Gentoo Archives: gentoo-user

From: Mick <michaelkintzios@×××××.com>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] safe use of .gnupg
Date: Wed, 18 Dec 2019 08:21:02
Message-Id: 4574109.OcqrEu7fDF@localhost
In Reply to: Re: [gentoo-user] safe use of .gnupg by Andrew Udvare
1 On Wednesday, 18 December 2019 07:33:51 GMT Andrew Udvare wrote:
2 > > On Dec 17, 2019, at 20:51, Philip Webb <purslow@××××××××.net> wrote:
3 > >
4 > > When encrypting a file, I was told :
5 > > root:552 root> gpg -c <filename>
6 > > gpg: WARNING: unsafe ownership on homedir '/home/purslow/.gnupg'
7 > >
8 > > The file is owned by my user, ie <user>:<user> .
9 > > This seems to be the default when 'gpg' is installed.
10 >
11 > It's probably complaining if you're running as root and you've set the GPG
12 > home did to be in /home/purslow/.gnupg rather than /root/.gnupg (and owned
13 > by root:root). Otherwise try setting that directory to 0700 permission
14 > (u+rwx g-rwx o-rwx).
15 >
16 > Andrew
17
18 Other than what Andrew said, you're using a symmetric cipher, so the complaint
19 is only a warning about the ownership of the gnupg configuration file being
20 used. You may wish your root user to have different gnupg settings than your
21 plain user and gnupg is warning you about it.
22
23 However, this is rather odd. When you first use gnupg as root (or as any
24 user) without specifying a configuration file, it will try to create a new
25 ~/.gnupg directory with default settings and public/private keys; e.g.
26
27 # gpg -c <some_file>
28 gpg: directory '/root/.gnupg' created
29 gpg: keybox '/root/.gnupg/pubring.kbx' created
30
31 Given the above the directory and files in /root/.gnupg should be owned by
32 root:root, rather than root:552 (if '552' in your message is some group ID).
33 --
34 Regards,
35
36 Mick

Attachments

File name MIME type
signature.asc application/pgp-signature

Replies

Subject Author
Re: [gentoo-user] safe use of .gnupg Philip Webb <purslow@××××××××.net>