Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

GPG with Yubikey doesn't work on WSL2 with systemd activated #9817

Closed
1 of 2 tasks
huangnazu opened this issue Mar 21, 2023 · 14 comments
Closed
1 of 2 tasks

GPG with Yubikey doesn't work on WSL2 with systemd activated #9817

huangnazu opened this issue Mar 21, 2023 · 14 comments

Comments

@huangnazu
Copy link

Windows Version

Microsoft Windows [Version 10.0.22624.1465]

WSL Version

1.1.5.0

Are you using WSL 1 or WSL 2?

  • WSL 2
  • WSL 1

Kernel Version

5.15.90.1

Distro Version

Ubuntu 22.04

Other Software

In Windows,

  • gpg (GnuPG) 2.4.0

In Ubuntu on WSL,

  • gpg (GnuPG) 2.2.27
  • socat version 1.7.4.1
  • scdaemon 2.2.27-3ubuntu2.1 amd64

Repro Steps

In order to use Yubikey on WSL, I followed articles about using Yubikey on WSL such as here.
And I succeeded to use GPG with Yubikey on WSL.

But in another matter, I modified /etc/wsl.conf as follows:

[boot]
systemd = true

Expected Behavior

On WSL, execute gpg --card-status and it outputs as follows:

$ gpg --card-status
Reader ...........: Yubico YubiKey OTP FIDO CCID 0
Application ID ...: D2760001240100000006197130400000
Application type .: OpenPGP
Version ..........: 0.0
Manufacturer .....: Yubico
...

Actual Behavior

$ gpg --card-status
gpg: selecting card failed: No such device
gpg: OpenPGP card not available: No such device

Diagnostic Logs

No response
@OneBlue
Copy link
Collaborator

OneBlue commented Mar 21, 2023

Thanks for reporting this @huangnazu.

I wonder if the issue is that the GPG_AGENT_SOCK is overridden with systemd.

What's the output of echo $GPG_AGENT_SOCK when you see that error ?

@huangnazu
Copy link
Author

Thank you for your reply.

I tried it in both cases of systemd was activated or not.
And I saw the same environment valuable /home/****/.gnupg/S.gpg-agent.

@OneBlue
Copy link
Collaborator

OneBlue commented Mar 21, 2023

Interesting. Does the socket actually exist in both cases ?

What's the output of ls -la $GPG_AGENT_SOCK ? Also, can you share the output of strace -f gpg --card-status ?

@huangnazu
Copy link
Author

Okay.

In both cases, the outputs of ls -la $GPG_AGENT_SOCK are same.

$ ls -la $GPG_AGENT_SOCK
srwxrwxr-x 1 **** **** 0  Mar 22 14:24 /home/****/.gnupg/S.gpg-agent

