guix-install.sh: Fails to detect signing key on Debian10.

  • Done
  • quality assurance status badge
Details
3 participants
  • Bengt Richter
  • Kai Mertens
  • zimoun
Owner
unassigned
Submitted by
Kai Mertens
Severity
normal
K
K
Kai Mertens wrote on 27 Oct 2019 09:59
(address . bug-guix@gnu.org)
20191027095752.2b4d8975.kmx@posteo.net
Dear GNU Guix developers,

I just tried to install guix on top of a fresh debian10 system, which
has been installed from debian-live-10.0.0-amd64-gnome.iso and updated.

The guix install script fails in function chk_gpg_keyring(), although
the key is present.

If I remove the discard redirection >/dev/null 2>&1 from the gpg
command, the following message occurs:

gpg: keyblock resource '/root/.gnupg/pubring.kbx': No such file or directory
gpg: Fatal: /root/.gnupg: directory does not exist!

Of course these files do not exist, as I imported the key to the user
account, not to the root account. Then I executed the script as user,
using sudo.

This procedure works fine on trisquel7 or 8, but it fails on debian10.

I wonder why ‘sudo gpg’ does not make a difference between being called
via sudo versus being called as root.

Do I use debian the wrong way?

best regards
Kai

--
Kai Mertens <kmx@posteo.net>
OpenPGP Key-ID: 0x40B15AB4B05B5BF1 on keys.gnupg.net
Key fingerprint = 7C83 0A80 01FF 679C 6E8E AFD3 40B1 5AB4 B05B 5BF1
What is that? Please check: https://emailselfdefense.fsf.org/en/
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEfIMKgAH/Z5xujq/TQLFatLBbW/EFAl21XHsACgkQQLFatLBb
W/FefRAApEiOMID58UFXkMKpcOUiZdRpu69W2IbMb2/pXm3mJfJ/inmIqU/TVSyD
/Xt3/vuy0YjoVJhkf35FYG7WAAy9/Yvfw6LEHDHJXQ5na/Cn+0JNuL46BkBBUcjx
N59C+muL/n5Sz8SuIsrO1NY/ltNgBoYoQt1/yCa6m0xA1I0LHDQtKdtV6EAykia4
d3jDVB7G01UY4asm2rjXfelgypI/Yol8x0RciXXQzHZLKl25lqAob4IjG31sAQ1Z
R8AVufgerQEk/+k1ysDPxbknRFCqUVZ810JPx/lohKH401V8SPrz4yGyhSQhhk20
XZ+8CmnAYmejDbGpzgj2+bfC9jsrdsH40DfqIthcYbjSLlPU7H1cbDCLCvTCiDIq
a2utjUMymRDo+AYTIrSpDmx24NsJxLTm7PNqatwxqMjN50PPnkNerSSL2ltYvmes
/oUc5cg3/PnHQvFPi8YRb5NqPuI75Tot5XnZJDnjRO75203iPwUXUnW26k49hfyt
T8qYTGn2abkqBO9f6YStwpLejnNY1g4i0C3vqLdYj/StKsGaQlsj8sf+FlToA8kg
C4Pzxke0SG16lftJPF05cv+23B03CJciqIlAvMTphzDCTsac7nFr34cGIdKUvesB
DuwjDmSylNwQgnm2uwcGNduU+mb3UZvggtbX7zu7WisK9YgmHb0=
=hD7n
-----END PGP SIGNATURE-----


B
B
Bengt Richter wrote on 27 Oct 2019 13:15
(name . Kai Mertens)(address . kmx@posteo.net)(address . 37939@debbugs.gnu.org)
20191027121517.GB2716@PhantoNv4ArchGx.localdomain
Hi again Kai,

On +2019-10-27 09:59:39 +0100, Kai Mertens wrote:
Toggle quote (24 lines)
> Dear GNU Guix developers,
>
> I just tried to install guix on top of a fresh debian10 system, which
> has been installed from debian-live-10.0.0-amd64-gnome.iso and updated.
>
> The guix install script fails in function chk_gpg_keyring(), although
> the key is present.
>
> If I remove the discard redirection >/dev/null 2>&1 from the gpg
> command, the following message occurs:
>
> gpg: keyblock resource '/root/.gnupg/pubring.kbx': No such file or directory
> gpg: Fatal: /root/.gnupg: directory does not exist!
>
> Of course these files do not exist, as I imported the key to the user
> account, not to the root account. Then I executed the script as user,
> using sudo.
>
> This procedure works fine on trisquel7 or 8, but it fails on debian10.
>
> I wonder why ‘sudo gpg’ does not make a difference between being called
> via sudo versus being called as root.
>

man sudo ;-)

specifically the -i option

I think if you are a "sudoer" plain sudo switches you to root,
but keeps the environment you were in, with PATH etc, but
sudo -i will set the environment as if you logged in as root.

try "sudo set" and compare with "sudo -i set"
(or env in place of set)

HTH
--
Regards,
Bengt Richter
K
K
Kai Mertens wrote on 16 Nov 2019 02:29
(name . Bengt Richter)(address . bokr@bokr.com)(address . 37939@debbugs.gnu.org)
20191113122512.53ff5d9c.kmx@posteo.net
On Sun, 27 Oct 2019 05:15:17 -0700
Bengt Richter <bokr@bokr.com> wrote:

Toggle quote (10 lines)
> Hi again Kai,
>
> On +2019-10-27 09:59:39 +0100, Kai Mertens wrote:
> > Dear GNU Guix developers,
> >
> > [...]
> >
>
> man sudo ;-)

Oops.

