Link to home
Start Free TrialLog in
Avatar of dulcett
dulcett

asked on

Problem with gpg and cron

I am having trouble getting cron to run a perl script that runs perfectly fine from bash. It fails at the section where it is trying to run gpg to decrypt some files. At first I was getting an error stating that it couldn't find dev/tty and that this directory did not exist. I changed my scipt so that it also included the --batch --no-tty options when calling gpg. This fixed the first problem and created a new issue where it would claim that it can't find the private key for proper decrytion. I double checked and my private key is in there and works just fine otherwise I wouldn't be able to get the perl script to decrypt files when I started the script from bash. Why won't the exact same script work in cron. Here is all that I am telling it to do in gpg:

/usr/local/bin/gpg --no-tty --batch --passphrase [passphrase] --output [output name] --decrypt [filename/location]

Avatar of mjcoyne
mjcoyne

What user is the script running as in cron?  Do you have SELinux enabled?  Does the user that cron is running the script as have permisson to access all required directories and files?
> .. would claim that it can't find the private key for proper decrytion.
sounds like cron is running as a different user.
You need to ensure that your script is running as the proper user,.
Avatar of dulcett

ASKER

The cron job is running as root so I don't think that is the problem. I would imagine that it must not be looking at the correct directories for a proper gpg run but I'm not sure. Here is what my crontab looks like:

SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin
PERL5LIB=/usr/local/lib/perl5/5.8.8/i686-linux:/usr/local/lib/perl5/5.8.8
LD_LIBRARY_PATH=/usr/local/lib:/lib:/usr/lib:/dev/tty
MAILTO=root
HOME=/

# run-parts
01 * * * * root run-parts /etc/cron.hourly
02 4 * * * root run-parts /etc/cron.daily
22 4 * * 0 root run-parts /etc/cron.weekly
42 4 1 * * root run-parts /etc/cron.monthly
30 8 * * * root perl /tmp/mysql_backup_daily.pl
05 7 * * 1 root perl /mydirectory/MYGPGPERLSCRIPT.pl

> The cron job is running as root so I don't think that is the problem.
that's exactly the problem!
Simply start that task in the user's crontab.
Avatar of dulcett

ASKER

As what user? I have been working as user: root
Avatar of dulcett

ASKER

This is the mail message I get when cron doesn't run

From: root@localhost.localdomain (Cron Daemon)
To: root@localhost.localdomain
Subject: Cron <root@localhost> perl /mydirectory/THEONE_2.pl
X-Cron-Env: <SHELL=/bin/bash>
X-Cron-Env: <PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/etc/sysconfig/rhn:/usr/include/kde:/usr/lib/gnupg:/usr/local/bin:/usr/local/libexec/gnupg:/usr/share/rhn>
X-Cron-Env: <PERL5LIB=/usr/local/lib/perl5/5.8.8/i686-linux:/usr/local/lib/perl5/5.8.8>
X-Cron-Env: <LD_LIBRARY_PATH=/usr/local/lib:/lib:/usr/lib:/dev/tty>
X-Cron-Env: <MAILTO=root>
X-Cron-Env: <HOME=/>
X-Cron-Env: <LOGNAME=root>
X-Cron-Env: <USER=root>


gpg: encrypted with ELG-E key, ID 0646FAAA
gpg: decryption failed: secret key not available
Are you user root when you run it from the command line?
What is your home directory as user root?  Put that in as HOME=/root  (or whatever it is)
so your keys are stored in ~/.gnupg where ~ is the home directory as specified for user root in /etc/passwd?
Avatar of dulcett

ASKER

This is the line for root in my etc password file

root:x:0:0:root:/root:/bin/bash
Avatar of dulcett

ASKER

Yes, I am root when I run it from commandline and it works fine when I run the script that way.
ASKER CERTIFIED SOLUTION
Avatar of Adam314
Adam314

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of dulcett

ASKER

It works now. Thanks.
hmm, that's exactly what I asked for/said in http:#18858432