private-keys-v1.d and preserve-permissions
Martin Pätzold
martin.paetzold at rheinwerk-verlag.de
Wed Sep 9 15:22:18 CEST 2020
Hello,
I am working with Debian Stretch (9.13) and GPG 2.1.18.
The "private-keys-v1.d" directory has per default the permissions 700
(drwx------), but I need them to be 770 (drwxrwx---). I can change the
permissions ($ chmod 770 private-keys-v1.d) but after some time they are
be back to 700.
According to the documentation
(https://www.gnupg.org/documentation/manuals/gnupg/GPG-Esoteric-Options.html#GPG-Esoteric-Options)
there is an option "--preserve-permissions" with the description "Don't
change the permissions of a secret keyring back to user read/write
only." I assumed that is what I need and added this option as
"preserve-permissions\n" to the "gpg.conf" file.
But it is not working as expected. When I stop the gpg-agent ($ gpgconf
--kill gpg-agent) and trigger its restart ($ gpg -K), the permissions
are back to 700. (I also checked, that the gpg.conf file is in fact used.)
Where am I wrong here? Is the setting not what I need, or do I set it
incorrectly, or do I test it incorrectly?
And if the setting is not what I need, how can I prevent the permissions
for "private-keys-v1.d" from changing?
Regards,
Martin
More information about the Gnupg-users
mailing list