Page MenuHome GnuPG
Create Task
Maniphest T614

gpg --list-secret-keys gives different output on first and subsequent runs
Closed, ResolvedPublic
Actions

Description

Release: Occurs in 1.4.1 and 1.4.2.1

Environment

Mac OS X 10.4.5
Ubuntu Linux 5.10

Description

When there are no secret keys in the key database, "gpg --list-secret-keys" gives this output on the first run:
schofdesk:~ schof$ gpg --list-secret-keys
gpg: checking the trustdb
gpg: no ultimately trusted keys found
schofdesk:~ schof$

On all subsequent runs, GPG gives zero output to the same command:
schofdesk:~ schof$ gpg --list-secret-keys
schofdesk:~ schof$ gpg --list-secret-keys
schofdesk:~ schof$ gpg --list-secret-keys

I would expect GPG to give identical output on all runs, since the input (the command) is unchanged and the key database is unchanged. It should give the "no ultimately trusted keys found" error on all runs of "gpg --list-secret-keys."

This bug is a problem if you are attempting to write a script (as I am) to parse the output of GPG.

How To Repeat

  1. Delete all secret keys using "gpg --delete-secret-and-public-keys USERNAME" until there are no secret keys remaining.
  2. Enter "gpg --list-secret-keys" to receive the message that "no ultimately tursted keys found."
  3. Enter "gpg --list-secret-keys" again and receive no output. 4 through n) Repeat "gpg --list-secret-keys" and receive no output.

Fix

Unknown

Event Timeline

schof added projects: gnupg, Bug Report.Mar 8 2006, 5:55 AM
dshaw closed this task as Resolved.Mar 8 2006, 6:40 AM
dshaw added a subscriber: dshaw.

There is a false premise here. You cannot parse the output
of GnuPG as we will gleefully change it in the future and
break your script. The only way to safely use GnuPG from a
script is via the --status-xxx interface, which will not
change. See the file doc/DETAILS.

dshaw added a comment.Mar 8 2006, 6:40 AM

From: David Shaw <dshaw@jabberwocky.com>
To: John Schofield <schof@dakim.com>
Cc: bug-any@bugs.gnupg.org
Subject: Re: gnupg/614
Date: Wed, 8 Mar 2006 13:49:36 -0500

It's not a bug. Your --delete-secret-and-public caused the trustdb to
be dirty. Then the --list-secret-keys on the dirty trustdb caused the
warning. After the first --list-secret-keys happened, the trustdb was
no longer dirty, thus no second warning.

David

On Wed, Mar 08, 2006 at 10:45:06AM -0800, John Schofield wrote:

Thanks for the quick response, Dshaw.

While I acknowledge the false premise (and will look into doc/DETAILS
to find more about --status-xxx) the fact that this is a bug remains.
It may be a low priority, but should not have been closed.

John

John Schofield
Director, Information Technology
Director, DCFS
Dakim, Inc.
2121 Cloverfield Blvd.
Suite 205
Santa Monica, CA 90404
www.dakim.com
(310) 566-1355 (direct)
(310) 829-1865 (fax)
schof@dakim.com (e-mail)
dakimschof (AIM)

On Mar 7, 2006, at 8:40 PM, dshaw@jabberwocky.com wrote:

Synopsis: gpg --list-secret-keys gives different output on first
and subsequent runs

State-Changed-From-To: open->closed
State-Changed-By: dshaw
State-Changed-When: Wed, 08 Mar 2006 05:40:00 +0100
State-Changed-Why:
There is a false premise here. You cannot parse the output
of GnuPG as we will gleefully change it in the future and
break your script. The only way to safely use GnuPG from a
script is via the --status-xxx interface, which will not
change. See the file doc/DETAILS.

  • Comment added by dshaw on Wed, 08 Mar 2006 05:40:00 +0100 ****

From: John Schofield <schof@dakim.com>
To: bug-any@bugs.gnupg.org
Cc: dshaw@jabberwocky.com
Subject: Re: gnupg/614
Date: Wed, 8 Mar 2006 10:45:06 -0800

Thanks for the quick response, Dshaw.

While I acknowledge the false premise (and will look into doc/DETAILS
to find more about --status-xxx) the fact that this is a bug remains.
It may be a low priority, but should not have been closed.

John

John Schofield
Director, Information Technology
Director, DCFS
Dakim, Inc.
2121 Cloverfield Blvd.
Suite 205
Santa Monica, CA 90404
www.dakim.com
(310) 566-1355 (direct)
(310) 829-1865 (fax)
schof@dakim.com (e-mail)
dakimschof (AIM)

On Mar 7, 2006, at 8:40 PM, dshaw@jabberwocky.com wrote:

Synopsis: gpg --list-secret-keys gives different output on first
and subsequent runs

State-Changed-From-To: open->closed
State-Changed-By: dshaw
State-Changed-When: Wed, 08 Mar 2006 05:40:00 +0100
State-Changed-Why:
There is a false premise here. You cannot parse the output
of GnuPG as we will gleefully change it in the future and
break your script. The only way to safely use GnuPG from a
script is via the --status-xxx interface, which will not
change. See the file doc/DETAILS.

  • Comment added by dshaw on Wed, 08 Mar 2006 05:40:00 +0100 ****