Wed Apr 4 16:37:04 2001
On 4 Apr, Chris Mason wrote:
> I'm still having problems getting this to work, even with the excellent
> suggestions I have recieved from list members.
> To take it down to baseics I hard coded everything.
> Apache is running as apache, and I su'ed to apache and ran gpg -gen-key.
> Then I imported the key username <email@example.com> tp the apache keyring and
> signed it, and trusted it ""I trust fully".
This is the same problem I posted about last week that no one knew the
The crappy solution is to chmod 666 trustdb.gpg. Then it should work.
Oh ya, you also need to use the no-randseed option or make that
Here's my previous message if someone who can actually do something
about this is listening:
But I tried it now and it STILL tries to write to trustdb :-(
Here's my command line:
% su - nobody
% gpg -ea -z9 -r'WebSiteName' --always-trust --lock-never --batch
gpg: Warning: using insecure memory!
gpg: fatal: /work/who/web/.gpg/trustdb.gpg: can't open: Permission denied
% ls -al /work/who/web/.gpg
drwxr-xr-x 2 trevor trevor 4096 Mar 28 14:51 .
drwxrwxrwx 15 trevor trevor 8192 Mar 27 23:01 ..
-rw-r--r-- 1 trevor trevor 869 Mar 27 13:37 pubring.gpg
-rw-r--r-- 1 trevor trevor 0 Mar 27 13:35 pubring.gpg~
-rw-r--r-- 1 trevor trevor 600 Mar 27 13:37 random_seed
-rw-r--r-- 1 trevor trevor 1091 Mar 27 13:37 secring.gpg
-rw-r--r-- 1 trevor trevor 2560 Mar 27 14:06 trustdb.gpg
Obviously everything works peachy if I execute this as trevor. But my
web server will eventually run this as apache:apache, so it has to work
for other (non)users.