3

I am trying to install Tor Browser following this guide:

https://2019.www.torproject.org/docs/debian.html.en on Ubuntu 18.04.3 TLS.

When running the following command: 

gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add -

I get the error message below:

E: This command can only be used by root.

When I run the same command using sudo, I get the following message:

gpg: WARNING: unsafe ownership on homedir '/home/user/.gnupg'
E: This command can only be used by root.

Does anyone know how to fix it and why it is happening?

Kevin Bowen
  • 19,615
  • 55
  • 79
  • 83
  • I'd suggest having a look at the Software Boutique - refer to this answer https://askubuntu.com/questions/1058304/is-there-a-program-like-fedy-but-for-ubuntu/1058306#1058306 It's a gui that adds the required sources automatically when you select packages that need different sources msking common programs like tor-browser super easy to install. – guiverc Aug 21 '19 at 12:43
  • Your first line consists of two commands, gpg which is then piped to your apt-key so when you mention sudo I wonder if how you used it as you were unclear. More so though, I wonder what is the owner of ~/.gnupg (whether in prior sudo commands you've changed ownership to root instead of your user id) thus your permissions error.. – guiverc Aug 21 '19 at 12:50

1 Answers1

5

How exactly did you try to use it with sudo?

My guess is:

sudo gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add -

If so, gpg will run as root, and apt-key will run as your normal user.

In this particular case you should add sudo infront of apt-key:

gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -

Since you ran gpg with sudo and not using the -H flag the permissions on ~/.gnupg probably changed.

From man sudo:

-H' The -H (HOME) option requests that the security policy set the HOME environment variable to the home directory of the target user (root by default) as specified by the password database. Depending on the policy, this may be the default behavior.

To check permissions and ownership:

ls -l ~/.gnupg

If the directory (.) or any files in the directory is owned by root, fix the permissions with:

sudo chown -R $USER:$USER ~/.gnupg
sudo find ~/.gnupg -type d -exec chmod 700 {} \;
sudo find ~/.gnupg -type f -exec chmod 600 {} \;
mgor
  • 1,211
  • 8
  • 13
  • When I did sudo in front of apt-key ... i got:

    gpg: WARNING: unsafe ownership on homedir '/home/user/.gnupg' OK

     –  Aug 21 '19 at 12:53
  • @mgor My ~/.gnupg has a sub-directory named private-keys-v1.d. After your chmod 600 ~/.gnupg/* that directory will be drw- instead of drwx. Is that really what you want? – JonBrave Oct 23 '19 at 08:23
  • 1
    @JonBrave updated the chmod commands to take this into consideration, thanks. – mgor Oct 24 '19 at 08:19