Bug 102331 - Weird behavior of gpg $(up2date --gpg-flags)
Summary: Weird behavior of gpg $(up2date --gpg-flags)
Keywords:
Status: CLOSED WORKSFORME
Alias: None
Product: Red Hat Enterprise Linux 2.1
Classification: Red Hat
Component: up2date
Version: 2.1
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Adrian Likins
QA Contact: Fanny Augustin
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2003-08-13 21:53 UTC by Steve Bonneville
Modified: 2007-11-30 22:06 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2004-08-23 18:48:41 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Steve Bonneville 2003-08-13 21:53:02 UTC 
Description of problem:

When configuring RHEN clients to work with a custom channel provided from a RHEN
Proxy Server, the clients must have the public GPG key used for packages in the
custom channel installed.  The suggested method is to use the command:

  gpg $(up2date --gpg-flags) --import MY-GPG-KEY

The $(up2date --gpg-flags) is intended to expand to make gpg use the
up2date-keyring.gpg file rather than root's personal /root/.gnupg keyrings. 

This fails if the user logs in to X as a user, starts an X terminal, and runs
'su -' to root to execute the gpg command.  The above command instead is run as

  gpg --import MY-GPG-KEY 

The 'gpg $(up2date --gpg-flags) --import MY-GPG-KEY' command:
WORKS if the user logs in to a virtual console as root.  
WORKS if the user logs in to a virtual console as a user and 'su -' to root.
WORKS if the user logs in to X as root and starts gnome-terminal.  
FAILS if the user logs in to X as a regular user, starts gnome-terminal, and
then 'su -' to root.

Version-Release number of selected component (if applicable):
  up2date-2.8.45-1.2.1AS
  gnupg-1.0.7-7.2.1
  bash-2.05-8

How reproducible: Always.

Steps to Reproduce:

Log in to X as a regular user, start gnome-terminal, su -, and run the 
command

   echo "gpg $(up2date --gpg-flags)"
    
The string "gpg" will be displayed.  What *should* be displayed is the string
"gpg --homedir /root/.gnupg --no-default-keyring --keyring
/etc/sysconfig/rhn/up2date-keyring.gpg".
Comment 1 Adrian Likins 2003-08-14 03:09:44 UTC 
>FAILS if the user logs in to X as a regular user, starts gnome-terminal, and
>then 'su -' to root.

I would guess up2date isnt running correctly because of userhelper issues.
I'd try $(/usr/sbin/up2date --gpg-flags)
Comment 2 Steve Bonneville 2003-08-15 20:27:49 UTC 
/usr/sbin/up2date works.  /usr/bin/up2date fails.  (!!!)

This bug is exposed because $PATH is actually being set differently between a
login shell received through login and a login shell received through 'su -'!

$PATH when login as root:           ... /usr/sbin:/usr/bin ...
$PATH when su - to root from user:  ... /usr/bin:/usr/sbin ...

This difference in how $PATH ends up being set seems like a Bad Thing, and
probably should be filed as a second bug, against setup-2.5.7-1.
Comment 3 Steve Bonneville 2003-08-18 05:32:46 UTC 
I've filed the PATH bug against coreutils [bug #102567].  It looks like we have
an old patch to /bin/su (sh-utils-1.16-paths.patch) that violates the LSB 1.3
standard.  A related documentation bug also turned up in util-linux [bug #102566].
These bugs are filed against taroon-beta1, but also apply to RHEL 2.1 and RHL 9. 

Why is it that we have different up2date programs in /usr/sbin and /usr/bin?
Comment 4 Adrian Likins 2004-08-23 18:48:41 UTC 
/usr/bin/up2date is a symlink to consolehelper (so
that it can prompt for root etc)
Note You need to log in before you can comment on or make changes to this bug.