search

zopencommunity / gpgport

GnuPG enables encryption and signing of data and communication, and features a versatile key management system as well as access modules for public key directories.
Apache License 2.0
2 stars 2 forks source link

gpg --gen-key fails #14

Closed netskink closed 8 months ago

netskink commented 1 year ago

In order to test my pull request notes, per Harithamma's request, I attempted to $ gpg --gen-key with a fresh install of $ zopen install gpgport. I get the following result:

$ gpg --gen-key

gpg: can't mmap pool of 32768 bytes: EDC5128I No such device. - using malloc
gpg: Please note that you don't have secure memory on this system
gpg: WARNING: unsafe permissions on homedir '/z/jd895801/.gnupg'
token 67436875: pid   67436875, user JD895801, started Mon Aug 28 11:52:38 2023
gpg (GnuPG) 2.4.0; Copyright (C) 2021 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

gpg: keybox '/z/jd895801/.gnupg/pubring.kbx' created
Note: Use "gpg --full-generate-key" for a full featured key generation dialog.

GnuPG needs to construct a user ID to identify your key.

Real name: John F. Davis
Email address: john.davis@broadcom.com
You selected this USER-ID:
    "John F. Davis <john.davis@broadcom.com>"

Change (N)ame, (E)mail, or (O)kay/(Q)uit? o
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: error running '/u/jenkins/zopen/prod/gnupg-2.4.0/bin/gpg-agent': probably not installed
gpg: failed to start gpg-agent '/u/jenkins/zopen/prod/gnupg-2.4.0/bin/gpg-agent': Configuration error
gpg: can't connect to the gpg-agent: Configuration error
gpg: agent_genkey failed: No agent running
Key generation failed: No agent running
netskink commented 1 year ago

FWIW, I did a git clone. Built using my modified .env file and it builds and runs a bit differently but still fails.

$ gpg --gen-key
gpg: can't mmap pool of 32768 bytes: EDC5128I No such device. - using malloc
gpg: Please note that you don't have secure memory on this system
gpg: WARNING: unsafe permissions on homedir '/z/jd895801/.gnupg'
token 50659681: pid   50659681, user JD895801, started Mon Aug 28 14:09:56 2023
token 17105774: pid   17105774, user JD895801, started Mon Aug 28 11:39:05 2023
token 84215048: pid   84215048, user JD895801, started Mon Aug 28 14:34:57 2023
gpg (GnuPG) 2.4.0; Copyright (C) 2021 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Note: Use "gpg --full-generate-key" for a full featured key generation dialog.

GnuPG needs to construct a user ID to identify your key.

Real name: John F. Davis
Email address: john.davis@broadcom.com
You selected this USER-ID:
    "John F. Davis <john.davis@broadcom.com>"

Change (N)ame, (E)mail, or (O)kay/(Q)uit? o
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: agent_genkey failed: No pinentry
Key generation failed: No pinentry
HarithaIBM commented 1 year ago

Hi @netskink, Hope you have cloned latest meta/gpg while building gpg locally. Am unable to reproduce this. So trying to understand further!

netskink commented 1 year ago

Hello @HarithaIBM, I have not done that. It did not occur to me. Thanks for asking!

With that said, is there a prescribed workflow which describes how to build the various ports?

HarithaIBM commented 1 year ago

It is always suggested to have latest meta while we are building any tool, along with latest clone of the tool we are building.

netskink commented 1 year ago

@HarithaIBM fwiw, is it sufficient to simply reclone meta in place? ie. 

$ cd ~/zopen/boot/meta
$ git pull

Or, should I do something else? Like, say, have a seperate meta repo that I use in my path for development purposes or even use zopen to install it?

HarithaIBM commented 1 year ago

Yes that should work..

HarithaIBM commented 1 year ago

@netskink Hi John, Since meta is updated to latest. Can you please try moving existing .gnupg dir under your $HOME to new location, run zopen remove gpg and then run zopen install gpg?

netskink commented 1 year ago

I'll try retry upon my return.

netskink commented 11 months ago

I'm revisiting this. I'm doing this to build and test.

  1. $ zopen upgrade -y meta
  2. $ zopen upgrade -y
  3. $ zopen build fails but $ zopen build -f --comp clang -v fails as well.
netskink commented 11 months ago

Build results:

Upon looking at the output, it appears the output is identical. I thought I was using a different compiler with the two approaches. Turns out I wasn't.

Build methods

$  zopen build -f -v
$  zopen build -f --comp clang -v

Truncated result

/z/xxxxx/zopen/usr/local/zopen/zoslib/zoslib-zopen.20231019_211406.zos/include/time.h:47:3: error: expected identifier
  CLOCK_MONOTONIC,
  ^
/usr/include/time.h:107:33: note: expanded from macro 'CLOCK_MONOTONIC'
      #define CLOCK_MONOTONIC   1
                                ^
In file included from stringhelp.c:54:
In file included from ./util.h:64:
In file included from ./../common/logging.h:38:
In file included from ./mischelp.h:42:
/z/xxxx/zopen/usr/local/zopen/zoslib/zoslib-zopen.20231019_211406.zos/include/time.h:50:3: error: typedef redefinition with different types ('enum clockid_t' vs 'unsigned int')
} clockid_t;
  ^
/usr/include/sys/types.h:277:35: note: previous definition is here
            typedef unsigned  int clockid_t;
                                  ^
3 errors generated.
3 errors generated.
make[3]: *** [Makefile:1307: libcommon_a-mapstrings.o] Error 1
make[3]: *** [Makefile:1335: libcommon_a-strlist.o] Error 1
stringhelp.c:1683:24: warning: passing 'char *' to parameter of type 'unsigned char *' converts between pointers to integer types where one is of the unique plain 'char' type and the other is not [-Wpointer-sign]
  trim_trailing_chars (text, strlen (text), " ");
                       ^~~~
stringhelp.c:272:28: note: passing argument to parameter 'line' here
trim_trailing_chars( byte *line, unsigned len, const char *trimchars )
                           ^
1 warning and 3 errors generated.
make[3]: *** [Makefile:1321: libcommon_a-stringhelp.o] Error 1
mv -f .deps/t-stringhelp.Tpo .deps/t-stringhelp.Po
make[3]: Leaving directory '/z/xxxx/zopen/dev/gpgport.mine/gnupg-2.4.0/common'
make[2]: *** [Makefile:966: all] Error 2
make[2]: Leaving directory '/z/xxxx/zopen/dev/gpgport.mine/gnupg-2.4.0/common'
make[1]: *** [Makefile:631: all-recursive] Error 1
make[1]: Leaving directory '/z/xxxx/zopen/dev/gpgport.mine/gnupg-2.4.0'
make: *** [Makefile:551: all] Error 2
***ERROR: Make (full) failed. Log: /z/xxxx/zopen/dev/gpgport.mine/log/20231025_133016_build.log
zopen-build completed in 397 seconds.
HarithaIBM commented 11 months ago

@netskink Hello, Sure. Let me try..

netskink commented 10 months ago

FWIW, I synced my fork and then pulled again today. The build error persists.

Also, I noticed the ~/.gnupg dir did not have u+x permissions.

HarithaIBM commented 10 months ago

FWIW, I synced my fork and then pulled again today. The build error persists.

Also, I noticed the ~/.gnupg dir did not have u+x permissions.

Hi @netskink , I am unable reproduce the above failure even with all the latest tools/libraries. Reg the ~/.gnupg , i will check if that permission is needed and then fix it. Thank you for noticing this!

HarithaIBM commented 10 months ago

FWIW, I synced my fork and then pulled again today. The build error persists. Also, I noticed the ~/.gnupg dir did not have u+x permissions.

Hi @netskink , I am unable reproduce the above failure even with all the latest tools/libraries. Reg the ~/.gnupg , i will check if that permission is needed and then fix it. Thank you for noticing this!

Yes that permission is needed!

netskink commented 8 months ago

Hello HarithaIBM,

Here is the latest workflow.

$ cd ~
$ zopen upgrade meta -y
$ zopen upgrade -y
$ zopen install gpg
$ rm -rf .gnupg
$ gpg --gen-key

The result of gen key is:

$ gpg --gen-key
gpg: can't mmap pool of 32768 bytes: EDC5128I No such device. - using malloc
gpg: Please note that you don't have secure memory on this system
gpg (GnuPG) 2.4.3; Copyright (C) 2023 g10 Code GmbH
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

gpg: directory '/z/jd895801/.gnupg' created
gpg: keybox '/z/jd895801/.gnupg/pubring.kbx' created
Note: Use "gpg --full-generate-key" for a full featured key generation dialog.

GnuPG needs to construct a user ID to identify your key.

Real name: John F. Davis
Email address: john.davis@broadcom.com
You selected this USER-ID:
    "John F. Davis <john.davis@broadcom.com>"

Change (N)ame, (E)mail, or (O)kay/(Q)uit? o
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: error running '/jenkins/zopen/usr/local/zopen/gnupg/gnupg-2.4.3/bin/gpg-agent': probably not installed
gpg: failed to start gpg-agent '/jenkins/zopen/usr/local/zopen/gnupg/gnupg-2.4.3/bin/gpg-agent': Configuration error
gpg: can't connect to the gpg-agent: Configuration error
gpg: agent_genkey failed: No agent running
Key generation failed: No agent running
JD895801@USILCA31 ~
$
netskink commented 8 months ago

Hello Haritha,

This works now. Here is what I did:

$ cd ~
$ rm -rf .gnupg
$ zopen upgrade meta -y
$ zopen upgrade -y
$ zopen  remove gpg -y
$ zopen install gpg
$ gpg --gen-key             <---- This works now.  Yay!