decrypt-file updates trustdb?

David.Vazquez-Landa at David.Vazquez-Landa at
Thu Feb 23 14:19:56 CET 2012

Hello Cia,

I don't know if this applies in my case. I forgot to add --sorry-- that the service is running on a Windows 2008 machine.

Best Regards,

David Vázquez
European Central Bank
Tel. (+49) 69 1344 7029
Mail. david.vazquez-landa at

> -----Original Message-----
> From: gnupg-users-bounces at [mailto:gnupg-users-
> bounces at] On Behalf Of Cia Watson
> Sent: Wednesday 22 February 2012 17:24
> To: gnupg-users at
> Subject: Re: decrypt-file updates trustdb?
> On Tue, 21 Feb 2012 12:48:15 +0100
> <David.Vazquez-Landa at> wrote:
> > I have a service, which calls gpg to decrypt files and I can’t move forward
> > because I keep getting the following error:
> >
> > “PGP decryption error - gpg: Signature made 02/06/12 14:08:19 using DSA
> key
> > ID 23E858FE gpg: NOTE: trustdb not writable gpg: checking the trustdb gpg:
> > public key 64A20A5A is 3219 seconds newer than the signature gpg: public
> > key A1C13ADD is 153 seconds newer than the signature gpg: renaming
> > `D:/GNU/GnuPG\pubring.gpg' to `D:/GNU/GnuPG\pubring.bak' failed:
> Permission
> > denied gpg: failed to rebuild keyring cache: file rename error gpg: trustdb
> > rec 247: write failed (n=-1): Bad file descriptor gpg: trustdb: sync
> > failed: file write error”
> >
> > This happens when trying the following command:
> > --homedir c:\GNU\GnuPG --passphrase password --no-tty --armor --yes
> > --decrypt-files localFolder
> > Now, I could ignore the timestamp and I guess I would be able to open the
> > trustdb and my service wouldn’t die. OR I could give write permissions on
> > trustdb.gpg, pubring.gpg and pubring.bak to the user executing the
> service.
> > But I wouldn’t want to do any of those without knowing why the command
> is
> > trying to rebuild the keyring cache.
> To make a long story short, check the time on your desktop
> and your /etc/default/rcS file to see if an update changed the UTC= from no
> to
> yes.
> I'm not sure what distro you're running, and this may not be related to your
> issue. However I saw a similar error when I was updating Debian squeeze in a
> VM, on a Debian wheezy host. It turns out there was a recent update that
> made
> some changes to the /etc/default/rcS file and made this change:
> - UTC=no
> + UTC=yes
> In other words, I had UTC=no and it changed it back to the default of yes,
> After seeing it wanted to make that change in wheezy which I told it to allow,
> since there were other changes to the file that may have been important, I
> just went in afterward and changed UTC= back to no.
> In my squeeze vm however, it didn't bother to tell me it was making the
> change, but when I saw the error about time differences on the keyring, I
> looked at the time on the desktop and saw it was off, checked
> the /etc/default/rcS file and saw it had UTC set to yes, so I changed it
> back to no and now the desktop time is correct and no keyring time errors
> when
> I'm updating.
> Cia W.

Any e-mail message from the European Central Bank (ECB) is sent in good faith but shall neither be binding nor construed as constituting a commitment by the ECB except where provided for in a written agreement. This e-mail is intended only for the use of the recipient(s) named above. Any unauthorised disclosure, use or dissemination, either in whole or in part, is prohibited. If you have received this e-mail in error, please notify the sender immediately via e-mail and delete this e-mail from your system.

More information about the Gnupg-users mailing list