gnupg 1.4 sometimes truncates pubring.gpg on SIGINT
Open, NormalPublic

Description

in conversation on IRC, weasel says his pubring.gpg (using gnupg from debian
stable, which is currently 1.4.18-7+deb8u3) gets truncated about every few weeks.

He says that he thinks it happens when he gets frustrated with something taking
a long time and uses ctrl-C to abort gpg. often, this happens while doing gpg
--import.

Some details:

  • keyring is large: ~300MiB
  • ~/.gnupg is backed by an ext4 filesystem on an SSD
  • he will do repeated key imports, like those triggered by his "get-signers"

script [0]

  • during those imports is when ctrl-C is likely to cause the truncation.

This should be relatively straightforward to reproduce:

  • make a large keyring
  • delete a few signatures from within it
  • refresh the keyring (or run get-signers against one of the keys in it)
  • watch the $GNUPGHOME -- as soon as .lock and .tmp files show up, send a

sigint to the gpg process.

[0] https://gitweb.noreply.org/tools/weaselutils.git/tree/get-signers

Details

Version
1.4.x
dkg set Version to 1.4.x.Oct 28 2016, 8:50 PM
dkg added projects: gnupg, Bug Report.
dkg added a subscriber: dkg.
werner renamed this task from gnupg 1.4 sometimes truncates pubring.gpg to gnupg 1.4 sometimes truncates pubring.gpg on SIGINT.Nov 4 2016, 7:53 AM
werner added a subscriber: werner.Oct 20 2017, 1:06 PM

There should be a backup file in these cases.

I hesitate to add code to block SIGINT during the renaming in 1.4. However, if we have the same problem in master this should be fixed. I guess that Weasel needs to switch to 2.1 anyway to support ECC.