Hello,
This issue has been addressed several times on this list, but after several hours of searching, I cannot find a solution that works for me. Here's a simple test case that I cannot get to work: $out = exec("/usr/bin/gpg --list-keys",$output,$return); This, and everything like it, except "gpg --help" returns an exit code of 2, with nothing in the output. Ultimately, I want to encrypt a message and then email it, but I reduced it to this simple case in an attempt to get it to work. Now, some other things: I can successfully do pretty much anything with gpg by running a PHP script from the command line, as the same user that Apache runs under (daemon, on my machine). I have changed the permissions on everything in daemon's .gnupg folder to 777. I have confirmed that the path to gpg is correct. I've also tried every flag that looks like it might remotely be of use. Does anybody have any ideas about something else I could try? I feel like I've pretty much ruled out user-related and permission-related problems - what are the other candidates for the source of this kind of thing? Thanks for taking the time, I appreciate it. Brent _______________________________________________ Gnupg-users mailing list [hidden email] http://lists.gnupg.org/mailman/listinfo/gnupg-users |
Brent Hagany wrote on 19.01.2008 02:39:
> Hello, > > This issue has been addressed several times on this list, but after > several hours of searching, I cannot find a solution that works for me. > Here's a simple test case that I cannot get to work: > > $out = exec("/usr/bin/gpg --list-keys",$output,$return); > > This, and everything like it, except "gpg --help" returns an exit code > of 2, with nothing in the output. > > Ultimately, I want to encrypt a message and then email it, but I reduced > it to this simple case in an attempt to get it to work. Now, some other > things: I can successfully do pretty much anything with gpg by running a > PHP script from the command line, as the same user that Apache runs > under (daemon, on my machine). I have changed the permissions on > everything in daemon's .gnupg folder to 777. I have confirmed that the > path to gpg is correct. I've also tried every flag that looks like it > might remotely be of use. Does anybody have any ideas about something > else I could try? I feel like I've pretty much ruled out user-related > and permission-related problems - what are the other candidates for the > source of this kind of thing? system PATH. As to the specific problem, try to use system() instead of exec(), however if playing with process handles don't scares you, consider proc_open(). > Thanks for taking the time, I appreciate it. > > Brent -- SATtva | security & privacy consulting www.vladmiller.info | www.pgpru.com _______________________________________________ Gnupg-users mailing list [hidden email] http://lists.gnupg.org/mailman/listinfo/gnupg-users |
Apologies for the delay, it was a busy weekend.
> You don't have to specify full path to the executable if it's in your > system PATH. I'm aware, I just thought it would head off the "make sure it's in your path" suggestions. Anyway, I tried system(); it gave the same result, so I went about playing with proc_open() like so: $message = "This is a test message"; $process = proc_open("/usr/bin/gpg", array(0 => array("pipe","r"), 1 => array("pipe","w"), 2 => array("file","errors.log","a")), $pipes); if(is_resource($process)) { fwrite($pipes[0], "--list-keys --homedir=/home/daemon"); fclose($pipes[0]); echo stream_get_contents($pipes[1]); fclose($pipes[1]); echo proc_close($process); } This still doesn't work, but at least I get a somewhat helpful error message in the log file: gpg: fatal: can't create directory `//.gnupg': Permission denied secmem usage: 0/0 bytes in 0/0 blocks of pool 0/32768 Anybody know why it's trying to write to /, and how to stop it? I tried adding the --homedir flag above, but that did not work. Also, this is my first time using proc_open(), so I'm not sure that my usage is 100% correct. Thanks much, Brent -----Original Message----- From: [hidden email] [mailto:[hidden email]] On Behalf Of Vlad "SATtva" Miller Sent: Saturday, January 19, 2008 4:29 AM To: Gnupg-users Subject: Re: Exit code 2 from PHP script Brent Hagany wrote on 19.01.2008 02:39: > Hello, > > This issue has been addressed several times on this list, but after > several hours of searching, I cannot find a solution that works for me. > Here's a simple test case that I cannot get to work: > > $out = exec("/usr/bin/gpg --list-keys",$output,$return); > > This, and everything like it, except "gpg --help" returns an exit code > of 2, with nothing in the output. > > Ultimately, I want to encrypt a message and then email it, but I reduced > it to this simple case in an attempt to get it to work. Now, some other > things: I can successfully do pretty much anything with gpg by running a > PHP script from the command line, as the same user that Apache runs > under (daemon, on my machine). I have changed the permissions on > everything in daemon's .gnupg folder to 777. I have confirmed that the > path to gpg is correct. I've also tried every flag that looks like it > might remotely be of use. Does anybody have any ideas about something > else I could try? I feel like I've pretty much ruled out user-related > and permission-related problems - what are the other candidates for the > source of this kind of thing? You don't have to specify full path to the executable if it's in your system PATH. As to the specific problem, try to use system() instead of exec(), however if playing with process handles don't scares you, consider proc_open(). > Thanks for taking the time, I appreciate it. > > Brent -- SATtva | security & privacy consulting www.vladmiller.info | www.pgpru.com _______________________________________________ Gnupg-users mailing list [hidden email] http://lists.gnupg.org/mailman/listinfo/gnupg-users |
I have found and corrected the problem: it should be
"--homedir=/home/daemon/.gnupg". Also, for some reason, setting GNUPGHOME directly does not work. Getting a useful error message was a great help. Thanks again, Vlad. -----Original Message----- From: gnupg-users-bounces+bhagany=[hidden email] [mailto:gnupg-users-bounces+bhagany=[hidden email]] On Behalf Of Brent Hagany Sent: Monday, January 21, 2008 10:02 AM To: Gnupg-users Subject: RE: Exit code 2 from PHP script Apologies for the delay, it was a busy weekend. > You don't have to specify full path to the executable if it's in your > system PATH. I'm aware, I just thought it would head off the "make sure it's in your path" suggestions. Anyway, I tried system(); it gave the same result, so I went about playing with proc_open() like so: $message = "This is a test message"; $process = proc_open("/usr/bin/gpg", array(0 => array("pipe","r"), 1 => array("pipe","w"), 2 => array("file","errors.log","a")), $pipes); if(is_resource($process)) { fwrite($pipes[0], "--list-keys --homedir=/home/daemon"); fclose($pipes[0]); echo stream_get_contents($pipes[1]); fclose($pipes[1]); echo proc_close($process); } This still doesn't work, but at least I get a somewhat helpful error message in the log file: gpg: fatal: can't create directory `//.gnupg': Permission denied secmem usage: 0/0 bytes in 0/0 blocks of pool 0/32768 Anybody know why it's trying to write to /, and how to stop it? I tried adding the --homedir flag above, but that did not work. Also, this is my first time using proc_open(), so I'm not sure that my usage is 100% correct. Thanks much, Brent -----Original Message----- From: [hidden email] [mailto:[hidden email]] On Behalf Of Vlad "SATtva" Miller Sent: Saturday, January 19, 2008 4:29 AM To: Gnupg-users Subject: Re: Exit code 2 from PHP script Brent Hagany wrote on 19.01.2008 02:39: > Hello, > > This issue has been addressed several times on this list, but after > several hours of searching, I cannot find a solution that works for me. > Here's a simple test case that I cannot get to work: > > $out = exec("/usr/bin/gpg --list-keys",$output,$return); > > This, and everything like it, except "gpg --help" returns an exit code > of 2, with nothing in the output. > > Ultimately, I want to encrypt a message and then email it, but I reduced > it to this simple case in an attempt to get it to work. Now, some other > things: I can successfully do pretty much anything with gpg by running a > PHP script from the command line, as the same user that Apache runs > under (daemon, on my machine). I have changed the permissions on > everything in daemon's .gnupg folder to 777. I have confirmed that the > path to gpg is correct. I've also tried every flag that looks like it > might remotely be of use. Does anybody have any ideas about something > else I could try? I feel like I've pretty much ruled out user-related > and permission-related problems - what are the other candidates for the > source of this kind of thing? You don't have to specify full path to the executable if it's in your system PATH. As to the specific problem, try to use system() instead of exec(), however if playing with process handles don't scares you, consider proc_open(). > Thanks for taking the time, I appreciate it. > > Brent -- SATtva | security & privacy consulting www.vladmiller.info | www.pgpru.com _______________________________________________ Gnupg-users mailing list [hidden email] http://lists.gnupg.org/mailman/listinfo/gnupg-users _______________________________________________ Gnupg-users mailing list [hidden email] http://lists.gnupg.org/mailman/listinfo/gnupg-users |
Brent Hagany wrote on 22.01.2008 01:10:
> I have found and corrected the problem: it should be > "--homedir=/home/daemon/.gnupg". Also, for some reason, setting > GNUPGHOME directly does not work. > > Getting a useful error message was a great help. Thanks again, Vlad. Glad to help you. I'm using similar scheme in a couple of web applications, and was unaware that not specifying a --homedir could lead to such problems. > -----Original Message----- > From: gnupg-users-bounces+bhagany=[hidden email] > [mailto:gnupg-users-bounces+bhagany=[hidden email]] On Behalf Of > Brent Hagany > Sent: Monday, January 21, 2008 10:02 AM > To: Gnupg-users > Subject: RE: Exit code 2 from PHP script > > Apologies for the delay, it was a busy weekend. > >> You don't have to specify full path to the executable if it's in your >> system PATH. > > I'm aware, I just thought it would head off the "make sure it's in your > path" suggestions. > > Anyway, I tried system(); it gave the same result, so I went about > playing with proc_open() like so: > > $message = "This is a test message"; > $process = proc_open("/usr/bin/gpg", > array(0 => array("pipe","r"), > 1 => array("pipe","w"), > 2 => array("file","errors.log","a")), > $pipes); > > if(is_resource($process)) { > fwrite($pipes[0], "--list-keys --homedir=/home/daemon"); > fclose($pipes[0]); > > echo stream_get_contents($pipes[1]); > fclose($pipes[1]); > > echo proc_close($process); > } > > This still doesn't work, but at least I get a somewhat helpful error > message in the log file: > > gpg: fatal: can't create directory `//.gnupg': Permission denied > secmem usage: 0/0 bytes in 0/0 blocks of pool 0/32768 -- SATtva | security & privacy consulting www.vladmiller.info | www.pgpru.com _______________________________________________ Gnupg-users mailing list [hidden email] http://lists.gnupg.org/mailman/listinfo/gnupg-users |
Free forum by Nabble | Edit this page |