Hi, On Tue, 19 Mar 2013 15:47:18 +0100 Dominik George wrote: > it actually tells you about the wrong permissions when you tell it to > continue after the error. Which is really not very helpful.
I pushed a patch to make it dump gpg's standard error after importing
the keys, meaning you'd get
[INFO] fetching keys, this will take a while...
gpg: WARNING: unsafe permissions on homedir `…'
gpg: external program calls are disabled due to unsafe options file
permissions
gpg: keyserver communications error: general error
gpg: keyserver receive failed: general error
[NOTICE] Import failed for: ….
> I also wonder how the insecure permissions get set in the first place. I
> hit this problem a few days ago and I am absolutely sure I did not touch
> the gnupghome/ permissions. So mayber caff even creates it with
> inadequate permissions…
That would be extremely scary, as the new directories are created using
Perl's ‘mkpath’ (from the core module File::Path) with a mode explicitly
set to 0700. Hopefully dumping gpg's warning right away would make the
bug easier to corner, if bug there is.
Cheers,
--
Guilhem.
signature.asc
Description: Digital signature
