#55 ~/.gnupg on NFS volumes (was: "no passphrase entry window") - MacGPG2

Type	To find
responsible:me	tickets assigned to you
tagged:"@high"	tickets tagged @high
milestone:next	tickets in the upcoming milestone
state:invalid	tickets with the state invalid
created:"last week"	tickets created last week
sort:number, importance, updated	tickets sorted by #, importance or updated
Combine keywords for powerful searching.
Use advanced searching »

#55 ✓released

~/.gnupg on NFS volumes (was: "no passphrase entry window")

Reported by pbro | April 15th, 2011 @ 09:24 PM | in 2.0.18 (closed)

GPGTools Version 2011.03.22
Mac OS X 10.6.6
Mail 4.4

I am never prompted for my secure passphrase, neither when decrypting an encrypted mail I received, nor when signing an outgoing mail. Consequently either operation fails.

Debug log is attached.

Symptoms in detail:

Decrypting encrypted mail. After pressing on the "Decrypt" button in the message header, nothing happens for about 10 seconds, then the GPGMail header of the mail says "Bad passphrase". Note that I was never prompted for my passphase.
Signing mail: If trying to send a signed message, Mail hangs for a few seconds, then fails with the error message:
"OpenPGP Signing Failed My Name myaddres@myhost.com - General error"

Name and email address correspond to the correct key. Sending an encrypted mail works.

Expected results:

I would have expected to be prompted for my password, and then view the decrypted mail or sign the outgoing mail.

Console Messages:

Decrypting mail: When selecting the encrypted mail:
11-04-15 15:22:09 Mail[10818] NSExceptionHandler has recorded the following exception:
(null) -- (null) Stack trace: 0x7fff83149a2c 0x7fff835bd0f3 0x7fff8891c969 0x7fff86d60c75 0x7fff86d60b72 0x7fff875abaa3 0x7fff87563ee2 0x7fff8017b0a5 0x7fff86ba3536 0x7fff86ba33e9

When decrypting the encrypted mail times out:
11-04-15 15:22:20 Mail[10818] NSExceptionHandler has recorded the following exception:
GPGException -- Bad passphrase
Stack trace: 0x7fff83149a2c 0x7fff835bd0f3 0x7fff8891c969 0x117f4fe7f 0x117ee05e1 0x117ee11a4 0x117ee487c 0x117ee62d3 0x117ee5f21 0x117ed7ee2 0x117ee8db7 0x7fff849a0e9a 0x7fff849a0df9 0x7fff84a2c76b 0x7fff84a5d2aa 0x7fff84a2b215 0x7fff8494534f 0x100043e59 0x7fff8487aa86 0x1000347ee 0x7fff848114da 0x7fff8480a1a8 0x100002598 0x2
11-04-15 15:22:20 Mail[10818] [DEBUG] decryptionException: 0x7fff83149a2c 0x7fff835bd0f3 0x7fff8891c969 0x117f4fe7f 0x117ee05e1 0x117ee11a4 0x117ee487c 0x117ee62d3 0x117ee5f21 0x117ed7ee2 0x117ee8db7 0x7fff849a0e9a 0x7fff849a0df9 0x7fff84a2c76b 0x7fff84a5d2aa 0x7fff84a2b215 0x7fff8494534f 0x100043e59 0x7fff8487aa86 0x1000347ee 0x7fff848114da 0x7fff8480a1a8 0x100002598 0x2
11-04-15 15:22:21 [0x0-0x1266265].com.apple.mail[10818] NSExceptionHandlerExceptionRaiser (in ExceptionHandling) + 127
11-04-15 15:22:21 [0x0-0x1266265].com.apple.mail[10818] objc_exception_throw (in libobjc.A.dylib) + 45
11-04-15 15:22:21 [0x0-0x1266265].com.apple.mail[10818] -[NSException raise] (in CoreFoundation) + 9
11-04-15 15:22:21 [0x0-0x1266265].com.apple.mail[10818] -[GPGContext(GPGSynchronousOperations) decryptedData:signatures:] (in MacGPGME) + 305
11-04-15 15:22:21 [0x0-0x1266265].com.apple.mail[10818] -[MimePart(GPGMail) gpgDecryptedInlineDataWithPassphraseDelegate:signatures:] (in GPGMail) + 1201
11-04-15 15:22:21 [0x0-0x1266265].com.apple.mail[10818] -[MimePart(GPGMail) gpgDecryptedDataWithPassphraseDelegate:signatures:] (in GPGMail) + 836
11-04-15 15:22:21 [0x0-0x1266265].com.apple.mail[10818] -[MimePart(GPGMail) gpgDecodePGP] (in GPGMail) + 396
11-04-15 15:22:21 [0x0-0x1266265].com.apple.mail[10818] -[MimePart(GPGMail) gpgDecodeTextPlain] (in GPGMail) + 131
11-04-15 15:22:21 [0x0-0x1266265].com.apple.mail[10818] -[MimePart(GPGMail) gpgBetterDecode] (in GPGMail) + 369
11-04-15 15:22:21 [0x0-0x1266265].com.apple.mail[10818] -[Message(GPGMail) gpgDecryptMessageWithPassphraseDelegate:messageSignatures:] (in GPGMail) + 338
11-04-15 15:22:21 [0x0-0x1266265].com.apple.mail[10818] -[GPGMessageViewerAccessoryViewOwner decrypt:] (in GPGMail) + 199

