Re : Re : Re : Stalled when gpg is updating the thrusted database

["Jean-Luc Coulon (f5ibh)" <jean-luc coulon wanadoo fr>]

Le 26.02.2004 20:37, Albrecht Dreß a écrit :
> Am 26.02.04 13:52 schrieb(en) Jean-Luc Coulon (f5ibh):
>> If the trussted database is triggered "outside" balsa, I get the  
>> message "GnuPG is rebuilding the trust database and is currently  
>> unavailable." and everything goes fine.
> 
> That's the only thing I could check here, by manually creating the  
> lock file...
> 
>> If it is balsa itself that triggers the event, it is unavailable for  
>> "some" (quite long) time and then I've the previous message until  
>> gpg work is done.
> 
> Unfortunately I can only guess what's happening here... can you  
> explain a little more what "when balsa triggers the event" means  
> (just start balsa, verify a signature, if so, was the key in the key  
> ring, was the message verified after balsa came back to life, ...)?

It is just when I receive a signed message and I try to open it. I  
click on the message an nothing happens. If I check with top, I can see  
gpg running and eating lot of cpu. At this moment, if I switch to an  
other desktop and back to this one, the whole balsa screen is white  
with some grey borders, no text and no icons anymore. If I start gpa,  
there is an information popup telling me that gnupg is updating the  
trust database. Balsa gives me back the control before the end of this  
update.

> 
> When the update is triggered by a crypto operation (like verify,  
> sign, etc.) balsa should hang until the update is complete. Maybe  
> just launching gpg for whatever operation (e.g. the check upon  
> startup if it's present) is already a sufficient trigger.
> 
> Of course I am interested in a clean solution for this problem, but  
> for the time being, it might be helpful for you to disable the  
> automatic update in the ~/.gnupg/gpg.conf (or old style ~/.gnupg/ 
> options) file using "no-auto-check-trustdb". "man gpg" says about  
> this:
>

Okay, I will do that. If you need more help, tell me but it is not  
obvious: I cannot left a stace running for hours  ;-)

> : If  GnuPG  feels  that its information about the Web-of-Trust
> : has to be updated, it automatically runs the  --check-trustdb
> : command  internally.   This  may be a time consuming process.
> : --no-auto-check-trustdb disables this option.
> 
> You could then add a cron job which calls "gpg --check-trustdb -- 
> batch", e.g. in cron.daily, or (maybe better) add it to the X11 login  
> script (I remember that on SuSE systems there is an entry to launch  
> ssh-agent). Again quoting the man page:
> 
> : Do trust database maintenance without user interaction.  From
> : time  to  time  the  trust  database  must be updated so that
> : expired keys or signatures and the resulting changes  in  the
> : Web-of-Trust  can be tracked.  Normally, GnuPG will calculate
> : when this is required and do it  automatically  unless  --no-
> : auto-check-trustdb is set.  This command can be used to force
> : a trust database check at any time.  The processing is  iden-
> : tical  to  that  of --update-trustdb but it skips keys with a
> : not yet defined "ownertrust".
> :
> : For use with cron jobs, this command  can  be  used  together
> : with  --batch  in which case the trust database check is done
> : only if a check is needed.  To force a run even in batch mode
> : add the option --yes.

Thank you for all the informations.

> 
> Cheers,
> 
> 	Albrecht.
>

--
Regards
			- Jean-Luc

PGP signature