kleopatra flatpak issue
kevinotech at proton.me
kevinotech at proton.me
Wed Mar 26 21:44:32 CET 2025
hello ,
thanks for your reply, It helped me a lot!
On Wednesday, 26 March 2025 at 22:40, Ingo Klöcker <kloecker at kde.org> wrote:
> usually we reply with inline comments instead of with a full quote of
> everything.
Ohh sorry i didn't know. Will follow this format now !
> The problem is systemd. You have to disable socket activation for GnuPG's
> sockets. Search the internet for advice. The developers of GnuPG consider this
> socket activation "feature" an abomination. All tools of the GnuPG suite start
> the correct gpg-agent (i.e. the one you have built yourself) on demand.
Thanks for the advice ,i have disabled all systemd socket activation for gpg services and it works perfectly. i see that all tools are automatically started by themselves when needed by a application without needing a systemd service to start them. :)
I wonder why ubuntu still uses this.
> I have no idea if this is a limitation of flatpaks in general or just of this
> specific flatpak. The warning issued by gpg is a warning that things might go
> wrong if the daemon running outside of the flatpak are too old.
So yeah about kleopatra flatpak, i see that after removing the socket services and killing all running gpg services by `gpgconf --kill all` i tried opening keloptra (flatpak) to see if it invokes the system gpg-agent and does all the functions but i noticed that it failed any signing , encryption or decryption functions. It could not even list the keys from keyboxd that were imported earlier. So it seems maybe the flatpak version doesn't have its own gpg-agent or maybe this is an actual bug or a limitation with flatpak that it couldn't invoke system gpg services or use its own. I even confirmed this behaviour on a fedora VM which doesn't have any systemd sockets configured by default and kleopatra fails to work on it by itself. I even confirmed with the gpa app and it was able to start gpg services by itself , so its not an issue with my system.
> In any case, it's a good idea to keep the gpg-agent which is the one that handles
> the secret key material outside of the flatpak.
Thanks for the pointer , i will keep this in mind, though currently it seems kleopatra won't work without the host gpg-agent running already.
Regards,
kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: publickey - kevinotech at proton.me - 0xF9F43E49.asc
Type: application/pgp-keys
Size: 791 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20250326/3f007878/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 343 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20250326/3f007878/attachment-0001.sig>
More information about the Gnupg-users
mailing list