GnuPG 2.1 migration fails due to permissions but appears to succeed
Closed, ResolvedPublic


over in, we have a documented situation
where ~/.gnupg/private-keys-v1.d is not executable for the user, and as a
result, the migration process fails.

Even worse, it appears to succeed, because ~/.gnupg/.gpg-v21-migrated is created.

This means that subsequent use of GnuPG 2.1 simply can't find the secret keys,
even though they're available in ~/.gnupg/secring.gpg

Please see further discussion over here:

dkg added a subscriber: dkg.
werner added a subscriber: werner.Apr 15 2016, 8:39 AM

gpg-agent should fix the permission of private-keys-v1.d/.

justus claimed this task.Apr 20 2016, 11:39 AM
justus added a subscriber: justus.
justus closed this task as Resolved.Apr 20 2016, 3:05 PM

Fixed in f8adf1a.

werner reopened this task as Open.Wed, Sep 9, 7:41 PM

The fix we have there has the problem that it forcefully changes the permissions. Consider the case that for example that group access was provided which will currently be reset with each start of gpg-agent.

werner added a comment.Wed, Sep 9, 8:37 PM

That keeps the group permissions of an existing directory. Needs to be backported to 2.2

werner closed this task as Resolved.Thu, Sep 10, 7:50 AM

It should be possible to apply the patch rG7de9ed521e516879a72ec6ff6400aed4bdce5920
for 2.2 also to older 2.1 or 2.2 versions,