Non-functional GnuPG Pinentry on Ubuntu LTS systems

[spipau]

Describe the bug …

1. Open Lock
2. Open via the Burger menu "manage keys"
3. Click + button
4. Fill in test for name and test@test.com for mail
5. Leave rest as is and click "Generate" Button
6. Fail

Ubuntu 24.04.1 LTS, GNOME 46, Wayland

Which version of Lock are you using?

1.0.1

Source

Flathub

Relevant log output

** (com.konstantintutsch.Lock:2): WARNING **: 22:27:10.852: Fehler beim Generieren eines neuen Schlüssels für Signierung: Fehler in der Pinentry

[konstantintutsch]

This error is probably related to either GPGME or GPG, not Lock.

Two questions:

• Did you update Lock immediately before trying to generate a new keypair?
• Could you try to reboot and generate a new keypair afterwards?

[spipau]

I updated the application and the error occurred. I then did the following:

1. Reboot, still the same
2. Uninstall Lock
3. Used Flatsweep to remove leftovers
4. Installed again via flatpak
5. Error still persists

[konstantintutsch]

Can you show me the contents of ~/.gnupg/gpg.conf and ~/.gnupg/gpg-agent.conf?

For context on the error: A Pinentry is the password dialog of GnuPG. Your system's GPG Agent cannot find or initialize it. The Pinentry should be configured in those two configuration files. Here's an example of how they should look like:

gpg.conf

use-agent

gpg-agent.conf

pinentry-program /usr/bin/pinentry-gnome3

[spipau]

Both files do not exists on my machine. If I add a key via the commandline then it shows up in Lock but all operations fail. /usr/bin/pinentry-gnome3 does exist on my system. I got:

$ gpg --version
gpg (GnuPG) 2.4.4
libgcrypt 1.10.3

[konstantintutsch]

Where is the password prompt displayed when you use GPG in the command line? (e. g. terminal, GUI prompt, …)

Could you please also share the output of flatpak info --show-permissions com.konstantintutsch.Lock?

I've not been able to reproduce this bug so far

[spipau]

When I use gpg --gen-key then UI pops up to ask me for a password.

Output of flatpak info --show-permissions com.konstantintutsch.Lock:

[Context]
shared=ipc;
sockets=x11;wayland;fallback-x11;gpg-agent;
devices=dri;
filesystems=xdg-run/gvfsd;~/.gnupg:create;

[Session Bus Policy]
org.gtk.vfs.*=talk
org.gnome.keyring.SystemPrompter=talk

[konstantintutsch]

Could you please try to run flatpak run --command=pinentry-gnome3 com.konstantintutsch.Lock?

[spipau]

Lock does not open when I run the command and the terminal just waits:

flatpak run --command=pinentry-gnome3 com.konstantintutsch.Lock
OK Pleased to meet you, process 2

[konstantintutsch]

I think I've been able to reproduce this on a Ubuntu VM now. Can you provide me with the log of the gpg-agent on your system so I can confirm this?

Create ~/.gnupg/gpg-agent.conf and add log-file <path> to it. Restart the agent with gpgconf --kill gpg-agent and try to generate a new keypair in Lock again.

[spipau]

Unfortunately there are no logs written when I do the following:

1. touch ~/.gnupg/gpg-agent.conf
2. add log-file ~/.gnupg/log.log to the new file
3. touch ~/.gnupg/log.log
4. run gpgconf --kill gpg-agent
5. Create key in Lock
6. Reboot
7. Create key in Lock

~/.gnupg/log.log remains empty.

[konstantintutsch]

Did you confirm that the GPG Agent is enabled and running?

gpg.conf

use-agent

[spipau]

I am not very familiar with GPG and don't understand what you mean. Sorry, I think I won't be able to debug this any further :confused:

Happy to test an update and see if it works :+1: