[Pkg-privacy-maintainers] Bug#898085: gnupg: gpg --search-keys and parcimonie don't work: Tor misconfigured/keyserver EPERM
Cyril Brulebois
kibi at debian.org
Sat Jun 30 15:59:50 BST 2018
Hi,
intrigeri <intrigeri at debian.org> (2018-06-30):
> I believe that for the time being, this problem cannot be fixed in
> GnuPG but rather in parcimonie.
>
> Cyril Brulebois:
> > Ever since the dist-upgrade to stretch (last september), I'm unable to
> > search keys, and parcimonie is failing on me:
> > | kibi at armor:~$ gpg --search-keys some at mail.address
> > | gpg: WARNING: Tor is not properly configured
> > | gpg: error searching keyserver: Permission denied
> > | gpg: keyserver search failed: Permission denied
>
> May I assume that you have no tor service running?
Well:
kibi at armor:~$ gpg --search-keys kibi at mraw.org
gpg: WARNING: Tor is not properly configured
gpg: error searching keyserver: Permission denied
gpg: keyserver search failed: Permission denied
kibi at armor:~$ ps faux|grep tor
debian-+ 895 0.0 0.2 89636 38352 ? Ss Jun23 8:52 /usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0
kibi 3094 0.0 0.0 126772 3356 ? Ss Jun23 0:00 dirmngr --daemon --homedir /home/kibi/.local/share/torbrowser/gnupg_homedir
kibi 3099 0.0 0.0 91572 432 ? Ss Jun23 0:00 gpg-agent --homedir /home/kibi/.local/share/torbrowser/gnupg_homedir --use-standard-socket --daemon
> parcimonie enables the use-tor option in ~/.gnupg/dirmngr.conf.
> It's being debated on another bug report (filed against parcimonie)
> whether it's a feature or a bug, and if the latter how to fix it.
> Anyway: currently, as soon as parcimonie has been run once as a given
> user, then any dirmngr network operation run as that user require
> a working tor daemon.
>
> Now, parcimonie merely "Recommends: tor" (since 2011). I don't recall
> why I did not add a strict dependency back then; possibly I wanted to
> be nice to Tor Browser users who don't want to run a system tor, and
> instead use the tor that comes bundled with Tor Browser (there are
> good reasons for setting things up like this, such as having a single
> place to configure bridges etc. and being able to do so in a GUI).
Relatedly, I have this installed:
ii torbrowser-launcher 0.2.9-3~bpo9+1
> So, in some way a Recommends is correct: one of the major use cases of
> parcimonie works just fine without Debian's tor service (using
> 3rd-party software though). OTOH, parcimonie will simply be broken for
> whoever has disabled installation of Recommends by default, unless
> they know exactly that they want to run tor in a different way, and
> how to do so. So there's a case to be made to turn this
> "Recommends: tor" into "Depends: tor".
>
> > How come gpg fails this badly in stable, with a default configuration?
>
> I think the default gpg configuration in stable works fine… as long as
> one is not unlucky enough to meet all these conditions:
>
> - having disabled installation of Recommends by default (or manually
> de-installed tor, or manually disabled the tor service)
> - not running Tor Browser
> - having installed parcimonie
I'm not sure I'm ticking all these boxes…
Cheers,
--
Cyril Brulebois (kibi at debian.org) <https://debamax.com/>
D-I release manager -- Release team member -- Freelance Consultant
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-privacy-maintainers/attachments/20180630/4ad473bd/attachment.sig>
More information about the Pkg-privacy-maintainers
mailing list