[Bug 904303] New: gnome-keyring hijacked the GPG socket

http://bugzilla.opensuse.org/show_bug.cgi?id=904303 Bug ID: 904303 Summary: gnome-keyring hijacked the GPG socket Classification: openSUSE Product: openSUSE Distribution Version: 13.2 Hardware: All OS: All Status: NEW Severity: Minor Priority: P5 - None Component: Xfce Assignee: gber@opensuse.org Reporter: jengelh@inai.de QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- gpg starts throwing new warnings since openSUSE 13.2. $ gpg -ab blah.txt You need a passphrase to unlock the secret key for user: "Jan Engelhardt <jengelh@gmx.de>" 4096-bit RSA key, ID 19FC338D, created 2011-05-09 gpg: WARNING: The GNOME keyring manager hijacked the GnuPG agent. gpg: WARNING: GnuPG will not work properly - please configure that tool to not interfere with the GnuPG system! $ env GPG_AGENT_INFO=/run/user/25121/keyring/gpg:0:1 $ lsof|grep keyring/gpg gnome-key 3799 jengelh 11u unix 0x0000000000000000 0t0 32398 /run/user/25121/keyring/gpg ... (started by xfce or so) -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.opensuse.org/show_bug.cgi?id=904303 Guido Berhörster <gber@opensuse.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |gber@opensuse.org Component|Xfce |Basesystem Assignee|gber@opensuse.org |vcizek@suse.com --- Comment #1 from Guido Berhörster <gber@opensuse.org> --- (In reply to Jan Engelhardt from comment #0)
gpg starts throwing new warnings since openSUSE 13.2.
$ gpg -ab blah.txt
You need a passphrase to unlock the secret key for user: "Jan Engelhardt <jengelh@gmx.de>" 4096-bit RSA key, ID 19FC338D, created 2011-05-09
gpg: WARNING: The GNOME keyring manager hijacked the GnuPG agent. gpg: WARNING: GnuPG will not work properly - please configure that tool to not interfere with the GnuPG system!
$ env GPG_AGENT_INFO=/run/user/25121/keyring/gpg:0:1
$ lsof|grep keyring/gpg gnome-key 3799 jengelh 11u unix 0x0000000000000000 0t0 32398 /run/user/25121/keyring/gpg ...
(started by xfce or so)
Yes, gnome-keyring is started by default in Xfce, if you want to disable it see Settings Manager -> Session and Startup -> Launch GNOME services on startup. However, in Xfce it's all-or-nothing, you can only disable gnome-keyring altogether but not the GPG agent specifically. Note that there isn't actually any problem here (except for the problems the gpg maintainers seem to have) and this warning serves no other purpose than to annoy users and waste package maintainers time. Reassigning to the gpg maintainer, maybe we can patch this out? -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.opensuse.org/show_bug.cgi?id=904303 Ulrich Windl <Ulrich.Windl@rz.uni-regensburg.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |Ulrich.Windl@rz.uni-regensb | |urg.de --- Comment #2 from Ulrich Windl <Ulrich.Windl@rz.uni-regensburg.de> --- Why isn't this security-related? I got the message when trying to create a new key: gpg complains, and some box pops up to ask for a password... (There was a similar problem with ssh) I think that users who work on the command line don't want to enter their password in some X11 popup box, because it's absolutely unnecessary. "gpg: WARNING: GnuPG will not work properly - please configure that tool to not interfere with the GnuPG system!" -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.opensuse.org/show_bug.cgi?id=904303 --- Comment #3 from Ulrich Windl <Ulrich.Windl@rz.uni-regensburg.de> --- In my case the following command seemed to be a valid work-around: GPG_AGENT_INFO= gpg --gen-key -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.opensuse.org/show_bug.cgi?id=904303 --- Comment #4 from Ulrich Windl <Ulrich.Windl@rz.uni-regensburg.de> --- I also found out that GPG won't talk to the smart card daemon pcscd when "The GNOME keyring manager hijacked the GnuPG agent.". With the work-around from comment #3 GPG talks to pcscd. -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.opensuse.org/show_bug.cgi?id=904303 Vitezslav Cizek <vcizek@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |vcizek@suse.com --- Comment #5 from Vitezslav Cizek <vcizek@suse.com> --- (In reply to Ulrich Windl from comment #3)
In my case the following command seemed to be a valid work-around: GPG_AGENT_INFO= gpg --gen-key
Or preventing the gnome-keyring daemon from running. (In reply to Ulrich Windl from comment #4)
I also found out that GPG won't talk to the smart card daemon pcscd when "The GNOME keyring manager hijacked the GnuPG agent.". With the work-around from comment #3 GPG talks to pcscd.
That's because gpg is now talking to gnome-keyring daemon and it doesn't support all the commands gpg-agent does. -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.opensuse.org/show_bug.cgi?id=904303 Christoph Wickert <christoph.wickert@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |christoph.wickert@suse.com -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.opensuse.org/show_bug.cgi?id=904303 http://bugzilla.opensuse.org/show_bug.cgi?id=904303#c9 --- Comment #9 from Jan Engelhardt <jengelh@inai.de> --- Doesn't happen under 15.0 anymore. (The GPG_AGENT_INFO variable is unset, too.) -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.opensuse.org/show_bug.cgi?id=904303 Jan Engelhardt <jengelh@inai.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|WONTFIX |FIXED -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com