In the case of systemd activated,

$ strace -f gpg --card-status
execve("/usr/bin/gpg", ["gpg", "--card-status"], 0x7ffd6c8e1440 /* 33 vars */) = 0
brk(NULL)                               = 0x556cda3d9000
arch_prctl(0x3001 /* ARCH_??? */, 0x7ffd50c2e000) = -1 EINVAL (Invalid argument)
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f49822e4000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=65319, ...}, AT_EMPTY_PATH) = 0
mmap(NULL, 65319, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f49822d4000
close(3)                                = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libz.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832
newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=108936, ...}, AT_EMPTY_PATH) = 0
mmap(NULL, 110776, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f49822b8000
mprotect(0x7f49822ba000, 98304, PROT_NONE) = 0
mmap(0x7f49822ba000, 69632, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f49822ba000
mmap(0x7f49822cb000, 24576, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x13000) = 0x7f49822cb000
mmap(0x7f49822d2000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x19000) = 0x7f49822d2000
close(3)                                = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libbz2.so.1.0", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832
newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=74848, ...}, AT_EMPTY_PATH) = 0
mmap(NULL, 76840, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f49822a5000
mmap(0x7f49822a7000, 53248, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f49822a7000
mmap(0x7f49822b4000, 8192, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xf000) = 0x7f49822b4000
mmap(0x7f49822b6000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x10000) = 0x7f49822b6000
close(3)                                = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libsqlite3.so.0", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832
newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=1358520, ...}, AT_EMPTY_PATH) = 0
mmap(NULL, 1362360, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f4982158000
mmap(0x7f4982176000, 966656, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1e000) = 0x7f4982176000
mmap(0x7f4982262000, 241664, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x10a000) = 0x7f4982262000
mmap(0x7f498229d000, 32768, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x144000) = 0x7f498229d000
close(3)                                = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libgcrypt.so.20", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832
newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=1296312, ...}, AT_EMPTY_PATH) = 0
mmap(NULL, 1299576, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f498201a000
mprotect(0x7f4982029000, 1200128, PROT_NONE) = 0
mmap(0x7f4982029000, 942080, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xf000) = 0x7f4982029000
mmap(0x7f498210f000, 253952, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xf5000) = 0x7f498210f000
mmap(0x7f498214e000, 36864, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x133000) = 0x7f498214e000
mmap(0x7f4982157000, 1144, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f4982157000
close(3)                                = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libreadline.so.8", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832
newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=335936, ...}, AT_EMPTY_PATH) = 0
mmap(NULL, 343488, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f4981fc6000
mprotect(0x7f4981fda000, 225280, PROT_NONE) = 0
mmap(0x7f4981fda000, 180224, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x14000) = 0x7f4981fda000
mmap(0x7f4982006000, 40960, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x40000) = 0x7f4982006000
mmap(0x7f4982011000, 32768, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x4a000) = 0x7f4982011000
mmap(0x7f4982019000, 3520, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f4982019000
close(3)                                = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libassuan.so.0", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832
newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=84288, ...}, AT_EMPTY_PATH) = 0
mmap(NULL, 86384, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f4981fb0000
mprotect(0x7f4981fb4000, 65536, PROT_NONE) = 0
mmap(0x7f4981fb4000, 45056, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x4000) = 0x7f4981fb4000
mmap(0x7f4981fbf000, 16384, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xf000) = 0x7f4981fbf000
mmap(0x7f4981fc4000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x13000) = 0x7f4981fc4000
close(3)                                = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4981fae000
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libgpg-error.so.0", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832
newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=149760, ...}, AT_EMPTY_PATH) = 0
mmap(NULL, 151992, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f4981f88000
mmap(0x7f4981f8c000, 90112, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x4000) = 0x7f4981f8c000
mmap(0x7f4981fa2000, 40960, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1a000) = 0x7f4981fa2000
mmap(0x7f4981fac000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x23000) = 0x7f4981fac000
close(3)                                = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P\237\2\0\0\0\0\0"..., 832) = 832
pread64(3, "\6\0\0\0\4\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0"..., 784, 64) = 784
pread64(3, "\4\0\0\0 \0\0\0\5\0\0\0GNU\0\2\0\0\300\4\0\0\0\3\0\0\0\0\0\0\0"..., 48, 848) = 48
pread64(3, "\4\0\0\0\24\0\0\0\3\0\0\0GNU\0i8\235HZ\227\223\333\350s\360\352,\223\340."..., 68, 896) = 68
newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=2216304, ...}, AT_EMPTY_PATH) = 0
pread64(3, "\6\0\0\0\4\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0"..., 784, 64) = 784
mmap(NULL, 2260560, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f4981d60000
mmap(0x7f4981d88000, 1658880, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x28000) = 0x7f4981d88000
mmap(0x7f4981f1d000, 360448, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1bd000) = 0x7f4981f1d000
mmap(0x7f4981f75000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x214000) = 0x7f4981f75000
mmap(0x7f4981f7b000, 52816, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f4981f7b000
close(3)                                = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libm.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832
newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=940560, ...}, AT_EMPTY_PATH) = 0
mmap(NULL, 942344, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f4981c79000
mmap(0x7f4981c87000, 507904, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xe000) = 0x7f4981c87000
mmap(0x7f4981d03000, 372736, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x8a000) = 0x7f4981d03000
mmap(0x7f4981d5e000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xe4000) = 0x7f4981d5e000
close(3)                                = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libtinfo.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832
newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=200136, ...}, AT_EMPTY_PATH) = 0
mmap(NULL, 203040, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f4981c47000
mmap(0x7f4981c55000, 69632, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xe000) = 0x7f4981c55000
mmap(0x7f4981c66000, 57344, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1f000) = 0x7f4981c66000
mmap(0x7f4981c74000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2c000) = 0x7f4981c74000
close(3)                                = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4981c45000
mmap(NULL, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4981c42000
arch_prctl(ARCH_SET_FS, 0x7f4981c42740) = 0
set_tid_address(0x7f4981c42a10)         = 1643
set_robust_list(0x7f4981c42a20, 24)     = 0
rseq(0x7f4981c430e0, 0x20, 0, 0x53053053) = 0
mprotect(0x7f4981f75000, 16384, PROT_READ) = 0
mprotect(0x7f4981c74000, 16384, PROT_READ) = 0
mprotect(0x7f4981d5e000, 4096, PROT_READ) = 0
mprotect(0x7f4981fac000, 4096, PROT_READ) = 0
mprotect(0x7f4981fc4000, 4096, PROT_READ) = 0
mprotect(0x7f4982011000, 8192, PROT_READ) = 0
mprotect(0x7f498214e000, 12288, PROT_READ) = 0
mprotect(0x7f498229d000, 16384, PROT_READ) = 0
mprotect(0x7f49822b6000, 4096, PROT_READ) = 0
mprotect(0x7f49822d2000, 4096, PROT_READ) = 0
mprotect(0x556cd8e87000, 8192, PROT_READ) = 0
mprotect(0x7f498231e000, 8192, PROT_READ) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
munmap(0x7f49822d4000, 65319)           = 0
getrandom("\x63\x91\xd8\x42\xa8\x28\x4b\xe8", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x556cda3d9000
brk(0x556cda3fa000)                     = 0x556cda3fa000
fcntl(0, F_GETFD)                       = 0
fcntl(1, F_GETFD)                       = 0
fcntl(2, F_GETFD)                       = 0
access("/etc/gcrypt/fips_enabled", F_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/etc/gcrypt/hwf.deny", O_RDONLY) = -1 ENOENT (No such file or directory)
prlimit64(0, RLIMIT_CORE, NULL, {rlim_cur=0, rlim_max=RLIM64_INFINITY}) = 0
prlimit64(0, RLIMIT_CORE, {rlim_cur=0, rlim_max=RLIM64_INFINITY}, NULL) = 0
rt_sigaction(SIGINT, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
rt_sigaction(SIGINT, {sa_handler=0x556cd8e312f0, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4981da2520}, NULL, 8) = 0
rt_sigaction(SIGHUP, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
rt_sigaction(SIGHUP, {sa_handler=0x556cd8e312f0, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4981da2520}, NULL, 8) = 0
rt_sigaction(SIGTERM, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
rt_sigaction(SIGTERM, {sa_handler=0x556cd8e312f0, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4981da2520}, NULL, 8) = 0
rt_sigaction(SIGQUIT, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
rt_sigaction(SIGQUIT, {sa_handler=0x556cd8e312f0, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4981da2520}, NULL, 8) = 0
rt_sigaction(SIGSEGV, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
rt_sigaction(SIGSEGV, {sa_handler=0x556cd8e312f0, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4981da2520}, NULL, 8) = 0
rt_sigaction(SIGUSR1, {sa_handler=0x556cd8e2dba0, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4981da2520}, NULL, 8) = 0
rt_sigaction(SIGPIPE, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4981da2520}, NULL, 8) = 0
mmap(NULL, 65536, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f49822d4000
getuid()                                = 1000
mlock(0x7f49822d4000, 65536)            = 0
geteuid()                               = 1000
newfstatat(AT_FDCWD, "/home/****/.gnupg", {st_mode=S_IFDIR|0700, st_size=4096, ...}, 0) = 0
newfstatat(AT_FDCWD, "/home/****", {st_mode=S_IFDIR|0755, st_size=4096, ...}, 0) = 0
getuid()                                = 1000
openat(AT_FDCWD, "/etc/gnupg/gpg.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
access("/home/****/.gnupg/gpg.conf-2.2.27", R_OK) = -1 ENOENT (No such file or directory)
access("/home/****/.gnupg/gpg.conf-2.2", R_OK) = -1 ENOENT (No such file or directory)
access("/home/****/.gnupg/gpg.conf-2", R_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/home/****/.gnupg/gpg.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
access("/home/****/.gnupg/random_seed", F_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/home/****/.gnupg/pubring.gpg", O_RDONLY) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/home/****/.gnupg/pubring.kbx", O_RDONLY) = 3
newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=1210, ...}, AT_EMPTY_PATH) = 0
read(3, "\0\0\0 \1\1\0\2KBXf\0\0\0\0_h\320\300cL2\376\0\0\0\0\0\0\0\0"..., 4096) = 1210
close(3)                                = 0
access("/home/****/.gnupg/pubring.kbx", F_OK) = 0
access("/home/****/.gnupg/pubring.kbx", R_OK) = 0
access("/home/****/.gnupg/pubring.kbx", W_OK) = 0
getpid()                                = 1643
uname({sysname="Linux", nodename="PC_NAME", ...}) = 0
getpid()                                = 1643
openat(AT_FDCWD, "/home/****/.gnupg/.#lk0x0000556cda3e1d20.PC_NAME.1643", O_WRONLY|O_CREAT|O_EXCL, 0644) = 3
write(3, "      1643\n", 11)            = 11
write(3, "PC_NAME", 8)                 = 8
write(3, "\n", 1)                       = 1
close(3)                                = 0
newfstatat(AT_FDCWD, "/home/****/.gnupg/.#lk0x0000556cda3e1d20.PC_NAME.1643", {st_mode=S_IFREG|0644, st_size=20, ...}, 0) = 0
link("/home/****/.gnupg/.#lk0x0000556cda3e1d20.PC_NAME.1643", "/home/****/.gnupg/.#lk0x0000556cda3e1d20.PC_NAME.1643x") = 0
newfstatat(AT_FDCWD, "/home/****/.gnupg/.#lk0x0000556cda3e1d20.PC_NAME.1643", {st_mode=S_IFREG|0644, st_size=20, ...}, 0) = 0
unlink("/home/****/.gnupg/.#lk0x0000556cda3e1d20.PC_NAME.1643x") = 0
link("/home/****/.gnupg/.#lk0x0000556cda3e1d20.PC_NAME.1643", "/home/****/.gnupg/pubring.kbx.lock") = 0
newfstatat(AT_FDCWD, "/home/****/.gnupg/.#lk0x0000556cda3e1d20.PC_NAME.1643", {st_mode=S_IFREG|0644, st_size=20, ...}, 0) = 0
access("/home/****/.gnupg/pubring.kbx", W_OK) = 0
openat(AT_FDCWD, "/home/****/.gnupg/pubring.kbx", O_RDONLY) = 3
read(3, "\0\0\0 \1\1\0\2KBXf\0\0\0\0_h\320\300cL2\376\0\0\0\0\0\0\0\0"..., 8192) = 1210
lseek(3, 0, SEEK_SET)                   = 0
openat(AT_FDCWD, "/home/****/.gnupg/pubring.kbx.tmp", O_WRONLY|O_CREAT|O_TRUNC, 0664) = 4
read(3, "\0\0\0 \1\1\0\2KBXf\0\0\0\0_h\320\300cL2\376\0\0\0\0\0\0\0\0"..., 8192) = 1210
read(3, "", 8192)                       = 0
close(3)                                = 0
write(4, "\0\0\0 \1\1\0\2KBXf\0\0\0\0_h\320\300d\32\227\274\0\0\0\0\0\0\0\0"..., 1210) = 1210
close(4)                                = 0
unlink("/home/****/.gnupg/pubring.kbx.tmp") = 0
access("/home/****/.gnupg/pubring.kbx", W_OK) = 0
openat(AT_FDCWD, "/home/****/.gnupg/pubring.kbx.lock", O_RDONLY) = 3
read(3, "      1643\nPC_NAME\n", 20)   = 20
close(3)                                = 0
getpid()                                = 1643
unlink("/home/****/.gnupg/pubring.kbx.lock") = 0
getuid()                                = 1000
newfstatat(AT_FDCWD, "/run/user/1000", {st_mode=S_IFDIR|0700, st_size=180, ...}, 0) = 0
getuid()                                = 1000
newfstatat(AT_FDCWD, "/run/user/1000/gnupg", {st_mode=S_IFDIR|0700, st_size=140, ...}, 0) = 0
getuid()                                = 1000
newfstatat(AT_FDCWD, "/run/user/1000/gnupg/S.gpg-agent", {st_mode=S_IFSOCK|0700, st_size=0, ...}, 0) = 0
socket(AF_UNIX, SOCK_STREAM, 0)         = 3
newfstatat(AT_FDCWD, "/run/user/1000/gnupg/S.gpg-agent", {st_mode=S_IFSOCK|0700, st_size=0, ...}, 0) = 0
connect(3, {sa_family=AF_UNIX, sun_path="/run/user/1000/gnupg/S.gpg-agent"}, 34) = 0
read(3, "OK Pleased to meet you, process "..., 1002) = 37
write(3, "RESET", 5)                    = 5
write(3, "\n", 1)                       = 1
read(3, "OK\n", 1002)                   = 3
ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
newfstatat(0, "", {st_mode=S_IFCHR|0620, st_rdev=makedev(0x88, 0x2), ...}, AT_EMPTY_PATH) = 0
readlink("/proc/self/fd/0", "/dev/pts/2", 4095) = 10
newfstatat(AT_FDCWD, "/dev/pts/2", {st_mode=S_IFCHR|0620, st_rdev=makedev(0x88, 0x2), ...}, 0) = 0
ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
newfstatat(0, "", {st_mode=S_IFCHR|0620, st_rdev=makedev(0x88, 0x2), ...}, AT_EMPTY_PATH) = 0
readlink("/proc/self/fd/0", "/dev/pts/2", 4095) = 10
newfstatat(AT_FDCWD, "/dev/pts/2", {st_mode=S_IFCHR|0620, st_rdev=makedev(0x88, 0x2), ...}, 0) = 0
write(3, "OPTION ttyname=/dev/pts/2", 25) = 25
write(3, "\n", 1)                       = 1
read(3, "OK\n", 1002)                   = 3
write(3, "OPTION ttytype=xterm-256color", 29) = 29
write(3, "\n", 1)                       = 1
read(3, "OK\n", 1002)                   = 3
write(3, "OPTION display=:0", 17)       = 17
write(3, "\n", 1)                       = 1
read(3, "OK\n", 1002)                   = 3
write(3, "OPTION putenv=WAYLAND_DISPLAY=wa"..., 39) = 39
write(3, "\n", 1)                       = 1
read(3, "OK\n", 1002)                   = 3
write(3, "OPTION putenv=DBUS_SESSION_BUS_A"..., 67) = 67
write(3, "\n", 1)                       = 1
read(3, "OK\n", 1002)                   = 3
write(3, "OPTION lc-ctype=C", 17)       = 17
write(3, "\n", 1)                       = 1
read(3, "OK\n", 1002)                   = 3
write(3, "OPTION lc-messages=C", 20)    = 20
write(3, "\n", 1)                       = 1
read(3, "OK\n", 1002)                   = 3
write(3, "GETINFO version", 15)         = 15
write(3, "\n", 1)                       = 1
read(3, "D 2.2.27\nOK\n", 1002)         = 12
write(3, "OPTION allow-pinentry-notify", 28) = 28
write(3, "\n", 1)                       = 1
read(3, "OK\n", 1002)                   = 3
write(3, "OPTION agent-awareness=2.1.0", 28) = 28
write(3, "\n", 1)                       = 1
read(3, "OK\n", 1002)                   = 3
write(3, "SCD GETINFO version", 19)     = 19
write(3, "\n", 1)                       = 1
read(3, "D 2.2.27\nOK\n", 1002)         = 12
write(3, "SCD SERIALNO", 12)            = 12
write(3, "\n", 1)                       = 1
read(3, "ERR 100696144 No such device <SC"..., 1002) = 35
write(2, "gpg: selecting card failed: No s"..., 42gpg: selecting card failed: No such device) = 42
write(2, "\n", 1
)                       = 1
write(2, "gpg: OpenPGP card not available:"..., 47gpg: OpenPGP card not available: No such device) = 47
write(2, "\n", 1
)                       = 1
munmap(0x7f49822d4000, 65536)           = 0
unlink("/home/****/.gnupg/.#lk0x0000556cda3e1d20.PC_NAME.1643") = 0
exit_group(2)                           = ?
+++ exited with 2 +++

