https://bugzilla.novell.com/show_bug.cgi?id=473684 Summary: GnuPG does not start scdaemon correctly to access openPGP smartcard Classification: openSUSE Product: openSUSE 11.1 Version: Final Platform: All OS/Version: openSUSE 11.1 Status: NEW Severity: Major Priority: P5 - None Component: Other AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: malte.gell@gmx.de QAContact: qa@suse.de Found By: --- User-Agent: Mozilla/5.0 (X11; U; Linux i686; de; rv:1.9.0.5) Gecko/2008121300 SUSE/3.0.5-1.1 Firefox/3.0.5 If you have an openPGP smartcard and invoke "gpg --card-edit" you should see the details of an openPGP card inserted into your card reader. But, with that bug you get an error message like "scdaemon[19663]: scdaemon (GnuPG) 2.0.9 stopped gpg: OpenPGP card not available: IPC write error" As a workaround you have to edit /etc/X11/xdm/sys.xsession and add the path to scdaemon to the gpg-agent, section, so you have to add "--scdaemon-program /usr/bin/scdaemon" to the line that starts with "set -- $gpgagent --sh........" I am not sure, whether this is a real bug at all, it just may be necessary to change the file /etc/X11/xdm/sys.xsession as described above, so the appropriate line looks like this: set -- $gpgagent --sh --daemon --scdaemon-program /usr/bin/scdaemon --enable-ssh-support --write-env-file "$GPG_AGENT_FILE" ${1+"$@"} adding --scdaemon-program /usr/bin/scdaemon fixes this behaviour. Reproducible: Always Steps to Reproduce: 1. Be sure that gnupg-agent has not been started with the parameter "--scdaemon-program /usr/bin/scdaemin", just do a "ps aux | grep agent" and verify. This is the default behaviour with openSUSE 11.1 2. Insert an openPGP card into your correctly installed card reader 3. invoke gpg --card-edit wait for the detected card and then try to do anything Actual Results: With the "bug" you will get the followign: gpg --card-edit Application ID ...: Version ..........: 1.1 Manufacturer .....: PPC Card Systems Serial number ....: 000015CB
Name of cardholder: [not set] Language prefs ...: de Sex ..............: unspecified URL of public key : [not set] Login data .......: [not set] Signature PIN ....: forced Max. PIN lengths .: 254 254 254 PIN retry counter : 3 3 3 Signature counter : 0 Signature key ....: [none] Encryption key....: [none] Authentication key: [none] General key info..: [none]
Command> scdaemon[19663]: updating status of slot 0 to 0x0007
scdaemon[19663]: client pid is 19662, sending signal 12 scdaemon[19663.0] DBG: <- [EOF] scdaemon[19663]: handler for fd -1 terminated scdaemon[19663]: scdaemon (GnuPG) 2.0.9 stopped
gpg: OpenPGP card not available: IPC write error
The last line is the actual error message. It may sound different like "card not available". Expected Results: The expected result is to be able to invoke "gpg --card-edit" and then do your stuff, it looks like this, as you can see there is no error message any longer. Application ID ...: D2760001240101010001000015CB0000 Version ..........: 1.1 Manufacturer .....: PPC Card Systems Serial number ....: 000015CB Name of cardholder: [not set] Language prefs ...: de Sex ..............: unspecified URL of public key : [not set] Login data .......: [not set] Signature PIN ....: forced Max. PIN lengths .: 0 0 0 PIN retry counter : 0 0 0 Signature counter : 0 Signature key ....: [none] Encryption key....: [none] Authentication key: [none] General key info..: [none] Command> As I said above, I am not sure, whether this is a real bug or just a missing parameter in /etc/X11/xdm/sys.xsession adding --scdaemon-program /usr/bin/scdaemon to the gnupg-agent invokation in /etc/X11/xdm/sys.xsession does fix the wrong behavoiur, so you might have either investigate this further, or make sure that future releases have this additional parameter added. Using a openPGP smart card with GnuPG is a major feature of this program and it really should work, so I would consider this a major issue. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.