David Shaw on Thu, 27 Feb 2003 13:13:04 -0500


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] GnuPG 1.2.1 trustdb checks for every pubkey import?


On Thu, Feb 27, 2003 at 12:47:24PM -0500, gabriel rosenkoetter wrote:
> On Thu, Feb 27, 2003 at 12:47:34AM -0500, David Shaw wrote:
> > Try running "gpg --no-sig-cache --rebuild-keydb-caches".  It'll take a
> > long time.  I suspect you have some uncached signatures and/or
> > uncached Elgamal signatures (worse) on your keyring.
> 
> This ended in near catastrophe after processing the entire keyring:
> 
> gpg: 1428 keys checked (48768 signatures)
> gpg: renaming `/home/gr/.gnupg/pubring.gpg.tmp' to `/home/gr/.gnupg/pubring.gpg' failed: No such file or directory
> gpg: failed to rebuild keyring cache: file rename error
> gpg --no-sig-cache --rebuild-keydb-caches  10351.18s user 2349.33s system 79% cpu 4:25:10.07 total
> 
> In that time, reading mail in mutt caused another key to be added
> to the public keyring. I'm a little unclear on how that resulted
> in this particular error, though clearly modifying a file that's
> being processed *could* be bad news, it looks like gpg was producing
> the new keyring in pubring.gpg.tmp... but that file doesn't exist
> any more at all.

The problem is modifying the file while you were processing it.  Don't
ask me why there isn't a lock to prevent that.  I'll have to fix that.

> How screwed am I now? Is there something I should be doing to verify
> the structure of my pubring?

Not screwed at all.  The automatic backup file in pubring.gpg~ should
restore you back to happiness.

> I'm going to restart the rebuild having removed auto-key-retrieve
> from my .gnupg/gpg.conf's keyserver-options.

That should do it.

David

Attachment: pgpoXkXhYdy2B.pgp
Description: PGP signature