Bug#984884: libgcrypt20: Unknown error executing apt-key [Bullseye]

Mateusz Rejek mateusz.rejek at gmail.com
Thu Sep 9 19:56:03 BST 2021 

Hi,

Interestingly enough got the same problem on ARMHF after moving to bullseye.

I have version 1.8.7-6 installed over 1.8.4-5+deb10u1

# cat /var/log/dpkg.log.1 | grep libgcrypt
> 2021-09-07 13:07:54 upgrade libgcrypt20:armhf 1.8.4-5+deb10u1 1.8.7-6
> 2021-09-07 13:07:54 status half-configured libgcrypt20:armhf
> 1.8.4-5+deb10u1
> 2021-09-07 13:07:54 status unpacked libgcrypt20:armhf 1.8.4-5+deb10u1
> 2021-09-07 13:07:54 status half-installed libgcrypt20:armhf 1.8.4-5+deb10u1
> 2021-09-07 13:07:54 status unpacked libgcrypt20:armhf 1.8.7-6
> 2021-09-07 13:07:54 configure libgcrypt20:armhf 1.8.7-6 <none>
> 2021-09-07 13:07:54 status unpacked libgcrypt20:armhf 1.8.7-6
> 2021-09-07 13:07:54 status half-configured libgcrypt20:armhf 1.8.7-6
> 2021-09-07 13:07:54 status installed libgcrypt20:armhf 1.8.7-6


and confirmed to be OK:

# dpkg -s libgcrypt20
> Package: libgcrypt20
> Status: install ok installed
> Priority: optional
> Section: libs
> Installed-Size: 1027
> Maintainer: Debian GnuTLS Maintainers <
> pkg-gnutls-maint at lists.alioth.debian.org>
> Architecture: armhf
> Multi-Arch: same
> Version: 1.8.7-6
> Depends: libc6 (>= 2.28), libgpg-error0 (>= 1.25)
> Suggests: rng-tools
> Description: LGPL Crypto library - runtime library
>  libgcrypt contains cryptographic functions.  Many important free
>  ciphers, hash algorithms and public key signing algorithms have been
>  implemented:
>  .
>  Arcfour, Blowfish, CAST5, DES, AES, Twofish, Serpent, rfc2268 (rc2), SEED,
>  Poly1305, Camellia, ChaCha20, IDEA, Salsa, Blake-2, CRC, MD2, MD4, MD5,
>  RIPE-MD160, SHA-1, SHA-256, SHA-512, SHA3-224, SHA3-256, SHA3-384,
> SHA3-512,
>  SHAKE128, SHAKE256, Tiger, Whirlpool, DSA, DSA2, ElGamal, RSA, ECC
>  (Curve25519, sec256k1, GOST R 34.10-2001 and GOST R 34.10-2012, etc.)
> Homepage: https://directory.fsf.org/project/libgcrypt/


gpg is linking to libgcrypt.so.20

# ldd  /usr/bin/gpg
> linux-vdso.so.1 (0x7ed53000)
> /usr/lib/arm-linux-gnueabihf/libarmmem-${PLATFORM}.so =>
> /usr/lib/arm-linux-gnueabihf/libarmmem-v7l.so (0x76ec2000)
> libz.so.1 => /lib/arm-linux-gnueabihf/libz.so.1 (0x76e85000)
> libbz2.so.1.0 => /lib/arm-linux-gnueabihf/libbz2.so.1.0 (0x76e65000)
> libsqlite3.so.0 => /usr/lib/arm-linux-gnueabihf/libsqlite3.so.0
> (0x76d39000)
> libgcrypt.so.20 => /lib/arm-linux-gnueabihf/libgcrypt.so.20 (0x76c96000)
> libreadline.so.8 => /lib/arm-linux-gnueabihf/libreadline.so.8 (0x76c43000)
> libassuan.so.0 => /usr/lib/arm-linux-gnueabihf/libassuan.so.0 (0x76c23000)
> libgpg-error.so.0 => /lib/arm-linux-gnueabihf/libgpg-error.so.0
> (0x76bf6000)
> libc.so.6 => /lib/arm-linux-gnueabihf/libc.so.6 (0x76aa2000)
> /lib/ld-linux-armhf.so.3 (0x76ed7000)
> libm.so.6 => /lib/arm-linux-gnueabihf/libm.so.6 (0x76a33000)
> libpthread.so.0 => /lib/arm-linux-gnueabihf/libpthread.so.0 (0x76a07000)
> libdl.so.2 => /lib/arm-linux-gnueabihf/libdl.so.2 (0x769f3000)
> libtinfo.so.6 => /lib/arm-linux-gnueabihf/libtinfo.so.6 (0x769c1000)


That is pointing to libgcrypt.so.20.0.3

# ls -al /lib/arm-linux-gnueabihf/libgcrypt.so.20
> lrwxrwxrwx 1 root root 19 Sep  7 14:30
> /lib/arm-linux-gnueabihf/libgcrypt.so.20 -> libgcrypt.so.20.0.3


but in the system there also:

# ls -al /usr/lib/arm-linux-gnueabihf/libgcrypt.so.20
> lrwxrwxrwx 1 root root 19 May 27 18:07
> /usr/lib/arm-linux-gnueabihf/libgcrypt.so.20 -> libgcrypt.so.20.2.8


coming from:

root at rpi3:~# dpkg -L libgcrypt20
> /.
> /usr
> /usr/lib
> /usr/lib/arm-linux-gnueabihf
> /usr/lib/arm-linux-gnueabihf/libgcrypt.so.20.2.8
> /usr/share
> /usr/share/doc
> /usr/share/doc/libgcrypt20
> /usr/share/doc/libgcrypt20/AUTHORS.gz
> /usr/share/doc/libgcrypt20/NEWS.gz
> /usr/share/doc/libgcrypt20/README.gz
> /usr/share/doc/libgcrypt20/THANKS.gz
> /usr/share/doc/libgcrypt20/changelog.Debian.gz
> /usr/share/doc/libgcrypt20/changelog.gz
> /usr/share/doc/libgcrypt20/copyright
> /usr/lib/arm-linux-gnueabihf/libgcrypt.so.20


After removing old lib from /lib/arm-linux-gnueabihf/libgcrypt.so.20,
leaving /usr/lib/arm-linux-gnueabihf/libgcrypt.so.20 in place and
re-running ldconfig

I moved from

# gpg --version
> gpg: Fatal: libgcrypt is too old (need 1.8.0, have 1.6.3)


to

# gpg --version
> gpg (GnuPG) 2.2.27
> libgcrypt 1.8.8
> Copyright (C) 2021 Free Software Foundation, Inc.
> License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law.

Home: /xxxxxxxx/.gnupg
> Supported algorithms:
> Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
> Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
>         CAMELLIA128, CAMELLIA192, CAMELLIA256
> Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
> Compression: Uncompressed, ZIP, ZLIB, BZIP2


This was following an dist-upgrade from Debian 10 to Debian 11.

IMO problem is coming from libgcrypt moving in Debian 11 from
/lib/arm-linux-gnueabihf/ to /usr/lib/arm-linux-gnueabihf/ and leaving old
lib behind
--
Mat
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-gnutls-maint/attachments/20210909/196aa1ff/attachment.htm>

More information about the Pkg-gnutls-maint mailing list