Description of problem: gpg-agent is unable to write-env-file Version-Release number of selected component (if applicable): gnupg2-2.1.4-1.fc22.x86_64 How reproducible: 100% Steps to Reproduce: 1. Install Fedora 22 2. Start KDE 3. Create ~/.gnupg/gpg-agent.conf: enable-ssh-support write-env-file "/home/mmercer/.gnupg/gpg-agent.env" default-cache-ttl 600 max-cache-ttl 7200 daemon (replace mmercer with your username, but you *cannot* use $HOME in this file) reboot the machine, and login Actual results: /usr/bin/gpg-agent -s --daemon --write-env-file /run/user/1000/.gpg-agent-info Expected results: env-file should have been written to $HOME/.gnupg/gpg-agent.env Additional info: Further: Even ignoring the fact that it is still using the defaults from /etc/kde/env/gpg-agent-startup.sh or /etc/xdg/plasma-workspace/env/gpg-agent-startup.sh, it still fails to actually *write* the file either way: cat /run/user/1000/.gpg-agent-info cat: /run/user/1000/.gpg-agent-info: No such file or directory Because of this, opening a new session always fails to find the socket or any other information required to re-use the same agent for SSH when using a gpg based secure key.
I have found that the kde settings override the actual .conf settings (which shouldn't happen); but even if I kill the actual gpg-agent that is started by kde/xdg startup, it still fails to write the file itself, including manual launch: gpg-agent --enable-ssh --write-env-file ~/.gnupg/gpg-agent.env --daemon should do the same; have tested it using the /run path as well; write env file appears to be completely broken. Worked in F21, but not after fedup
I'm open to suggestions/patches, the code is here: https://fedorahosted.org/kde-settings/browser/trunk/etc/xdg/plasma-workspace/env/gpg-agent-startup.sh
Does --write-env-file option not work (anymore)?
Rex: That's the problem I am having, yes; It does not write the env file at *all*. I haven't tested gnome or anything beyond it yet, but I suspect the option itself is broken. We use gpgtools on OSX (for work) which is built against the latest versions of gnupg, and the option still works, so I am not sure why it doesn't seem to in F22.
I did some searching, as I had noticed another change in behavior ( echo $GPG_AGENT_INFO no longer worked ) and came across: https://www.gnupg.org/faq/whats-new-in-2.1.html I went back and looked at the gpg version in F21 (last known working scenario) and found: gnupg2-2.0.27 It seems the change in F22 to gnupg2-2.1 may have further changes required to actually get it working properly again, at minimally, testing will need to be done to determine what changes need made to the xdg plasma-workspace startup script. Based on reading, I doubt that the issues I am encountering are solely inherited in KDE. Will try to continue testing to isolate/validate a working solution.
Looks like gnupg2-2.1 completely removed support/need for the environment variable. When using the gpg2 binary, it had no problem talking to the running agent over the socket that gets created in $HOME/.gnupg/S.gpg-agent.
Indeed, https://www.gnupg.org/faq/whats-new-in-2.1.html#autostart ... With GnuPG 2.1 the need of GPG_AGENT_INFO has been completely removed and the variable is ignored. Instead a fixed Unix domain socket named S.gpg-agent in the GnuPG home directory (by default ~/.gnupg) is used. The agent is also started on demand by all tools requiring services from the agent. I'll move to remove the gpg-agent management scripts from kde-settings (for f22+). I find the use of ~/.gnupg for the socket problematic (e.g nfs $HOME, I'll have to find a solution for that @dayjob). Any chance of convincing upstream to use something like $XDG_RUNTIME_DIR instead?
(In reply to Rex Dieter from comment #7) > I find the use of ~/.gnupg for the socket problematic (e.g nfs $HOME, I'll > have to find a solution for that @dayjob). > > Any chance of convincing upstream to use something like $XDG_RUNTIME_DIR > instead? I think it should be possible to convince them to use that and when unset to fallback to ~/.gnupg Use the https://bugs.gnupg.org to fill the RFE to upstream.
OK, https://bugs.gnupg.org/gnupg/issue2017
kde-settings-22-11.fc22 has been submitted as an update for Fedora 22. https://admin.fedoraproject.org/updates/kde-settings-22-11.fc22
Package kde-settings-22-11.fc22: * should fix your issue, * was pushed to the Fedora 22 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing kde-settings-22-11.fc22' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2015-10192/kde-settings-22-11.fc22 then log in and leave karma (feedback).
kde-settings-22-11.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.