[Pkg-privacy-maintainers] Bug#836266: dirmngr: Please disable "use-tor" by default.

Phil Morrell debian at emorrp1.name
Thu Apr 12 21:22:45 BST 2018


Package: parcimonie
Version: 0.10.2-4
Followup-For: Bug #836266

I want to add my 2c to this bug report, sharing the same user
frustrations as anarcat above. I don't know if any more recent tooling
versions (be that parcimonie, dirmngr, gnupg, torsocks) have improved
the situation, as it's not in stretch-backports.

In the absence of a longer term solution, parcimonie should respect user
edits to dirmngr.conf i.e. I don't have a massive objection to it adding
use-tor initially, but if I've removed it (perhaps temporarily to
receive a single key without tor errors), then don't get into an editing
war with me. I'm even happy if this disables parcimonie until I put it
back (with a log window message).

When I see the parcimonie log error:

	Failed to fetch key 6ACBAD6A729326258CF725C6E7519C8D747F00DC: gpg: keyserver receive failed: No data
	 at /usr/share/perl5/App/Parcimonie/Daemon.pm line 350.

I now run this to fix the tor connections:

	systemctl --user restart dirmngr.socket

I realise this is a dirmngr issue, but it's also a parcimonie issue as a
"privacy-friendly helper to refresh a GnuPG keyring" which is likely to
be run by people like me trying to get into best practices. You said
above you're unsure "what to do with this bug report", at the very least
I'd like it documented in the man-page (if my workaround above is
correct in the general case). Ideally in the short to medium term,
parcimonie could detect a series of sequential (likely) tor-related
errors and explicitly write this in the logs, perhaps with the socket
restart recommendation, perhaps lengthening the sleep to e.g. 2hrs so it
can be fixed in user scale time.

-- System Information:
Debian Release: 9.4
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-6-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages parcimonie depends on:
ii  dirmngr                      2.1.18-8~deb9u1
ii  gnupg                        2.1.18-8~deb9u1
ii  gnupg2                       2.1.18-8~deb9u1
ii  libclone-perl                0.38-2+b1
ii  libconfig-general-perl       2.63-1
ii  libfile-homedir-perl         1.00-1
ii  libfile-which-perl           1.21-1
ii  libgnupg-interface-perl      0.52-9
ii  libipc-system-simple-perl    1.25-3
ii  liblist-moreutils-perl       0.416-1+b1
ii  libmoo-perl                  2.002005-1
ii  libmoox-late-perl            0.015-2
ii  libmoox-options-perl         4.023-1
ii  libnamespace-clean-perl      0.27-1
ii  libpath-tiny-perl            0.100-1
ii  libtime-duration-parse-perl  0.13-1
ii  libtry-tiny-perl             0.28-1
ii  libtype-tiny-perl            1.000005-1
ii  libtypes-path-tiny-perl      0.005-1
ii  perl                         5.24.1-3+deb9u2
ii  torsocks                     2.2.0-1+deb9u1

Versions of packages parcimonie recommends:
pn  gnupg-curl              <none>
ii  libglib-perl            3:1.324-1
ii  libgtk3-perl            0.030-1
ii  liblocale-gettext-perl  1.07-3+b1
ii  libnet-dbus-glib-perl   0.33.0-2+b1
ii  libnet-dbus-perl        1.1.0-4+b1
ii  libpango-perl           1.227-1+b1
ii  libtime-duration-perl   1.20-1
ii  tor                     0.2.9.14-1

parcimonie suggests no packages.

-- no debconf information
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-privacy-maintainers/attachments/20180412/435e8c98/attachment.sig>


More information about the Pkg-privacy-maintainers mailing list