← Back to team overview

touch-packages team mailing list archive

[Bug 1342807] Re: gpg --verify has race conditions when used concurrently

 

** Attachment added: "script that shows the issue"
   https://bugs.launchpad.net/ubuntu/+source/gnupg/+bug/1342807/+attachment/4154140/+files/race-verify

** Description changed:

  There is a race condition with gnupg --verify when multiple processes
  act at the same time.
  strace helps cause the race condition (probably by slowing thing down)
  gpgv does not seem to have the issue.
+ 
+ The result is you will see transient verify failures with output like:
+ 
+ gpg: Signature made Fri 10 Jan 2014 05:41:43 PM UTC using DSA key ID 437D05B5
+ gpg: 12: read expected rec type 10, got 0
+ gpg: lookup_hashtable failed: trust database error
+ gpg: trustdb: searching trust record failed: trust database error
+ gpg: Error: The trustdb is corrupted.
+ gpg: You may try to re-create the trustdb using the commands:
+ gpg:   cd ~/.gnupg
+ gpg:   gpg2 --export-ownertrust > otrust.tmp
+ gpg:   rm trustdb.gpg
+ gpg:   gpg2 --import-ownertrust < otrust.tmp
+ gpg: If that does not work, please consult the manual
  
  See the attached 'verify-race' to show the issue.
  
  ProblemType: Bug
  DistroRelease: Ubuntu 14.10
  Package: gnupg 1.4.16-1.2ubuntu1
  ProcVersionSignature: User Name 3.16.0-3.8-generic 3.16.0-rc4
  Uname: Linux 3.16.0-3-generic x86_64
  ApportVersion: 2.14.4-0ubuntu2
  Architecture: amd64
  Date: Wed Jul 16 16:09:42 2014
  Ec2AMI: ami-0000002c
  Ec2AMIManifest: FIXME
  Ec2AvailabilityZone: nova
  Ec2InstanceType: m1.small
  Ec2Kernel: aki-00000002
  Ec2Ramdisk: ari-00000002
  ProcEnviron:
-  TERM=xterm
-  PATH=(custom, no user)
-  XDG_RUNTIME_DIR=<set>
-  LANG=en_US.UTF-8
-  SHELL=/bin/bash
+  TERM=xterm
+  PATH=(custom, no user)
+  XDG_RUNTIME_DIR=<set>
+  LANG=en_US.UTF-8
+  SHELL=/bin/bash
  SourcePackage: gnupg
  UpgradeStatus: No upgrade log present (probably fresh install)

** Description changed:

  There is a race condition with gnupg --verify when multiple processes
  act at the same time.
  strace helps cause the race condition (probably by slowing thing down)
  gpgv does not seem to have the issue.
  
- The result is you will see transient verify failures with output like:
+ The result is you will see transient verify failures with output like below.
+ using '--lock-once' seems to improve the problem, but not to entirely fix it.
  
  gpg: Signature made Fri 10 Jan 2014 05:41:43 PM UTC using DSA key ID 437D05B5
  gpg: 12: read expected rec type 10, got 0
  gpg: lookup_hashtable failed: trust database error
  gpg: trustdb: searching trust record failed: trust database error
  gpg: Error: The trustdb is corrupted.
  gpg: You may try to re-create the trustdb using the commands:
  gpg:   cd ~/.gnupg
  gpg:   gpg2 --export-ownertrust > otrust.tmp
  gpg:   rm trustdb.gpg
  gpg:   gpg2 --import-ownertrust < otrust.tmp
  gpg: If that does not work, please consult the manual
  
  See the attached 'verify-race' to show the issue.
  
  ProblemType: Bug
  DistroRelease: Ubuntu 14.10
  Package: gnupg 1.4.16-1.2ubuntu1
  ProcVersionSignature: User Name 3.16.0-3.8-generic 3.16.0-rc4
  Uname: Linux 3.16.0-3-generic x86_64
  ApportVersion: 2.14.4-0ubuntu2
  Architecture: amd64
  Date: Wed Jul 16 16:09:42 2014
  Ec2AMI: ami-0000002c
  Ec2AMIManifest: FIXME
  Ec2AvailabilityZone: nova
  Ec2InstanceType: m1.small
  Ec2Kernel: aki-00000002
  Ec2Ramdisk: ari-00000002
  ProcEnviron:
   TERM=xterm
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=<set>
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  SourcePackage: gnupg
  UpgradeStatus: No upgrade log present (probably fresh install)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gnupg in Ubuntu.
https://bugs.launchpad.net/bugs/1342807

Title:
  gpg --verify has race conditions when used concurrently

Status in “gnupg” package in Ubuntu:
  New

Bug description:
  There is a race condition with gnupg --verify when multiple processes
  act at the same time.
  strace helps cause the race condition (probably by slowing thing down)
  gpgv does not seem to have the issue.

  The result is you will see transient verify failures with output like below.
  using '--lock-once' seems to improve the problem, but not to entirely fix it.

  gpg: Signature made Fri 10 Jan 2014 05:41:43 PM UTC using DSA key ID 437D05B5
  gpg: 12: read expected rec type 10, got 0
  gpg: lookup_hashtable failed: trust database error
  gpg: trustdb: searching trust record failed: trust database error
  gpg: Error: The trustdb is corrupted.
  gpg: You may try to re-create the trustdb using the commands:
  gpg:   cd ~/.gnupg
  gpg:   gpg2 --export-ownertrust > otrust.tmp
  gpg:   rm trustdb.gpg
  gpg:   gpg2 --import-ownertrust < otrust.tmp
  gpg: If that does not work, please consult the manual

  See the attached 'verify-race' to show the issue.

  ProblemType: Bug
  DistroRelease: Ubuntu 14.10
  Package: gnupg 1.4.16-1.2ubuntu1
  ProcVersionSignature: User Name 3.16.0-3.8-generic 3.16.0-rc4
  Uname: Linux 3.16.0-3-generic x86_64
  ApportVersion: 2.14.4-0ubuntu2
  Architecture: amd64
  Date: Wed Jul 16 16:09:42 2014
  Ec2AMI: ami-0000002c
  Ec2AMIManifest: FIXME
  Ec2AvailabilityZone: nova
  Ec2InstanceType: m1.small
  Ec2Kernel: aki-00000002
  Ec2Ramdisk: ari-00000002
  ProcEnviron:
   TERM=xterm
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=<set>
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  SourcePackage: gnupg
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnupg/+bug/1342807/+subscriptions


References