SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm currently stuck with a problem while configuring slapt-get.
I installed slapt-get and it works - well at least it 'runs' - but when I tried to do "slapt-get --update" it gives me an "Segmentation fault"-error after trying to verify the checksum signature. Retrieving package data, patch list, checksum list and checksum signature goes fine...
However, after a bit of googling and experimenting I noticed that this doesn't seem to be a slapt-get specific error. When I do "slackpkg update" (after reinstalling gpg, refreshing the date and doing "slackpkg update gpg"), it terminates with an gpg error as well:
Code:
ERROR: Verification of the gpg signature on CHEKCSUMS.md5
failed! This could mean that the file is out of date
or has been tampered with.
I'm wondering whether you did 'su -', or just 'su'. You should be doing all this as root, with 'su -', and you should have the gnupg packgage installed (slackpkg uses the gpg command from gnupg, so you need gnupg -- the gnupg2 package is not a replacement for gnupg -- which is a good example of why everybody here says you should have a *full* install of Slackware unless you know exactly what you're doing. Sorry if this is something you know already.)
You can check whether your previous 'slackpkg update gpg' worked by doing 'gpg --list-keys'. You should see this
Code:
pub 1024D/40102233 2003-02-26 [expires: 2038-01-19]
uid Slackware Linux Project <security@slackware.com>
sub 1024g/4E523569 2003-02-26 [expires: 2038-01-19]
and possibly other useful public keys, like "SlackBuilds.org Development Team <slackbuilds-devel@slackbuilds.org>".
You can manually check something with 'gpg --verify something.asc', and then, if that fails, you can tell us the error message. For example, if you download CHECKSUMS.md5 and CHECKSUMS.md5.asc manually, you can check it like this:
Code:
# gpg --verify CHECKSUMS.md5.asc
gpg: Signature made Tue 14 Jan 2014 04:12:41 AM GMT using DSA key ID 40102233
gpg: Good signature from "Slackware Linux Project <security@slackware.com>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: EC56 49DA 401E 22AB FA67 36EF 6A44 63C0 4010 2233
#
Don't worry about the warning. It means I've never been invited to the sort of party where people who've met Patrick swap driving licences.
Lastly, I have vague memories of gpg verification failing because the system clock or timezone was badly wrong, but that could be just an hallucination...
Ok thanks for the replies. I tried your suggestions and did not get much further but recieved another bunch of strange behaviour... Which is well for determining the source of evil, I guess.
Quote:
I'm wondering whether you did 'su -', or just 'su'.
You got me. I indeed did 'su'. But when I tried it with 'su -' today there were no different results.
Quote:
and you should have the gnupg packgage installed
I have it installed but following your further instructions I noticed that my gnupg doesn't seem to work properly.
Quote:
why everybody here says you should have a *full* install of Slackware
and
Quote:
are you, by any chance, using a partial install?
I should have a full installation as long as there went nothing wrong installing it which I do not have any hints for except of the strange errors I'm currently receiving.
Quote:
You can check whether your previous 'slackpkg update gpg' worked by doing 'gpg --list-keys'
When I do 'gpg --list-keys' after having done 'slackpkg update' I receive the following:
Code:
gpg: failed to create temporary file `/root/.gnupg/.#lk0x9711b48.thecalcaholic/server.19064': No such file or directory
gpg: fatal: can't create lock for `/root/.gnupg/trustdb.gpg'
secmem usage: 0/0 bytes in 0/0 blocks of pool 0/32768
If I manually execute 'gpg --verify /tmp/slackpkg.mSrmun/CHECKSUMS.md5.asc' I get this:
Code:
gpg: no valid OpenPGP data found.
gpg: the signature could not be verified.
Please remember that the signature file (.sig or .asc)
should be the first file given on the command line.
Quote:
Lastly, I have vague memories of gpg verification failing because the system clock or timezone was badly wrong
I read about it too, but my date is well - I checked it already.
When I do 'gpg --list-keys' after having done 'slackpkg update' I receive the following:
Code:
gpg: failed to create temporary file `/root/.gnupg/.#lk0x9711b48.thecalcaholic/server.19064': No such file or directory
gpg: fatal: can't create lock for `/root/.gnupg/trustdb.gpg'
secmem usage: 0/0 bytes in 0/0 blocks of pool 0/32768
This seems to be the cause of your problems. Something is wrong with gpg's database locking. Maybe it's been caused by a previous crash of something like gnome-keyring. Or maybe it's an owner or permission problem -- you could try to check that /root/.gnupg and everything under it is owned by root:root (chown -R root:root /root/.gnupg) and has the correct permissions. Or maybe you have /root on a read-only filesystem. Or maybe there are some unusual options set in /root/.gnupg/gpg.conf (maybe swaret set something stupid in there?).
Maybe you could try to use the gpg --lock-never option as a workround, if you can't find what is wrong.
At first I did as you suggested and changed the owner of the directory (recursively) to root:root.
When I execute gpg --lock-never --list-keys it indeed gives me the result I want.
When I took a look at the '/root/.gnupg' directory I found permissions which don't seem to be ok. I only don't know exactly how they should look like.
These are the permissions at the moment (I set '/root/.gnupg' to 0700 already):
Code:
>> ls -l /root/.gnupg/
total 20
-rw------- 1 root root 9188 Nov 20 13:44 gpg.conf
-rw------- 1 root root 926 Nov 20 13:44 pubring.gpg
-rw------- 1 root root 0 Nov 20 13:44 pubring.gpg~
-rw------- 1 root root 0 Nov 20 13:44 secring.gpg
-rw------- 1 root root 1200 Nov 20 13:44 trustdb.gpg
EDIT: I forgot this: The gnupg.conf file seems to be pretty default since there is everything commented out except of the keyserver which is the standard 'hkp://keys.gnupg.net'.
Regards, thecalcaholic
UPDATE: I tried nearly all possible permission setups now; and sometimes recieved gpg security warnings when I opened read write and execute permissions for everyone but I also still recieved the initial error described in the posts before...
I removed gpg and gpg2 and deleted all related directories manually and reinstalled everything afterwards but no changes were noticeable.
I'm running out of ideas... :/
Last edited by theCalcaholic; 01-25-2014 at 06:47 AM.
If the gpg.conf file is 9188 bytes, it looks unmodified. But why are all the files dated 'Nov 20'? In particular, why is pubring.gpg still dated Nov 20, if you have recently done 'slackpkg update gpg'? Are you sure your system clock is correct?
It would be interesting to know what shows up when you do 'ls -alR .gnupg/' to show whether there are any hidden temporary lock directories and files in .gnupg. If there are any, remove them.
Your secring.gpg is empty, so you haven't yet run 'gpg --gen-key'. You probably should do that: it's unlikely to be the cause of your problems, but not impossible.
I hope you're not running gpg-agent or gnome-keyring or kwallet or enigmail, or any unusual daemons or applications? I hope you don't have any of the GPG environment variables set, particularly GNUPGHOME or GPG_AGENT_INFO?
If you know what strace is, you might want to try that -- for example, compare the output of 'strace gpg --list-keys' with 'strace gpg --lock-never --list-keys'.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
