Red Hat Bugzilla – Bug 102331
Weird behavior of gpg $(up2date --gpg-flags)
Last modified: 2007-11-30 17:06:53 EST
Description of problem: When configuring RHEN clients to work with a custom channel provided from a RHEN Proxy Server, the clients must have the public GPG key used for packages in the custom channel installed. The suggested method is to use the command: gpg $(up2date --gpg-flags) --import MY-GPG-KEY The $(up2date --gpg-flags) is intended to expand to make gpg use the up2date-keyring.gpg file rather than root's personal /root/.gnupg keyrings. This fails if the user logs in to X as a user, starts an X terminal, and runs 'su -' to root to execute the gpg command. The above command instead is run as gpg --import MY-GPG-KEY The 'gpg $(up2date --gpg-flags) --import MY-GPG-KEY' command: WORKS if the user logs in to a virtual console as root. WORKS if the user logs in to a virtual console as a user and 'su -' to root. WORKS if the user logs in to X as root and starts gnome-terminal. FAILS if the user logs in to X as a regular user, starts gnome-terminal, and then 'su -' to root. Version-Release number of selected component (if applicable): up2date-2.8.45-1.2.1AS gnupg-1.0.7-7.2.1 bash-2.05-8 How reproducible: Always. Steps to Reproduce: Log in to X as a regular user, start gnome-terminal, su -, and run the command echo "gpg $(up2date --gpg-flags)" The string "gpg" will be displayed. What *should* be displayed is the string "gpg --homedir /root/.gnupg --no-default-keyring --keyring /etc/sysconfig/rhn/up2date-keyring.gpg".
>FAILS if the user logs in to X as a regular user, starts gnome-terminal, and >then 'su -' to root. I would guess up2date isnt running correctly because of userhelper issues. I'd try $(/usr/sbin/up2date --gpg-flags)
/usr/sbin/up2date works. /usr/bin/up2date fails. (!!!) This bug is exposed because $PATH is actually being set differently between a login shell received through login and a login shell received through 'su -'! $PATH when login as root: ... /usr/sbin:/usr/bin ... $PATH when su - to root from user: ... /usr/bin:/usr/sbin ... This difference in how $PATH ends up being set seems like a Bad Thing, and probably should be filed as a second bug, against setup-2.5.7-1.
I've filed the PATH bug against coreutils [bug #102567]. It looks like we have an old patch to /bin/su (sh-utils-1.16-paths.patch) that violates the LSB 1.3 standard. A related documentation bug also turned up in util-linux [bug #102566]. These bugs are filed against taroon-beta1, but also apply to RHEL 2.1 and RHL 9. Why is it that we have different up2date programs in /usr/sbin and /usr/bin?
/usr/bin/up2date is a symlink to consolehelper (so that it can prompt for root etc)