0

On an OpenWRT installation, I have an update script that downloads a file and checks its GPG signature.

If I run this script at boot in rc.d at priority 99 (it's the last one), I get a "gpg: Can't check signature: public key not found" error. If I run it via Cron or manually, everything works.

I also tried to add a 60 second sleep before running the script.

Is there a way to know when GPG finished its init?

MGG
  • 93
  • 1
  • 9
  • Check file permissions, perhaps can give you more details where it looks for files and why it fails – Marged Jan 21 '20 at 20:38

2 Answers2

0

Can you post the script you use?

A possible solution would be to add the public key import as part of the script before you check the signature, so it's always available for gpg.

This answer may also shed some light on this error: Can't check signature: public key not found

Kyle Burkett
  • 1,375
  • 12
  • 28
0

Turns out, scripts in rc.d are not run as root, or the root home is not specified yet (?), so the home directory where GPG is looking for signatures is different (it's looking at //.gnupg/ instead of /root/.gnupg/). Adding the homedir parameter to GPG allows to specify the directory; this works:

gpg --homedir /root/.gnupg/ --verify update.gpg
MGG
  • 93
  • 1
  • 9