In the case of systemd not activated,

$ strace -f gpg --card-status
execve("/usr/bin/gpg", ["gpg", "--card-status"], 0x7ffe42da2980 /* 33 vars */) = 0
brk(NULL)                               = 0x55bf66297000
arch_prctl(0x3001 /* ARCH_??? */, 0x7ffc3aed7f00) = -1 EINVAL (Invalid argument)
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f788687f000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=65319, ...}, AT_EMPTY_PATH) = 0
mmap(NULL, 65319, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f788686f000
close(3)                                = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libz.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832
newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=108936, ...}, AT_EMPTY_PATH) = 0
mmap(NULL, 110776, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f7886853000
mprotect(0x7f7886855000, 98304, PROT_NONE) = 0
mmap(0x7f7886855000, 69632, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f7886855000
mmap(0x7f7886866000, 24576, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x13000) = 0x7f7886866000
mmap(0x7f788686d000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x19000) = 0x7f788686d000
close(3)                                = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libbz2.so.1.0", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832
newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=74848, ...}, AT_EMPTY_PATH) = 0
mmap(NULL, 76840, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f7886840000
mmap(0x7f7886842000, 53248, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f7886842000
mmap(0x7f788684f000, 8192, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xf000) = 0x7f788684f000
mmap(0x7f7886851000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x10000) = 0x7f7886851000
close(3)                                = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libsqlite3.so.0", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832
newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=1358520, ...}, AT_EMPTY_PATH) = 0
mmap(NULL, 1362360, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f78866f3000
mmap(0x7f7886711000, 966656, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1e000) = 0x7f7886711000
mmap(0x7f78867fd000, 241664, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x10a000) = 0x7f78867fd000
mmap(0x7f7886838000, 32768, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x144000) = 0x7f7886838000
close(3)                                = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libgcrypt.so.20", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832
newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=1296312, ...}, AT_EMPTY_PATH) = 0
mmap(NULL, 1299576, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f78865b5000
mprotect(0x7f78865c4000, 1200128, PROT_NONE) = 0
mmap(0x7f78865c4000, 942080, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xf000) = 0x7f78865c4000
mmap(0x7f78866aa000, 253952, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xf5000) = 0x7f78866aa000
mmap(0x7f78866e9000, 36864, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x133000) = 0x7f78866e9000
mmap(0x7f78866f2000, 1144, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f78866f2000
close(3)                                = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libreadline.so.8", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832
newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=335936, ...}, AT_EMPTY_PATH) = 0
mmap(NULL, 343488, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f7886561000
mprotect(0x7f7886575000, 225280, PROT_NONE) = 0
mmap(0x7f7886575000, 180224, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x14000) = 0x7f7886575000
mmap(0x7f78865a1000, 40960, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x40000) = 0x7f78865a1000
mmap(0x7f78865ac000, 32768, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x4a000) = 0x7f78865ac000
mmap(0x7f78865b4000, 3520, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f78865b4000
close(3)                                = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libassuan.so.0", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832
newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=84288, ...}, AT_EMPTY_PATH) = 0
mmap(NULL, 86384, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f788654b000
mprotect(0x7f788654f000, 65536, PROT_NONE) = 0
mmap(0x7f788654f000, 45056, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x4000) = 0x7f788654f000
mmap(0x7f788655a000, 16384, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xf000) = 0x7f788655a000
mmap(0x7f788655f000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x13000) = 0x7f788655f000
close(3)                                = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7886549000
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libgpg-error.so.0", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832
newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=149760, ...}, AT_EMPTY_PATH) = 0
mmap(NULL, 151992, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f7886523000
mmap(0x7f7886527000, 90112, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x4000) = 0x7f7886527000
mmap(0x7f788653d000, 40960, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1a000) = 0x7f788653d000
mmap(0x7f7886547000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x23000) = 0x7f7886547000
close(3)                                = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P\237\2\0\0\0\0\0"..., 832) = 832
pread64(3, "\6\0\0\0\4\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0"..., 784, 64) = 784
pread64(3, "\4\0\0\0 \0\0\0\5\0\0\0GNU\0\2\0\0\300\4\0\0\0\3\0\0\0\0\0\0\0"..., 48, 848) = 48
pread64(3, "\4\0\0\0\24\0\0\0\3\0\0\0GNU\0i8\235HZ\227\223\333\350s\360\352,\223\340."..., 68, 896) = 68
newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=2216304, ...}, AT_EMPTY_PATH) = 0
pread64(3, "\6\0\0\0\4\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0"..., 784, 64) = 784
mmap(NULL, 2260560, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f78862fb000
mmap(0x7f7886323000, 1658880, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x28000) = 0x7f7886323000
mmap(0x7f78864b8000, 360448, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1bd000) = 0x7f78864b8000
mmap(0x7f7886510000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x214000) = 0x7f7886510000
mmap(0x7f7886516000, 52816, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f7886516000
close(3)                                = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libm.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832
newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=940560, ...}, AT_EMPTY_PATH) = 0
mmap(NULL, 942344, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f7886214000
mmap(0x7f7886222000, 507904, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xe000) = 0x7f7886222000
mmap(0x7f788629e000, 372736, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x8a000) = 0x7f788629e000
mmap(0x7f78862f9000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xe4000) = 0x7f78862f9000
close(3)                                = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libtinfo.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832
newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=200136, ...}, AT_EMPTY_PATH) = 0
mmap(NULL, 203040, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f78861e2000
mmap(0x7f78861f0000, 69632, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xe000) = 0x7f78861f0000
mmap(0x7f7886201000, 57344, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1f000) = 0x7f7886201000
mmap(0x7f788620f000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2c000) = 0x7f788620f000
close(3)                                = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f78861e0000
mmap(NULL, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f78861dd000
arch_prctl(ARCH_SET_FS, 0x7f78861dd740) = 0
set_tid_address(0x7f78861dda10)         = 654
set_robust_list(0x7f78861dda20, 24)     = 0
rseq(0x7f78861de0e0, 0x20, 0, 0x53053053) = 0
mprotect(0x7f7886510000, 16384, PROT_READ) = 0
mprotect(0x7f788620f000, 16384, PROT_READ) = 0
mprotect(0x7f78862f9000, 4096, PROT_READ) = 0
mprotect(0x7f7886547000, 4096, PROT_READ) = 0
mprotect(0x7f788655f000, 4096, PROT_READ) = 0
mprotect(0x7f78865ac000, 8192, PROT_READ) = 0
mprotect(0x7f78866e9000, 12288, PROT_READ) = 0
mprotect(0x7f7886838000, 16384, PROT_READ) = 0
mprotect(0x7f7886851000, 4096, PROT_READ) = 0
mprotect(0x7f788686d000, 4096, PROT_READ) = 0
mprotect(0x55bf652ce000, 8192, PROT_READ) = 0
mprotect(0x7f78868b9000, 8192, PROT_READ) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
munmap(0x7f788686f000, 65319)           = 0
getrandom("\x14\xa5\x5c\xa9\xb9\x83\xcb\x06", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x55bf66297000
brk(0x55bf662b8000)                     = 0x55bf662b8000
fcntl(0, F_GETFD)                       = 0
fcntl(1, F_GETFD)                       = 0
fcntl(2, F_GETFD)                       = 0
access("/etc/gcrypt/fips_enabled", F_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/etc/gcrypt/hwf.deny", O_RDONLY) = -1 ENOENT (No such file or directory)
prlimit64(0, RLIMIT_CORE, NULL, {rlim_cur=0, rlim_max=RLIM64_INFINITY}) = 0
prlimit64(0, RLIMIT_CORE, {rlim_cur=0, rlim_max=RLIM64_INFINITY}, NULL) = 0
rt_sigaction(SIGINT, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
rt_sigaction(SIGINT, {sa_handler=0x55bf652782f0, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f788633d520}, NULL, 8) = 0
rt_sigaction(SIGHUP, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
rt_sigaction(SIGHUP, {sa_handler=0x55bf652782f0, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f788633d520}, NULL, 8) = 0
rt_sigaction(SIGTERM, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
rt_sigaction(SIGTERM, {sa_handler=0x55bf652782f0, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f788633d520}, NULL, 8) = 0
rt_sigaction(SIGQUIT, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
rt_sigaction(SIGQUIT, {sa_handler=0x55bf652782f0, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f788633d520}, NULL, 8) = 0
rt_sigaction(SIGSEGV, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
rt_sigaction(SIGSEGV, {sa_handler=0x55bf652782f0, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f788633d520}, NULL, 8) = 0
rt_sigaction(SIGUSR1, {sa_handler=0x55bf65274ba0, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f788633d520}, NULL, 8) = 0
rt_sigaction(SIGPIPE, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f788633d520}, NULL, 8) = 0
mmap(NULL, 65536, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f788686f000
getuid()                                = 1000
mlock(0x7f788686f000, 65536)            = 0
geteuid()                               = 1000
newfstatat(AT_FDCWD, "/home/****/.gnupg", {st_mode=S_IFDIR|0700, st_size=4096, ...}, 0) = 0
newfstatat(AT_FDCWD, "/home/****", {st_mode=S_IFDIR|0755, st_size=4096, ...}, 0) = 0
getuid()                                = 1000
openat(AT_FDCWD, "/etc/gnupg/gpg.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
access("/home/****/.gnupg/gpg.conf-2.2.27", R_OK) = -1 ENOENT (No such file or directory)
access("/home/****/.gnupg/gpg.conf-2.2", R_OK) = -1 ENOENT (No such file or directory)
access("/home/****/.gnupg/gpg.conf-2", R_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/home/****/.gnupg/gpg.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
access("/home/****/.gnupg/random_seed", F_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/home/****/.gnupg/pubring.gpg", O_RDONLY) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/home/****/.gnupg/pubring.kbx", O_RDONLY) = 3
newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=1210, ...}, AT_EMPTY_PATH) = 0
read(3, "\0\0\0 \1\1\0\2KBXf\0\0\0\0_h\320\300cL2\376\0\0\0\0\0\0\0\0"..., 4096) = 1210
close(3)                                = 0
access("/home/****/.gnupg/pubring.kbx", F_OK) = 0
access("/home/****/.gnupg/pubring.kbx", R_OK) = 0
access("/home/****/.gnupg/pubring.kbx", W_OK) = 0
getpid()                                = 654
uname({sysname="Linux", nodename="PC_NAME", ...}) = 0
getpid()                                = 654
openat(AT_FDCWD, "/home/****/.gnupg/.#lk0x000055bf6629fd20.PC_NAME.654", O_WRONLY|O_CREAT|O_EXCL, 0644) = 3
write(3, "       654\n", 11)            = 11
write(3, "PC_NAME", 8)                 = 8
write(3, "\n", 1)                       = 1
close(3)                                = 0
newfstatat(AT_FDCWD, "/home/****/.gnupg/.#lk0x000055bf6629fd20.PC_NAME.654", {st_mode=S_IFREG|0644, st_size=20, ...}, 0) = 0
link("/home/****/.gnupg/.#lk0x000055bf6629fd20.PC_NAME.654", "/home/****/.gnupg/.#lk0x000055bf6629fd20.PC_NAME.654x") = 0
newfstatat(AT_FDCWD, "/home/****/.gnupg/.#lk0x000055bf6629fd20.PC_NAME.654", {st_mode=S_IFREG|0644, st_size=20, ...}, 0) = 0
unlink("/home/****/.gnupg/.#lk0x000055bf6629fd20.PC_NAME.654x") = 0
link("/home/****/.gnupg/.#lk0x000055bf6629fd20.PC_NAME.654", "/home/****/.gnupg/pubring.kbx.lock") = 0
newfstatat(AT_FDCWD, "/home/****/.gnupg/.#lk0x000055bf6629fd20.PC_NAME.654", {st_mode=S_IFREG|0644, st_size=20, ...}, 0) = 0
access("/home/****/.gnupg/pubring.kbx", W_OK) = 0
openat(AT_FDCWD, "/home/****/.gnupg/pubring.kbx", O_RDONLY) = 3
read(3, "\0\0\0 \1\1\0\2KBXf\0\0\0\0_h\320\300cL2\376\0\0\0\0\0\0\0\0"..., 8192) = 1210
lseek(3, 0, SEEK_SET)                   = 0
openat(AT_FDCWD, "/home/****/.gnupg/pubring.kbx.tmp", O_WRONLY|O_CREAT|O_TRUNC, 0664) = 4
read(3, "\0\0\0 \1\1\0\2KBXf\0\0\0\0_h\320\300cL2\376\0\0\0\0\0\0\0\0"..., 8192) = 1210
read(3, "", 8192)                       = 0
close(3)                                = 0
write(4, "\0\0\0 \1\1\0\2KBXf\0\0\0\0_h\320\300d\32\226\326\0\0\0\0\0\0\0\0"..., 1210) = 1210
close(4)                                = 0
unlink("/home/****/.gnupg/pubring.kbx.tmp") = 0
access("/home/****/.gnupg/pubring.kbx", W_OK) = 0
openat(AT_FDCWD, "/home/****/.gnupg/pubring.kbx.lock", O_RDONLY) = 3
read(3, "       654\nPC_NAME\n", 20)   = 20
close(3)                                = 0
getpid()                                = 654
