[Pkg-gnupg-maint] Bug#725889: popularity-contest: cron task gpg: fatal: can't open /tmp/.../trustdb.gpg: No such file or directoryo

Werner Koch wk at gnupg.org
Fri Oct 11 08:17:45 UTC 2013 

On Wed,  9 Oct 2013 22:59, wk at gnupg.org said:

> I'll take care of this tomorrow.  The cause for this is very likely

Okay.  I completed the other change: It is now possible to use most
commands along with --always-trust without creating or requiring a
trustdb.

http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=patch;h=2528178e7e2fac6454dd988121167305db7c71d9 

    gpg: Do not require a trustdb with --always-trust.

    * g10/tdbio.c (tdbio_set_dbname): Add arg R_NOFILE.
    * g10/trustdb.c (trustdb_args): Add field no_trustdb.
    (init_trustdb): Set that field.
    (revalidation_mark):  Take care of a nonexistent trustdb file.
    (read_trust_options): Ditto.
    (get_ownertrust): Ditto.
    (get_min_ownertrust): Ditto.
    (update_ownertrust): Ditto.
    (update_min_ownertrust): Ditto.
    (clear_ownertrusts): Ditto.
    (cache_disabled_value): Ditto.
    (check_trustdb_stale): Ditto.
    (get_validity): Ditto.
    * g10/gpg.c (main): Do not create a trustdb with most commands for
    trust-model always.
    --

    This slightly changes the semantics of most commands in that they
    won't create a trustdb if --trust-model=always is used.  It just does
    not make sense to create a trustdb if there is no need for it.

    Signed-off-by: Werner Koch <wk at gnupg.org>
    (cherry picked from commit 1a0eeaacd1bf09fe5125dbc3f56016bc20f3512e)


It is a bit longer than for the actual case but I hope it serves other
uses as well.

There is a little risk for other applications which use --always-trust
and expect that a trustdb.gpg is created or that a keylisting returns
validity information for some other trust model.  However, it would
surprise me if that is a real world case.

An easy way to test this change is:

 mkdir foo
 cd foo
 GNUPGHOME=$(pwd) bash
 echo trust-model always     >gpg.conf
 echo no-permission-warning >>gpg.conf
 echo lock-never            >>gpg.conf
 touch secring.gpg
 cp /bar/baz/pubring.gpg .
 chmod -w .

Now try simple encryption commands. 

I have not fixed the problem that a secring.gpg is expected - it won't
yield a fatal error but gpg's exit code will be 2 without a secring.


Salam-Shalom,

   Werner


--
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Pkg-gnupg-maint mailing list