Signing mail:
11-04-15 15:20:40 Mail[10818] NSExceptionHandler has recorded the following exception:
GPGException -- Bad passphrase
Stack trace: 0x7fff83149a2c 0x7fff835bd0f3 0x7fff8891c969 0x117f50149 0x117ed9ec8 0x117edc6e4 0x117eda5eb 0x117ede0c6 0x117ed83a4 0x117ed24d6 0x117eca303 0x7fff8889996c 0x7fff8889983d 0x7fff8019244f 0x7fff88861401 0x7fff8885f5f9 0x7fff8885edbf 0x7fff83d6b93a 0x7fff83d6b69d 0x7fff83d6b5f8 0x7fff8484be64 0x7fff8484b7a9 0x7fff8481148b 0x7fff8480a1a8 0x100002598 0x2

debuggpgtoolssh.log 88.6 KB

Comments and changes to this ticket

You flagged this item as spam.
pbro April 15th, 2011 @ 09:25 PM
Comment: Perhaps related to #154 ? Main point in this ticket is the lack of password entry.
You flagged this item as spam.
pbro April 15th, 2011 @ 10:16 PM
OK, I managed to fix it.

The problem was that gpg-agent could not create the necessary socket in ~/.gnupg as this is on a NFS volume.

So: Moved .gnupg to local HD, put a softlink in place. Now everything works as designed.

However, the error messages did not help me in pinning down or solving that problem.
You flagged this item as spam.
Alex (via GPGTools) April 16th, 2011 @ 11:33 AM
- Assigned user set to “Benjamin Donnachie”
- State changed from “new” to “open”
[bulk edit]
You flagged this item as spam.
Alex (via GPGTools) April 16th, 2011 @ 11:35 AM
- Title changed from “No passphrase entry window” to “~/.gnupg on NFS volumes (was: "no passphrase entry window")”
You flagged this item as spam.
Benjamin Donnachie April 16th, 2011 @ 04:59 PM
This is expected behaviour for non-local home directory.

In this case, the option no-use-standard-socket (from memory, please
check) should be added to ~/.gnupg/gpg-agent.conf to cause socket to
be created under /tmp instead.

Sent from my iPhone
You flagged this item as spam.
Alex (via GPGTools) April 16th, 2011 @ 05:04 PM
Shouldn't this option be added to the config file automatically in case sockets can't be created?
This could easily implemented in the installer - a better approach might be to have an automatic fallback.

-- sent from my mobile phone,
please excuse my brevity
You flagged this item as spam.
Benjamin Donnachie April 16th, 2011 @ 06:59 PM
No - benefit for vast majority of users to use standard sockets - so
much so that now adopted as default by upstream.

Sent from my iPhone
You flagged this item as spam.
Alex (via GPGTools) April 16th, 2011 @ 08:01 PM
When neither the installer should update the config file nor GnuPG will itself recognize this situation, then users, which uses an NFS home, can't use MacGPG2/GPGTools out-of-the-box. Sound not like an optimal solution.
You flagged this item as spam.
Benjamin Donnachie April 16th, 2011 @ 08:49 PM
Breaking 99% of installs for rare use case even less ideal. Please
submit patch for review.

Sent from my iPhone

Alex (via GPGTools) April 16th, 2011 @ 11:37 PM

Maybe we're talking cross purposes. I'll make an example on how to implement this in the installer:

./testSockets.py $HOME/.gnupg/ || echo "no-use-standard-socket" >> $HOME/.gnupg/gpg.conf

With testSockets.py:

#!/usr/bin/python
import sys, os
from socket import *
testfile = sys.argv[1] + "_tmp_"
try:
    socket(AF_UNIX, SOCK_DGRAM).bind(testfile)
except:
    sys.exit(1)
finally:
    os.remove(testfile) if os.path.exists(testfile) else ''
sys.exit(0)

You flagged this item as spam.
Alex (via GPGTools) October 18th, 2011 @ 09:45 AM
- State changed from “open” to “fixed”
- Milestone set to “2.0.18”
- Importance changed from “Low” to “”
Added this patch to the latest auto-fix installer. See https://github.com/GPGTools/GPGTools_Core/commit/85e67c18867b9237d5...
Support January 27th, 2012 @ 02:05 AM
- State changed from “fixed” to “waiting”
- Assigned user changed from “Benjamin Donnachie” to “Alex (via GPGTools)”
@Alex: the patch is alright, but it has to go into gpg-agent.conf. Causes invalid option problem in gpg.conf.
You flagged this item as spam.
Alex (via GPGTools) January 27th, 2012 @ 07:49 AM
- State changed from “waiting” to “released”
Fixed on the 19th of December: https://github.com/GPGTools/GPGTools_Core/commit/63c5ce24699576c734... - maybe it's still part of on old installer?

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.