Package: inn2 Version: 2.4.2-2 Severity: important pgpverify stats in its manpage
| By default, when running as part of INN, pgpverify expects the PGP key
| ring to be found in pathetc/pgp (as either pubring.pgp or pubring.gpg
| depending on whether PGP or GnuPG is used to verify signatures). If
| that directory doesn't exist, it will fall back on using the default key
| ring, which is in a .pgp or .gnupg subdirectory of the running user's
| home directory.
The running user in the case of inn is "news".
innd don't set HOME in the environment which is used by gpgv to find the
home directory, this make the verification fail:
| % echo "@0302425546310000000000190DC500000001@" | env -i
/usr/lib/news/bin/controlchan
| Use of uninitialized value in concatenation (.) or string at
/usr/lib/news/innshellvars.pl line 109.
| Thu May 5 12:50:58 2005: starting
| Thu May 5 12:50:59 2005: skipping rmgroup [EMAIL PROTECTED](pgpverify
failed) in <[EMAIL PROTECTED]>
With /etc/news/pgp it succedes:
| % echo "@0302425546310000000000190DC500000001@" | env -i
/usr/lib/news/bin/controlchan
| Use of uninitialized value in concatenation (.) or string at
/usr/lib/news/innshellvars.pl line 109.
| Thu May 5 12:51:21 2005: starting
| Thu May 5 12:51:21 2005: control_rmgroup, de.soc.medien [EMAIL PROTECTED]
[EMAIL PROTECTED] @0302425546310000000000190DC500000001@, , doit, 1
Bastian
--
Many Myths are based on truth
-- Spock, "The Way to Eden", stardate 5832.3
signature.asc
Description: Digital signature
