Red Hat Bugzilla – Bug 102331
Weird behavior of gpg $(up2date --gpg-flags)
Last modified: 2007-11-30 17:06:53 EST
Description of problem:
When configuring RHEN clients to work with a custom channel provided from a RHEN
Proxy Server, the clients must have the public GPG key used for packages in the
custom channel installed. The suggested method is to use the command:
gpg $(up2date --gpg-flags) --import MY-GPG-KEY
The $(up2date --gpg-flags) is intended to expand to make gpg use the
up2date-keyring.gpg file rather than root's personal /root/.gnupg keyrings.
This fails if the user logs in to X as a user, starts an X terminal, and runs
'su -' to root to execute the gpg command. The above command instead is run as
gpg --import MY-GPG-KEY
The 'gpg $(up2date --gpg-flags) --import MY-GPG-KEY' command:
WORKS if the user logs in to a virtual console as root.
WORKS if the user logs in to a virtual console as a user and 'su -' to root.
WORKS if the user logs in to X as root and starts gnome-terminal.
FAILS if the user logs in to X as a regular user, starts gnome-terminal, and
then 'su -' to root.
Version-Release number of selected component (if applicable):
How reproducible: Always.
Steps to Reproduce:
Log in to X as a regular user, start gnome-terminal, su -, and run the
echo "gpg $(up2date --gpg-flags)"
The string "gpg" will be displayed. What *should* be displayed is the string
"gpg --homedir /root/.gnupg --no-default-keyring --keyring
>FAILS if the user logs in to X as a regular user, starts gnome-terminal, and
>then 'su -' to root.
I would guess up2date isnt running correctly because of userhelper issues.
I'd try $(/usr/sbin/up2date --gpg-flags)
/usr/sbin/up2date works. /usr/bin/up2date fails. (!!!)
This bug is exposed because $PATH is actually being set differently between a
login shell received through login and a login shell received through 'su -'!
$PATH when login as root: ... /usr/sbin:/usr/bin ...
$PATH when su - to root from user: ... /usr/bin:/usr/sbin ...
This difference in how $PATH ends up being set seems like a Bad Thing, and
probably should be filed as a second bug, against setup-2.5.7-1.
I've filed the PATH bug against coreutils [bug #102567]. It looks like we have
an old patch to /bin/su (sh-utils-1.16-paths.patch) that violates the LSB 1.3
standard. A related documentation bug also turned up in util-linux [bug #102566].
These bugs are filed against taroon-beta1, but also apply to RHEL 2.1 and RHL 9.
Why is it that we have different up2date programs in /usr/sbin and /usr/bin?
/usr/bin/up2date is a symlink to consolehelper (so
that it can prompt for root etc)