GNUPG2 突然抛出“构建 skey 数组时出错:没有此文件或目录”

GNUPG2 突然抛出“构建 skey 数组时出错:没有此文件或目录”

一些背景信息:我是一个项目的维护者,该项目使用gnupg2框架的一部分来用 PGP 公钥加密数据,这样如果我们的服务器被攻破,数据就无法被读取,我的 CI 脚本一直运行良好,直到今天我收到一个奇怪的错误消息:

设备的 ioctl 不合适

我通过在我的 CI 脚本中添加以下行解决了这个问题(有效)

export GPG_TTY=$(tty)

但是我现在遇到了一个问题,它只是随机引发错误:

构建 skey 数组时出错:没有此文件或目录

有人知道为什么会发生此错误或无法找到哪个文件或目录吗?我在网上发现以下目录可能丢失或具有无效权限,但似乎没有做任何事情:

$ mkdir -p ~/.gnupg/private-keys-v1.d
$ chmod 700 ~/.gnupg/private-keys-v1.d

以下是我的 CI 运行器的输出:

$ export GPG_TTY=$(tty)
$ apt-get update
Get:1 http://security.debian.org/debian-security stretch/updates InRelease [94.3 kB]
Get:3 http://security.debian.org/debian-security stretch/updates/main amd64 Packages [440 kB]
Ign:2 http://cdn-fastly.deb.debian.org/debian stretch InRelease
Get:4 http://cdn-fastly.deb.debian.org/debian stretch-updates InRelease [91.0 kB]
Get:5 http://cdn-fastly.deb.debian.org/debian stretch Release [118 kB]
Get:6 http://cdn-fastly.deb.debian.org/debian stretch Release.gpg [2434 B]
Get:7 http://cdn-fastly.deb.debian.org/debian stretch-updates/main amd64 Packages [12.1 kB]
Get:8 http://cdn-fastly.deb.debian.org/debian stretch/main amd64 Packages [9530 kB]
Fetched 10.3 MB in 4s (2169 kB/s)
Reading package lists...
$ apt-get install -y zip gnupg2
Reading package lists...
Building dependency tree...
Reading state information...
The following additional packages will be installed:
  unzip
The following NEW packages will be installed:
  gnupg2 unzip zip
0 upgraded, 3 newly installed, 0 to remove and 9 not upgraded.
Need to get 703 kB of archives.
After this operation, 1486 kB of additional disk space will be used.
Get:1 http://cdn-fastly.deb.debian.org/debian stretch/main amd64 gnupg2 all 2.1.18-8~deb9u1 [299 kB]
Get:2 http://cdn-fastly.deb.debian.org/debian stretch/main amd64 unzip amd64 6.0-21 [170 kB]
Get:3 http://cdn-fastly.deb.debian.org/debian stretch/main amd64 zip amd64 3.0-11+b1 [234 kB]
debconf: delaying package configuration, since apt-utils is not installed
Fetched 703 kB in 1s (528 kB/s)
Selecting previously unselected package gnupg2.
(Reading database ... 
(Reading database ... 5%
(Reading database ... 10%
(Reading database ... 15%
(Reading database ... 20%
(Reading database ... 25%
(Reading database ... 30%
(Reading database ... 35%
(Reading database ... 40%
(Reading database ... 45%
(Reading database ... 50%
(Reading database ... 55%
(Reading database ... 60%
(Reading database ... 65%
(Reading database ... 70%
(Reading database ... 75%
(Reading database ... 80%
(Reading database ... 85%
(Reading database ... 90%
(Reading database ... 95%
(Reading database ... 100%
(Reading database ... 29828 files and directories currently installed.)
Preparing to unpack .../gnupg2_2.1.18-8~deb9u1_all.deb ...
Unpacking gnupg2 (2.1.18-8~deb9u1) ...
Selecting previously unselected package unzip.
Preparing to unpack .../unzip_6.0-21_amd64.deb ...
Unpacking unzip (6.0-21) ...
Selecting previously unselected package zip.
Preparing to unpack .../zip_3.0-11+b1_amd64.deb ...
Unpacking zip (3.0-11+b1) ...
Processing triggers for mime-support (3.60) ...
Setting up unzip (6.0-21) ...
Setting up zip (3.0-11+b1) ...
Setting up gnupg2 (2.1.18-8~deb9u1) ...
$ echo "$GPG_PUBLIC_KEY" | gpg --import
gpg: WARNING: unsafe permissions on homedir '/root/.gnupg'
gpg: keybox '/root/.gnupg/pubring.kbx' created
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key REDACTED: public key "REACTED <redacted@redacted >" imported
gpg: Total number processed: 1
gpg:               imported: 1
$ echo "$GPG_PRIVATE_KEY" | gpg --import
gpg: WARNING: unsafe permissions on homedir '/root/.gnupg'
gpg: key REDACTED: "REACTED <redacted@redacted>" not changed
gpg: key REDACTED/REDACTED: error sending to agent: No such file or directory
gpg: error building skey array: No such file or directory
gpg: Total number processed: 1
gpg:              unchanged: 1
gpg:       secret keys read: 1
ERROR: Job failed: exit code 1

我按如下方式设置了我的docker:

$ docker pull python:latest
$ docker create python:latest --name python
$ docker run -it python /bin/bash

以下是我去年发现此错误的最新位置:

答案1

后来发现这是 GNUPG2 新版本的问题,我通过添加标志--batch来修复了这个问题gpg --import(基于这个问题

固定代码行:

echo "$GPG_PRIVATE_KEY" | gpg --batch --import

相关内容