You are not logged in.

#1 2020-08-19 07:54:36

bartus
Member
Registered: 2013-05-13
Posts: 48

[solved] GPG issue when building inside continer.

When building in docker container `image=archlinux:latest` i can't get `gpg --receive-keys` to work.

```sh
rybkafiga@cloudshell:~$ docker run --rm --privileged archlinux:latest gpg -v --receive-keys CB9387521E1EE0127DA804843FDBB55084CC5D84
gpg: directory '/root/.gnupg' created
gpg: keybox '/root/.gnupg/pubring.kbx' created
gpg: no running Dirmngr - starting '/usr/bin/dirmngr'
gpg: waiting for the dirmngr to come up ... (5s)
gpg: connection to dirmngr established
gpg: keyserver receive failed: General error
```

I'm working on resolving an issue with [arch-travis](https://github.com/mikkeloscar/arch-travis) (Travis base CI script for AUR)
I know I can override pgp check in `yay` inside docker container by stripping of `gpgcheck` (e.g: `yay --nopgpfetch --mflags "--skippgpcheck") but beside testing if PKGBUILD is working I would also like to test if pgp signature is fine.

It looks like an issue with `dirmngr` configuration being left out without running inside fully fleged system as `gpg --import keyfile` works fine.

```sh
rybkafiga@cloudshell:~$ docker run --rm --privileged archlinux:latest bash -c "curl -s 'http://keys.gnupg.net/pks/lookup?op=get … 5084CC5D84'|grep -ozP -- '(?s)-----BEGIN.*BLOCK-----'|gpg --import -"
gpg: directory '/root/.gnupg' created
gpg: keybox '/root/.gnupg/pubring.kbx' created
gpg: key 3FDBB55084CC5D84: 88 signatures not checked due to missing keys
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key 3FDBB55084CC5D84: public key "Harald Sitter <sitter@kde.org>" imported
gpg: Total number processed: 1
gpg:               imported: 1
gpg: no ultimately trusted keys found
```

Last edited by bartus (2020-08-19 08:04:00)

Offline

#2 2020-08-19 08:03:27

bartus
Member
Registered: 2013-05-13
Posts: 48

Re: [solved] GPG issue when building inside continer.

Ok, figured it out: (need to specify keyserver with `gpg --keyserver` flag)

```sh
rybkafiga@cloudshell:~$ docker run archlinux:latest gpg -v --keyserver hkp://pool.sk
s-keyservers.net --receive-keys CB9387521E1EE0127DA804843FDBB55084CC5D84           
gpg: directory '/root/.gnupg' created
gpg: keybox '/root/.gnupg/pubring.kbx' created
gpg: no running Dirmngr - starting '/usr/bin/dirmngr'
gpg: waiting for the dirmngr to come up ... (5s)
gpg: connection to dirmngr established
gpg: data source: http://194.94.127.122:11371
gpg: armor header: Version: SKS 1.1.6
gpg: armor header: Comment: Hostname: keys.internet-sicherheit.de
gpg: key 3FDBB55084CC5D84: number of dropped non-self-signatures: 88
gpg: pub  rsa4096/3FDBB55084CC5D84 2016-06-09  Harald Sitter <sitter@kde.org>
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: using pgp trust model
gpg: key 3FDBB55084CC5D84: public key "Harald Sitter <sitter@kde.org>" imported
gpg: no running gpg-agent - starting '/usr/bin/gpg-agent'
gpg: waiting for the agent to come up ... (5s)
gpg: connection to agent established
gpg: Total number processed: 1
gpg:               imported: 1
```

Offline

Board footer

Powered by FluxBB