Login/Register
gpg: keyblock resource pubring.kbx not found because the repo path is prefixed to the gnupg home
Asked Answered
Solved gitgnupg
L

3

8

I used to have my commits signed by gpg which worked all fine, but I suddenly got this message instead:

gpg: keyblock resource '/c/Users/username/path/to/project/C:\Users\username\.gnupg/pubring.kbx': No such file or directory
gpg: skipped "my_key": No secret key
gpg: signing failed: No secret key
error: gpg failed to sign the data
fatal: failed to write commit object

Note the path of the keyblock resource, it consists of two paths and is indeed not valid.

Information about my setup

I had my commits automatically signed, my setup is from this answer, in summary: I set up gpg like normal, then installed gpg2 and pipe my passphrase into gpg every time using a shell file. And no, I didn't get gpg-agent to do this, though if you know how to do it please answer this question: The key whose key-id is in the signature did not sign this commit

I have an environment variable GNUPGHOME which points to C:\Users\username\.gnupg. I tried changing it to C:/Users/username/.gnupg but the slashes just changed in the error as well. I tried changing it to /c/Users/username/.gnupg but the error message became

gpg: Fatal: can't create directory '/c/Users/username/path/to/project/C:/Users/username/.gnupg': No such file or directory

I also don't know what changed on my system that caused this problem.

Related issues

This question is very similar with a different path but it was not solved: Git commit signing GPG issue The comment is to check a path in a gitconfig, but I don't have a path to the gnupg directory in any gitconfig and it wouldn't be prefixed with the path to the repo anyway, I think. I have this in my main ~\.gitconfig:

[user]
    signingkey = my_key
[commit]
    gpgsign = true
[gpg]
    program = C:\\Users\\username\\gpg-no-tty.sh

Also found someone with the same problem here: https://jira.atlassian.com/browse/SRCTREEWIN-8527

From the tag description of I can't figure out whether this question belongs here or on Super User, because I'm not sure if this is programmatic or direct use (both?).

Labio answered 5/10, 2018 at 8:53 Comment(5)
So you just ran this command and it worked? Tried it, still getting issues where gpg: keyblock resource '/d/git/storage/C:\Users\user/.repoconfigs\gnupg/pubring.kbx': No such file or directoryVernice
@Vernice Not really because I have a different setup, but if you had just gpg there in your .gitconfig then it could solve it. If you made sure that git is running as gpg.program the full "C:\Program Files (x86)\GnuPG\bin\gpg.exe" and not just gpg (directly or via shell file) then I don't know what the problem is on your side - I checked that without doing this I get still the same error so I'm sure it solves it for me.Labio
Yeah I realize that. I used the trick suggested by Ross but without any luck. My problem is already visible when I am trying to tell git about my signing key as you pointed out in the other thread but I am still getting gpg: keyblock resource '/d/Git/storage/C:\Users\user\.gnupg/pubring.kbx': No such file or directory when I even try to list GPG keys with gpg --list-secret-keys --keyid-format LONGVernice
@Vernice Ah in that case, are you sure you are using gpg2 instead of the gpg that comes with git? Instructions are in step 7-8 of this answer. (This error seems to appear whenever the old gpg of git is used, I'm guessing.)Labio
in my case it turned out that using different git version fixes the problem. I had git version 2.19.1 and it was not working, with git version 2.18.0 all works like a charm.Vernice
F
10

I had the same issue. To fix it I just had to specify the gpg.program variable in my .gitconfig file to point to my installation of Gpg4win like so:

git config --global gpg.program "%PROGRAMFILES(x86)%\GnuPG\bin\gpg.exe"

or

git config --global gpg.program "C:\Program Files (x86)\GnuPG\bin\gpg.exe"

Obviously the path depends on where your gpg binary is located. Once I did this, it was able to use my GNUPGHOME environment variable and found my system keyring to use for signing. This will use pinentry to prompt you for your secret key password though.

I believe the issue occurs because Git for Windows ships with a version of gpg, which it uses by default. For whatever reason it seems to prefix the local repo path to the gpg home directory path when it executes the command to sign your commit.

Hopefully this helps

Furr answered 16/10, 2018 at 13:5 Comment(3)
Oh, that's spot on! I was still using the program gpg instead of "C:\Program Files (x86)\GnuPG\bin\gpg.exe" in the shell file which I use to automatically pipe my passphrase through it (see step 10 in the answer I linked to, and just updated). It works now again.Labio
In my case (Windows 10, git version 2.21.0.windows.1), Git seemed to ignore the gpg.program preference (despite the docs at git-scm.com/docs/git-config still listing it as valid). The only way to force Git to use the other binary was to rename or delete C:\Program Files\Git\usr\bin\gpg.exe.Juice
I installed Gpg4win and made sure C:\Program Files (x86)\GnuPG\bin precedes other gpg installations in the PATH environment variable. This fixed it.Prolamine
O
2

Definitively, on MSSY2 systems, it's a matter of pointing emacs' variable package-gnupghome-dir to your right .emacs.d directory in an absolute way, as Emacs (or maybe pgp) fails on composing relative path from your absolute declarated (or calculate) $HOME directory.

Just add to your (probably) existing (custom-set-variables ..) command in your init file a line like:

(custom-set-variables
  ..
  (package-gnupghome-dir "/y/sys/.emacs.d/elpa/gnupg")
  ..
)

In my case, I've shared user config files directory at Y:\SYS

Orinasal answered 4/2, 2024 at 22:4 Comment(0)
L
1

(Note I just had this same problem again, but had to fix it in a different way)

Your gpg home directory is messed up, because that's where it tries to find the pubring.kbx file. It can happen that gpg thinks its homedir is the path from which you are executing gpg, hence you see the repo path prefixed - and no I have no idea why.

You can solve this using the --homedir option of gpg.

  1. Tell bash to use it: in C:\Users\username\.bash_profile, add alias gpg="gpg --homedir=/c/Users/username/.gnupg"
  2. Tell git to use it: create a file C:\Users\username\start-gpg.sh and put into it gpg --homedir=/c/Users/s156757/.gnupg "$@". Then run git config --global gpg.program C:\\Users\\username\\start-gpg.sh to tell git to use it.
  3. Restart bash.

Note: to test this, I used the gpg2 which comes with git. That may be why the GNUPGHOME variable didn't do anything - I didn't install gnupg separately.

Labio answered 27/10, 2018 at 19:44 Comment(0)

© 2022 - 2025 — McMap. All rights reserved.