On Mon, 12 Oct 2020 at 12:31, Filipe Laíns via arch-general <arch-general@archlinux.org> wrote:
On Mon, 2020-10-12 at 13:08 +0200, Jörg Jellissen wrote: Hello,
i have a problem with my access rules on my ~/.gnupg folder. The reason is that i can't sign any e-mails .
the warning message was that the access rules to the folder are too open
but which rights are correct?
i have looked in the folder and my rights looks like this
drwxr-xr-x 3 joerg users 4,0K 12. Okt 12:57 . drwx------ 29 joerg users 4,0K 11. Okt 18:48 .. drwx------ 2 joerg users 4,0K 9. Okt 21:13 private-keys-v1.d -rw-r--r-- 1 joerg users 2,5K 9. Okt 21:13 pubring.kbx -rw------- 1 joerg users 32 9. Okt 21:13 pubring.kbx~ -rw-r--r-- 1 joerg users 7 10. Okt 19:41 reader_0.status -rw------- 1 joerg users 1,3K 9. Okt 21:13 trustdb.gpg
is this correct for gpg / Kleopatra?
No, please chmod -R go= ~/.gnupg
the translated output was
Detailed error message: Output from gpg2: gpg: WARNING: Insecure access rights of the home directory `/home/joerg/.gnupg ' gpg: write after '-' gpg: pinentry launched (5745 curses 1.1.0 - -: 0) gpg: Authentication failed: Inappropriate IOCTL (I / O control) for the device gpg: signing failed: Unsuitable IOCTL (I / O control) for the device
Many thanks for helpers
Seems like there is an issue with the pinentry binary. It does not seem to be compatible with your system. IOCTL are a way to interface with the kernel, they export extra "functions" in file descriptors that you can call. Your system does not support whatever the pinentry is trying to use.
If you still have a problem you could try using a different pinentry binary, there are usually several using different/no graphical toolkit(s): $ ll /usr/bin/*pinentry* -rwxr-xr-x 1 root root 3071 Aug 25 22:35 /usr/bin/pinentry* -rwxr-xr-x 1 root root 56792 Aug 25 22:35 /usr/bin/pinentry-curses* -rwxr-xr-x 1 root root 52536 Aug 25 22:35 /usr/bin/pinentry-emacs* -rwxr-xr-x 1 root root 77760 Aug 25 22:35 /usr/bin/pinentry-gnome3* -rwxr-xr-x 1 root root 90560 Aug 25 22:35 /usr/bin/pinentry-gtk-2* -rwxr-xr-x 1 root root 123664 Aug 25 22:35 /usr/bin/pinentry-qt* lrwxrwxrwx 1 root root 11 Aug 25 22:35 /usr/bin/pinentry-qt4 -> pinentry-qt* lrwxrwxrwx 1 root root 11 Aug 25 22:35 /usr/bin/pinentry-qt5 -> pinentry-qt* -rwxr-xr-x 1 root root 52408 Aug 25 22:35 /usr/bin/pinentry-tty* Perhaps a different one will work (because it may not use that functionality). That helped me once. The first suggestion will more likely help here, though. Best wishes, NTS