Toggle quote (10 lines)
>
> specifically the -i option
>
> I think if you are a "sudoer" plain sudo switches you to root,
> but keeps the environment you were in, with PATH etc,
> but sudo -i will set the environment as if you logged in as root.
>
> try "sudo set" and compare with "sudo -i set"
> (or env in place of set)

Well, I tried "sudo --preserve-env ./guix-install.sh" on debian10, that
seems to work fine and the key in the sudoer’s keyring is detected. On
trisquel, I am used to use plain sudo instead.

Anyway – it is of course not a bug of the guix script. Maybe a usage
hint within the guix documentation in section 2.1 would be nice?

Thanks for your help,
best regards
Kai

--
Kai Mertens <kmx@posteo.net>
OpenPGP Key-ID: 0x40B15AB4B05B5BF1 on keys.gnupg.net
Key fingerprint = 7C83 0A80 01FF 679C 6E8E AFD3 40B1 5AB4 B05B 5BF1
What is that? Please check: https://emailselfdefense.fsf.org/en/
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEfIMKgAH/Z5xujq/TQLFatLBbW/EFAl3PUPcACgkQQLFatLBb
W/EriA//QLsCDhf+nEnmq8g5f+IsU2/DrwhRgKateA3vK6s27Cnlq4FBUnEtSf77
T5qxkc9c7hAslgUbHtuxI9RSbGGXI1dV8VsmL2uHWElNTCKRv1IS/GBfBLYEXHcy
pCOLWamKlWe6MlbPT6DzIHGQuWGPvejN+BeRemKPKg2u4FaVGR7JzgtTo2VCisab
CJd0elTWQ7htYQy3CuJR8GH+K2A5NzsFFAf1imPgv6h5FnWqGHvbtHIEBUpIaQKp
UlbhoDxF+kdkM/y4cNSSVOtdHZAAQ7y/+KySBzWru0D1vMymJgjJhFe5Djm1Layu
T8UMDL6KKgH3gjZbU/NODfwwyCOZ+Xh6s75LNN6YEeYUwrFDJV/+JgFlIxyxQ7fL
sDKlAeaSFfKRdtimGsjXlVDAanWeKjoMwQxHjC/Qk9oftHCgLNKd1AotBatjYAHG
8qdexWugiH5thvyD1pno7G8f+GOa+w2vRhdR7F458mNKSLpBaGiucdaTJ6/znOdD
eDs56NdSAYZGOPxhxbt5KqyxMX5vYZ3tPRsvJ7y96gmtd7vLzBq8qw2ztpeQRJQ4
aoRMJQntssWvqMFGShsbphM+T/4aq0JX/itnAkbUkD1ic2JuvVGw4a/vs7IJYd1q
SxyD4MzmB/66lQaIyB1crT+Kp8Nhxp5iziARor6ANwgVIlYPTjo=
=A6ze
-----END PGP SIGNATURE-----


Z
Z
zimoun wrote on 18 Nov 2019 11:24
(name . Kai Mertens)(address . kmx@posteo.net)
CAJ3okZ1UML1iARbB033tWETrVvMghkq5=b6k_QQ_d=qM1k97Sg@mail.gmail.com
Dear,

On Sat, 16 Nov 2019 at 03:34, Kai Mertens <kmx@posteo.net> wrote:

Toggle quote (3 lines)
> Anyway – it is of course not a bug of the guix script. Maybe a usage
> hint within the guix documentation in section 2.1 would be nice?

Could you elaborate on a first attempt? I am not sure to understand
which hint you suggest.

The manual says: "It should be run as the root user." So to install on
my Debian, I simply log as root. :-)
If you speak about adding a hint when using the command sudo, then is
it really reliable on all the foreign distributions? Because the
command sudo is not always configured the same way, as you
experimented with Debian vs Trisquel.


All the best,
simon
Z
Z
zimoun wrote on 21 Feb 2020 15:24
(name . Kai Mertens)(address . kmx@posteo.net)
CAJ3okZ1OM7YmBFtH9+HJO1JWm79a9EDg3OqnvL8gqwgkDmQsXQ@mail.gmail.com
Dear

Toggle quote (5 lines)
> On Sat, 16 Nov 2019 at 03:34, Kai Mertens <kmx@posteo.net> wrote:

> > Anyway – it is of course not a bug of the guix script. Maybe a usage
> > hint within the guix documentation in section 2.1 would be nice?

I think it is not a bug and I do not see what could be improved. I
would like to close this bug. Is it ok for you? Or do you have a
comment to add?

Thank you in advance.

All the best,
simon
Z
Z
zimoun wrote on 14 May 2020 16:33
tags notabug
(address . control@debbugs.gnu.org)
CAJ3okZ0G=nQ+L7vm-crrsxObVicVNkn2ASHRzr+iVp9sVeCQuA@mail.gmail.com
tags 37939 notabug
thanks
Z
Z
zimoun wrote on 22 May 2020 02:18
bug#37939: guix-install.sh: Fails to detect signing key
(address . 37939-done@debbugs.gnu.org)
CAJ3okZ3Vj_02vzuHWLbAJ_gmia-Oon6L8JW9cX-BXbTDLNHJ3w@mail.gmail.com
Dear,

Because it is not a bug and after 12 weeks without any activity, I am closing.

Best regards,
simon
Closed
?
Your comment

This issue is archived.

To comment on this conversation send an email to 37939@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 37939
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch