1 [[!meta title="Problems with root-owned gpg keyrings"]]
3 `/var/lib/monkeysphere/gnupg-host/` is root-owned, and the public
4 keyring in that directory is controlled by the superuser.
6 We currently expect the `monkeysphere` user to read from (but not
7 write to) that keyring. But using a keyring in a directory that you
8 don't control appears to trigger [a subtle bug in
9 gpg](http://bugs.debian.org/361539) that has been unresolved for quite
12 With some of the new error checking i'm doing in
13 `monkeysphere-server`, typical operations that involve both keyrings
14 as the non-privileged user can fail with an error message like:
16 gpg: failed to rebuild keyring cache: file open error
18 Running the relevant operation a second time as the same user usually
19 lets things go through without a failure, but this seems like it would
20 be hiding a bug, rather than getting it fixed correctly.
22 Are there other ways we can deal with this problem?
26 Here is an example when using monkeysphere-server
27 add-identity-certifier on a host with a newly-installed monkeysphere
28 installaton. Note that running the same command a second time works
31 0 pip:~# monkeysphere-server c+ 0EE5BE979282D80B9F7540F1CCD2ED94D21739E9
32 gpg: requesting key D21739E9 from hkp server pool.sks-keyservers.net
33 gpg: key D21739E9: public key "Daniel Kahn Gillmor <dkg@fifthhorseman.net>" imported
34 gpg: can't create `/var/lib/monkeysphere/gnupg-host/pubring.gpg.tmp': Permission denied
35 gpg: failed to rebuild keyring cache: file open error
36 gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
37 gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
38 gpg: next trustdb check due at 2009-03-30
39 gpg: Total number processed: 1
40 gpg: imported: 1 (RSA: 1)
41 Could not receive a key with this ID from the 'pool.sks-keyservers.net' keyserver.
42 255 pip:~# monkeysphere-server c+ 0EE5BE979282D80B9F7540F1CCD2ED94D21739E9
43 gpg: requesting key D21739E9 from hkp server pool.sks-keyservers.net
44 gpg: key D21739E9: "Daniel Kahn Gillmor <dkg@fifthhorseman.net>" not changed
45 gpg: Total number processed: 1
49 pub 4096R/D21739E9 2007-06-02 [expires: 2012-05-31]
50 Key fingerprint = 0EE5 BE97 9282 D80B 9F75 40F1 CCD2 ED94 D217 39E9
51 uid [ unknown] Daniel Kahn Gillmor <dkg@fifthhorseman.net>
52 uid [ unknown] Daniel Kahn Gillmor <dkg@openflows.com>
53 uid [ unknown] Daniel Kahn Gillmor <dkg@astro.columbia.edu>
54 uid [ unknown] Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>
55 uid [ unknown] [jpeg image of size 3515]
56 sub 2048R/4BFA08E4 2008-06-19 [expires: 2009-06-19]
57 sub 4096R/21484CFF 2007-06-02 [expires: 2012-05-31]
59 Are you sure you want to add the above key as a
60 certifier of users on this system? (y/N) y
61 gpg: key D21739E9: public key "Daniel Kahn Gillmor <dkg@fifthhorseman.net>" imported
62 gpg: Total number processed: 1
63 gpg: imported: 1 (RSA: 1)
64 gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
65 gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
66 gpg: next trustdb check due at 2009-03-30
67 gpg (GnuPG) 1.4.9; Copyright (C) 2008 Free Software Foundation, Inc.
68 This is free software: you are free to change and redistribute it.
69 There is NO WARRANTY, to the extent permitted by law.
72 pub 4096R/D21739E9 created: 2007-06-02 expires: 2012-05-31 usage: SC
73 trust: unknown validity: unknown
74 [ unknown] (1). Daniel Kahn Gillmor <dkg@fifthhorseman.net>
75 [ unknown] (2) Daniel Kahn Gillmor <dkg@openflows.com>
76 [ unknown] (3) Daniel Kahn Gillmor <dkg@astro.columbia.edu>
77 [ unknown] (4) Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>
78 [ unknown] (5) [jpeg image of size 3515]
81 pub 4096R/D21739E9 created: 2007-06-02 expires: 2012-05-31 usage: SC
82 trust: unknown validity: unknown
83 Primary key fingerprint: 0EE5 BE97 9282 D80B 9F75 40F1 CCD2 ED94 D217 39E9
85 Daniel Kahn Gillmor <dkg@fifthhorseman.net>
86 Daniel Kahn Gillmor <dkg@openflows.com>
87 Daniel Kahn Gillmor <dkg@astro.columbia.edu>
88 Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>
89 [jpeg image of size 3515]
91 This key is due to expire on 2012-05-31.
92 Please decide how far you trust this user to correctly verify other users' keys
93 (by looking at passports, checking fingerprints from different sources, etc.)
95 1 = I trust marginally
99 Please enter the depth of this trust signature.
100 A depth greater than 1 allows the key you are signing to make
101 trust signatures on your behalf.
104 Please enter a domain to restrict this signature, or enter for none.
107 Are you sure that you want to sign this key with your
108 key "ssh://pip.fifthhorseman.net" (9B83C17D)
110 The signature will be marked as non-exportable.
113 gpg: can't create `/var/lib/monkeysphere/gnupg-host/pubring.gpg.tmp': Permission denied
114 gpg: failed to rebuild keyring cache: file open error
115 gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
116 gpg: depth: 0 valid: 1 signed: 1 trust: 0-, 0q, 0n, 0m, 0f, 1u
117 gpg: depth: 1 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 1f, 0u
118 gpg: next trustdb check due at 2009-03-30
120 Identity certifier added.