in reply to GnuPG tie to gpg binary gives broken pipe error in CGI output

Hi Matt,

You probably have thought of this, but did you check that the gpg binary is accessible and executable (permission wise) to the webserver CGI user? Usually, when something works on the command line, but doesn't from CGI, there is a permission problem involved somewhere.

CU
Robartes-

  • Comment on Re: GnuPG tie to gpg binary gives broken pipe error in CGI output

Replies are listed 'Best First'.
Re: Re: GnuPG tie to gpg binary gives broken pipe error in CGI output
by mattr (Curate) on Mar 07, 2003 at 11:18 UTC
    Thank you. I tried print "V: ". `gpg --version`; and got: V: gpg (GnuPG) 1.0.6 Copyright (C) 2001 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. Home: ~/.gnupg Supported algorithms: Cipher: 3DES, CAST5, BLOWFISH, RIJNDAEL, RIJNDAEL192, RIJNDAEL256, TWOFISH Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA, ELG Hash: MD5, SHA1, RIPEMD160
[reply]
[d/l]
      Update: While I can open and write to a file in the current (cgi) directory from within the program when running as a CGI, gpg as called from the CGI doesn't seem to write anything. I tried:
      `gpg --export -a --batch -o /home/...../cgi-bin/NEW`;
      but it only works on command line fwiw. I think I got it to do something a little while ago but it would only create a zero byte file.

      I wonder how I'd go about trying to do this without using GnuPG or any other module, just the cgi talking to the binary..

      Ah yes, I tried $gpg->export_keys( armor => 1, output => "keyring.pub" );
      which creates a file in the appropriate place but one of zero bytes only. Permissions were cool.

      Update: By cool I mean that it could write something. I could write successfully to files from the CGI. But it is not cool that only a zero byte file came out.. I tried it in different directories, and made a file chmod 777 in a 777 directory and gpg still wouldn't write to it from CGI. I have a whole application working on this system already so I don't think it is permissions.. I'm wondering if Io::Pipe will work.

[reply]
[d/l]
        Hmm, if this wasn't a file that the script exported itself, I would say that you do have write permission on the directory (hence the file creation succeeds) but not on the file itself (hence the 0 byte length). Perhaps your umask is too restrictive?

        CU
        Robartes-

[reply]
        Update: While I can open and write to a file in the current (cgi) directory from within the program when running as a CGI, gpg as called from the CGI doesn't seem to write anything.
        Aha. The directory containing the CGI scripts isn't even supposed to be world writable, or Apache will even refuse to run them. Create a separate directory (it looks like you already did), make it writable for everybody (chmod 777), and chdir to it in your CGI script before calling the external program.
[reply]

In Section Seekers of Perl Wisdom