New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Make sure `gpg.encrypt` actually does something #182

Merged
merged 1 commit into from Dec 18, 2018

Conversation

Projects
None yet
2 participants
@alexAubin
Copy link
Member

alexAubin commented Nov 26, 2018

So, today somebody encountered this stupid issue where he could not login anymore to the webadmin.

Turns out that for some reasons moulinette uses gpg to encrypt some values in cache. The issue lies in the fact that if there's an error in /root/.gnupg/gpg.conf (such as a bad option), gpg.encrypt() will simply return an empty string...

With verbosity on (gnupg.GPG(verbose=True)), we were able to see : gpg: /root/.gnupg/gpg.conf:2: invalid. The user told me that he was using duply for backups which also relies on gpg, and that might be related.

Anyway, I propose to add an assertion to check this to be able to pinpoint the issue more easily when this happens...

@alexAubin alexAubin changed the title Make sure gpg actually does something Make sure `gpg.encrypt` actually does something Nov 26, 2018

@alexAubin alexAubin referenced this pull request Nov 27, 2018

Closed

[fix] Allow user to close ssh port (issue 1210) #556

0 of 4 tasks complete

@alexAubin alexAubin added this to the 3.4.x milestone Dec 15, 2018

@alexAubin alexAubin merged commit 1e90dd4 into stretch-unstable Dec 18, 2018

1 of 2 checks passed

continuous-integration/travis-ci/push The Travis CI build failed
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details

@alexAubin alexAubin deleted the check-gpg-actually-works branch Dec 18, 2018

@randomstuff

This comment has been minimized.

Copy link
Contributor

randomstuff commented Dec 18, 2018

Would it make sense to use itsdangerous for this kind of thing, instead?

@alexAubin

This comment has been minimized.

Copy link
Member Author

alexAubin commented Dec 18, 2018

itsdangerous ?

@alexAubin

This comment has been minimized.

Copy link
Member Author

alexAubin commented Dec 18, 2018

Uuuuh, I dunno, I guess the purpose here is to encrypt the data ? I didnt have a deep look in what is done and how it's been designed, this is just a "bugfix" to make it easier to debug next time this happens ...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment