[ic] Immediate and massive problem - GPG failing acrossmultiple sites

Cameron G ritontor at icenet.com.au
Tue Mar 8 01:19:05 EST 2005

> "Cameron G" <ritontor at icenet.com.au> wrote:
> > Hi everyone, I'm in a panic and I'm hoping someone can help 
> me, I have 
> > no idea what is going on.
> > 
> > GPG is failing to encrypt the order across every site we're 
> running on 
> > a particular server. It worked *perfectly* well up until 
> the machine 
> > got rebooted (was testing that it'd come back up for an 
> imminent server move).
> > This is the error log: 
> > 
> > (ip address) w38LUJ4W:(ip address) - [08/March/2005:04:45:13 +0000] 
> > catalog /cgi-bin/catalog/process.html PGP hard failure, 
> command th at 
> > failed: gpg --batch --always-trust -e -a  -r  'AF818985'
> > >/var/lib/interchange/catalog/tmp/pgp.w38LUJ4W.16670.out 
> > >2>/var/lib/int
> > erchange/catalog/tmp/pgp.w38LUJ4W.16670.err
> > 
> > 
> > The temp file reads: 
> > 
> > gpg: fatal: //.gnupg: can't create directory: Permission 
> denied secmem 
> > usage: 0/0 bytes in 0/0 blocks of pool 0/32768
> > 
> > 
> > Ok, so, where the hell is it getting that path? Why is it trying to 
> > create a directory? This is failing on more than one site, so it's 
> > clearly an issue with GPG itself, but how can cleanly resetting a 
> > computer nuke this sort of thing? I'm googling like mad to work out 
> > how all this fits together, but right now, I'm in trouble. 
> Anyone have 
> > a better idea about GPG that can help shed some light on 
> this for me?
> That looks like that the home directory for the Interchange 
> user is / !?

That's what it looks like to me too, but I can assure you it isn't - it's
/home/interch, which is exactly where the gnupg stuff is, and has always

> You may set the GPG directory explicitly in your Interchange 
> startup script:
> export GNUPGHOME=/var/lib/interchange/.gnupg
> Bye
> 	Racke

I fixed the problem by, get this, restarting interchange. It seems IC, when
started from system startup, is getting the wrong path for the IC user? Or
perhaps it's because root is starting it? I would have assumed the init.d
scripts would have taken care of user stuff. I'm going to dig in and have a
look and see what I can find. If anyone knows why a tarball install of IC
would decide to start with the root user, it might prove helpful -
especially because I'm pretty certain this hasn't happened before. 

More information about the interchange-users mailing list