Bug#773304: gnome-keyring: fails to support openpgp smartcard (SCD SERIALNO openpgp: 103 unknown command)
Tzafrir Cohen
tzafrir at debian.org
Tue Dec 16 16:28:15 UTC 2014
Package: gnome-keyring
Version: 3.14.0-1+b1
Severity: normal
Dear Maintainer,
I tried using an OpenPGP smartcard reader under Mate (which uses
gnome-keyring) and got an error from gpg about "unknown command".
An strace of pgp shows the following:
Various commands working, such as:
write(7, "OPTION lc-messages=he_IL.UTF-8", 30) = 30
write(7, "\n", 1) = 1
read(7, "OK \n", 1002) = 4
And then:
write(7, "SCD SERIALNO openpgp", 20) = 20
write(7, "\n", 1) = 1
read(7, "ERR 103 unknown command\n", 1002) = 24
Indeed:
$ gpg-connect-agent 'SCD SERIALNO openpgp' /bye
ERR 103 unknown command
However if I bypass gnome-keyring-daemon:
$ env `cat ~/.gnupg/gpg-agent-info-*` gpg-connect-agent 'SCD SERIALNO openpgp' /bye
S SERIALNO <snipped> 0
OK
$ echo $GPG_AGENT_INFO
/run/user/1000/keyring/gpg:0:1
$ cat ~/.gnupg/gpg-agent-info-*
GPG_AGENT_INFO=/tmp/gpg-wjqbJb/S.gpg-agent:30515:1
So the workaround is to manually set GPG_AGENT_INFO, or tell the gnome
keyring not to work as a gpg agent (and add it myself):
https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/884856
which is a regression vs. my previous "simple" desktop (fluxbox) where
an OpenPGP agent (with support for a smart card) works out of the box:
/etc/X11/Xsession.d/90gpg-agent
There are probably some other fixes that I'm not going to try right now
as I don't want to re-login.
Note: I use lightdm and mate.
-- System Information:
Debian Release: 8.0
APT prefers testing-updates
APT policy: (500, 'testing-updates'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: armhf
Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=he_IL.UTF-8, LC_CTYPE=he_IL.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages gnome-keyring depends on:
ii dbus-x11 1.8.12-1
ii dconf-gsettings-backend [gsettings-backend] 0.22.0-1
ii gcr 3.14.0-2
ii libc6 2.19-13
ii libcap-ng0 0.7.4-2
ii libcap2-bin 1:2.24-6
ii libdbus-1-3 1.8.12-1
ii libgck-1-0 3.14.0-2
ii libgcr-base-3-1 3.14.0-2
ii libgcrypt20 1.6.2-4+b1
ii libglib2.0-0 2.42.1-1
ii p11-kit 0.20.7-1
Versions of packages gnome-keyring recommends:
ii libpam-gnome-keyring 3.14.0-1+b1
gnome-keyring suggests no packages.
-- no debconf information
More information about the pkg-gnome-maintainers
mailing list