Setup of Enigmail fails

[Manuel Wiemann]

Dear supporters,

I tried everything, but I don‘t get Enigmail running – though i installed it several times in different (Linux-)OS before. Thanks in advance for helping!

The problem:
1. I can import keys and get a list of the public keys, but I don't get the secret keys imported/working.
2. I can open the window for generating a key, but as soon as I klick on the "generate"-button it says that the key-generation failed and that I should check the logfile (see below).
3. Therefore I can't encrypt or decrypt any message

I exported all of my keys from Debian-Xfce. The secret keys are included in that file: I can import them successfully to gpg2 via the console. But it doesn't work in Enigmail

My system:
* Ubuntu 19.10 with Gnome 3.34.2
* Thunderbird 68.4.1
* Enigmail 2.1.5
* gpg / gpg-agent / gpg2 version: 2.2.12
* libgcrypt 1.8.1
* pinentry-gnome3 1.1.0

Some lines from the Enigmail-logfile (let me know if you need more):

2020-02-17 21:40:17.644 [DEBUG] system.jsm: determineSystemCharset
2020-02-17 21:40:17.644 [DEBUG] system.jsm: determineSystemCharset: charset='utf-8'
2020-02-17 21:40:17.669 [DEBUG] errorHandling.jsm: parseErrorOutputWith: statusFlags = 00000000
2020-02-17 21:40:17.669 [DEBUG] errorHandling.jsm: parseErrorOutputWith: return with c.errorMsg = gpg: please do a --check-trustdb
2020-02-17 21:40:17.669 [DEBUG] execution.jsm: EnigmailExecution.fixExitCode: agentType: gpg exitCode: 0 statusFlags undefined
2020-02-17 21:40:17.669 [CONSOLE] gpg: please do a --check-trustdb
2020-02-17 21:40:17.669 [DEBUG] gnupg-keylist.jsm: obtainKeyList: #lines: 2
2020-02-17 21:40:17.670 [DEBUG] gnupg-keylist.jsm: appendKeyItems()
2020-02-17 21:40:17.670 execution.jsm: execAsync: command = '/snap/thunderbird/48/usr/bin/gpg'
2020-02-17 21:40:17.670 [CONSOLE] enigmail> /snap/thunderbird/48/usr/bin/gpg --charset utf-8 --display-charset utf-8 --no-auto-check-trustdb --batch --no-tty --no-verbose --status-fd 2 --with-fingerprint --fixed-list-mode --with-colons --list-secret-keys
2020-02-17 21:40:17.677 [DEBUG]   enigmail> DONE
2020-02-17 21:40:17.677 [DEBUG] execution.jsm: execAsync: exitCode = 0
2020-02-17 21:40:17.677 [DEBUG] execution.jsm: execAsync: errOutput = gpg: please do a --check-trustdb

2020-02-17 21:40:17.677 [DEBUG] errorHandling.jsm: parseErrorOutputWith: status message: 
gpg: please do a –check-trustdb

What have I tried out?
I did everything explained in troubleshooting (resolving issues with GnuPG/gpg-agent): https://enigmail.net/index.php/en/faq-en?view=topic&id=14
Outcomes/Infos:
* Pinentry seems to work (graphical version)
* gpg-connect-agent is in use. It says: D 2.2.12 OK (that refers to step 4 of the troubleshooting)
* The file $HOME/.gnupg/gpg.conf was not existing. It now contains a "use-agent" line. (chown rights: 600, like for the gpg-agent.conf:
* The file $HOME/.gnupg/gpg-agent.conf was not existing. I created it and it now contains these lines:

default-cache-ttl 18000
max-cache-ttl 86400
ignore-cache-for-signing
pinentry-program /usr/bin/pinentry-gnome3

• I ran "gpg --check-trustdb" (and also --update-trustdb) - without any effect on Enigmail.
• I created the file $HOME/.gnupg/trustlist.txt containing my key (followd by SPACE S)
• And of course I checked all of the changes after restarting Thunderbird and the laptop.

The only step that didn't work

is step 7 from troubleshooting. I tried the following

killall gpg-agent
gpg-agent --debug-level expert --use-standard-socket --daemon /bin/sh

but it says:

gpg-agent[5446]: WARNUNG: "--use-standard-socket" ist eine veraltete Option - sie hat keine Wirkung.
*## translation: --use-standard-socket is an outdated version. It doesn't have any effect ##*
gpg-agent[5446]: enabled debug flags: cache ipc
gpg-agent[5446]: DBG: chan_4 <- OK Pleased to meet you, process 5446
gpg-agent[5446]: DBG: chan_4 -> BYE
gpg-agent: Ein gpg-agent läuft bereits - ein weiterer wird nicht gestartet
*## translation: a gpg-agent runs already - anotherone is not going to be started ##*
gpg-agent: secmem usage: 0/65536 bytes in 0 blocks
manuel@XXXXXXXXXX:~$

I tried killing the process by running "killall gpg-agent" again. It works - because when I then enter "killall gpg-agent" once more it says: "gpg-agent: no process found" (translated from German). But when I then insert the above line for debugging gpg-agent the same message as above appears. I therefore cannot do the step for debugging...

I would be very reliefed if one of you can help me out and knows a solution! I've read a lot of posts in Forums, but I've never written one. So please let me know if you need more information.

All the best,
Manuel

[Patrick Brunschwig]

Can you post the part of the log where I can see what happens if you import secret keys and/or create a new key?

[Manuel Wiemann]

Hey Patrick,
you'll find the Enigmail logfile in the attachement. I first imported all of the keys (no failure message). Then I tried to generate a new key - did not work. To secure privacy I made the keys and mails anonymous. Because it were too many keys I decided to delete some lines with the same pattern but personal data (would have been too much work to make all lines with exactly the same pattenr anonymous). If it though destroyed some important info for you, I can send you the file with personal data in a private message or something like that

Furthermore: In the gpg-agent.conf I inserted these two lines (because the debugging mode didn't work - see above):

debug-level expert
log-file /home/manuel/Downloads/gpg-agent.log

But: the logfile didn't change while I ran Enigmail. My guess: It somehow didn't start the gpg-agent - otherwise the logfile would have changed, wouldn't it? But: I don't know ;-)

If you need anything else - just tell me :-)

[Patrick Brunschwig]

The problem with snap is that it does not use your home directory, but other paths. According to the log file, your Gnupg home directory is in /home/manuel/snap/thunderbird/common/.gnupg

But this will likely not work well (there's at least one more user having reported the same problem). You might want to set a global environment variable GNUPGHOME.

[Manuel Wiemann]

But does that mean that Enigmail is likely to not work at all?

I now tried the following (I've not worked with environment variables before, let me know if anything is wrong):
- Creating the file /etc/systemd/system.conf.d/20-environment-variables.conf
- I inserted the following - and tried out both options (each after restarting):

[manager]
#GNUPGHOME=/home/manuel/snap/thunderbird/common/.gnupg
GNUPGHOME=/home/manuel/.gnupg

I did not know which of the above directories you meant for setting the GNUPGHOME...

But: I tried "snap list" in a terminal. It doesn't list gpg or anything like that. Why is it though using the snap-directory?

Name                Version                     Rev   Aufzeichnung  Herausgeber       Hinweise
chromium            80.0.3987.116               1036  stable        canonical✓        -
core                16-2.43.3                   8689  stable        canonical✓        core
core18              20200124                    1668  stable        canonical✓        base
gimp                2.10.14                     245   stable        snapcrafters      -
gnome-3-28-1804     3.28.0-16-g27c9498.27c9498  116   stable/…      canonical✓        -
gnome-calculator    3.34.1+git1.d34dc842        544   stable/…      canonical✓        -
gnome-characters    v3.32.1+git3.b9120df        399   stable/…      canonical✓        -
gnome-logs          3.34.0                      81    stable/…      canonical✓        -
gtk-common-themes   0.1-28-g1503258             1440  stable/…      canonical✓        -
gtk2-common-themes  0.1                         9     stable        canonical✓        -
libreoffice         6.4.0.3                     170   stable        canonical✓        -
telegram-desktop    1.9.9-4-ga25792187          1038  stable        telegram.desktop  -
thunderbird         68.4.1                      48    beta          ken-vandine       -
vlc                 3.0.8                       1397  stable        videolan✓         -

If you think that it's the fault of snap: Is it possible to newly install Enigmail, GPG, Thunderbird or whatever neccessary without snap?

In the attachment you'll find the current logfile. It didn't work after the changes.
In another logfile (trying to read an encrypted message) it said:

Didn't find any default key - mark the first identity as default!

and:

linux errorHandling.jsm: parseErrorOutputWith: return with c.errorMsg = gpg: no valid OpenPGP data found.

(I didn't insert that file here because it contained the mail addresses so often that I didn't now how to get it anonymous...)

Greetings and thanks!

[Patrick Brunschwig]

But does that mean that Enigmail is likely to not work at all?

No, I don't think so. This log is more complete and allows me to tell you exactly what is wrong. GnuPG is provided in the Thunderbird-snap package. However, what is provided does not work. GnuPG in snap is installed in /snap/thunderbird/48/usr/bin/gpg but it tries to start /usr/bin/gpg-agent which does obviously not exist.

I'd suggest you install GnuPG via your Linux distribution, i.e. not as snap package. Then restart Thunderbird. Looking at the log file, I think this should fix the issue.

[Manuel Wiemann]

Dear Patrick,
I've not had time during the last weeks to care for it. But now I managed. AND: It worked! :-) Thank you so much for your time, I'm really glad that it helped & worked. You found the problem, but:

GnuPG was not installed in snap (see below). It's not available via snap for me. I had to uninstall Thunderbird as a whole (remove it from snap) and reinstall it via apt (not in snap). Then both (thunderbird+GnuPG) were not installed in snap and now it works.

Again: Thanks a lot! :-)

Here's the terminal-print of snap - showing that only Thunderbird was installed via snap, GnuPG not. (before reinstallation)

manuel@Dampfmaschine:~$ snap list
Name                Version                          Rev   Aufzeichnung  Herausgeber       Hinweise
chromium            80.0.3987.132                    1043  stable        canonical✓        -
core                16-2.43.3                        8689  stable        canonical✓        core
core18              20200124                         1668  stable        canonical✓        base
eog                 3.34.2+git1.d5442261             355   stable        canonical✓        -
gimp                2.10.18                          252   stable        snapcrafters      -
gnome-3-28-1804     3.28.0-16-g27c9498.27c9498       116   stable/…      canonical✓        -
gnome-calculator    3.34.1+git4.c387feb0             704   stable/…      canonical✓        -
gnome-characters    v3.32.1+git4.e06f0b2             495   stable/…      canonical✓        -
gnome-logs          3.34.0                           93    stable/…      canonical✓        -
gtk-common-themes   0.1-28-g1503258                  1440  stable/…      canonical✓        -
gtk2-common-themes  0.1                              9     stable        canonical✓        -
libreoffice         6.4.1.2                          175   stable        canonical✓        -
skype               8.58.0.93                        118   stable        skype✓            classic
telegram-desktop    1.9.21                           1388  stable        telegram.desktop  -
thunderbird         68.4.1                           48    beta          ken-vandine       -
vlc                 3.0.8                            1397  stable        videolan✓         -
youtube-dl          2020.03.06+git2018.12.09-core18  2778  stable        joeborg           -