~alpine/users

4 2

Fwd: waiting for the keyboxd to come up

Thomas Leplus <thomas.leplus@gmail.com>
Details
Message ID
<CANHA9OFWNAGTMX=0f+NrGndhCUp+uR4h1e=RQBhN2f_pQ6nKKg@mail.gmail.com>
DKIM signature
missing
Download raw message
1 year, 7 months ago 
Hi,

When I run the following command in an alpine:3.18.0 docker container[1] it
hangs:

$ gpg --batch --verbose --keyserver keyserver.ubuntu.com --recv-keys
6B1B9BE54C155617
gpg: enabled compatibility flags:
gpg: no running dirmngr - starting '/usr/bin/dirmngr'
gpg: waiting for the dirmngr to come up ... (5s)
gpg: connection to the dirmngr established
gpg: data source: http://162.213.33.9:11371
gpg: armor header: Comment: Hostname:
gpg: armor header: Version: Hockeypuck 2.1.0-222-g25248d4
gpg: key 6B1B9BE54C155617: number of dropped non-self-signatures: 2
gpg: pub  rsa3072/6B1B9BE54C155617 2021-01-22  Thomas Leplus <
thomas@leplus.org>
gpg: no running keyboxd - starting '/usr/libexec/keyboxd'
gpg: waiting for the keyboxd to come up ... (5s)

Any suggestion would be appreciated.

Tom

[1]
https://github.com/leplusorg/docker-pgp-verify-jar/blob/main/pgp-verify-jar/Dockerfile
alice <alice@ayaya.dev>
Details
Message ID
<CT4XDCAJAL5R.JFL41MUXAXU4@sumire>
In-Reply-To
<CANHA9OFWNAGTMX=0f+NrGndhCUp+uR4h1e=RQBhN2f_pQ6nKKg@mail.gmail.com> (view parent)
DKIM signature
missing
Download raw message
1 year, 7 months ago 
On Mon Jun 5, 2023 at 8:20 PM CEST, Thomas Leplus wrote:
> Hi,
>
> When I run the following command in an alpine:3.18.0 docker container[1] it
> hangs:
>
> $ gpg --batch --verbose --keyserver keyserver.ubuntu.com --recv-keys
> 6B1B9BE54C155617

this exact thing verbatim works fine for me in 3.18 with just `gpg` added.
perhaps the issue is somewhere else in that entire script you run..
but if you reproduce it with just this, then not sure what it could be.

> gpg: enabled compatibility flags:
> gpg: no running dirmngr - starting '/usr/bin/dirmngr'
> gpg: waiting for the dirmngr to come up ... (5s)
> gpg: connection to the dirmngr established
> gpg: data source: http://162.213.33.9:11371
> gpg: armor header: Comment: Hostname:
> gpg: armor header: Version: Hockeypuck 2.1.0-222-g25248d4
> gpg: key 6B1B9BE54C155617: number of dropped non-self-signatures: 2
> gpg: pub  rsa3072/6B1B9BE54C155617 2021-01-22  Thomas Leplus <
> thomas@leplus.org>
> gpg: no running keyboxd - starting '/usr/libexec/keyboxd'
> gpg: waiting for the keyboxd to come up ... (5s)
>
> Any suggestion would be appreciated.
>
> Tom
>
> [1]
> https://github.com/leplusorg/docker-pgp-verify-jar/blob/main/pgp-verify-jar/Dockerfile
Thomas Leplus <thomas.leplus@gmail.com>
Details
Message ID
<CANHA9OG70Q+2qviq1mUrfuC5YWdk+Xj4yqjgjpamr1cEcUMHJA@mail.gmail.com>
In-Reply-To
<CT4XDCAJAL5R.JFL41MUXAXU4@sumire> (view parent)
DKIM signature
missing
Download raw message
1 year, 7 months ago 
Hi Alice,

I did not use my full script, just the command that I pasted, but I did run
it inside from inside my base image. Now I run it from a vanilla
alpine:3.18.0 image and it works. So something in my Dockerfile is breaking
gnupg. I just need to figure out what but you've narrowed it down quite a
bit. Thanks!

