Supressing the "gpg: NOTE: trustdb not writable" on read only systems

Dirk-Willem van Gulik dirkx at webweaving.org
Wed Jul 13 13:36:25 CEST 2011 

Scratching a minor itch (Using gpg a lot on readonly file systems where it is in the path for backups against public keys).

In that situation the warning

	"gpg: NOTE: trustdb not writable" on read only systems

comes up regularly (even though we killed off all other warnings with things like below).

   #!/bin/sh
   ...something making the backup |\
         /usr/local/bin/gpg --yes -q \
                -e \
                -r XXX -r XX -r XXXX \
                --lock-never --no-random-seed-file  \
                --no-greeting --no-secmem-warning \
                --no-auto-check-trustdb |\
         /usr/local/bin/gpg --yes -q -s \
                 --default-key XXXXX \
                --lock-never --no-random-seed-file  \
                --no-greeting --no-secmem-warning \
                --no-auto-check-trustdb |\
         ssh r651 at 10.11.0.2 some-command-locked-down-in-the-auth-key-file
		.. error handling

Is below patch a good idea. Or are there not so intrusive ways to do this ?

Or should this be done clearer - i.e. the trust db is opened read-only always - and only upgraded to RW when we actually want to write to it (which is a lot rarer).

Thanks,

Dw


diff --git a/g10/gpg.c b/g10/gpg.c
index 8326ee7..9788f46 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -332,6 +332,8 @@ enum cmd_and_opt_values
     oNoSigCreateCheck,
     oAutoCheckTrustDB,
     oNoAutoCheckTrustDB,
+    oAutoUpdateTrustDB,
+    oNoAutoUpdateTrustDB,
     oPreservePermissions,
     oDefaultPreferenceList,
     oDefaultKeyserverURL,
@@ -700,6 +702,8 @@ static ARGPARSE_OPTS opts[] = {
   ARGPARSE_s_n (oNoSigCreateCheck,   "no-sig-create-check", "@"),
   ARGPARSE_s_n (oAutoCheckTrustDB, "auto-check-trustdb", "@"),
   ARGPARSE_s_n (oNoAutoCheckTrustDB, "no-auto-check-trustdb", "@"),
+  ARGPARSE_s_n (oAutoUpdateTrustDB, "auto-update-trustdb", "@"),
+  ARGPARSE_s_n (oNoUpdateTrustDB, "no-auto-update-trustdb", "@"),
   ARGPARSE_s_n (oMergeOnly,	  "merge-only", "@" ),
   ARGPARSE_s_n (oAllowSecretKeyImport, "allow-secret-key-import", "@"),
   ARGPARSE_s_n (oTryAllSecrets,  "try-all-secrets", "@"),
@@ -2851,6 +2855,8 @@ main (int argc, char **argv)
           case oNoExpensiveTrustChecks: opt.no_expensive_trust_checks=1; break;
           case oAutoCheckTrustDB: opt.no_auto_check_trustdb=0; break;
           case oNoAutoCheckTrustDB: opt.no_auto_check_trustdb=1; break;
+          case oAutoUpdateTrustDB: opt.no_auto_update_trustdb=0; break;
+          case oNoAutoUpdateTrustDB: opt.no_auto_update_trustdb=1; break;
           case oPreservePermissions: opt.preserve_permissions=1; break;
           case oDefaultPreferenceList:
 	    opt.def_preference_list = pargs.r.ret_str;
diff --git a/g10/options.h b/g10/options.h
index e67d0ce..8ffb3e5 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -187,6 +187,7 @@ struct
   int no_sig_cache;
   int no_sig_create_check;
   int no_auto_check_trustdb;
+  int no_auto_update_trustdb;
   int preserve_permissions;
   int no_homedir_creation;
   struct groupitem *grouplist;
diff --git a/g10/tdbio.c b/g10/tdbio.c
index 45ec73b..68f643e 100644
--- a/g10/tdbio.c
+++ b/g10/tdbio.c
@@ -93,6 +93,7 @@ struct cmp_xdir_struct {
 
 
 static char *db_name;
+static int db_readonly = 0;
 static dotlock_t lockhandle;
 static int is_locked;
 static int  db_fd = -1;
@@ -478,10 +479,11 @@ create_version_record (void)
 
 
 int
-tdbio_set_dbname( const char *new_dbname, int create )
+tdbio_set_dbname( const char *new_dbname, int create, int _rw )
 {
     char *fname;
     static int initialized = 0;
+    db_readonly = _rw ? 0 : 1;
 
     if( !initialized ) {
 	atexit( cleanup );
@@ -561,7 +563,7 @@ tdbio_set_dbname( const char *new_dbname, int create )
 	    if( !fp )
 		log_fatal( _("can't create `%s': %s\n"), fname, strerror(errno) );
 	    fclose(fp);
-	    db_fd = open( db_name, O_RDWR | MY_O_BINARY );
+	    db_fd = open( db_name, (db_readonly ? O_RDONLY | O_RDWR) | MY_O_BINARY );
 	    if( db_fd == -1 )
 		log_fatal( _("can't open `%s': %s\n"), db_name, strerror(errno) );
 
@@ -621,8 +623,12 @@ open_db()
     wchar_t *wname = utf8_to_wchar (db_name);
     if (wname)
       {
-        db_fd = (int)CreateFile (wname, GENERIC_READ|GENERIC_WRITE,
-                                 FILE_SHARE_READ|FILE_SHARE_WRITE, NULL,
+        db_fd = (int)CreateFile (wname, 
+				GENERIC_READ|
+				(db_readonly ? 0 : GENERIC_WRITE) |
+                                 FILE_SHARE_READ|
+				(db_readonly ? 0 : FILE_SHARE_WRITE), 
+				NULL,
                                  OPEN_EXISTING, 0, NULL);
         xfree (wname);
       }
@@ -631,7 +637,7 @@ open_db()
                  (int)prevrc, (int)GetLastError ());
   }
 #else /*!HAVE_W32CE_SYSTEM*/
-  db_fd = open (db_name, O_RDWR | MY_O_BINARY );
+  db_fd = open (db_name, (db_readonly ? O_RDONLY | O_RDWR) | MY_O_BINARY );
   if (db_fd == -1 && (errno == EACCES
 #ifdef EROFS
                       || errno == EROFS

More information about the Gnupg-devel mailing list