Search code examples
pythonnginxflaskgnupgubuntu-server

Flask application cannot find gpg

I'm interfacing gpg in a flask application with python-gnupg. The module is installed in a virtualenv together with the rest of my application. When running I receive a 500 internal server error, and the exception is:

File "./myproject/views/settings.py", line 257, in settings_keys_add
    gpg = gnupg.GPG()
File "/home/puse/myproject/myproject/lib/python3.5/site-packages/gnupg.py", line 733, in __init__
    p = self._open_subprocess(["--version"])
File "/home/puse/myproject/myproject/lib/python3.5/site-packages/gnupg.py", line 786, in _open_subprocess
    startupinfo=si)
File "/usr/lib/python3.5/subprocess.py", line 947, in __init__
    restore_signals, start_new_session)
File "/usr/lib/python3.5/subprocess.py", line 1551, in _execute_child
    raise child_exception_type(errno_num, err_msg)
FileNotFoundError: [Errno 2] No such file or directory: 'gpg'

gpg is installed and is working:

puse@puse ~/puse> which gpg
/usr/bin/gpg
puse@puse ~/puse> gpg --gen-key 
gpg (GnuPG) 1.4.20; Copyright (C) 2015 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want:
   (1) RSA and RSA (default)
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
Your selection? 
gpg: Interrupt caught ... exiting

I can also get it to work from python within the virtualenv:

Python 3.5.2 (default, Jul  5 2016, 12:43:10) 
[GCC 5.4.0 20160609] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import gnupg
>>> gpg = gnupg.GPG()
>>> a = gpg.scan_keys("/opt/keys/2a798434-ebb3-4dc6-9f76-fd46f0cce6fa")

I suspect it has something to do with what user the application is running under, but the application is running under my user, but with group set to www-data. I have confirmed this by running ps.

systemd .service file for the application.

[Unit]
Description=uWSGI instance to serve myproject
After=network.target

[Service]
User=puse
Group=www-data
WorkingDirectory=/home/path
Environment="PATH=/home/path"
ExecStart=/home/path/uwsgi --ini config.ini

[Install]
WantedBy=multi-user.target
Solution

  • you override (not append to) the PATH variable with this line:

    Environment="PATH=/home/path"

    change it to

    Environment="PATH=/home/path:/usr/bin:/bin"

    to be able to use standard commands.

    BTW check if /home/path exists, I suppose not, in that case just set:

    Environment="PATH=/usr/bin:/bin"