I would like to sign my git commits so they appear as verified on GitHub/Lab, while utilizing toolbox containers, but it appears that GPG runs into some permissions issues running in the toolbox.
At first when attempting to
git commit -S ..., I got the error
gpg failed to sign the data. I then ran
echo "test" | gpg --clearsign to troubleshoot. I then got the error
Inappropriate ioctl for device. I did some research and found that running
export GPG_TTY=$(tty) worked for some people. I thought had put that in my bash_profile but ran it anyway. After that, I got a different error with the above test:
Permission denied. Tried it again with sudo and got the same error. I then exited the toolbox, ran the
export GPG_TTY=$(tty) command again and then was able to successfully sign the commit.
It makes sense that there might be some permissions errors, since I suppose the container technically has a different user (would it technically be a different computer in GPG’s eyes?). The questions is, what’s the best way around this? Exit the toolbox for GPG stuff? Export the keys on the host system and reimport them in the toolbox? Or is there some way to configure the toolbox to use the host GPG? Or am I missing something else entirely?
If you need any more info from me feel free to ask!