unlink("/home/****/.gnupg/pubring.kbx.lock") = 0
getuid()                                = 1000
newfstatat(AT_FDCWD, "/run/user/1000", 0x7ffc3aed6c60, 0) = -1 ENOENT (No such file or directory)
getuid()                                = 1000
newfstatat(AT_FDCWD, "/var/run/user/1000", 0x7ffc3aed6c60, 0) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/home/****/.gnupg/S.gpg-agent", {st_mode=S_IFSOCK|0755, st_size=0, ...}, 0) = 0
socket(AF_UNIX, SOCK_STREAM, 0)         = 3
newfstatat(AT_FDCWD, "/home/****/.gnupg/S.gpg-agent", {st_mode=S_IFSOCK|0755, st_size=0, ...}, 0) = 0
connect(3, {sa_family=AF_UNIX, sun_path="/home/****/.gnupg/S.gpg-agent"}, 31) = 0
read(3, "OK Pleased to meet you\n", 1002) = 23
write(3, "RESET", 5)                    = 5
write(3, "\n", 1)                       = 1
read(3, "OK\n", 1002)                   = 3
ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
newfstatat(0, "", {st_mode=S_IFCHR|0620, st_rdev=makedev(0x88, 0x1), ...}, AT_EMPTY_PATH) = 0
readlink("/proc/self/fd/0", "/dev/pts/1", 4095) = 10
newfstatat(AT_FDCWD, "/dev/pts/1", {st_mode=S_IFCHR|0620, st_rdev=makedev(0x88, 0x1), ...}, 0) = 0
ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
newfstatat(0, "", {st_mode=S_IFCHR|0620, st_rdev=makedev(0x88, 0x1), ...}, AT_EMPTY_PATH) = 0
readlink("/proc/self/fd/0", "/dev/pts/1", 4095) = 10
newfstatat(AT_FDCWD, "/dev/pts/1", {st_mode=S_IFCHR|0620, st_rdev=makedev(0x88, 0x1), ...}, 0) = 0
write(3, "OPTION ttyname=/dev/pts/1", 25) = 25
write(3, "\n", 1)                       = 1
read(3, "OK\n", 1002)                   = 3
write(3, "OPTION ttytype=xterm-256color", 29) = 29
write(3, "\n", 1)                       = 1
read(3, "OK\n", 1002)                   = 3
write(3, "OPTION display=:0", 17)       = 17
write(3, "\n", 1)                       = 1
read(3, "OK\n", 1002)                   = 3
write(3, "OPTION putenv=WAYLAND_DISPLAY=wa"..., 39) = 39
write(3, "\n", 1)                       = 1
read(3, "OK\n", 1002)                   = 3
write(3, "OPTION lc-ctype=C", 17)       = 17
write(3, "\n", 1)                       = 1
read(3, "OK\n", 1002)                   = 3
write(3, "OPTION lc-messages=C", 20)    = 20
write(3, "\n", 1)                       = 1
read(3, "OK\n", 1002)                   = 3
write(3, "GETINFO version", 15)         = 15
write(3, "\n", 1)                       = 1
read(3, "D 2.4.0\nOK\n", 1002)          = 11
write(3, "OPTION allow-pinentry-notify", 28) = 28
write(3, "\n", 1)                       = 1
read(3, "OK\n", 1002)                   = 3
write(3, "OPTION agent-awareness=2.1.0", 28) = 28
write(3, "\n", 1)                       = 1
read(3, "OK\n", 1002)                   = 3
write(3, "SCD GETINFO version", 19)     = 19
write(3, "\n", 1)                       = 1
read(3, "D 2.4.0\nOK\n", 1002)          = 11
write(3, "SCD SERIALNO", 12)            = 12
write(3, "\n", 1)                       = 1
read(3, "S SERIALNO D27600012401000000061"..., 1002) = 47
write(3, "LEARN --sendinfo", 16)        = 16
write(3, "\n", 1)                       = 1
read(3, "S PROGRESS learncard k 0 0\nS PRO"..., 1002) = 81
read(3, "S UIF-3 %00+\nS UIF-2 %00+\nS UIF-"..., 1002) = 39
read(3, "S KDF \201%01%00\nS SIG-COUNTER 34\nS"..., 1002) = 190
read(3, "S KEY-FPR 2 18A0859F0AB604D3DC5E"..., 1002) = 270
read(3, "\nS APPTYPE openpgp\nS CARDVERSION"..., 986) = 142
read(3, "S KEYPAIRINFO E0A643B83B3099E07C"..., 1002) = 130
read(3, "S KEYPAIRINFO 08035231A8556CE7BC"..., 1002) = 68
write(3, "SCD GETATTR KEY-ATTR", 20)    = 20
write(3, "\n", 1)                       = 1
read(3, "S KEY-ATTR 1 22 Ed25519\nS KEY-AT"..., 1002) = 77
read(3, "\n", 1000)                     = 1
openat(AT_FDCWD, "/etc/localtime", O_RDONLY|O_CLOEXEC) = 4
newfstatat(4, "", {st_mode=S_IFREG|0644, st_size=309, ...}, AT_EMPTY_PATH) = 0
newfstatat(4, "", {st_mode=S_IFREG|0644, st_size=309, ...}, AT_EMPTY_PATH) = 0
read(4, "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\4\0\0\0\4\0\0\0\0"..., 4096) = 309
lseek(4, -176, SEEK_CUR)                = 133
read(4, "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\4\0\0\0\4\0\0\0\0"..., 4096) = 176
close(4)                                = 0
openat(AT_FDCWD, "/home/****/.gnupg/pubring.kbx", O_RDONLY) = 4
read(4, "\0\0\0 \1\1\0\2KBXf\0\0\0\0_h\320\300cL2\376\0\0\0\0\0\0\0\0"..., 8192) = 1210
write(3, "KEYINFO 8EB4DD4779D38BCA7AD25E68"..., 48) = 48
write(3, "\n", 1)                       = 1
read(3, "ERR 67108891 \214\251\202\302\202\251\202\350\202\334\202\271\202\361 <GPG"..., 1002) = 40
write(3, "KEYINFO 08035231A8556CE7BCDBE2E0"..., 48) = 48
write(3, "\n", 1)                       = 1
read(3, "S KEYINFO 08035231A8556CE7BCDBE2"..., 1002) = 109
write(3, "KEYINFO 14155BA9D65B067661A47115"..., 48) = 48
write(3, "\n", 1)                       = 1
read(3, "S KEYINFO 14155BA9D65B067661A471"..., 1002) = 109
write(3, "KEYINFO E0A643B83B3099E07C39E653"..., 48) = 48
write(3, "\n", 1)                       = 1
read(3, "S KEYINFO E0A643B83B3099E07C39E6"..., 1002) = 109
close(4)                                = 0
munmap(0x7f788686f000, 65536)           = 0
unlink("/home/****/.gnupg/.#lk0x000055bf6629fd20.PC_NAME.654") = 0
newfstatat(1, "", {st_mode=S_IFCHR|0620, st_rdev=makedev(0x88, 0x1), ...}, AT_EMPTY_PATH) = 0
write(1, "Reader ...........: Yubico YubiK"..., 1024Reader ...........: Yubico YubiKey OTP FIDO CCID 0
Application ID ...: D2760001240100000006197130400000
Application type .: OpenPGP
Version ..........: 0.0
Manufacturer .....: Yubico
Serial number ....: 19713040
Name of cardholder: **** *****
Language prefs ...: ja
Salutation .......:
URL of public key : [not set]
Login data .......: [not set]
Signature PIN ....: not forced
Key attributes ...: ed25519 cv25519 ed25519
Max. PIN lengths .: 127 127 127
PIN retry counter : 3 0 3
Signature counter : 34
KDF setting ......: off
Signature key ....: AD92 E3A2 1660 CE94 B296  1355 3AA4 448A A00D 398A
      created ....: 2022-10-16 17:19:04
Encryption key....: 18A0 859F 0AB6 04D3 DC5E  5ED2 CA14 1B40 3FBE EE2A
      created ....: 2022-10-16 17:19:28
Authentication key: 158F 71BF A67C B493 A1E6  1350 C3C4 623C B57C 6CD6
      created ....: 2022-10-16 17:19:52
General key info..: sub  ed25519/3AA4448AA00D398A 2022-10-16 **** ***** <*********@**********.com>
sec#  ed25519/0A2F33ED48D82894  created: 2022-10-16  expires: nev) = 1024
write(1, "er     \n", 8er
)                = 8
write(1, "ssb>  ed25519/3AA4448AA00D398A  "..., 73ssb>  ed25519/3AA4448AA00D398A  created: 2022-10-16  expires: 2027-10-15
) = 73
write(1, "                                "..., 55                                card-no: 0006 19713040
) = 55
write(1, "ssb>  cv25519/CA141B403FBEEE2A  "..., 73ssb>  cv25519/CA141B403FBEEE2A  created: 2022-10-16  expires: 2027-10-15
) = 73
write(1, "                                "..., 55                                card-no: 0006 19713040
) = 55
write(1, "ssb>  ed25519/C3C4623CB57C6CD6  "..., 73ssb>  ed25519/C3C4623CB57C6CD6  created: 2022-10-16  expires: 2027-10-15
) = 73
write(1, "                                "..., 55                                card-no: 0006 19713040
) = 55
exit_group(0)                           = ?
+++ exited with 0 +++

@huangnazu
Copy link
Author

huangnazu commented Mar 22, 2023
edited

FYI, I picked the suspicious lines up from diff of both outputs.
< is in the case of systemd activated, and > is not.

197c197
< newfstatat(AT_FDCWD, "/run/user/1000", {st_mode=S_IFDIR|0700, st_size=180, ...}, 0) = 0
---
> newfstatat(AT_FDCWD, "/run/user/1000", 0x7ffc3aed6c60, 0) = -1 ENOENT (No such file or directory)
199,201c199,200
< newfstatat(AT_FDCWD, "/run/user/1000/gnupg", {st_mode=S_IFDIR|0700, st_size=140, ...}, 0) = 0
< getuid()                                = 1000
< newfstatat(AT_FDCWD, "/run/user/1000/gnupg/S.gpg-agent", {st_mode=S_IFSOCK|0700, st_size=0, ...}, 0) = 0
---
> newfstatat(AT_FDCWD, "/var/run/user/1000", 0x7ffc3aed6c60, 0) = -1 ENOENT (No such file or directory)
> newfstatat(AT_FDCWD, "/home/****/.gnupg/S.gpg-agent", {st_mode=S_IFSOCK|0755, st_size=0, ...}, 0) = 0
203,205c202,204
< newfstatat(AT_FDCWD, "/run/user/1000/gnupg/S.gpg-agent", {st_mode=S_IFSOCK|0700, st_size=0, ...}, 0) = 0
< connect(3, {sa_family=AF_UNIX, sun_path="/run/user/1000/gnupg/S.gpg-agent"}, 34) = 0
< read(3, "OK Pleased to meet you, process "..., 1002) = 37
---
> newfstatat(AT_FDCWD, "/home/****/.gnupg/S.gpg-agent", {st_mode=S_IFSOCK|0755, st_size=0, ...}, 0) = 0
> connect(3, {sa_family=AF_UNIX, sun_path="/home/****/.gnupg/S.gpg-agent"}, 31) = 0
> read(3, "OK Pleased to meet you\n", 1002) = 23
211,213c210,212
< newfstatat(0, "", {st_mode=S_IFCHR|0620, st_rdev=makedev(0x88, 0x2), ...}, AT_EMPTY_PATH) = 0
< readlink("/proc/self/fd/0", "/dev/pts/2", 4095) = 10
< newfstatat(AT_FDCWD, "/dev/pts/2", {st_mode=S_IFCHR|0620, st_rdev=makedev(0x88, 0x2), ...}, 0) = 0
---
> newfstatat(0, "", {st_mode=S_IFCHR|0620, st_rdev=makedev(0x88, 0x1), ...}, AT_EMPTY_PATH) = 0
> readlink("/proc/self/fd/0", "/dev/pts/1", 4095) = 10
> newfstatat(AT_FDCWD, "/dev/pts/1", {st_mode=S_IFCHR|0620, st_rdev=makedev(0x88, 0x1), ...}, 0) = 0
216,219c215,218
< newfstatat(0, "", {st_mode=S_IFCHR|0620, st_rdev=makedev(0x88, 0x2), ...}, AT_EMPTY_PATH) = 0
< readlink("/proc/self/fd/0", "/dev/pts/2", 4095) = 10
< newfstatat(AT_FDCWD, "/dev/pts/2", {st_mode=S_IFCHR|0620, st_rdev=makedev(0x88, 0x2), ...}, 0) = 0
< write(3, "OPTION ttyname=/dev/pts/2", 25) = 25
---
> newfstatat(0, "", {st_mode=S_IFCHR|0620, st_rdev=makedev(0x88, 0x1), ...}, AT_EMPTY_PATH) = 0
> readlink("/proc/self/fd/0", "/dev/pts/1", 4095) = 10
> newfstatat(AT_FDCWD, "/dev/pts/1", {st_mode=S_IFCHR|0620, st_rdev=makedev(0x88, 0x1), ...}, 0) = 0
> write(3, "OPTION ttyname=/dev/pts/1", 25) = 25
231,233d229
< write(3, "OPTION putenv=DBUS_SESSION_BUS_A"..., 67) = 67
< write(3, "\n", 1)                       = 1
< read(3, "OK\n", 1002)                   = 3
242c238
< read(3, "D 2.2.27\nOK\n", 1002)         = 12
---
> read(3, "D 2.4.0\nOK\n", 1002)          = 11
251c247
< read(3, "D 2.2.27\nOK\n", 1002)         = 12
---
> read(3, "D 2.4.0\nOK\n", 1002)          = 11
254,260c250,285
< read(3, "ERR 100696144 No such device <SC"..., 1002) = 35
< write(2, "gpg: selecting card failed: No s"..., 42gpg: selecting card failed: No such device) = 42
< write(2, "\n", 1
< )                       = 1
< write(2, "gpg: OpenPGP card not available:"..., 47gpg: OpenPGP card not available: No such device) = 47
< write(2, "\n", 1
< )                       = 1
---
> read(3, "S SERIALNO D27600012401000000061"..., 1002) = 47
> write(3, "LEARN --sendinfo", 16)        = 16
> write(3, "\n", 1)                       = 1
> read(3, "S PROGRESS learncard k 0 0\nS PRO"..., 1002) = 81
> read(3, "S UIF-3 %00+\nS UIF-2 %00+\nS UIF-"..., 1002) = 39
> read(3, "S KDF \201%01%00\nS SIG-COUNTER 34\nS"..., 1002) = 190
> read(3, "S KEY-FPR 2 18A0859F0AB604D3DC5E"..., 1002) = 270
> read(3, "\nS APPTYPE openpgp\nS CARDVERSION"..., 986) = 142
> read(3, "S KEYPAIRINFO E0A643B83B3099E07C"..., 1002) = 130
> read(3, "S KEYPAIRINFO 08035231A8556CE7BC"..., 1002) = 68
> write(3, "SCD GETATTR KEY-ATTR", 20)    = 20
> write(3, "\n", 1)                       = 1
> read(3, "S KEY-ATTR 1 22 Ed25519\nS KEY-AT"..., 1002) = 77
> read(3, "\n", 1000)                     = 1
> openat(AT_FDCWD, "/etc/localtime", O_RDONLY|O_CLOEXEC) = 4
> newfstatat(4, "", {st_mode=S_IFREG|0644, st_size=309, ...}, AT_EMPTY_PATH) = 0
> newfstatat(4, "", {st_mode=S_IFREG|0644, st_size=309, ...}, AT_EMPTY_PATH) = 0
> read(4, "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\4\0\0\0\4\0\0\0\0"..., 4096) = 309
> lseek(4, -176, SEEK_CUR)                = 133
> read(4, "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\4\0\0\0\4\0\0\0\0"..., 4096) = 176
> close(4)                                = 0
> openat(AT_FDCWD, "/home/****/.gnupg/pubring.kbx", O_RDONLY) = 4
> read(4, "\0\0\0 \1\1\0\2KBXf\0\0\0\0_h\320\300cL2\376\0\0\0\0\0\0\0\0"..., 8192) = 1210
> write(3, "KEYINFO 8EB4DD4779D38BCA7AD25E68"..., 48) = 48
> write(3, "\n", 1)                       = 1
> read(3, "ERR 67108891 \214\251\202\302\202\251\202\350\202\334\202\271\202\361 <GPG"..., 1002) = 40
> write(3, "KEYINFO 08035231A8556CE7BCDBE2E0"..., 48) = 48
> write(3, "\n", 1)                       = 1
> read(3, "S KEYINFO 08035231A8556CE7BCDBE2"..., 1002) = 109
> write(3, "KEYINFO 14155BA9D65B067661A47115"..., 48) = 48
> write(3, "\n", 1)                       = 1
> read(3, "S KEYINFO 14155BA9D65B067661A471"..., 1002) = 109
> write(3, "KEYINFO E0A643B83B3099E07C39E653"..., 48) = 48
> write(3, "\n", 1)                       = 1
> read(3, "S KEYINFO E0A643B83B3099E07C39E6"..., 1002) = 109
> close(4)                                = 0
263,264c288,329
< exit_group(2)                           = ?
< +++ exited with 2 +++
\ No newline at end of file
---
> newfstatat(1, "", {st_mode=S_IFCHR|0620, st_rdev=makedev(0x88, 0x1), ...}, AT_EMPTY_PATH) = 0
> write(1, "Reader ...........: Yubico YubiK"..., 1024Reader ...........: Yubico YubiKey OTP FIDO CCID 0
> Application ID ...: D2760001240100000006197130400000
> Application type .: OpenPGP
> Version ..........: 0.0
> Manufacturer .....: Yubico
> Serial number ....: 19713040
> Name of cardholder: **** *****
> Language prefs ...: ja
> Salutation .......:
> URL of public key : [not set]
> Login data .......: [not set]
> Signature PIN ....: not forced
> Key attributes ...: ed25519 cv25519 ed25519
> Max. PIN lengths .: 127 127 127
> PIN retry counter : 3 0 3
> Signature counter : 34
> KDF setting ......: off
> Signature key ....: AD92 E3A2 1660 CE94 B296  1355 3AA4 448A A00D 398A
>       created ....: 2022-10-16 17:19:04
> Encryption key....: 18A0 859F 0AB6 04D3 DC5E  5ED2 CA14 1B40 3FBE EE2A
>       created ....: 2022-10-16 17:19:28
> Authentication key: 158F 71BF A67C B493 A1E6  1350 C3C4 623C B57C 6CD6
>       created ....: 2022-10-16 17:19:52
> General key info..: sub  ed25519/3AA4448AA00D398A 2022-10-16 **** ***** <*********@**********.com>
> sec#  ed25519/0A2F33ED48D82894  created: 2022-10-16  expires: nev) = 1024
> write(1, "er     \n", 8er
> )                = 8
> write(1, "ssb>  ed25519/3AA4448AA00D398A  "..., 73ssb>  ed25519/3AA4448AA00D398A  created: 2022-10-16  expires: 2027-10-15
> ) = 73
> write(1, "                                "..., 55                                card-no: 0006 19713040
> ) = 55
> write(1, "ssb>  cv25519/CA141B403FBEEE2A  "..., 73ssb>  cv25519/CA141B403FBEEE2A  created: 2022-10-16  expires: 2027-10-15
> ) = 73
> write(1, "                                "..., 55                                card-no: 0006 19713040
> ) = 55
> write(1, "ssb>  ed25519/C3C4623CB57C6CD6  "..., 73ssb>  ed25519/C3C4623CB57C6CD6  created: 2022-10-16  expires: 2027-10-15
> ) = 73
> write(1, "                                "..., 55                                card-no: 0006 19713040
> ) = 55
> exit_group(0)                           = ?
> +++ exited with 0 +++
\ No newline at end of file

