Package: gpg Version: 2.4.7-3 Severity: normal The 2.4 series of GnuPG introduces keyboxd, but doesn't force migration to it for existing users.
For new users, however, running without an explicitly set $GNUPGHOME,
/usr/bin/gpg creates ~/.gnupg and populates it with a single file,
common.conf, which contains a single line:
use-keyboxd
This means that while an existing user of gpg can upgrade to gpg 2.4.x
and see things mostly work, a new user who has avoided installing the
keyboxd package (e.g, by installing "gpg" but not "gnupg") will see the
following kind of misbehavior:
```
0 dkg@bob:~$ gpg --import < /usr/share/keyrings/debian-archive-keyring.gpg
gpg: directory '/home/dkg/.gnupg' created
gpg: error running '/usr/lib/gnupg/keyboxd': probably not installed
gpg: failed to start keyboxd '/usr/lib/gnupg/keyboxd': Configuration error
gpg: can't connect to the keyboxd: Configuration error
gpg: error opening key DB: No Keybox daemon running
gpg: error running '/usr/lib/gnupg/keyboxd': probably not installed
gpg: failed to start keyboxd '/usr/lib/gnupg/keyboxd': Configuration error
gpg: can't connect to the keyboxd: Configuration error
gpg: error opening key DB: No Keybox daemon running
gpg: key DCC9EFBF77E11517: 2 signatures not checked due to missing keys
gpg: error running '/usr/lib/gnupg/keyboxd': probably not installed
gpg: failed to start keyboxd '/usr/lib/gnupg/keyboxd': Configuration error
gpg: can't connect to the keyboxd: Configuration error
gpg: error opening key DB: No Keybox daemon running
gpg: key DCC9EFBF77E11517: public key not found: Input/output error
gpg: error reading '[stdin]': Input/output error
gpg: import from '[stdin]' failed: Input/output error
gpg: Total number processed: 0
2 dkg@bob:~$
```
I'm not sure what the right solution is here; perhaps the simplest thing
would be to just ship the keyboxd binary (and socket activation, etc)
directly in the gpg package, and have that package Provides: keyboxd.
--dkg
-- System Information:
Debian Release: trixie/sid
APT prefers testing-debug
APT policy: (500, 'testing-debug'), (500, 'testing'), (200,
'unstable-debug'), (200, 'unstable'), (1, 'experimental-debug'), (1,
'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 6.12.6-amd64 (SMP w/20 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages gpg depends on:
ii gpgconf 2.4.7-3
ii libassuan9 3.0.1-2
ii libbz2-1.0 1.0.8-6
ii libc6 2.40-6
ii libgcrypt20 1.11.0-7
ii libgpg-error0 1.51-3
ii libnpth0t64 1.8-2
ii libreadline8t64 8.2-6
ii libsqlite3-0 3.46.1-1
ii zlib1g 1:1.3.dfsg+really1.3.1-1+b1
Versions of packages gpg recommends:
ii gnupg 2.4.7-3
gpg suggests no packages.
-- no debconf information
signature.asc
Description: PGP signature
