Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1356709 - gpg-agent not used by gpg or gpg2
Summary: gpg-agent not used by gpg or gpg2
Alias: None
Product: Fedora
Classification: Fedora
Component: libgpg-error
Version: 24
Hardware: x86_64
OS: Linux
Target Milestone: ---
Assignee: Tomas Mraz
QA Contact: Fedora Extras Quality Assurance
Depends On:
TreeView+ depends on / blocked
Reported: 2016-07-14 19:51 UTC by Bill Gradwohl
Modified: 2017-08-08 15:37 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed: 2017-08-08 15:37:28 UTC

Attachments (Terms of Use)

Description Bill Gradwohl 2016-07-14 19:51:37 UTC
Description of problem:
Fresh install to F24.
Copied back my entire home directory from F22. 
Fixed .bash_profile to remove the load of the agent because agent loading was supposed to be automatic now. 
Also added 
export GPG_TTY
to .bashrc as recommended.

Tried using gpg2 as before and it didn't work. gpg works, but complains there's no agent when there is one.

Version-Release number of selected component (if applicable):

How reproducible:
Boot box
No agent loaded.
attempt gpg xxx.gpg
it complains there's no agent loaded which is correct, but man gpg says it will autoload an agent but it doesn't.
Cancel out
Load agent manually with --daemon
Check - it's running.
gpg xxx.gpg again and it still complains there's no agent available.
Supply passphrase and it decrypts.

gpg2 never decrypts agent or no agent. complaint is 
decryption failed: No secret key
with or without the agent running.

Comment 1 Tomas Mraz 2016-07-15 08:54:30 UTC
The gpg2 issue might be that the secret key was not imported properly into the new gpg2 key database. Try to export the secret keys from gpg and then import it into gpg2. As for the gpg behavior, please clone this bug against gnupg.

Comment 2 Bill Gradwohl 2016-07-21 14:04:29 UTC
I used the following script to fix it:
cp -r ~/.gnupg ~/gpgOLD
gpg --export-ownertrust > ~/gpgOLD/otrust.txt
mkdir ~/gpgNEW
chmod 700 ~/gpgNEW
export GNUPGHOME=~/gpgNEW
gpg --import gpgOLD/pubring.gpg
gpg --import gpgOLD/secring.gpg
gpg --import-ownertrust ~/gpgOLD/otrust.txt

cd ~/.gnupg
gpg --export-ownertrust >otrust.lst
cp pubring.gpg publickeys
gpg2 --import-options import-local-sigs --import publickeys
gpg2 --import-ownertrust otrust.lst

chcon --reference .gnupg gpgNew
rm -rf .gnupg
mv gpgNew .gnupg

rm -rf gpgOLD

After that, gpg2 again works as expected. However, I have an old script I wrote many many years ago and it is now non functional. Something else has changed in the gpg/gpg2 world and I haven't had time to investigate exactly where the failure lies.
If someone is going to change the internals so that keys that have been copied for years from one Fedora generation to the next without incident suddenly don't work, I'd say that's a bad idea. Any internal changes should have included code to do what I did automagically to produce a new environment compatible with the new internals and not bother the end user with that task.

Comment 3 Fedora End Of Life 2017-07-25 21:48:55 UTC
This message is a reminder that Fedora 24 is nearing its end of life.
Approximately 2 (two) weeks from now Fedora will stop maintaining
and issuing updates for Fedora 24. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as EOL if it remains open with a Fedora  'version'
of '24'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version'
to a later Fedora version.

Thank you for reporting this issue and we are sorry that we were not
able to fix it before Fedora 24 is end of life. If you would still like
to see this bug fixed and are able to reproduce it against a later version
of Fedora, you are encouraged  change the 'version' to a later Fedora
version prior this bug is closed as described in the policy above.

Although we aim to fix as many bugs as possible during every release's
lifetime, sometimes those efforts are overtaken by events. Often a
more recent Fedora release includes newer upstream software that fixes
bugs or makes them obsolete.

Comment 4 Fedora End Of Life 2017-08-08 15:37:28 UTC
Fedora 24 changed to end-of-life (EOL) status on 2017-08-08. Fedora 24 is
no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of
Fedora please feel free to reopen this bug against that version. If you
are unable to reopen this bug, please file a new report against the
current release. If you experience problems, please add a comment to this

Thank you for reporting this bug and we are sorry it could not be fixed.

Note You need to log in before you can comment on or make changes to this bug.