From mikedep333@gmail.com Mon Apr 27 05:18:12 2015 Received: (at submit) by bugs.x2go.org; 27 Apr 2015 03:18:20 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50,FREEMAIL_FROM, T_DKIM_INVALID autolearn=ham version=3.3.2 Received: from mail-ob0-f172.google.com (mail-ob0-f172.google.com [209.85.214.172]) by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id E037D5DA98 for ; Mon, 27 Apr 2015 05:18:11 +0200 (CEST) Received: by obbeb7 with SMTP id eb7so74079448obb.3 for ; Sun, 26 Apr 2015 20:18:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=52kmUGs7EbYFhz6PeYrsiHftdehM5vq0kh/VbwQYT/k=; b=MYqsvp/B09GqQa0Mc6JCp+7T9wJZ2/WDffpZQsaBz85vaY86O3uyi/OP0gNM4xKMKh oylACnbjmBhu1flHckenG3uUGY8V+ZKANt3kPNC0ly8YcIDcQ8XW1xVAXjk8CGJDRSPY aOyj/4o2VsAGDwHP/3D2RgljRcwWxxgd3S7Cf8/orabyshLAtmtaAaZgMmbdd8d9Teks QQ5pxnsqhfhRbf5lHB19hV/IBFpq/oUzgN6C8TK73Qtk2Zq4bvSbCySoSg7FjxKAo2pJ ZzVm/6hUDIMiFtTTf8uLXq5QuP/JzNp54SCW3XMInCfa23rcwyZVYl/V46m1in42t7pX 0bHw== MIME-Version: 1.0 X-Received: by 10.60.78.162 with SMTP id c2mr8340852oex.2.1430104690165; Sun, 26 Apr 2015 20:18:10 -0700 (PDT) Received: by 10.202.88.195 with HTTP; Sun, 26 Apr 2015 20:18:10 -0700 (PDT) Date: Sun, 26 Apr 2015 23:18:10 -0400 Message-ID: Subject: Thunderbird Enigmail fails to access password-protected GPG key in pubapps or single app mode From: Michael DePaulo To: "submit@bugs.x2go.org" Content-Type: text/plain; charset=UTF-8 Package: x2goserver Version: 4.0.1.19 Severity: normal Client: x2goclient 4.0.4.0-2015.04.25-ee11aa4 (nightly build) Client OS: Windows 10 64-bit build 10049 Server OS: Fedora 21 64-bit with latest updates Server Desktop Environment: MATE 1.8.2 Thunderbird: 31.6.0-1.fc21 Enigmail version: 1.8.2 (20150416-1748) Enigmail "About" states: Using gpg executable /usr/bin/gpg2 to encrypt and decrypt x2goagent: 3.5.0.31 x2goserver: 4.0.1.19 x2goserver-extensions: 4.0.1.19 x2goserver-fmbindings: 4.0.1.19 x2goserver-xsession: 4.0.1.19 Note: Using Fedora packaging for x2goserver components. Version is: 4.0.1.19-1.fc21 Note: using x2go release build for nx-libs components. Version is: 3.5.0.31-0.0x2go1.1.git20150318.671.main.fc21 For those who do not know, Enigmail is a plugin that adds GPG support for signing and encryption to Thunderbird. Description of Problem: The problem is that when I launch Thunderbird under pubapps mode or single application mode, Enigmail fails to access my password-protected private key. So it fails to things decrypt encrypted emails. I see error messages like: enigmail Error - no matching private/secret key found to decrypt message; click on 'Details' button for more information When I click on "Eetails" and then "Enigmail Security Info", I see the error: Error - no matching private/secret key found to decrypt message gpg: decryption failed: No secret key However, when I launch Thunderbird under a MATE session, I do not have this problem. I am prompted for my passphrase for my private key by a pop-up window, which appears to be the "gcr-prompter" executable. Then Enigmail is able to access the key. Investigation I've done so far: This appears to be related to GPG agent(s). I was able to produce this bug under a MATE session by unsetting this environment variable: GPG_AGENT_INFO=/run/user/40001103/keyring/gpg:0:1 Where 40001103 is my UID. That file "gpg" is a socket. Under pubapps mode, I launched a terminal, set that env var, and then launched Thunderbird, but the problem was still present. However, the directory /run/user/40001103/keyring did not exist, so the "gpg" socket under it did not exist. I figured I should try to determine what process MATE or x2goserver is starting under a MATE session that enabled Thunderbird to work by disabling that process for a MATE session. So I tried disabling these all of these user background applications (every applications that appeared to be related to keyrings) under MATE" startup applications", but it still did not cause the problem. The "keyring" dir still existed, and so did the "gpg" socket underneath it. And the env var was still set. I do not know what process is creating these and setting the env var. Note that I tried disabling all of them at once. Note I killed any leftover processes from prior sessions too: Name: Certificate and Key Storage Command: /usr/bin/gnome-keyring-daemon --start --components=pkcs11 Comment: GNOME Keyring: PKCS#11 Component Name: GPG Password Agent Command: /usr/bin/gnome-keyring-daemon --start --components=gpg Comment: GNOME Keyring: GPG Agent Name: Secret Storage Service Command: /usr/bin/gnome-keyring-daemon --start --components=secrets Comment: GNOME Keyring: Secret Service Name: SSH Key Agent Command: /usr/bin/gnome-keyring-daemon --start --components=ssh Comment: GNOME Keyring: SSH Agent