Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ubuntu 18.04 gpg dirmngr IPC connect call failed #3286

Closed
sirredbeard opened this issue Jun 9, 2018 · 64 comments
Closed

Ubuntu 18.04 gpg dirmngr IPC connect call failed #3286

sirredbeard opened this issue Jun 9, 2018 · 64 comments
Assignees
Labels

Comments

@sirredbeard
Copy link
Contributor

@sirredbeard sirredbeard commented Jun 9, 2018

  • Your Windows build number: 10.0.17134.81

  • What you're doing and what's happening:

Building MonoDevelop for Windows looks like a real hassle and there are no binaries available.

I decided to give MonoDevelop for Ubuntu binaries a try on WSL.

I installed a clean Ubuntu 18.04 from the Microsoft Store.

To get it all caught up I executed:

sudo apt-mark hold ebtables # for the current upgrade bug
sudo apt-get update
sudo apt-get upgrade -y

and then I picked up with the MonoDevelop IDE instructions:

sudo apt install apt-transport-https dirmngr
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF

Then I run into an issue.

I receive the following error message:

$ sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF
[sudo] password for hayden:
Executing: /tmp/apt-key-gpghome.BG01sRSmD5/gpg.1.sh --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF
gpg: connecting dirmngr at '/tmp/apt-key-gpghome.BG01sRSmD5/S.dirmngr' failed: IPC connect call failed
gpg: keyserver receive failed: No dirmngr
  • What's wrong / what should be happening instead:

gpg isn't able to call dirmngr

What I have attempted:

  1. Running dirmngr in another bash instance
  2. Making sure gpg-agent is running in the background
  3. This. https://stackoverflow.com/questions/49496667/gpg-key-generation-canceled and https://stackoverflow.com/questions/46673717/gpg-cant-connect-to-the-agent-ipc-connect-call-failed

Note: I have also tried building MonoDevelop from source on Ubuntu in WSL, but ran into this issue.

@sirredbeard sirredbeard changed the title Error installing GPG keys in Ubuntu on WSL Error importing key to apt keyserver in Ubuntu 18.04 on WSL Jun 9, 2018
@ghost
Copy link

@ghost ghost commented Jun 9, 2018

It's Bugging Since The First Bionics in wsl. But the temporary to pass this problems is using apt-key add instead adv options through wget or curl :
curl -sL "http://keyserver.ubuntu.com/pks/lookup?op=get&search=0xA6A19B38D3D831EF" | sudo apt-key add

@sirredbeard
Copy link
Contributor Author

@sirredbeard sirredbeard commented Jun 9, 2018

Thanks. I did get it installed via your workaround. Sadly MonoDevelop will not run though.

@sirredbeard sirredbeard closed this Jun 9, 2018
@therealkenc
Copy link
Collaborator

@therealkenc therealkenc commented Jun 12, 2018

I hate to look a 'closed' gift horse in the mouth, but this one merits some further attention because it will keep coming up until we have a work-around on the books for the dirmngr fail proper. The problem is unrelated to Mono or MonoDevelop, natch. MariaDB (key 0xF1656F24C74CD1D8) fails the same, as will every apt-key howto anyone has ever posted on the Interwebs.

The problem is that dirmngr (sudo apt install dirnmgr) isn't running (or isn't autolaunched?) and thus there is nothing on the other end for apt-key via gpg to talk to. After around half an hour of investigation, like @sirredbeard, I wasn't able to make dirmngr at home on WSL manually. Maybe someone else will have better luck or suggestions.

@therealkenc therealkenc changed the title Error importing key to apt keyserver in Ubuntu 18.04 on WSL Ubuntu 18.04 gpg dirmngr IPC connect call failed Jun 12, 2018
@therealkenc therealkenc reopened this Jun 12, 2018
@sirredbeard
Copy link
Contributor Author

@sirredbeard sirredbeard commented Jun 12, 2018

I support re-opening for the wider issue with dirmgr.

I think I was able to import the key by curling it in and piping it to apt-key.

Is this only on Ubuntu and only 18.04? If so, should we file a bug report upstream with Canonical?

@therealkenc
Copy link
Collaborator

@therealkenc therealkenc commented Jun 12, 2018

I think I was able to import the key by curling it in and piping it to apt-key.

Yes that's effectively the work-around until the base cause and a solution to the root problem is articulated.

Is this only on Ubuntu and only 18.04?

That is part of what merits investigation. It wasn't a problem on 16.04 (but you already knew that). Whether it wasn't a problem in 16.04 because (a) an operable dirmngr wasn't previously a requirement or (b) dirmng was working fine and nobody thought anything of it or (c) something changed with gpg or apt-key or dirmngr or something in between that now causes the sequence to fail, I can't tell you. Or at least, not with any authority after looking at it for a short bit.

@ghost
Copy link

@ghost ghost commented Jun 12, 2018

but sometimes in metapackages with ubuntu-desktop when i was want to install Crystal Language by importing their gpg and it's works through the adv options

@WSLUser
Copy link

@WSLUser WSLUser commented Jun 13, 2018

I'd like to report that any debian based distro (possibly any distro) utilizing an updated dirmngr before 18.04 was officially released as LTS was recieving this error. The issue was resolved just in time for 18.04 release. So this may be a regression or something Ubuntu did to screw with it.

When I had experienced this error utilizing Debian Buster, I simply reinstalled Debian from the Store after 18.04 was released and the updated package containing the fix was imported when upgrading from Stretch to Buster. As of yesterday evening, I have yet to see this issue re-occur.

The work-around mentioned above failed at the time and did prevent any package (including stock) from successfully upgrading. Even apt update failed.

I would recommend others test a different distro other than Ubuntu 18.04 that uses the same version of dirmngr (or upgrade to it if not part of the base) and see if it still has an issue.

For completeness, I'm running build 17134 with the latest patch.

@sirredbeard
Copy link
Contributor Author

@sirredbeard sirredbeard commented Jun 15, 2018

@Alternate-Egoist

I wanted to do the same but could not duplicate your success.

capture32432

@filjoseph1989
Copy link

@filjoseph1989 filjoseph1989 commented Jun 16, 2018

I tried following the guide here https://downloads.mariadb.org/mariadb/repositories/#mirror=utm&distro=Ubuntu&distro_release=bionic--ubuntu_bionic&version=10.3

while running this, sudo apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8, i got
gpg: connecting dirmngr at '/tmp/apt-key-gpghome.cROhJELJ0N/S.dirmngr' failed: IPC connect call failed message too

@therealkenc
Copy link
Collaborator

@therealkenc therealkenc commented Jun 16, 2018

I tried following the guide here ... apt-key etc etc etc ..../mariadb/.... etc etc etc ... 0xF1656F24C74CD1D8 .... I got .... etc etc .... IPC connect call failed

Well, yes. Because Quoth:

The problem is unrelated to Mono or MonoDevelop, natch. MariaDB (key 0xF1656F24C74CD1D8) fails the same, as will every apt-key howto anyone has ever posted on the Interwebs.

@jibin2706
Copy link

@jibin2706 jibin2706 commented Jun 28, 2018

same error while installing mongodb

@sav-valerio
Copy link

@sav-valerio sav-valerio commented Jul 1, 2018

Same problem here with MariaDB, if you really need the repository you could "avoid" authenticating the repository key using sudo apt-get --allow-insecure-repositories update, after add-apt-repository.

Still it is not a proper solution, not to mention the potential security issues that could arise.

@foxliu
Copy link

@foxliu foxliu commented Jul 5, 2018

Can try this:

  1. use sudo apt update then will get something like The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 5523BAEEB01FA116
  2. Got the pubkey 5523BAEEB01FA116
  3. Use curl -sL "http://keyserver.ubuntu.com/pks/lookup?op=get&search=0x5523BAEEB01FA116" | sudo apt-key add Replace 0x5523BAEEB01FA116 with 0x<your pubkey in 2step>
  4. complete, you can run sudo apt udpate no error
@sav-valerio
Copy link

@sav-valerio sav-valerio commented Jul 5, 2018

@foxliu solution seems to work just fine.
But still I wasn't able to download the public key using curl, so I copied manually the key from the Ubuntu Keyserver link,to a new file in WSL, then loaded it with sudo apt-key add.

For future reference, this is the MariaDB Package Signing Key:
http://keyserver.ubuntu.com/pks/lookup?op=get&search=0xF1656F24C74CD1D8

@amehrshad
Copy link

@amehrshad amehrshad commented Jul 9, 2018

i have the same error while installing mongodb

@luisarriojas
Copy link

@luisarriojas luisarriojas commented Jul 9, 2018

Hi. I am trying to install mongodb on Ubuntu 18.04 for Windows and got the same error:
$ sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 9DA31620334BD75D9DCB49F368818C72E52529D4

Executing: /tmp/apt-key-gpghome.oRreNqzIoe/gpg.1.sh --keyserver hkp://keyserver.ubuntu.com:80 --recv 9DA31620334BD75D9DCB49F368818C72E52529D4

gpg: connecting dirmngr at '/tmp/apt-key-gpghome.oRreNqzIoe/S.dirmngr' failed: IPC connect call failed

gpg: keyserver receive failed: No dirmngr

I have installed mongodb many times in different Linux distros and this is the first time I see this error.

@luisarriojas
Copy link

@luisarriojas luisarriojas commented Jul 9, 2018

For future reference, manual solution is this:
$ curl -sL "https://www.mongodb.org/static/pgp/server-4.0.asc?_ga=2.264892495.1953852568.1531143056-750073170.1531143056" | sudo apt-key add

@benhillis
Copy link
Member

@benhillis benhillis commented Jul 9, 2018

I took a look at this today and have determined that this is a timing-related issue that is exposed because of a difference in how Windows and Linux handles connection attempts to localhost sockets. On Linux an attempt to connect to a localhost tcp socket on a port that is not active will return a failure immediately. On Windows there appears to be a 1 second timeout. This causes the following sequence to occur.

  1. gpg spawns dirmngr
  2. dirmngr attempt to connect to localhost port 9050 (this is attempted twice).
  3. gpg attempts to connect to a unix socket that dirmngr creates after the localhost socket connection fails.

This one second timeout in step 2 is enough to cause gpg to think that dirmngr is not responding. There appears to be a retry loop in gpg, but it is not waiting long enough to account for the 1 second connect timeout (the connect is actually attempted twice).

I've reached out to some Windows networking experts to determine if there is a way that this timeout can be avoided.

@benhillis benhillis self-assigned this Jul 9, 2018
@therealkenc
Copy link
Collaborator

@therealkenc therealkenc commented Jul 9, 2018

That's awesome Ben. Thank-you for digging; by total chance I was going to dive this one myself this evening. Motivation being, this is blocking LXC, which uses gpg to fetch keys for the images in the same manner as apt-key 😉.

Being ahead of me, if you've got a suggestion for a temporary work-around in the gpg or dirmngr source to make them collectively happy (avoid the timeout) that would be helpful. Even if not, at least I know where to look now, which is very appreciated. If this is going to be a long lead time thing (won't make fall release) maybe I can push a PPA to launchpad.

@benhillis
Copy link
Member

@benhillis benhillis commented Jul 10, 2018

I haven't looked through the gpg source but it seems to be after it has launched dirmngr and is trying to connect to a unix socket it expects dirmngr to create. There is a retry loop that goes for about 20 iterations.

@benhillis
Copy link
Member

@benhillis benhillis commented Jul 10, 2018

I took another look this morning and found the bug in gpg. Their retry loop waiting for dirmngr to come up is passing an invalid argument to the nanosleep system call. From the nanosleep man page:

The value of the nanoseconds field must be in the range 0 to 999999999.

The retry loop starts with a relatively small sleep and doubles the duration, eventually capping out at one second. However they pass 1 second as 1000000000 nanoseconds, which returns EINVAL immediately.

This was actually already fixed by this commit (but it appears 18.04 is using an older version): gpg/gnupg@0cfdd3b#diff-01af2aa0c9e9ef29097d81dfcf608938

@benhillis benhillis added the external label Jul 10, 2018
@lukerogers
Copy link

@lukerogers lukerogers commented Feb 12, 2019

@xsqian I had the same problem with Azure CLI, so I stole the command from the SQL Server Linux install (https://docs.microsoft.com/en-us/sql/linux/sql-server-linux-setup-tools?view=sql-server-2017) and got it to work:

curl https://packages.microsoft.com/keys/microsoft.asc | sudo apt-key add -

@xsqian
Copy link

@xsqian xsqian commented Feb 12, 2019

@lukerogers Yes, thank you so much for sharing the solution, love it!

@Coolguy3289
Copy link

@Coolguy3289 Coolguy3289 commented May 23, 2019

@therealkenc This is still an issue. Following any instructions that instruct you to run apt-key adv still fail for the same error. Got the error following instructions from https://docs.pritunl.com/docs/ssh-client under the Ubuntu Bionic section.

@therealkenc
Copy link
Collaborator

@therealkenc therealkenc commented May 24, 2019

this

No, this was resolved in 17723.

image

@filjoseph1989
Copy link

@filjoseph1989 filjoseph1989 commented Jul 11, 2019

curl -sL "http://keyserver.ubuntu.com/pks/lookup?op=get&search=0xA6A19B38D3D831EF" | sudo apt-key add

I tried following this https://downloads.mariadb.org/mariadb/repositories/#mirror=rise&distro=Ubuntu&distro_release=bionic--ubuntu_bionic&version=10.4 and I have similar problem.

Solution:

replace this 0xA6A19B38D3D831EF with key found on mariadb page. in my case 0xF1656F24C74CD1D8

So

From:
curl -sL "http://keyserver.ubuntu.com/pks/lookup?op=get&search=0xA6A19B38D3D831EF" | sudo apt-key add

To:
curl -sL "http://keyserver.ubuntu.com/pks/lookup?op=get&search=0xF1656F24C74CD1D8" | sudo apt-key add

@tsilefy
Copy link

@tsilefy tsilefy commented Aug 3, 2019

For those still with the same problem (I had it with MySQL 8 on a fresh Ubuntu 18.04), this solved my problem. In this case, it's Spotify but it works with any other repository.

$ wget -q "https://keyserver.ubuntu.com/pks/lookup?op=get&search=0xA87FF9DF48BF1C90" -O- | gpg --dearmor > spotify-A87FF9DF48BF1C90.gpg $ sudo mv spotify-A87FF9DF48BF1C90.gpg /etc/apt/trusted.gpg.d/

1- download the key
2- pass it to gpg to turn the ASCII into binary (unwrapping)
3- move the new file to apt's keyring.

After that, I was able to do apt update and to install.

eed3si9n added a commit to eed3si9n/website that referenced this issue Sep 22, 2019
Fixes sbt/sbt#4261
Fixes sbt#799

Ideally

```
sudo apt-key adv --keyserver hkps://keyserver.ubuntu.com:443 --recv 2EE0EA64E40A89B84B2DF73499E82A75642AC823
```

should just work. but Ubuntu Bionic (18.04) uses gpg 2.2.4 that does not contain the fix mentioned in microsoft/WSL#3286, and thus end up with

```
gpg: connecting dirmngr at '/tmp/apt-key-gpghome.BG01sRSmD5/S.dirmngr' failed: IPC connect call failed
gpg: keyserver receive failed: No dirmngr
```
@ip11
Copy link

@ip11 ip11 commented Nov 8, 2019

Follow the https://docs.mongodb.com/manual/tutorial/install-mongodb-on-ubuntu/

sudo service mongod start (Will not work with WSL)

Step1 : sudo mkdir -p /data/db

Step2 : sudo mongod --dbpath /data/db

This will start the mongod server in WSL without any additional procedures

Step3 : mongo 👍

dongjoon-hyun added a commit to apache/spark that referenced this issue Nov 19, 2019
### What changes were proposed in this pull request?

Linter (R) github workflows failed sometimes like:

https://github.com/apache/spark/pull/26509/checks?check_run_id=310718016

Failed message:
```
Executing: /tmp/apt-key-gpghome.8r74rQNEjj/gpg.1.sh --keyserver keyserver.ubuntu.com --recv-keys E298A3A825C0D65DFD57CBB651716619E084DAB9
gpg: connecting dirmngr at '/tmp/apt-key-gpghome.8r74rQNEjj/S.dirmngr' failed: IPC connect call failed
gpg: keyserver receive failed: No dirmngr
##[error]Process completed with exit code 2.
```

It is due to a buggy GnuPG. Context:
sbt/website#825
sbt/sbt#4261
microsoft/WSL#3286

### Why are the changes needed?

Make lint-r github workflows work.

### Does this PR introduce any user-facing change?

No

### How was this patch tested?

Pass github workflows.

Closes #26602 from viirya/SPARK-29964.

Authored-by: Liang-Chi Hsieh <viirya@gmail.com>
Signed-off-by: Dongjoon Hyun <dhyun@apple.com>
dongjoon-hyun added a commit to apache/spark that referenced this issue Nov 19, 2019
### What changes were proposed in this pull request?

Linter (R) github workflows failed sometimes like:

https://github.com/apache/spark/pull/26509/checks?check_run_id=310718016

Failed message:
```
Executing: /tmp/apt-key-gpghome.8r74rQNEjj/gpg.1.sh --keyserver keyserver.ubuntu.com --recv-keys E298A3A825C0D65DFD57CBB651716619E084DAB9
gpg: connecting dirmngr at '/tmp/apt-key-gpghome.8r74rQNEjj/S.dirmngr' failed: IPC connect call failed
gpg: keyserver receive failed: No dirmngr
##[error]Process completed with exit code 2.
```

It is due to a buggy GnuPG. Context:
sbt/website#825
sbt/sbt#4261
microsoft/WSL#3286

### Why are the changes needed?

Make lint-r github workflows work.

### Does this PR introduce any user-facing change?

No

### How was this patch tested?

Pass github workflows.

Closes #26602 from viirya/SPARK-29964.

Authored-by: Liang-Chi Hsieh <viirya@gmail.com>
Signed-off-by: Dongjoon Hyun <dhyun@apple.com>
(cherry picked from commit e753aa3)
Signed-off-by: Dongjoon Hyun <dhyun@apple.com>
yingshikong186 pushed a commit to yingshikong186/spark that referenced this issue Apr 14, 2020
### What changes were proposed in this pull request?

Linter (R) github workflows failed sometimes like:

https://github.com/apache/spark/pull/26509/checks?check_run_id=310718016

Failed message:
```
Executing: /tmp/apt-key-gpghome.8r74rQNEjj/gpg.1.sh --keyserver keyserver.ubuntu.com --recv-keys E298A3A825C0D65DFD57CBB651716619E084DAB9
gpg: connecting dirmngr at '/tmp/apt-key-gpghome.8r74rQNEjj/S.dirmngr' failed: IPC connect call failed
gpg: keyserver receive failed: No dirmngr
##[error]Process completed with exit code 2.
```

It is due to a buggy GnuPG. Context:
sbt/website#825
sbt/sbt#4261
microsoft/WSL#3286

### Why are the changes needed?

Make lint-r github workflows work.

### Does this PR introduce any user-facing change?

No

### How was this patch tested?

Pass github workflows.

Closes apache#26602 from viirya/SPARK-29964.

Authored-by: Liang-Chi Hsieh <viirya@gmail.com>
Signed-off-by: Dongjoon Hyun <dhyun@apple.com>
@veloscillator
Copy link

@veloscillator veloscillator commented Apr 25, 2020

This issue still exists in 20.04. The original workaround (calling apt-key add - manually) no longer works. @tsilefy's workaround above does work. Is there any change of getting this resolved for good?

@onomatopellan
Copy link

@onomatopellan onomatopellan commented Apr 26, 2020

@veloscillator which Windows build? in Ubuntu 20.04 libc6 is broken in WSL1 and shows a very similar error message. You can try #5125 (comment) as workaraound.

@aikoofujimotoo
Copy link

@aikoofujimotoo aikoofujimotoo commented Apr 26, 2020

image

Both didn't work though.

@veloscillator
Copy link

@veloscillator veloscillator commented Apr 27, 2020

@veloscillator which Windows build? in Ubuntu 20.04 libc6 is broken in WSL1 and shows a very similar error message. You can try #5125 (comment) as workaraound.

This resolved my issue, thank you (I'm on 2004 19041.208).

@MaxPowerWasTaken
Copy link

@MaxPowerWasTaken MaxPowerWasTaken commented May 5, 2020

[Deleted my former question on getting this error in WSL1/Ubuntu20.04 as I realized it seems to be answered in https://github.com//issues/5125 and https://discourse.ubuntu.com/t/ubuntu-20-04-and-wsl-1/15291]

@fluffynuts
Copy link

@fluffynuts fluffynuts commented Jun 9, 2020

I can't even use apt-key add because it also bombs out. So here's a super-manual way to get this done:

curl https://download.mono-project.com/repo/xamarin.gpg | gpg --dearmor > /etc/apt/trusted.gpg.d/mono.gpg

Putting this here in case I'm not the only person for whom this is a mission :/

@neozeed
Copy link

@neozeed neozeed commented Jul 24, 2020

I have a Pi4 running Linux version 4.4.0-19041-Microsoft

root@DESKTOP-BBF5IEP:~# curl -sL "http://keyserver.ubuntu.com/pks/lookup?op=get&search=0x5523BAEEB01FA116" | sudo apt-key add
Illegal instruction (core dumped)

I can't even apt-get update on either Ubuntu 18 or 20. At best the dirmngr crashes or trying to add keys results in an Illegal instruction. Is there anything about running on Cortex-A72's? This is feeling like PowerPC all over again...

@cesarau04
Copy link

@cesarau04 cesarau04 commented Aug 13, 2020

For those still with the same problem (I had it with MySQL 8 on a fresh Ubuntu 18.04), this solved my problem. In this case, it's Spotify but it works with any other repository.

$ wget -q "https://keyserver.ubuntu.com/pks/lookup?op=get&search=0xA87FF9DF48BF1C90" -O- | gpg --dearmor > spotify-A87FF9DF48BF1C90.gpg $ sudo mv spotify-A87FF9DF48BF1C90.gpg /etc/apt/trusted.gpg.d/

1- download the key
2- pass it to gpg to turn the ASCII into binary (unwrapping)
3- move the new file to apt's keyring.

After that, I was able to do apt update and to install.

This worked for me in the lastest WSL ty

@brunoschmidt
Copy link

@brunoschmidt brunoschmidt commented Sep 4, 2020

Just for reference.
The bug affecting dirmngr is with WSL support for nanosleep.
There is a workaround available here:
#4898 (comment)

It works for me.

@microsoft microsoft locked and limited conversation to collaborators Sep 9, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet