batch mode pgp from sendmail aliases

Grau, Michael
Thu Jun 7 10:33:01 2001


I wish to have an alias run a script, I've set the setuid on the script so
it runs as a different user to daemon and root. However, it seems to run the
actual gpg command using the environment variable of daemon, giving the eror
as follows:

gpg: Sorry, no terminal at all requested - can't get input
cannot decrypt file, provide key
500 5.0.0 "|/usr/local/bin/myscript rubbish"... Bad usage

the switches on (and syntax for) the gpg command in the script, myscript,
are as follows (i've gone overboard with the path definitions):

LD_LIBRARY_PATH=/usr/local/lib:/usr/lib; export LD_LIBRARY_PATH
PATH=$PATH:/usr/local/bin; export PATH
GNUPGHOME=/u03/users/edi/.gnupg; export GNUPGHOME
GPGHOME=/u03/users/edi/.gnupg; export GPGHOME
echo "${passphrase}"| gpg --passphrase-fd 0 --batch --output
outfile}.${indate} --homedir ${GPGDIR} --options ${GPGOPTIONS} --no --no-tty
rypt ${tempfile} > /dev/null 2>&1

Strangely, when I try this from the command line, as the daemon user, it
works (presumably because it's got a shell at this time, not at the other
time). Any advice, should I just use the perl modules for this? The script
is ksh.

Michael Grau.