Bonjour,
I have an issue with thunderbird+enigmail on fedora 21: TB is unable to send a signed message and enigmail complains that it cannot find the gpg key.
Every time pinentry-curses is stuck and uses 100% of CPU.
Using Enigmail>Manage keys shows that the key is there and valid...
What's wrong?
Thank you.
On 07/15/2015 09:24 AM, François Patte wrote:
I have an issue with thunderbird+enigmail on fedora 21: TB is unable to send a signed message and enigmail complains that it cannot find the gpg key.
Every time pinentry-curses is stuck and uses 100% of CPU.
Using Enigmail>Manage keys shows that the key is there and valid...
What's wrong?
Thank you.
is the key assigned to the right user that is sending the email?? I have a key, but I only use it on 1 email address..
Le 15/07/2015 15:32, Paul Cartwright a écrit :
On 07/15/2015 09:24 AM, François Patte wrote:
I have an issue with thunderbird+enigmail on fedora 21: TB is unable to send a signed message and enigmail complains that it cannot find the gpg key.
Every time pinentry-curses is stuck and uses 100% of CPU.
Using Enigmail>Manage keys shows that the key is there and valid...
What's wrong?
Thank you.
is the key assigned to the right user that is sending the email??
Of course! And I have absolutely no problem to use enigmail (and TB) on a debian install (with same /home, and thus same account for me...)
On 07/15/15 21:40, François Patte wrote:
Le 15/07/2015 15:32, Paul Cartwright a écrit :
On 07/15/2015 09:24 AM, François Patte wrote:
I have an issue with thunderbird+enigmail on fedora 21: TB is unable to send a signed message and enigmail complains that it cannot find the gpg key.
Every time pinentry-curses is stuck and uses 100% of CPU.
Using Enigmail>Manage keys shows that the key is there and valid...
What's wrong?
Thank you.
is the key assigned to the right user that is sending the email??
Of course! And I have absolutely no problem to use enigmail (and TB) on a debian install (with same /home, and thus same account for me...)
Are you saying you're dual booting and using the same home directory in both? Has this worked before, or a new problem?
Le 15/07/2015 16:16, Ed Greshko a écrit :
On 07/15/15 21:40, François Patte wrote:
Le 15/07/2015 15:32, Paul Cartwright a écrit :
On 07/15/2015 09:24 AM, François Patte wrote:
I have an issue with thunderbird+enigmail on fedora 21: TB is unable to send a signed message and enigmail complains that it cannot find the gpg key.
Every time pinentry-curses is stuck and uses 100% of CPU.
Using Enigmail>Manage keys shows that the key is there and valid...
What's wrong?
Thank you.
is the key assigned to the right user that is sending the email??
Of course! And I have absolutely no problem to use enigmail (and TB) on a debian install (with same /home, and thus same account for me...)
Are you saying you're dual booting and using the same home directory in both?
Yes! That's what I am saying.
Has this worked before, or a new problem?
This is a new problem! I used to transfert the same /home directory since ages when I install a new distro (or update one).
*BUT* I cannot make any test on fresh account *because it is now impossible to configure my mail account on thunderbird*:
1st it ask me if I want a mail account at Gandhi's NO
2nd I enter my own mail address (that I have been using for 20 years, the one which I use to send this mail...) And it checks something then conclude that it does not exist in its databases and I can go to hell!!!
When do people will stop to "help" with such fu... tools??
I am wasting my time because some people somewhere have a small brain and cannot imagine that other people know what they are doing!!!
On 07/16/15 18:20, François Patte wrote:
Le 15/07/2015 16:16, Ed Greshko a écrit :
On 07/15/15 21:40, François Patte wrote:
Le 15/07/2015 15:32, Paul Cartwright a écrit :
On 07/15/2015 09:24 AM, François Patte wrote:
I have an issue with thunderbird+enigmail on fedora 21: TB is unable to send a signed message and enigmail complains that it cannot find the gpg key.
Every time pinentry-curses is stuck and uses 100% of CPU.
Using Enigmail>Manage keys shows that the key is there and valid...
What's wrong?
Thank you.
is the key assigned to the right user that is sending the email??
Of course! And I have absolutely no problem to use enigmail (and TB) on a debian install (with same /home, and thus same account for me...)
Are you saying you're dual booting and using the same home directory in both?
Yes! That's what I am saying.
Has this worked before, or a new problem?
This is a new problem! I used to transfert the same /home directory since ages when I install a new distro (or update one).
*BUT* I cannot make any test on fresh account *because it is now impossible to configure my mail account on thunderbird*:
1st it ask me if I want a mail account at Gandhi's NO
2nd I enter my own mail address (that I have been using for 20 years, the one which I use to send this mail...) And it checks something then conclude that it does not exist in its databases and I can go to hell!!!
When do people will stop to "help" with such fu... tools??
I am wasting my time because some people somewhere have a small brain and cannot imagine that other people know what they are doing!!!
Focusing on the Thunderbird problem to begin with.....
As I understand it, Debian doesn't enable/use selinux by default. You have to do some enabling when you install or maybe it can be done later.
So, when you use T-Bird and enigmail under Fedora you may be running into a selinux issue.
I would check to see if the .gnupg is labeled correctly it should look like this....
[egreshko@meimei ~]$ ls -Zd .gnupg unconfined_u:object_r:gpg_secret_t:s0 .gnupg
And the files within the same.
I would also check /var/log/audit/audit.log for any AVC records being generated when T-Bird + enigmail is used.
As for you other issue with setting up a mail profile....you should still be able to manually configure your old email service. There is a button for that, I just don't recall when/where it is at the moment.
On 07/16/15 19:21, Ed Greshko wrote:
So, when you use T-Bird and enigmail under Fedora you may be running into a selinux issue.
Oh, a quicker test to see if this is selinux related would be to first, as root, issue the "setenforce 0" command to switch to permissive mode and then run T-Bird/enigmail.
Le 16/07/2015 13:21, Ed Greshko a écrit :
On 07/16/15 18:20, François Patte wrote:
Le 15/07/2015 16:16, Ed Greshko a écrit :
On 07/15/15 21:40, François Patte wrote:
Le 15/07/2015 15:32, Paul Cartwright a écrit :
On 07/15/2015 09:24 AM, François Patte wrote:
I have an issue with thunderbird+enigmail on fedora 21: TB is unable to send a signed message and enigmail complains that it cannot find the gpg key.
Every time pinentry-curses is stuck and uses 100% of CPU.
Using Enigmail>Manage keys shows that the key is there and valid...
What's wrong?
Thank you.
is the key assigned to the right user that is sending the email??
Of course! And I have absolutely no problem to use enigmail (and TB) on a debian install (with same /home, and thus same account for me...)
Are you saying you're dual booting and using the same home directory in both?
Yes! That's what I am saying.
Has this worked before, or a new problem?
This is a new problem! I used to transfert the same /home directory since ages when I install a new distro (or update one).
*BUT* I cannot make any test on fresh account *because it is now impossible to configure my mail account on thunderbird*:
1st it ask me if I want a mail account at Gandhi's NO
2nd I enter my own mail address (that I have been using for 20 years, the one which I use to send this mail...) And it checks something then conclude that it does not exist in its databases and I can go to hell!!!
When do people will stop to "help" with such fu... tools??
I am wasting my time because some people somewhere have a small brain and cannot imagine that other people know what they are doing!!!
Focusing on the Thunderbird problem to begin with.....
As I understand it, Debian doesn't enable/use selinux by default. You have to do some enabling when you install or maybe it can be done later.
So, when you use T-Bird and enigmail under Fedora you may be running into a selinux issue.
I don't think so: I have disabled selinux
I would check to see if the .gnupg is labeled correctly it should look like this....
[egreshko@meimei ~]$ ls -Zd .gnupg unconfined_u:object_r:gpg_secret_t:s0 .gnupg
I get a ? :
]$ ls -Zd .gnupg drwx------ fp ufr ? .gnupg
What does that mean? -Z flag is not in the man pages...
And the files within the same.
I would also check /var/log/audit/audit.log for any AVC records being generated when T-Bird + enigmail is used.
What is reported in this file? And what should I have to search for?
Thanks for your answers.
As for you other issue with setting up a mail profile....you should still be able to manually configure your old email service. There is a button for that, I just don't recall when/where it is at the moment.
I try to manually configure my mail account but I fall back to the same problem: my university is not in the mozilla databases.... Why do they make such stupid control?
On 07/16/2015 12:40 PM, François Patte wrote:
I would check to see if the .gnupg is labeled correctly it should look like this....
[egreshko@meimei ~]$ ls -Zd .gnupg unconfined_u:object_r:gpg_secret_t:s0 .gnupg
I get a ? :
]$ ls -Zd .gnupg drwx------ fp ufr ? .gnupg
What does that mean? -Z flag is not in the man pages...
looks like you found your problem.. I got the same as he did..
$ ls -Zd .gnupg unconfined_u:object_r:gpg_secret_t:s0 .gnupg
On 07/17/15 00:40, François Patte wrote:
I don't think so: I have disabled selinux
I am sure you didn't disable it in Fedora. But it probably is disabled in Debian.
If that is the case then there will be conflicts with files and how they are created and such since Debian will most likely mess with the selinux file labels since its filesystem is unable to deal with them.
I would check to see if the .gnupg is labeled correctly it should look like this....
[egreshko@meimei ~]$ ls -Zd .gnupg unconfined_u:object_r:gpg_secret_t:s0 .gnupg
I get a ? :
]$ ls -Zd .gnupg drwx------ fp ufr ? .gnupg
What does that mean? -Z flag is not in the man pages...
The Z says to list the selinux contexts. It would seem yours are messed up as I suspected.
And the files within the same.
I would also check /var/log/audit/audit.log for any AVC records being generated when T-Bird + enigmail is used.
What is reported in this file? And what should I have to search for?
grep for the string AVC in that file.
Thanks for your answers.
As I mentioned in a second message. Try using "setenforce 0" and then run your tests. This will put selinux into permissive mode and allow things to run if what is happening is as I suspect.
As for you other issue with setting up a mail profile....you should still be able to manually configure your old email service. There is a button for that, I just don't recall when/where it is at the moment.
I try to manually configure my mail account but I fall back to the same problem: my university is not in the mozilla databases.... Why do they make such stupid control?
To make it easier on the "average" user? :-)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Le 16/07/2015 22:09, Ed Greshko a écrit :
On 07/17/15 00:40, François Patte wrote:
I don't think so: I have disabled selinux
I am sure you didn't disable it in Fedora. But it probably is disabled in Debian.
I did! Because selinux sent a lot of error messages and no information about how to avoid them...
If that is the case then there will be conflicts with files and how they are created and such since Debian will most likely mess with the selinux file labels since its filesystem is unable to deal with them.
I would check to see if the .gnupg is labeled correctly it should look like this....
[egreshko@meimei ~]$ ls -Zd .gnupg unconfined_u:object_r:gpg_secret_t:s0 .gnupg
I get a ? :
]$ ls -Zd .gnupg drwx------ fp ufr ? .gnupg
What does that mean? -Z flag is not in the man pages...
The Z says to list the selinux contexts. It would seem yours are messed up as I suspected.
So how to recover?
And the files within the same.
I would also check /var/log/audit/audit.log for any AVC records being generated when T-Bird + enigmail is used.
What is reported in this file? And what should I have to search for?
grep for the string AVC in that file.
No string AVC:
root@dipankar:~# grep AVC audit/audit.log root@dipankar:~#
Thanks for your answers.
As I mentioned in a second message. Try using "setenforce 0" and then run your tests. This will put selinux into permissive mode and allow things to run if what is happening is as I suspect.
I did. Nothing has changed...
As for you other issue with setting up a mail profile....you should still be able to manually configure your old email service. There is a button for that, I just don't recall when/where it is at the moment.
I try to manually configure my mail account but I fall back to the same problem: my university is not in the mozilla databases.... Why do they make such stupid control?
To make it easier on the "average" user? :-)
And forbide to use an email address provider who is not in the mozilla databases?
- -- François Patte UFR de mathématiques et informatique Laboratoire CNRS MAP5, UMR 8145 Université Paris Descartes 45, rue des Saints Pères F-75270 Paris Cedex 06 Tél. +33 (0)1 8394 5849 http://www.math-info.univ-paris5.fr/~patte
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 07/17/15 05:27, François Patte wrote:
Le 16/07/2015 22:09, Ed Greshko a écrit :
On 07/17/15 00:40, François Patte wrote:
I don't think so: I have disabled selinux
I am sure you didn't disable it in Fedora. But it probably is disabled in Debian.
I did! Because selinux sent a lot of error messages and no information about how to avoid them...
I see....
So, if you did disable selinux in Fedora then what I thought was your problem probably isn't.
If that is the case then there will be conflicts with files and how they are created and such since Debian will most likely mess with the selinux file labels since its filesystem is unable to deal with them.
I would check to see if the .gnupg is labeled correctly it should look like this....
[egreshko@meimei ~]$ ls -Zd .gnupg unconfined_u:object_r:gpg_secret_t:s0 .gnupg
I get a ? :
]$ ls -Zd .gnupg drwx------ fp ufr ? .gnupg
What does that mean? -Z flag is not in the man pages...
The Z says to list the selinux contexts. It would seem yours are messed up as I suspected.
So how to recover?
If you're not using selinux, then there is no reason to "recover". That being said, since you are dual booting and if Debian isn't selinux aware then it will mess things up again as you switch back and forth.
Such is the peril of using the same home between different distros doing things in different ways.
And the files within the same.
I would also check /var/log/audit/audit.log for any AVC records being generated when T-Bird + enigmail is used.
What is reported in this file? And what should I have to search for?
grep for the string AVC in that file.
No string AVC:
root@dipankar:~# grep AVC audit/audit.log root@dipankar:~#
OK....
Thanks for your answers.
As I mentioned in a second message. Try using "setenforce 0" and then run your tests. This will put selinux into permissive mode and allow things to run if what is happening is as I suspect.
I did. Nothing has changed...
So, not a selinux issue after all...
As for you other issue with setting up a mail profile....you should still be able to manually configure your old email service. There is a button for that, I just don't recall when/where it is at the moment.
I try to manually configure my mail account but I fall back to the same problem: my university is not in the mozilla databases.... Why do they make such stupid control?
To make it easier on the "average" user? :-)
And forbide to use an email address provider who is not in the mozilla databases?
But it isn't "forbidden". You just have to configure manually. - -- If I wanted a blog or social media I'd go elsewhere
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Le 16/07/2015 23:55, Ed Greshko a écrit :
On 07/17/15 05:27, François Patte wrote:
Le 16/07/2015 22:09, Ed Greshko a écrit :
On 07/17/15 00:40, François Patte wrote:
I don't think so: I have disabled selinux
I am sure you didn't disable it in Fedora. But it probably is disabled in Debian.
I did! Because selinux sent a lot of error messages and no information about how to avoid them...
I see....
So, if you did disable selinux in Fedora then what I thought was your problem probably isn't.
If that is the case then there will be conflicts with files and how they are created and such since Debian will most likely mess with the selinux file labels since its filesystem is unable to deal with them.
I would check to see if the .gnupg is labeled correctly it should look like this....
[egreshko@meimei ~]$ ls -Zd .gnupg unconfined_u:object_r:gpg_secret_t:s0 .gnupg
I get a ? :
]$ ls -Zd .gnupg drwx------ fp ufr ? .gnupg
What does that mean? -Z flag is not in the man pages...
The Z says to list the selinux contexts. It would seem yours are messed up as I suspected.
So how to recover?
If you're not using selinux, then there is no reason to "recover". That being said, since you are dual booting and if Debian isn't selinux aware then it will mess things up again as you switch back and forth.
Such is the peril of using the same home between different distros doing things in different ways.
This is what I have done up to now, I have a 106Gb personal account and don't want to waste time and disks to build a new account everytime I change or update a distro. I begun with fedora (a long time ago) and switch to debian when fedora made a new version of anaconda which was unable to deal with raid+lvm (fedora 15 I think), now I switch back to fedora because debian changed to systemd in a very ugly way (services unavailable or buggy). I think that mainteners/developpers should take care of all these "details" carefully if they want to keep and develop linux for ordinary people like me....
But this is off topic!
I did. Nothing has changed...
So, not a selinux issue after all...
One thing I mentionned in my first mail: when I press the "send" button to send a mail, nothing happens (no dialog box to ask the passphrase is opened and the mail does not disappear) but pinentry-curses crashes (using 100% of CPU). If I press this button twice, another instance of pinentry-curses is opened (100% CPU also..)
If I kill pinentry-curses instance, TB opens a window saying that my gpg key is not found or that the subkey may have expired.
TB find my gpg key if I go to Enigmail>Manage key
The sukey has not expired : ]$ gpg --edit-key francois.patte@mi.parisdescartes.fr La clef secrète est disponible.
pub 1024D/D855D895 créé : 2005-03-14 expire : jamais utilisation : SC confiance : ultime validité : ultime sub 4096g/6116C29B créé : 2005-03-14 expire : jamais utilisation : E [ ultime ] (1). Francois Patte francois.patte@mi.parisdescartes.fr [ ultime ] (2) Francois Patte (Universite) francois.patte@math-info.univ-paris5.fr [ ultime ] (3) [jpeg image of size 3021]
Jamais means never...
To make it easier on the "average" user? :-)
And forbide to use an email address provider who is not in the mozilla databases?
But it isn't "forbidden". You just have to configure manually.
How? When I press the "manually" button and enter my email address, the answer is the same: provider not in mozilla database....
- -- François Patte UFR de mathématiques et informatique Laboratoire CNRS MAP5, UMR 8145 Université Paris Descartes 45, rue des Saints Pères F-75270 Paris Cedex 06 Tél. +33 (0)1 8394 5849 http://www.math-info.univ-paris5.fr/~patte
On 17/07/15 10:15, François Patte wrote:
To make it easier on the "average" user? :-)
And forbide to use an email address provider who is not in the mozilla databases?
But it isn't "forbidden". You just have to configure manually.
How? When I press the "manually" button and enter my email address, the answer is the same: provider not in mozilla database....
File menu -> New -> Existing account... Fill in details and click on Continue (*not* on "Get a new account").
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 07/17/15 16:15, François Patte wrote:
At the moment, I don't have an idea of what could be wrong with T-Bird+enigmail in your environment. I've not seen a failure such as this one. Thought it could be tied to selinux...but if you have it disabled on Fedora then that can't be it. It still may be a strange interaction with having shared /home between distros.
For a test, you may consider creating a new user under Fedora and configure anew.
How? When I press the "manually" button and enter my email address, the answer is the same: provider not in mozilla database....
As Sjoerd said.... File menu -> New -> Existing account and enter the necessary information. When you continue it will fail to find anything in the mozilla database and then prompt for the needed information. Works for me.
- -- If I wanted a blog or social media I'd go elsewhere
Le 17/07/2015 10:34, Ed Greshko a écrit :
On 07/17/15 16:15, François Patte wrote:
At the moment, I don't have an idea of what could be wrong with T-Bird+enigmail in your environment. I've not seen a failure such as this one. Thought it could be tied to selinux...but if you have it disabled on Fedora then that can't be it. It still may be a strange interaction with having shared /home between distros.
For a test, you may consider creating a new user under Fedora and configure anew.
So. I opened an account for John Doe, succeeded to configure TB with my email address (<rant> You can use the button "manually setup" only when TB searches in mozilla database, if you wait until it has finished you are dead! That's a clever configuration with does not fit so much with high speed connections...</rant>)
1- [jd@dipankar ~]$ ls -Zd .gnupg/ drwx------. jd jd unconfined_u:object_r:gpg_secret_t:s0 .gnupg//
OK.
2- I transferred my gpg stuff from my account into jd's .gnupg folder and tried to send a signed email... Same result: this does not work but TB key manager is able to see the key, etc.
3- So, I generated a new gpg key for John Doe (with my email address as id) and discover a problem here:
at the end of the process, I get:
gpg: /home/jd/.gnupg/trustdb.gpg : base de confiance créée gpg: clef 1CC275B6 marquée de confiance ultime. les clefs publique et secrète ont été créées et signées.
this means that the public and secret keys have been created, *but*:
]$ gpg --edit-key francois.patte@mi.parisdescates.fr gpg (GnuPG) 1.4.19; Copyright (C) 2015 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.
gpg: clef « francois.patte@mi.parisdescates.fr » introuvable : clef publique introuvable
gpg cannot find the public key......
What can I do now, me, a mere mortal!!!
- François Patte UFR de mathématiques et informatique Laboratoire CNRS MAP5, UMR 8145 Université Paris Descartes 45, rue des Saints Pères F-75270 Paris Cedex 06 Tél. +33 (0)1 8394 5849 http://www.math-info.univ-paris5.fr/~patte
On 07/17/15 18:39, François Patte wrote:
Le 17/07/2015 10:34, Ed Greshko a écrit :
On 07/17/15 16:15, François Patte wrote:
At the moment, I don't have an idea of what could be wrong with T-Bird+enigmail in your environment. I've not seen a failure such as this one. Thought it could be tied to selinux...but if you have it disabled on Fedora then that can't be it. It still may be a strange interaction with having shared /home between distros.
For a test, you may consider creating a new user under Fedora and configure anew.
So. I opened an account for John Doe, succeeded to configure TB with my email address (<rant> You can use the button "manually setup" only when TB searches in mozilla database, if you wait until it has finished you are dead! That's a clever configuration with does not fit so much with high speed connections...</rant>)
1- [jd@dipankar ~]$ ls -Zd .gnupg/ drwx------. jd jd unconfined_u:object_r:gpg_secret_t:s0 .gnupg//
OK.
2- I transferred my gpg stuff from my account into jd's .gnupg folder and tried to send a signed email... Same result: this does not work but TB key manager is able to see the key, etc.
3- So, I generated a new gpg key for John Doe (with my email address as id) and discover a problem here:
at the end of the process, I get:
gpg: /home/jd/.gnupg/trustdb.gpg : base de confiance créée gpg: clef 1CC275B6 marquée de confiance ultime. les clefs publique et secrète ont été créées et signées.
this means that the public and secret keys have been created, *but*:
]$ gpg --edit-key francois.patte@mi.parisdescates.fr gpg (GnuPG) 1.4.19; Copyright (C) 2015 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.
gpg: clef « francois.patte@mi.parisdescates.fr » introuvable : clef publique introuvable
gpg cannot find the public key......
What can I do now, me, a mere mortal!!!
First, for completeness...
ls -lZ ~/.gnupg
And you are running these versions?
thunderbird-enigmail-1.8.2-1.fc21.x86_64 thunderbird-31.7.0-1.fc21.x86_64
If you do a
gpg --list-public-keys you don't see your public key?
I have an F21 VM and I just did what I think all of what you did and I was able to send a signed message without trouble. I'm using KDE as my desktop
On 17/07/2015 14:17, Ed Greshko wrote:
On 07/17/15 18:39, François Patte wrote:
Le 17/07/2015 10:34, Ed Greshko a écrit :
On 07/17/15 16:15, François Patte wrote:
At the moment, I don't have an idea of what could be wrong with T-Bird+enigmail in your environment. I've not seen a failure such as this one. Thought it could be tied to selinux...but if you have it disabled on Fedora then that can't be it. It still may be a strange interaction with having shared /home between distros.
For a test, you may consider creating a new user under Fedora and configure anew.
So. I opened an account for John Doe, succeeded to configure TB with my email address (<rant> You can use the button "manually setup" only when TB searches in mozilla database, if you wait until it has finished you are dead! That's a clever configuration with does not fit so much with high speed connections...</rant>)
1- [jd@dipankar ~]$ ls -Zd .gnupg/ drwx------. jd jd unconfined_u:object_r:gpg_secret_t:s0 .gnupg//
OK.
2- I transferred my gpg stuff from my account into jd's .gnupg folder and tried to send a signed email... Same result: this does not work but TB key manager is able to see the key, etc.
3- So, I generated a new gpg key for John Doe (with my email address as id) and discover a problem here:
at the end of the process, I get:
gpg: /home/jd/.gnupg/trustdb.gpg : base de confiance créée gpg: clef 1CC275B6 marquée de confiance ultime. les clefs publique et secrète ont été créées et signées.
this means that the public and secret keys have been created, *but*:
]$ gpg --edit-key francois.patte@mi.parisdescates.fr gpg (GnuPG) 1.4.19; Copyright (C) 2015 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.
gpg: clef « francois.patte@mi.parisdescates.fr » introuvable : clef publique introuvable
gpg cannot find the public key......
What can I do now, me, a mere mortal!!!
First, for completeness...
ls -lZ ~/.gnupg
question mark on all files (on my account):
-rw------- fp ufr ? export-key.pri -rw------- fp ufr ? export-key.pub -rw-r--r-- fp ufr ? fpatte-efeo.asc -rw------- fp ufr ? fpatte-univ.asc -rw------- fp ufr ? francis.asc -rw------- fp ufr ? François.jpg -rw------- fp ufr ? gpg-agent.conf -rw-r--r-- fp ufr ? gpg-agent.conf.gpgconf.bak -rw------- fp ufr ? gpg.conf -rw------- fp ufr ? id.jpg -rw------- fp ufr ? moineau.asc drwx------ fp ufr ? private-keys-v1.d/ -rw------- fp ufr ? pubring.gpg -rw------- fp ufr ? pubring.gpg~ -rw------- fp ufr ? random_seed -rw------- fp ufr ? secring.gpg srwx------ fp ufr ? S.gpg-agent= -rw------- fp ufr ? trustdb.gpg
and on John doe account:
drwx------. jd jd unconfined_u:object_r:gpg_secret_t:s0 private-keys-v1.d -rw------- jd jd ? pubring.gpg -rw------- jd jd ? pubring.gpg~ -rw------- jd jd ? random_seed -rw------- jd jd ? secring.gpg -rw------- jd jd ? trustdb.gpg
And you are running these versions?
thunderbird-enigmail-1.8.2-1.fc21.x86_64 thunderbird-31.7.0-1.fc21.x86_64
Same problem with 31.5.0 version (from mozilla repo) or with 31.7.0 (from fedora repo) and with enigmail 1.8.2 (from TB add-ons repo, or from fedora repo).
If you do a
gpg --list-public-keys you don't see your public key?
my account:
]$ gpg --list-public-keys /home/patte/.gnupg/pubring.gpg ------------------------------ pub 1024D/D855D895 2005-03-14 uid Francois Patte francois.patte@mi.parisdescartes.fr uid Francois Patte (Universite) francois.patte@math-info.univ-paris5.fr uid [jpeg image of size 3021] sub 4096g/6116C29B 2005-03-14
(and some others)
John Doe account:
]$ gpg --list-public-keys /home/jd/.gnupg/pubring.gpg --------------------------- pub 2048R/1CC275B6 2015-07-17 uid John Doe (test) francois.patte@mi.parisdescartes.fr sub 2048R/CD1F2476 2015-07-17
I have an F21 VM and I just did what I think all of what you did and I was able to send a signed message without trouble. I'm using KDE as my desktop
I'm using xfce4.
Did you try to disable selinux on your VM installl? I disabled selinux by the way of /etc/selinux/config file.
On 07/17/15 21:33, François Patte wrote:
Did you try to disable selinux on your VM installl? I disabled selinux by the way of /etc/selinux/config file.
I just disabled selinux and I created a new .gnupg directory and entries so there is no selinux contexts.
Everything works fine.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Le 17/07/2015 16:13, Ed Greshko a écrit :
On 07/17/15 21:33, François Patte wrote:
Did you try to disable selinux on your VM installl? I disabled selinux by the way of /etc/selinux/config file.
I just disabled selinux and I created a new .gnupg directory and entries so there is no selinux contexts.
Everything works fine.
I solved the problem.... nothing to do with selinux, gpg or... I just added pinentry-qt and pinentry-gtk which where not installed.... And it solved the problem!
2 questions:
1- why these packages where not installed? I made a regular install (netinstall and all my packages are installed using yum), so it seems that some dependencies are missing in some packages! But which ones?
2- why the error message given by tb was a complaint about a missing or expired gpg key. This kind of wrong message is not helpfull even misleading!!
Thank you for your messages... and your attempt in helping me.
- -- François Patte UFR de mathématiques et informatique Laboratoire CNRS MAP5, UMR 8145 Université Paris Descartes 45, rue des Saints Pères F-75270 Paris Cedex 06 Tél. +33 (0)1 8394 5849 http://www.math-info.univ-paris5.fr/~patte
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 07/18/15 18:39, François Patte wrote:
Le 17/07/2015 16:13, Ed Greshko a écrit :
On 07/17/15 21:33, François Patte wrote:
Did you try to disable selinux on your VM installl? I disabled selinux by the way of /etc/selinux/config file.
I just disabled selinux and I created a new .gnupg directory and entries so there is no selinux contexts.
Everything works fine.
I solved the problem.... nothing to do with selinux, gpg or... I just added pinentry-qt and pinentry-gtk which where not installed.... And it solved the problem!
2 questions:
1- why these packages where not installed? I made a regular install (netinstall and all my packages are installed using yum), so it seems that some dependencies are missing in some packages! But which ones?
2- why the error message given by tb was a complaint about a missing or expired gpg key. This kind of wrong message is not helpfull even misleading!!
Thank you for your messages... and your attempt in helping me.
Happy to hear you've solved the problem. As I said, after you'd done some testing, I no longer thought it would be related to selinux.
Question, when you did the netinstall did you only install the Xfce environment? And, you used yum later to install T-Bird and enigmail? - -- If I wanted a blog or social media I'd go elsewhere
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Le 18/07/2015 12:57, Ed Greshko a écrit :
On 07/18/15 18:39, François Patte wrote:
Le 17/07/2015 16:13, Ed Greshko a écrit :
On 07/17/15 21:33, François Patte wrote:
Did you try to disable selinux on your VM installl? I disabled selinux by the way of /etc/selinux/config file.
I just disabled selinux and I created a new .gnupg directory and entries so there is no selinux contexts.
Everything works fine.
I solved the problem.... nothing to do with selinux, gpg or... I just added pinentry-qt and pinentry-gtk which where not installed.... And it solved the problem!
2 questions:
1- why these packages where not installed? I made a regular install (netinstall and all my packages are installed using yum), so it seems that some dependencies are missing in some packages! But which ones?
2- why the error message given by tb was a complaint about a missing or expired gpg key. This kind of wrong message is not helpfull even misleading!!
Thank you for your messages... and your attempt in helping me.
Happy to hear you've solved the problem. As I said, after you'd done some testing, I no longer thought it would be related to selinux.
Question, when you did the netinstall did you only install the Xfce environment? And, you used yum later to install T-Bird and enigmail?
Yes. I install only the minimum at the beginning, then I complete the install according to my needs, using yum groupinstall for some sofwares, or a simple install of my favourite ones, counting on yum to solve the dependencies.
- -- François Patte UFR de mathématiques et informatique Laboratoire CNRS MAP5, UMR 8145 Université Paris Descartes 45, rue des Saints Pères F-75270 Paris Cedex 06 Tél. +33 (0)1 8394 5849 http://www.math-info.univ-paris5.fr/~patte
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 07/18/15 19:23, François Patte wrote:
Yes. I install only the minimum at the beginning, then I complete the install according to my needs, using yum groupinstall for some sofwares, or a simple install of my favourite ones, counting on yum to solve the dependencies.
I'm not very well versed on packaging and such.... But I noticed this....in F21
[egreshko@f21 ~]$ rpm -q --requires thunderbird-enigmail /bin/sh libc.so.6()(64bit) libc.so.6(GLIBC_2.2.5)(64bit) libc.so.6(GLIBC_2.4)(64bit) rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1 rpmlib(PayloadIsXz) <= 5.2-1 rtld(GNU_HASH) thunderbird >= 31.0
But this in F22 ....
[egreshko@meimei ~]$ rpm -q --requires thunderbird-enigmail /bin/sh gnupg2 libc.so.6()(64bit) libc.so.6(GLIBC_2.2.5)(64bit) libc.so.6(GLIBC_2.4)(64bit) pinentry-gui rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1 rpmlib(PayloadIsXz) <= 5.2-1 rtld(GNU_HASH) thunderbird >= 31.0
So, I believe, in F22 your issue would not have occurred since the gnupg2 and pinentry-gui requirements are there.
- -- If I wanted a blog or social media I'd go elsewhere
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 07/16/2015 05:27 PM, François Patte wrote:
The Z says to list the selinux contexts. It would seem yours are messed up as I suspected.
So how to recover?
what about removing your .gnupg folder ( rename?) have different folders for Debian & Fedora. try starting over & adding a new ( the same) key..
- -- Paul Cartwright Registered Linux User #367800 and new counter #561587
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 07/17/15 05:27, François Patte wrote:
I get a ? :
]$ ls -Zd .gnupg drwx------ fp ufr ? .gnupg
What does that mean? -Z flag is not in the man pages...
The Z says to list the selinux contexts. It would seem yours are messed up as I suspected.
So how to recover?
Although I don't think it will make much difference you can restore the file contexts by doing....
restorecon -R $HOME
Oh, BTW, -Z is in the man page for ls....
-Z, --context print any security context of each file
- -- If I wanted a blog or social media I'd go elsewhere
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 07/16/2015 06:47 PM, Ed Greshko wrote:
So how to recover?
Although I don't think it will make much difference you can restore
the file contexts by doing....
restorecon -R $HOME
Oh, BTW, -Z is in the man page for ls....
-Z, --context print any security context of each file
but then it probably won't work for Debian.. my thought was to rename .gnupg I create a new one for fedora.. use the old one for Debian.
- -- Paul Cartwright Registered Linux User #367800 and new counter #561587
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 07/17/15 06:55, Paul Cartwright wrote:
On 07/16/2015 06:47 PM, Ed Greshko wrote:
So how to recover?
Although I don't think it will make much difference you can restore
the file contexts by doing....
restorecon -R $HOME
Oh, BTW, -Z is in the man page for ls....
-Z, --context print any security context of each filebut then it probably won't work for Debian.. my thought was to rename .gnupg I create a new one for fedora.. use the old one for Debian.
It would have no affect on Debian since Debian is unaware of selinux unless you enable it during install, AFAIK.
Based on what I think I understood François to be saying I doubt selinux is actually the culprit here.
Yes, he should try the steps you outlined in your other message.
- -- If I wanted a blog or social media I'd go elsewhere
-
Ed Greshko -
François Patte -
Paul Cartwright -
Sjoerd Mullender