Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Bug#1058572: gnupg2.4: fail to initialize homedir and generate key due to keyboxd
1,114 views
Skip to first unread message
YunQiang Su
Dec 12, 2023, 10:40:05 PM12/12/23
to
Package: src:gnupg2
Version: 2.4.3-2
> gpg --quick-generate-key "A User <a...@example.com>" rsa2048 ~
gpg: directory '/home/XXXX/.gnupg' created
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: error writing public keyring '[keyboxd]': Attempt to write a
readonly SQL database
Key generation failed: Attempt to write a readonly SQL database
The problem is due to when create gnupg 2.4+ will add a "common.conf"
in new created ~/.gnupg directory, with "use-keyboxd", while keyboxed
is not enabled on Debian yet.
https://github.com/gpg/gnupg/blob/master/README
--
YunQiang Su
Version: 2.4.3-2
> gpg --quick-generate-key "A User <a...@example.com>" rsa2048 ~
gpg: directory '/home/XXXX/.gnupg' created
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: error writing public keyring '[keyboxd]': Attempt to write a
readonly SQL database
Key generation failed: Attempt to write a readonly SQL database
The problem is due to when create gnupg 2.4+ will add a "common.conf"
in new created ~/.gnupg directory, with "use-keyboxd", while keyboxed
is not enabled on Debian yet.
https://github.com/gpg/gnupg/blob/master/README
--
YunQiang Su
NIIBE Yutaka
Dec 14, 2023, 8:00:04 PM12/14/23
to
Hello,
YunQiang Su <wzs...@gmail.com> wrote:
> gpg: error writing public keyring '[keyboxd]': Attempt to write a
> readonly SQL database
> Key generation failed: Attempt to write a readonly SQL database
I can't replicate this issue on my system. With a new user I created
for the test, I had no problem; The directory ~/.gnupg is created,
~/.gnupg/public-keys.d is created, and ~/.gnupg/public-keys.d/pubring.db
is created. Note that keyboxd just works with systemd by socket
activation.
> The problem is due to when create gnupg 2.4+ will add a "common.conf"
> in new created ~/.gnupg directory, with "use-keyboxd", while keyboxed
> is not enabled on Debian yet.
Keyboxd is enabled, but only with 2.4.
I wonder if this is a transition problem after the installation of
GnuPG.
When you see the failure, what is the output of the following command?
$ systemctl --user status keyboxd
(I mean, how keyboxd complained.)
--
YunQiang Su <wzs...@gmail.com> wrote:
> gpg: error writing public keyring '[keyboxd]': Attempt to write a
> readonly SQL database
> Key generation failed: Attempt to write a readonly SQL database
for the test, I had no problem; The directory ~/.gnupg is created,
~/.gnupg/public-keys.d is created, and ~/.gnupg/public-keys.d/pubring.db
is created. Note that keyboxd just works with systemd by socket
activation.
> The problem is due to when create gnupg 2.4+ will add a "common.conf"
> in new created ~/.gnupg directory, with "use-keyboxd", while keyboxed
> is not enabled on Debian yet.
I wonder if this is a transition problem after the installation of
GnuPG.
When you see the failure, what is the output of the following command?
$ systemctl --user status keyboxd
(I mean, how keyboxd complained.)
--
Werner Koch
Dec 15, 2023, 3:00:05 AM12/15/23
to
Hi!
On Fri, 15 Dec 2023 09:22, NIIBE Yutaka said:
> is created. Note that keyboxd just works with systemd by socket
> activation.
Why do you think so. keyboxd is started on demand by gpg or gpgsm.
There is no --supervised option as we still have for dirmngr and
gpg-agent.
In case Debian added this option this will the cause of the problem
because two keyboxd might show up and one takes the database lock.
Shalom-Salam,
Werner
--
The pioneers of a warless world are the youth that
refuse military service. - A. Einstein
On Fri, 15 Dec 2023 09:22, NIIBE Yutaka said:
> is created. Note that keyboxd just works with systemd by socket
> activation.
There is no --supervised option as we still have for dirmngr and
gpg-agent.
In case Debian added this option this will the cause of the problem
because two keyboxd might show up and one takes the database lock.
Shalom-Salam,
Werner
--
The pioneers of a warless world are the youth that
refuse military service. - A. Einstein
NIIBE Yutaka
Dec 19, 2023, 2:40:05 AM12/19/23
to
Hello, again,
YunQiang Su <wzs...@gmail.com> wrote:
> gpg: error writing public keyring '[keyboxd]': Attempt to write a
> readonly SQL database
> Key generation failed: Attempt to write a readonly SQL database
following:
# For the user having no .gnupg directory, run gpg at the first
# time. It creates .gnupg directory by gpg and .gnupg/public-keys.d
# by keyboxd
$ gpg -k
gpg: directory '/home/u/.gnupg' created
gpg: /home/u/.gnupg/trustdb.gpg: trustdb created
# Move the ~/.gnupg/public-keys.d while it is in-use by keyboxd
$ mv ~/.gnupg/public-keys.d ~/.gnupg/public-keys.d.bak
# In this situation, creat a key, to be stored by keyboxd
# Then, we see the error
$ gpg --pinentry-mode=loopback --debug ipc --quick-gen-key "a user <u...@gniibe.org>"
[...]
gpg: writing public key to '[keyboxd]'
I don't think your case was same, but when someone encounters similar,
this would be an information to investigate the cause.
--
YunQiang Su <wzs...@gmail.com> wrote:
> gpg: error writing public keyring '[keyboxd]': Attempt to write a
> readonly SQL database
> Key generation failed: Attempt to write a readonly SQL database
NIIBE Yutaka <gni...@fsij.org> wrote:
> I can't replicate this issue on my system. With a new user I created
> for the test, I had no problem; The directory ~/.gnupg is created,
> ~/.gnupg/public-keys.d is created, and ~/.gnupg/public-keys.d/pubring.db
> is created. Note that keyboxd just works with systemd by socket
> activation.
For your information, I managed to replicate the error by doing
> I can't replicate this issue on my system. With a new user I created
> for the test, I had no problem; The directory ~/.gnupg is created,
> ~/.gnupg/public-keys.d is created, and ~/.gnupg/public-keys.d/pubring.db
> is created. Note that keyboxd just works with systemd by socket
> activation.
following:
# For the user having no .gnupg directory, run gpg at the first
# time. It creates .gnupg directory by gpg and .gnupg/public-keys.d
# by keyboxd
$ gpg -k
gpg: directory '/home/u/.gnupg' created
gpg: /home/u/.gnupg/trustdb.gpg: trustdb created
# Move the ~/.gnupg/public-keys.d while it is in-use by keyboxd
$ mv ~/.gnupg/public-keys.d ~/.gnupg/public-keys.d.bak
# In this situation, creat a key, to be stored by keyboxd
# Then, we see the error
$ gpg --pinentry-mode=loopback --debug ipc --quick-gen-key "a user <u...@gniibe.org>"
[...]
gpg: writing public key to '[keyboxd]'
gpg: error writing public keyring '[keyboxd]': Attempt to write a readonly SQL database
Key generation failed: Attempt to write a readonly SQL database
The error may occur, when the database is moved and some data is to be written.
Key generation failed: Attempt to write a readonly SQL database
I don't think your case was same, but when someone encounters similar,
this would be an information to investigate the cause.
--
0 new messages