On my computer (Ubuntu Mate 20.04) this problem also causes the Tool,
Options dialog to hang for around 1 minute while trying to connect to
the GPG agent. The /var/log/syslog file lists lots of apparmor DENIED
entries and the strace of the soffice program show lots of "gpg: can't
connect to the agent" errors for around one minute.
My solution was also to modify the
/etc/apparmor.d/usr.lib.libreoffice.program.soffice.bin file to add to
the gpg profile section (just like zunda user did):
owner /{,var/}run/user/[0-9]*/gnupg/S.gpg-agent rw,
owner @{HOME}/.gnupg/* rw,
(the second line seems not to be required to sign the document but is required
to use the functions of the Certificate Manager, like adding new keys).
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libreoffice in Ubuntu.
https://bugs.launchpad.net/bugs/1886092
Title:
libreoffice doesn't list gpg private key for a digital signature
Status in libreoffice package in Ubuntu:
Confirmed
Bug description:
LibreOffice should be able to digitally sign a document with a GPG
private key in the GPG key chain. However, the key is not listed in
the list of certificates shown following the menu File - Digital
Signatures - Digital Signatures... - Sign Document..., after, e.g.,
creating and saving a document on LibreOffice Writer.
This seems to be because apparmor doesn't allow LibreOffice to
communicate with GPG agent. /var/log/syslog shows lines like:
Jul 1 15:15:14 misoan kernel: [20238.265212] audit: type=1400
audit(1593652514.311:333): apparmor="DENIED" operation="connect"
profile="libreoffice-soffice//gpg" name="/run/user/1001/gnupg/S.gpg-
agent" pid=23725 comm="gpg" requested_mask="wr" denied_mask="wr"
fsuid=1001 ouid=1001
Locally, I could make LibreOffice show the GPG private key with the
following change against
/etc/apparmor.d/usr.lib.libreoffice.program.soffice.bin
--- apparmor.d.20200702/usr.lib.libreoffice.program.soffice.bin
2019-10-03 10:31:21.000000000 -1000
+++ apparmor.d/usr.lib.libreoffice.program.soffice.bin 2020-07-02
08:59:44.516754728 -1000
@@ -223,6 +223,7 @@
owner @{HOME}/.gnupg/* r,
owner @{HOME}/.gnupg/random_seed rk,
+ owner /{,var/}run/user/*/** rw,
}
# probably should become a subprofile like gpg above, but then it doesn't
Tested with the following packages on Xfce4
$ lsb_release -rd
Description: Ubuntu 20.04 LTS
Release: 20.04
$ apt-cache policy libreoffice-common | grep Installed
Installed: 1:6.4.3-0ubuntu0.20.04.1
$ apt-cache policy gpg gpg-agent | grep -B1 Installed
gpg:
Installed: 2.2.19-3ubuntu2
--
gpg-agent:
Installed: 2.2.19-3ubuntu2
$ apt-cache policy apparmor | grep Installed
Installed: 2.13.3-7ubuntu5.1
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1886092/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
