On Mon, Jun 23, 2025 at 08:57:33AM +0100, Philip Hands wrote: > Package: popularity-contest > Version: 1.76 > Severity: minor > > Hi, > > I have an nspawn container that has popularity-contest enabled, and the cron > job results in emails telling me: > > gpg: Warning: using insecure memory! > > I assume that this is because the container is not configured to allow the > permissions required to lock memory on the real system, so despite being run > as root, gpg fails to lock the memory, and complains. > > One could grant that permission to the container, but that seems like > overkill to solve this. > > One could normally configure gpg to ignore it, except that gpg is being > invoked with --no-options. > > Therefore, I would suggest that you add `--no-secmem-warning` to the gpg > invocation in order to suppress the warning. I have tried this, and it works.
Hi Philip, Note that /etc/cron.daily/popularity-contest is a conffile, so you can suppress the warning. > After all, the warning is about the danger that the unencrypted data might > get saved to swap, and thus be exposed, which is clearly not an issue in this > case because the cleartext is being saved as /var/log/popularity-contest > anyway, so the warning is really pointless in this case. Thanks, I also have plans to allow different programs than gpg once trixie is released. Cheers, -- Bill. <ballo...@debian.org> Imagine a large red swirl here.