On Mon, Jun 5, 2023 at 11:23 AM alice <alice@ayaya.dev> wrote:

> On Mon Jun 5, 2023 at 8:20 PM CEST, Thomas Leplus wrote:
> > Hi,
> >
> > When I run the following command in an alpine:3.18.0 docker container[1]
> it
> > hangs:
> >
> > $ gpg --batch --verbose --keyserver keyserver.ubuntu.com --recv-keys
> > 6B1B9BE54C155617
>
> this exact thing verbatim works fine for me in 3.18 with just `gpg` added.
> perhaps the issue is somewhere else in that entire script you run..
> but if you reproduce it with just this, then not sure what it could be.
>
> > gpg: enabled compatibility flags:
> > gpg: no running dirmngr - starting '/usr/bin/dirmngr'
> > gpg: waiting for the dirmngr to come up ... (5s)
> > gpg: connection to the dirmngr established
> > gpg: data source: http://162.213.33.9:11371
> > gpg: armor header: Comment: Hostname:
> > gpg: armor header: Version: Hockeypuck 2.1.0-222-g25248d4
> > gpg: key 6B1B9BE54C155617: number of dropped non-self-signatures: 2
> > gpg: pub  rsa3072/6B1B9BE54C155617 2021-01-22  Thomas Leplus <
> > thomas@leplus.org>
> > gpg: no running keyboxd - starting '/usr/libexec/keyboxd'
> > gpg: waiting for the keyboxd to come up ... (5s)
> >
> > Any suggestion would be appreciated.
> >
> > Tom
> >
> > [1]
> >
> https://github.com/leplusorg/docker-pgp-verify-jar/blob/main/pgp-verify-jar/Dockerfile
>
>
Thomas Leplus <thomas.leplus@gmail.com>
Details
Message ID
<CANHA9OFcdbXCtrdpYx78gFfKcTGTX_F+WKHm2_OrtZf19NxqEg@mail.gmail.com>
In-Reply-To
<CANHA9OG70Q+2qviq1mUrfuC5YWdk+Xj4yqjgjpamr1cEcUMHJA@mail.gmail.com> (view parent)
DKIM signature
missing
Download raw message
1 year, 7 months ago 
I am still not 100% clear on what the issue was but I found a fix[1]. If I
remove the call to `gpg --list-keys` during the docker build, the gpg-agent
later used by my script is '/usr/bin/gpg-agent' instead of
'/usr/libexec/keyboxd'. After that everything works. Note that this was not
necessary in 3.17.

[1]
https://github.com/leplusorg/docker-pgp-verify-jar/commit/0e38af4a86d05b8dfcbacba804b2cb8086ad6499

On Mon, Jun 5, 2023 at 11:33 AM Thomas Leplus <thomas.leplus@gmail.com>
wrote:

> Hi Alice,
>
> I did not use my full script, just the command that I pasted, but I did
> run it inside from inside my base image. Now I run it from a vanilla
> alpine:3.18.0 image and it works. So something in my Dockerfile is breaking
> gnupg. I just need to figure out what but you've narrowed it down quite a
> bit. Thanks!
>
> On Mon, Jun 5, 2023 at 11:23 AM alice <alice@ayaya.dev> wrote:
>
>> On Mon Jun 5, 2023 at 8:20 PM CEST, Thomas Leplus wrote:
>> > Hi,
>> >
>> > When I run the following command in an alpine:3.18.0 docker
>> container[1] it
>> > hangs:
>> >
>> > $ gpg --batch --verbose --keyserver keyserver.ubuntu.com --recv-keys
>> > 6B1B9BE54C155617
>>
>> this exact thing verbatim works fine for me in 3.18 with just `gpg` added.
>> perhaps the issue is somewhere else in that entire script you run..
>> but if you reproduce it with just this, then not sure what it could be.
>>
>> > gpg: enabled compatibility flags:
>> > gpg: no running dirmngr - starting '/usr/bin/dirmngr'
>> > gpg: waiting for the dirmngr to come up ... (5s)
>> > gpg: connection to the dirmngr established
>> > gpg: data source: http://162.213.33.9:11371
>> > gpg: armor header: Comment: Hostname:
>> > gpg: armor header: Version: Hockeypuck 2.1.0-222-g25248d4
>> > gpg: key 6B1B9BE54C155617: number of dropped non-self-signatures: 2
>> > gpg: pub  rsa3072/6B1B9BE54C155617 2021-01-22  Thomas Leplus <
>> > thomas@leplus.org>
>> > gpg: no running keyboxd - starting '/usr/libexec/keyboxd'
>> > gpg: waiting for the keyboxd to come up ... (5s)
>> >
>> > Any suggestion would be appreciated.
>> >
>> > Tom
>> >
>> > [1]
>> >
>> https://github.com/leplusorg/docker-pgp-verify-jar/blob/main/pgp-verify-jar/Dockerfile
>>
>>
alice <alice@ayaya.dev>
Details
Message ID
<CT4Z7YA68DFK.3IYD42UQWF716@sumire>
In-Reply-To
<CANHA9OFcdbXCtrdpYx78gFfKcTGTX_F+WKHm2_OrtZf19NxqEg@mail.gmail.com> (view parent)
DKIM signature
missing
Download raw message
1 year, 7 months ago 
On Mon Jun 5, 2023 at 9:43 PM CEST, Thomas Leplus wrote:
> I am still not 100% clear on what the issue was but I found a fix[1]. If I
> remove the call to `gpg --list-keys` during the docker build, the gpg-agent
> later used by my script is '/usr/bin/gpg-agent' instead of
> '/usr/libexec/keyboxd'. After that everything works. Note that this was not
> necessary in 3.17.

