Bug 193536 - initial gpg run doesn't create .gnupg/secring.gpg
initial gpg run doesn't create .gnupg/secring.gpg
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: gnupg (Show other bugs)
4.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
Mike McLean
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-05-30 05:20 EDT by Peter Bieringer
Modified: 2007-11-30 17:07 EST (History)
1 user (show)

See Also:
Fixed In Version: 1.2.6-4
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-08-11 11:13:03 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Peter Bieringer 2006-05-30 05:20:07 EDT
At least for RHEL4 the version mentioned in the errata won't fix the problem:

$ rpm -q gnupg
gnupg-1.2.6-3
$ rm -rf .gnupg
$ gpg --gen-key
gpg (GnuPG) 1.2.6; Copyright (C) 2004 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.

gpg: failed to create temporary file
`/home/user/.gnupg/.#lk0x9d709a8.host.28760': No such file or directory
gpg: keyblock resource `/home/user/.gnupg/secring.gpg': general error
gpg: failed to create temporary file
`/home/user/.gnupg/.#lk0x9d70cb8.host.28760': No such file or directory
gpg: keyblock resource `/home/user/.gnupg/pubring.gpg': general error
Please select what kind of key you want:
   (1) DSA and ElGamal (default)
   (2) DSA (sign only)
   (4) RSA (sign only)
Your selection? 1
DSA keypair will have 1024 bits.
About to generate a new ELG-E keypair.
              minimum keysize is  768 bits
              default keysize is 1024 bits
    highest suggested keysize is 2048 bits
What keysize do you want? (1024)
Requested keysize is 1024 bits
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0)
Key does not expire at all
Is this correct (y/n)? y

You need a User-ID to identify your key; the software constructs the user id
from Real Name, Comment and Email Address in this form:
    "Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"

Real name: test1234
Email address: test@test.com
Comment:
You selected this USER-ID:
    "test1234 <test@test.com>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.

You don't want a passphrase - this is probably a *bad* idea!
I will do it anyway.  You can change your passphrase at any time,
using this program with the option "--edit-key".

We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
+++++++++++++++++++++++++++++++++++..+++++.++++++++++.+++++++++++++++++++++++++.+++++++++++++++.++++++++++..+++++.++++++++++..+++++.+++++.+++++.+++++.................>+++++.......................+++++
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
++++++++++.++++++++++++++++++++++++++++++.+++++.+++++.++++++++++.++++++++++.+++++++++++++++++++++++++.+++++.++++++++++++++++++++++++++++++>+++++.................................................................................................................................................................+++++^^^^
gpg: no writable public keyring found: eof
Key generation failed: eof
gpg: can't create `/home/user/.gnupg/random_seed': No such file or directory


Similar happen on import:
$ rm -rf .gnupg
$ gpg --import key.pub
gpg: failed to create temporary file
`/home/user/.gnupg/.#lk0x9eb59a8.host.28854': No such file or directory
gpg: keyblock resource `/home/user/.gnupg/secring.gpg': general error
gpg: failed to create temporary file
`/home/user/.gnupg/.#lk0x9eb5cb8.host.28854': No such file or directory
gpg: keyblock resource `/home/user/.gnupg/pubring.gpg': general error
gpg: no writable keyring found: eof
gpg: error reading `key.pub': general error
gpg: import from `key.pub' failed: general error
gpg: Total number processed: 0


Workaround:
$ mkdir .gnupg
$ chmod 700 .gnupg


Looks like backporting was not proper...


+++ This bug was initially created as a clone of Bug #167392 +++

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; de-DE; rv:1.7.10) Gecko/20050720
Fedora/1.0.6-1.1.fc4 Firefox/1.0.6

Description of problem:
on initial gpg run, secring.gpg isn't created at all, which causes major
problems on --key-gen

Version-Release number of selected component (if applicable):
gnupg-1.2.1-10

How reproducible:
Always

Steps to Reproduce:
host:~ $> rm -rf .gnupg/
host:~ $> gpg --gen-key
gpg (GnuPG) 1.2.1; Copyright (C) 2002 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.

gpg: WARNING: using insecure memory!
gpg: please see http://www.gnupg.org/faq.html for more information
gpg: /home/test/.gnupg: directory created
gpg: new configuration file `/home/test/.gnupg/gpg.conf' created
gpg: keyblock resource `/home/test/.gnupg/secring.gpg': file open error
gpg: keyring `/home/test/.gnupg/pubring.gpg' created
Please select what kind of key you want:
   (1) DSA and ElGamal (default)
   (2) DSA (sign only)
   (5) RSA (sign only)
Your selection? 1
DSA keypair will have 1024 bits.
About to generate a new ELG-E keypair.
              minimum keysize is  768 bits
              default keysize is 1024 bits
    highest suggested keysize is 2048 bits
What keysize do you want? (1024) 2048
Requested keysize is 2048 bits
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0) 3y
Key expires at Mon 01 Sep 2008 12:04:11 PM CEST
Is this correct (y/n)? y

You need a User-ID to identify your key; the software constructs the user id
from Real Name, Comment and Email Address in this form:
    "Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"

Real name: test
Email address: test@domain.example
Comment:
You selected this USER-ID:
    "test <test@domain.example>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.

You don't want a passphrase - this is probably a *bad* idea!
I will do it anyway.  You can change your passphrase at any time,
using this program with the option "--edit-key".

We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
.++++++++++++++++++++++++++++++++++++++++.++++++++++..+++++..++++++++++++++++++++++++++++++++++++++++.+++++.+++++.+++++++++++++++.++++++++++>++++++++++.....................................................+++++

Not enough random bytes available.  Please do some other work to give
the OS a chance to collect more entropy! (Need 130 more bytes)
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
.+++++.+++++++++++++++.++++++++++++++++++++.++++++++++++++++++++.+++++++++++++++.+++++...++++++++++..++++++++++++++++++++..++++++++++.+++++++++++++++++++++++++>++++++++++>+++++......>.+++++<+++++>+++++...........................+++++^^^
gpg: no writable secret keyring found: eof
Key generation failed: eof

host:~ $> rm -rf .gnupg/
host:~ $> gpg
gpg: WARNING: using insecure memory!
gpg: please see http://www.gnupg.org/faq.html for more information
gpg: /home/test/.gnupg: directory created
gpg: new configuration file `/home/test/.gnupg/gpg.conf' created
gpg: keyblock resource `/home/test/.gnupg/secring.gpg': file open error
gpg: keyring `/home/test/.gnupg/pubring.gpg' created
gpg: Go ahead and type your message ...

gpg: some signal caught ... exiting



Actual Results:  See above, no secring.gpg is created

Expected Results:  Create an initial secring.gpg, if not existent

Additional info:

touch /home/test/.gnupg/secring.gpg
chmod 600 /home/test/.gnupg/secring.gpg

-- Additional comment from pb@bieringer.de on 2005-09-02 07:21 EST --
Forget to mention, "additional info" is a workaround.

-- Additional comment from bugzilla@redhat.com on 2006-03-15 11:31 EST --

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2006-0266.html
Comment 1 Nalin Dahyabhai 2006-08-11 11:13:03 EDT
1.2.6-3 didn't attempt to fix this bug for RHEL 4.  1.2.6-4 (RHBA-2006:0416)
did, closing.

Note You need to log in before you can comment on or make changes to this bug.