!
gpg: please see http://www.gnupg.org/faq.html for more information
gpg: /home/test/.gnupg: directory created
gpg: new configuration file `/home/test/.gnupg/gpg.conf' created
gpg: keyblock resource `/home/test/.gnupg/secring.gpg': file open error
gpg: keyring `/home/test/.gnupg/pubring.gpg' created
gpg: Go ahead and type your message ...

gpg: some signal caught ... exiting



Actual Results:  See above, no secring.gpg is created

Expected Results:  Create an initial secring.gpg, if not existent

Additional info:

touch /home/test/.gnupg/secring.gpg
chmod 600 /home/test/.gnupg/secring.gpg
Comment 1 Peter Bieringer 2005-09-02 11:21:45 UTC 
Forget to mention, "additional info" is a workaround.
Comment 9 Red Hat Bugzilla 2006-03-15 16:31:12 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2006-0266.html
Comment 10 Peter Bieringer 2006-05-30 09:22:30 UTC 
Can confirm bug is fixed for RHEL3, but not for RHEL4, cloned bug now:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=193536