Page MenuHome GnuPG
Create Task
Maniphest T3124

Debian 8 BPO with TB 45 and enigmail still hijacking gpg
Closed, WontfixPublic
Actions

Description

Just installed Thunderbird backport in Debian 8.
tried to read an encrypted mail, got the warning, that some trouble in communication with gpg occur.
Read the wiki site gpg with this topic

Did some investigation.

I am sure, that in debian 8 the package "libpam-gnome-keyring" must be unistalled. If installed, this will result in a gnome-daemon started from PAM to integrate gnome-keyring in communication.

Doing so, results in a pinentry window before reading. This is what we want to see.

But this does not work for me:

$ sudo dpkg-divert --local --rename --divert /etc/xdg/autostart/gnome-keyring-gpg.desktop-disable --add /etc/xdg/autostart/gnome-keyring-gpg.desktop

Should stop the gpg integration in gnome keyring.

But after this two steps I got still this in the log:

[GNUPG:] NEED_PASSPHRASE
gpg: WARNING: The GNOME keyring manager hijacked the GnuPG agent.
gpg: WARNING: GnuPG will not work properly - please configure that tool to not interfere with the GnuPG system!
[GNUPG:] ERROR check_hijacking 33554509
[GNUPG:] GOOD_PASSPHRASE
gpg: verschlüsselt mit 1024-Bit ELG Schlüssel,

[GNUPG:] BEGIN_DECRYPTION
[GNUPG:] DECRYPTION_INFO 2 9
[GNUPG:] PLAINTEXT 74 1493482504DECGRU
[GNUPG:] DECRYPTION_OKAY
[GNUPG:] GOODMDC
[GNUPG:] END_DECRYPTION

Event Timeline

Schnitti created this task.Apr 29 2017, 7:03 PM
Schnitti created this object in space S1 Public.
justus added a project: Debian.May 4 2017, 10:51 AM
Unknown Object (User) renamed this task from Debian 8 BPO with TB 45 and enigmail still hijacking gpg to NATIONAL SECURITY. FEDERAL OFFENSE 12-20yrs FEDERAL PRISON.May 23 2017, 4:00 AM
Unknown Object (User) closed this task as Invalid.
Unknown Object (User) triaged this task as Unbreak Now! priority.
Unknown Object (User) updated the task description. (Show Details)
marcus renamed this task from NATIONAL SECURITY. FEDERAL OFFENSE 12-20yrs FEDERAL PRISON to Debian 8 BPO with TB 45 and enigmail still hijacking gpg.May 23 2017, 9:34 AM
marcus reopened this task as Open.
marcus lowered the priority of this task from Unbreak Now! to Needs Triage.
marcus updated the task description. (Show Details)
marcus updated the task description. (Show Details)
Schnitti added a comment.Jun 7 2017, 10:37 AM

Hi there,

at least I was able to resolve this in XFCE4 version of desktop. Simply disable the feature "Start Gnome Session" option in XFCE.

Modifying any xdg autostart option prior to this does not work for me. Even in /etc or ~.config/autostart (Hidden=true)

Now I have seahorse running without GKR and everything is OK.

justus assigned this task to dkg.Jun 7 2017, 10:46 AM
justus triaged this task as Normal priority.
justus added a subscriber: justus.

Hello :)

this is not the place to report Debian bugs, nevertheless, I have assigned this to our resident Debian expert.

Cheers

dkg closed this task as Wontfix.Jun 8 2017, 8:56 PM

I don't think this is a problem for GnuPG to fix. The user is running an OS that launches a version of gnome-keyring by default which doesn't fully-implement gpg-agent's functionality, and yet presents the gpg-agent interface. The user needs to either disable gnome-keyring, or upgrade to a version of the OS (or of gnome-keyring) that doesn't present the gpg-agent interface.