Enigmail broken on CentOS 6 (?)

Philipp
2013-04-12
2013-06-23
  • Philipp

    Philipp - 2013-04-12

    Hi. I'm a long-time enigmail user and have been using enigmail on a variatey of Windows and Linux platforms. However, I have recently installed CentOS 6 on a workstation and simply cannot get it to work at all.

    Here is my configuration:

    CentOS 6 (64bit)
    Thunderbird 17.0.5
    Lightning 1.9.1
    Enigmail 1.5.1
    GnuPG 2.0.14
    libgcrypt 1.4.5
    openssl 1.0.0-27.el6_4.2

    When I attempt to change my Enigmail configuration in Firefox (OpenGPG > Preferences), nothing happens for 10 seconds or so. Then I get the following message:


    Warning: Unresponsive script

    A script on this page may be busy, or it may have stopped responding. You can stop the script now, or you can continue to see if the script will complete.

    Script: resource://enigmail/subprocess.jsm:1648

    Clicking continue makes Firefox become unresponsive. Clicking "Stop Script" gives the following error:


    Enigmail: Error in accessing Enigmail service

    By the way, the same error comes when I enter the key management dialog or anything else OpenGPG related.

    The OpenGPG Preferences open up. Under "Files and Directories" it tells me "Could not find GnuPG".

    If I do "Override with" and manually point enigmail to /usr/bin/gpg or /usr/bin/gpg2, bad things happen. Whenever I do anything enigmail related after that, Firefox locks up. One cannot even go back into preferences to fix the problem. The only way to recover is to disable the enigmail add-on, then manually erase all enigmail related settings from the file system. I went through this process 2 times.

    So, any ideas what might be the problem here? My best guess is an incompatibility with the old GPG version that comes with CentOS 6. Unfortunately there is no easy way to update GPG on CentOS, because the package manager itself (yum) depends on it. I don't want to break the system just because of enigmail.

    Any help is much appreciated.

     
  • Patrick Brunschwig

    Since you're using GnuPG 2.0.14, you should ensure that gpg-agent is properly started before you start Thunderbird (e.g. in your .xinitrc or .xsession file). This is done in the following way:

    eval $(gpg-agent --daemon)

    Otherwise Enigmail will try to launch gpg-agent which does often not work properly.

     
  • Philipp

    Philipp - 2013-04-12

    Thanks for the tip. Unfortunately, no dice.

    Right after booting and logging in, there is no gpg-agent running (ps ax | grep gpg-agent returns nothing).

    Starting the agent manually as instructed works (it runs). It shows up as:

    gpg-agent --daemon

    Unfortunately, there is no effect on the enigmail problem I described. It appears that enigmail fails to connect to the manually started gpg-agent and starts another instance. That other instance shows as:

    /usr/bin/gpg-agent --sh --no-use-standard-socket --daemon --default-cache-ttl 0 --max-cache-ttl 999999

    One more detail: after running into the error and closing thunderbird, thunderbird cannot be started again. I get the infamous "Thunderbird is already running" error. Indeed, the process is still alive and I have to manually kill it to be able to start thunderbird again. Obviously, whatever bug I hit also prevents thunderbird from shutting down properly.

     
  • Patrick Brunschwig

    Well, you should not start gpg-agent this way, otherwise the required environment variables won't be set. You really need to start it with:

    eval $(gpg-agent --parameters)

    and then start Thunderbird from the same shell.

     
  • Jan-Thomas Czornack

    I've got several hints that may help you:

    1. Installing "seahorse" fixed it for me. You have to logout/login after installing and a seahorse-daemon will be started. The seahorse-plugins are also very helpfull to encrypt/decrypt files from within nautilus.

    OR

    1. Install keychain. Put the following lines in you .bash_profile (at the end for example):

    keychain
    . $HOME/.keychain/$HOSTNAME-sh 2>/dev/null
    . $HOME/.keychain/$HOSTNAME-sh-gpg 2>/dev/null

    OR

    1. Start the gpg-agent with your own script. Put the following lines in your .bash_profile. This is heavily inspired by the invoking gpg-agent section on the gnupg website...

    if ps -A | grep "gpg-agent"
    then echo "gpg-agent running."
    else gpg-agent --daemon --enable-ssh-support --write-env-file "${HOME}/.gpg-agent-info"
    fi

    if [ -f "${HOME}/.gpg-agent-info" ]; then
    . "${HOME}/.gpg-agent-info"
    export GPG_AGENT_INFO
    export SSH_AUTH_SOCK
    fi

    And put these two lines in your .bashrc:

    GPG_TTY=$(tty)
    export GPG_TTY

     

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks