tag:gpgtools.tenderapp.com,2011-11-04:/discussions/problems/12650-agent-not-working-when-specifying-a-non-standard-home-directoryGPGTools: Discussion 2018-03-19T16:28:36Ztag:gpgtools.tenderapp.com,2011-11-04:Comment/297445102013-11-02T11:00:52Z2013-11-02T11:00:53ZAgent not working when specifying a non-standard home directory<div><p>This is what's output when GPG is run in verbose mode:<br></p>
<pre>
<code>gpg: no running gpg-agent - starting one
gpg: waiting 5 seconds for the agent to come up
gpg: can't connect to the agent: IPC connect call failed
gpg: problem with the agent: No agent running
gpg: no running gpg-agent - starting one
gpg: waiting 5 seconds for the agent to come up
gpg: can't connect to the agent: IPC connect call failed
gpg: problem with the agent: No agent running
gpg: Key generation canceled.</code>
</pre>
<p>Yet, if I run <code>gpg-agent</code>, it tells me that the agent
is actually running:<br></p>
<pre>
<code>gpg-agent: gpg-agent running and available</code>
</pre></div>Basic XPtag:gpgtools.tenderapp.com,2011-11-04:Comment/297445102013-11-03T08:24:24Z2013-11-03T08:24:26ZAgent not working when specifying a non-standard home directory<div><p>Same problem has been reported by someone on the gnupg-users
maillist, but, sadly, there was no solution.<br>
<a href=
"http://lists.gnupg.org/pipermail/gnupg-users/2012-April/044138.html">
http://lists.gnupg.org/pipermail/gnupg-users/2012-April/044138.html</a></p></div>Basic XPtag:gpgtools.tenderapp.com,2011-11-04:Comment/297445102013-11-07T15:38:04Z2013-11-07T15:38:04ZAgent not working when specifying a non-standard home directory<div><p>Try to start the gpg-agent using the following command:<br></p>
<pre>
<code>gpg-agent --homedir="$(pwd)" --daemon</code>
</pre></div>Mentotag:gpgtools.tenderapp.com,2011-11-04:Comment/297445102013-11-07T18:05:42Z2013-11-07T18:05:42ZAgent not working when specifying a non-standard home directory<div><p>I thought the agent should start up automatically. Anyway, this
made the situation better, but did not completely solve it. The
location of the external keychain is on an exFAT TrueCrypt volume.
This lead to two problems, only one of which I was able to
solve:</p>
<ol>
<li>
<p>It can't create a socket file on such a file system. Got over
this by telling GnuPG to use the /tmp folder instead, saving
environment info in a file and then sourcing it in a script. Here's
the script I'm using (I know, it's terribly inefficient, just a
temporary solution, a better option is always welcome :D ):<br></p>
<pre>
<code>#!/bin/bash
PWD=$(pwd)
GPGAGENT_CMDLINE="gpg-agent --homedir ${PWD}"
GPGAGENT_CMDLINE_FULL="$GPGAGENT_CMDLINE --daemon --no-use-standard-socket --write-env-file ${PWD}/gpg-agent.env"
function gpa_pid() {
echo $(ps x | grep -m1 "$GPGAGENT_CMDLINE" | grep -v grep | awk '{ print $1 }')
}
GPGAGENT_PID=$(gpa_pid)
[ "$GPGAGENT_PID" == "" ] && $($GPGAGENT_CMDLINE_FULL)
GPGAGENT_PID=$(gpa_pid)
source ${PWD}/gpg-agent.env
LANG=en gpg --homedir="${PWD}" --lock-never --no-permission-warning --expert $*
kill $GPGAGENT_PID
rm gpg-agent.env</code>
</pre></li>
<li>
<p>Even though the folder is writable and GnuPG automatically
creates the pubring.gpg, secring.gpg and others, it can't write the
key after it has been generated:<br></p>
<pre>
<code>gpg: no writable public keyring found: Unknown system error
Key generation failed: Unknown system error</code>
</pre>
No idea why this is happening, verbose mode doesn't provide any
further information.</li>
</ol></div>Basic XPtag:gpgtools.tenderapp.com,2011-11-04:Comment/297445102013-11-07T18:23:01Z2013-11-07T18:23:01ZAgent not working when specifying a non-standard home directory<div><p>Hi Roman,</p>
<p>ah, we've seen such a TrueCrypt setup before.<br>
With patched --no-use-standard-socket so it uses a socked in a
fixed position in /tmp, so the whole --write-env thingy shouldn't
be necessary.<br>
I think --lock-never should also not be necessary.<br>
Could you remove those options and re-try it without the wrapper
script.</p>
<p>Could you try creating a key and adding the option --status-fd
1<br>
This might reveal some more information on what's going wrong.</p></div>Luke Letag:gpgtools.tenderapp.com,2011-11-04:Comment/297445102013-11-07T18:50:07Z2013-11-07T18:50:07ZAgent not working when specifying a non-standard home directory<div><p>Okay, so this is what I got now (started from scratch, removed
all *.gpg files):<br></p>
<pre>
<code>basicxp@me665 /Volumes/Security/PGP % gpg-agent --homedir /Volumes/Security/PGP --daemon --no-use-standard-socket
GPG_AGENT_INFO=/tmp/gpg-agent/basicxp/S.gpg-agent:2866:1; export GPG_AGENT_INFO;
basicxp@me665 /Volumes/Security/PGP % LANG=en gpg --homedir /Volumes/Security/PGP --status-fd 1 -v --no-permission-warning --expert --gen-key
gpg (GnuPG/MacGPG2) 2.0.22; Copyright (C) 2013 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
gpg: lock not made: link() failed: Operation not supported
gpg: can't lock </code>/Volumes/Security/PGP/secring.gpg'
gpg: DBG: Oops,/Volumes/Security/PGP/secring.gpg.lock' is not locked
gpg: keyblock resource <code>/Volumes/Security/PGP/secring.gpg': General error
gpg: lock not made: link() failed: Operation not supported
gpg: can't lock</code>/Volumes/Security/PGP/pubring.gpg'
gpg: DBG: Oops, <code>/Volumes/Security/PGP/pubring.gpg.lock' is not locked
gpg: keyblock resource</code>/Volumes/Security/PGP/pubring.gpg': General error
Please select what kind of key you want:
[--snip--]
You need a Passphrase to protect your secret key.
[GNUPG:] NEED_PASSPHRASE_SYM 9 3 10
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
[GNUPG:] PROGRESS primegen . 0 0
[GNUPG:] PROGRESS primegen . 0 0
[GNUPG:] PROGRESS primegen . 0 0
[GNUPG:] PROGRESS primegen + 0 0
[GNUPG:] PROGRESS primegen + 0 0
[GNUPG:] PROGRESS primegen + 0 0
[GNUPG:] PROGRESS primegen + 0 0
[GNUPG:] PROGRESS primegen + 0 0
[GNUPG:] PROGRESS primegen X 100 100
[GNUPG:] PROGRESS primegen . 0 0
[GNUPG:] PROGRESS primegen + 0 0
[GNUPG:] PROGRESS primegen + 0 0
[GNUPG:] PROGRESS primegen + 0 0
[GNUPG:] PROGRESS primegen + 0 0
[GNUPG:] PROGRESS primegen + 0 0
[GNUPG:] PROGRESS primegen X 100 100
gpg: writing self signature
[GNUPG:] GOOD_PASSPHRASE
gpg: RSA/SHA1 signature from: "0x0928ED8D [?]"
gpg: no writable public keyring found: Unknown system error
Key generation failed: Unknown system error
[GNUPG:] ERROR key_generate 65535
[GNUPG:] KEY_NOT_CREATED
</pre>
Seems that --lock-never is optional, it still proceeds without it,
I just get lots of warnings in the beginning.</div>Basic XPtag:gpgtools.tenderapp.com,2011-11-04:Comment/297445102013-11-19T18:15:18Z2013-11-19T18:20:19ZAgent not working when specifying a non-standard home directory<div><p>Hi Roman,</p>
<p>the problem here is that the usb/external drive you're using is
probably not HFS+ formatted. In that case the link command doesn't
work, which is used by gpg when locking a file.</p>
<p>Unfortunately there is little we can do about this at the time,
but we'll look into it.<br>
I've created a ticket for this problem where you can track
progress:<br>
<a href=
"http://gpgtools.lighthouseapp.com/projects/66001/tickets/126">http://gpgtools.lighthouseapp.com/projects/66001/tickets/126</a></p></div>Luke Letag:gpgtools.tenderapp.com,2011-11-04:Comment/297445102013-11-20T16:55:27Z2013-11-20T16:55:27ZAgent not working when specifying a non-standard home directory<div><p>It is, as I mentioned above, indeed not HFS+ formatted, it's
exFAT. But why is it trying to lock the file even when I explicitly
tell it not to?</p></div>Basic XPtag:gpgtools.tenderapp.com,2011-11-04:Comment/297445102013-12-29T22:21:18Z2018-03-19T16:28:36ZAgent not working when specifying a non-standard home directory<div><p>Roman, we'll look into this. Sorry we don't have any results yet.</p>
<p>I'm closing this discussion. It will be re-opened as soon as anything related to the ticket Luke mentioned.</p>
<p>steve</p></div>Steve