[Bug 829844] New: gpa (GNU Privacy Assistant) doesn't work
https://bugzilla.novell.com/show_bug.cgi?id=829844 https://bugzilla.novell.com/show_bug.cgi?id=829844#c0 Summary: gpa (GNU Privacy Assistant) doesn't work Classification: openSUSE Product: openSUSE Factory Version: 13.1 Milestone 3 Platform: Other OS/Version: Other Status: NEW Severity: Major Priority: P5 - None Component: GNOME AssignedTo: bnc-team-gnome@forge.provo.novell.com ReportedBy: lazy.kent@opensuse.org QAContact: qa-bugs@suse.de Found By: --- Blocker: --- Created an attachment (id=548271) --> (http://bugzilla.novell.com/attachment.cgi?id=548271) Screenshot #1: gpa with running-gnome-keyring-daemon gpa (GNU Privacy Assistant) doesn't work while gnome-keyring-daemon is running. GNU Privacy Assistant started displaying an error about gpgme library and unsupported certificate. See screenshot #1. After killing gnome-keyring-daemon GNU Privacy Assistant started without errors. See screenshot #2. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=829844
https://bugzilla.novell.com/show_bug.cgi?id=829844#c1
--- Comment #1 from Kyrill Detinov
https://bugzilla.novell.com/show_bug.cgi?id=829844
https://bugzilla.novell.com/show_bug.cgi?id=829844#c2
Dominique Leuenberger
https://bugzilla.novell.com/show_bug.cgi?id=829844
https://bugzilla.novell.com/show_bug.cgi?id=829844#c3
Vitezslav Cizek
https://bugzilla.novell.com/show_bug.cgi?id=829844
https://bugzilla.novell.com/show_bug.cgi?id=829844#c4
Kyrill Detinov
https://bugzilla.novell.com/show_bug.cgi?id=829844
https://bugzilla.novell.com/show_bug.cgi?id=829844#c5
--- Comment #5 from Dominique Leuenberger
@Dominique, both the packages, gpa and gnome-keyring, are maintained by gnome-maintainers. This incompatibility looks strange.
Correct, but besides the point: GPA does not interact in any way with gnome-keyring: it does not have any information about g-k-r. What id does, though, is to interact with gpgme and libassuan (both not maintained by the GNOME Team). All in all, I'm actually proposing to file a delete request for this outdated piece of software called 'gpa': there is simply no love going into this package and nobody cares for it; -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=829844
https://bugzilla.novell.com/show_bug.cgi?id=829844#c6
--- Comment #6 from Dominique Leuenberger
gpgsm --list-chain --with-validation
This already reports 'Unsupported certificate', which in turn is what is passed on to gpa. This is now all irrelevant of gpa; it's simply gpgsm (part of gpg2!). @Vitezslav: I would not be too surprised if lnussel's ca-certificate changes (no more common pem file) would be involved in this issue. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=829844
https://bugzilla.novell.com/show_bug.cgi?id=829844#c7
--- Comment #7 from Dominique Leuenberger
Let's add ssh to the mix of possible source for the issue.
This should have read "Let's add gpg to the mix"; ssh of course is not involved (yet) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=829844
https://bugzilla.novell.com/show_bug.cgi?id=829844#c8
--- Comment #8 from Dominique Leuenberger
https://bugzilla.novell.com/show_bug.cgi?id=829844
https://bugzilla.novell.com/show_bug.cgi?id=829844#c9
--- Comment #9 from Kyrill Detinov
If you start gpa --disable-x509 does it work for you?
Yes, it does. GPA started without any error. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=829844
https://bugzilla.novell.com/show_bug.cgi?id=829844#c10
--- Comment #10 from Kyrill Detinov
another workaround might be to delete /etc/xdg/autostart/gnome-keyring-gpg.desktop (hence, not offering the integration from gnome-keyring's side instead of fixing gpg)
I just disabled GPG Password Agent in Xfce Settings Manager (Session and Startup / Application Autostart). This doesn't help. I see an error in GPA again. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=829844
https://bugzilla.novell.com/show_bug.cgi?id=829844#c11
--- Comment #11 from Dominique Leuenberger
(In reply to comment #8)
another workaround might be to delete /etc/xdg/autostart/gnome-keyring-gpg.desktop (hence, not offering the integration from gnome-keyring's side instead of fixing gpg)
I just disabled GPG Password Agent in Xfce Settings Manager (Session and Startup / Application Autostart). This doesn't help. I see an error in GPA again.
And you did restart the session, right? (reboot or at least logout, cleanup and login) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=829844
https://bugzilla.novell.com/show_bug.cgi?id=829844#c12
--- Comment #12 from Kyrill Detinov
(In reply to comment #10)
(In reply to comment #8)
another workaround might be to delete /etc/xdg/autostart/gnome-keyring-gpg.desktop (hence, not offering the integration from gnome-keyring's side instead of fixing gpg)
I just disabled GPG Password Agent in Xfce Settings Manager (Session and Startup / Application Autostart). This doesn't help. I see an error in GPA again.
And you did restart the session, right? (reboot or at least logout, cleanup and login)
Yes. First time logout and login, then reboot. The same error. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=829844
https://bugzilla.novell.com/show_bug.cgi?id=829844#c13
--- Comment #13 from Dominique Leuenberger
https://bugzilla.novell.com/show_bug.cgi?id=829844
https://bugzilla.novell.com/show_bug.cgi?id=829844#c14
--- Comment #14 from Kyrill Detinov
https://bugzilla.novell.com/show_bug.cgi?id=829844
https://bugzilla.novell.com/show_bug.cgi?id=829844#c15
--- Comment #15 from Dominique Leuenberger
I have installed gnome-keyring-* packages.
GPA starts without errors. But I lost auto gpg-sign functionality in my email client.
Yeah: it basically removes the gpg / gnome-keyring integration. I don't think this is what we want; the correct thing would still be to fix gpgsm, which already reports the unsupported certificate. As far as I understand, the issue is that gpg's agent implementation has more feature requests than any agent ever implemented.. thus it's failing. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=829844
https://bugzilla.novell.com/show_bug.cgi?id=829844#c16
Vitezslav Cizek
eval $(gpg-agent --daemon) gpg-agent[23933]: enabled debug flags: command mpi crypto memory cache memstat hashing assuan gpgsm --list-chain --with-validation>y gpgsm: fingerprint=13:5C:EC:36:F4:9C:B8:E9:3B:1A:B2:70:CD:80:88:46:76:CE:8F:33 gpgsm: interactive marking as trusted not enabled in gpg-agent
instead of
gpgsm --list-chain --with-validation> gpgsm: checking the trust list failed: Unsupported certificate
gnome-keyring changes the value of GPG_AGENT_INFO, so gpgsm connects to it
instead.
The problem seems to be that gnome-keyring doesn't support some commands that
gpg-agent does.
Strace of gpgsm with gpg-agent:
write(4, "ISTRUSTED EA8D99DD36AA2D071A3C7B"..., 50) = 50
write(4, "\n", 1) = 1
read(4, "ERR 67108962 Not trusted
https://bugzilla.novell.com/show_bug.cgi?id=829844
https://bugzilla.novell.com/show_bug.cgi?id=829844#c17
Vitezslav Cizek
https://bugzilla.novell.com/show_bug.cgi?id=829844
https://bugzilla.novell.com/show_bug.cgi?id=829844#c18
Dominique Leuenberger
https://bugzilla.novell.com/show_bug.cgi?id=829844
https://bugzilla.novell.com/show_bug.cgi?id=829844#c
Dominique Leuenberger
https://bugzilla.novell.com/show_bug.cgi?id=829844
https://bugzilla.novell.com/show_bug.cgi?id=829844#c19
Kyrill Detinov
participants (1)
-
bugzilla_noreply@novell.com