i've heard of multiple people have this same-ish specific kind of issue with
gnupg 2.4 and the new keyboxd thing in this docker context, e.g. on
https://github.com/nodejs/docker-node/pull/1895 (the missing keyboxd thing was
actually fixed, that was a packaging error) (not sure if that's the same issue)

not sure why it malfunctions, but this just seems like a rudimentary gnupg issue
in itself, not related to much else. everyone finds their magic workaround to
call stuff a certain way or kill things in bg first..

> [1]
> https://github.com/leplusorg/docker-pgp-verify-jar/commit/0e38af4a86d05b8dfcbacba804b2cb8086ad6499
>
> On Mon, Jun 5, 2023 at 11:33 AM Thomas Leplus <thomas.leplus@gmail.com>
> wrote:
>
> > Hi Alice,
> >
> > I did not use my full script, just the command that I pasted, but I did
> > run it inside from inside my base image. Now I run it from a vanilla
> > alpine:3.18.0 image and it works. So something in my Dockerfile is breaking
> > gnupg. I just need to figure out what but you've narrowed it down quite a
> > bit. Thanks!
> >
> > On Mon, Jun 5, 2023 at 11:23 AM alice <alice@ayaya.dev> wrote:
> >
> >> On Mon Jun 5, 2023 at 8:20 PM CEST, Thomas Leplus wrote:
> >> > Hi,
> >> >
> >> > When I run the following command in an alpine:3.18.0 docker
> >> container[1] it
> >> > hangs:
> >> >
> >> > $ gpg --batch --verbose --keyserver keyserver.ubuntu.com --recv-keys
> >> > 6B1B9BE54C155617
> >>
> >> this exact thing verbatim works fine for me in 3.18 with just `gpg` added.
> >> perhaps the issue is somewhere else in that entire script you run..
> >> but if you reproduce it with just this, then not sure what it could be.
> >>
> >> > gpg: enabled compatibility flags:
> >> > gpg: no running dirmngr - starting '/usr/bin/dirmngr'
> >> > gpg: waiting for the dirmngr to come up ... (5s)
> >> > gpg: connection to the dirmngr established
> >> > gpg: data source: http://162.213.33.9:11371
> >> > gpg: armor header: Comment: Hostname:
> >> > gpg: armor header: Version: Hockeypuck 2.1.0-222-g25248d4
> >> > gpg: key 6B1B9BE54C155617: number of dropped non-self-signatures: 2
> >> > gpg: pub  rsa3072/6B1B9BE54C155617 2021-01-22  Thomas Leplus <
> >> > thomas@leplus.org>
> >> > gpg: no running keyboxd - starting '/usr/libexec/keyboxd'
> >> > gpg: waiting for the keyboxd to come up ... (5s)
> >> >
> >> > Any suggestion would be appreciated.
> >> >
> >> > Tom
> >> >
> >> > [1]
> >> >
> >> https://github.com/leplusorg/docker-pgp-verify-jar/blob/main/pgp-verify-jar/Dockerfile
> >>
> >>
Reply to thread Export thread (mbox)