Bug#910654: cloud.debian.org: cloud-init apt module can't add GPG keys; dirmngr missing
On Tue, Oct 09, 2018 at 11:01:33AM +, Daniel Strong wrote: > On clean instantiations of the Debian Stretch AWS AMIs, the cloud-init Apt > Configure > module can't receive GPG keys. The following cloud-init Please define the complete key in the config. While not obvious in the documentation, you never want to pull keys from random sources, esp as you have the option to specify the complete key. We might even disable the feature to fetch by keyids, as recent history showed it is inherently unsafe und even abusive to key servers. Bastian -- Phasers locked on target, Captain.
Bug#910654: cloud.debian.org: cloud-init apt module can't add GPG keys; dirmngr missing
tags 910654 + patch Hi, On Tue Oct 09, 2018 at 06:53:38 -0700, Noah Meyerhans wrote: > On Tue, Oct 09, 2018 at 11:01:33AM +, Daniel Strong wrote: > > Stderr: gpg: failed to start the dirmngr '/usr/bin/dirmngr': No such file > > or directory > > gpg: connecting dirmngr at '/root/.gnupg/S.dirmngr' failed: No such > > file or directory > > gpg: keyserver receive failed: No dirmngr > > gnupg has only a Recommends on dirmngr, not a Depends. When we build the > cloud images, we don't install recommends for most packages. We should > fix this by explicitly adding dirmngr to the list of packages. This is https://salsa.debian.org/cloud-team/debian-cloud-images/merge_requests/22 Best regards, Martin -- Martin Zobel-Helas Debian System Administrator Debian & GNU/Linux Developer Debian Listmaster http://about.me/zobel Debian Webmaster GPG Fingerprint: 6B18 5642 8E41 EC89 3D5D BDBB 53B1 AC6D B11B 627B
Processed (with 5 errors): Re: Bug#910654: cloud.debian.org: cloud-init apt module can't add GPG keys; dirmngr missing
Processing commands for cont...@bugs.debian.org: > tags 910654 + patch Bug #910654 [cloud.debian.org] cloud.debian.org: cloud-init apt module can't add GPG keys; dirmngr missing Added tag(s) patch. > Hi, Unknown command or malformed arguments to command. > On Tue Oct 09, 2018 at 06:53:38 -0700, Noah Meyerhans wrote: Unknown command or malformed arguments to command. > > On Tue, Oct 09, 2018 at 11:01:33AM +, Daniel Strong wrote: Unknown command or malformed arguments to command. > > > Stderr: gpg: failed to start the dirmngr '/usr/bin/dirmngr': No such file > > > or directory Unknown command or malformed arguments to command. > > > gpg: connecting dirmngr at '/root/.gnupg/S.dirmngr' failed: No such > > > file or directory Unknown command or malformed arguments to command. Too many unknown commands, stopping here. Please contact me if you need assistance. -- 910654: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910654 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#910654: cloud.debian.org: cloud-init apt module can't add GPG keys; dirmngr missing
On Tue, Oct 09, 2018 at 11:01:33AM +, Daniel Strong wrote: > Stderr: gpg: failed to start the dirmngr '/usr/bin/dirmngr': No such file or > directory > gpg: connecting dirmngr at '/root/.gnupg/S.dirmngr' failed: No such file > or directory > gpg: keyserver receive failed: No dirmngr gnupg has only a Recommends on dirmngr, not a Depends. When we build the cloud images, we don't install recommends for most packages. We should fix this by explicitly adding dirmngr to the list of packages. Thanks for reporting this. noah signature.asc Description: PGP signature
Bug#910654: cloud.debian.org: cloud-init apt module can't add GPG keys; dirmngr missing
Package: cloud.debian.org Severity: normal Dear Maintainer, On clean instantiations of the Debian Stretch AWS AMIs, the cloud-init Apt Configure module can't receive GPG keys. The following cloud-init #cloud-config apt: sources: puppet5: keyid: '6F6B15509CF8E59E6E469F327F438280EF8D349F' source: 'deb http://apt.puppetlabs.com $RELEASE puppet5' produces the following output in /var/log/cloud-init.log on a new AWS instance: 2018-10-09 10:17:29,164 - gpg.py[ERROR]: Failed to obtain gpg key 6F6B15509CF8E59E6E469F327F438280EF8D349F Traceback (most recent call last): File "/usr/lib/python3/dist-packages/cloudinit/gpg.py", line 33, in recv_key capture=True) File "/usr/lib/python3/dist-packages/cloudinit/util.py", line 1850, in subp cmd=args) cloudinit.util.ProcessExecutionError: Unexpected error while running command. Command: ['gpg', '--keyserver', 'keyserver.ubuntu.com', '--recv', '6F6B15509CF8E59E6E469F327F438280EF8D349F'] Exit code: 2 Reason: - Stdout: - Stderr: gpg: failed to start the dirmngr '/usr/bin/dirmngr': No such file or directory gpg: connecting dirmngr at '/root/.gnupg/S.dirmngr' failed: No such file or directory gpg: keyserver receive failed: No dirmngr This issue can be worked around by installing dirmngr in the bootcmd step, but I would expect this functionality to work out of the box. Kind regards, Daniel Strong -- System Information: Debian Release: 9.5 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-8-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)