Trouble using gnupg from PHP (Apache fails, CLI OK)

Question

I'm using MAMP 2.2, PHP 5.3.5, on OSX 10.8.5. Recently setup gpgme, gnupg. Had to work through things to get dependencies downloaded and built, but believe everything is installed fine. Also installed GPGTools.

I wrote two fairly simple PHP scripts, one that will import a public key generated elsewhere, and one that lists keys in the keyring. Keyring location is /Users/myuser/.gnupg

MAMP Apache is configured to run as me (myuser). When I execute either of my scripts using PHP CLI, then run fine and work as expected. When I execute in Apache, they run, values var_dumped & echo'd all look right, but gnupg->import() will simply log 'import failed' and gnupg->keyinfo() says 'could not init keylist'.

I've tried setting permissions as wide open as possible on .gnupg dir and contents; no luck.

Code to list keys:

<?php

error_reporting(-1);
// set path to keyring directory
putenv('GNUPGHOME=/Users/myuser/.gnupg');
var_dump(getenv('GNUPGHOME'));
echo exec('whoami');
echo is_dir('/Users/myuser/.gnupg');
echo '<br/>';
$gpg = new gnupg();
$gpg->seterrormode(GNUPG_ERROR_WARNING);

try {

    $info = $gpg->keyinfo('');
    print_r($info);

} catch (Exception $e) {

    echo 'ERROR: ' . $e->getMessage();

}

Am I missing something obvious?

Answer 1

The problem here is that apache uses different user (for ubuntu it is www-data, but I'm not sure about OSX) AND the .gnupg folder is only accessible by the owner (chmod 600). This is why the cli works (because you're logged in as the owner) and apache doesn't (because apache user is not the owner of the .gnupg directory).

Please set the /home folder for apache user and then generate its own pair of gnupg keys. Once apache is the owner of its own keys, and you point to apache's folder when setting GNUPGHOME env variable, it will work just fine.