@OneBlue
Copy link
Collaborator

OneBlue commented Mar 24, 2023

I wonder if you have another gpg deamon running with systemd.

What's the output of sudo systemctl -t service --all and systemctl --user -t service --all ?

@huangnazu
Copy link
Author

Sorry for replying late.

$ sudo systemctl -t service --all
  UNIT                                   LOAD      ACTIVE   SUB     DESCRIPTION
  accounts-daemon.service                loaded    active   running Accounts Service
  acpid.service                          loaded    inactive dead    ACPI event daemon
  apparmor.service                       loaded    inactive dead    Load AppArmor profiles
  apport-autoreport.service              loaded    inactive dead    Process error reports when automatic reporting is enabled
  apport.service                         loaded    active   exited  LSB: automatic crash report generation
  apt-daily-upgrade.service              loaded    inactive dead    Daily apt upgrade and clean activities
  apt-daily.service                      loaded    inactive dead    Daily apt download activities
  atd.service                            loaded    active   running Deferred execution scheduler
● auditd.service                         not-found inactive dead    auditd.service
  avahi-daemon.service                   loaded    active   running Avahi mDNS/DNS-SD Stack
  binfmt-support.service                 loaded    active   exited  Enable support for additional executable binary formats
  blk-availability.service               loaded    active   exited  Availability of block devices
  certbot.service                        loaded    inactive dead    Certbot
  cgroupfs-mount.service                 loaded    active   exited  LSB: Set up cgroupfs mounts.
  cloud-config.service                   loaded    inactive dead    Apply the settings specified in cloud-config
  cloud-final.service                    loaded    inactive dead    Execute cloud user/final scripts
  cloud-init-hotplugd.service            loaded    inactive dead    cloud-init hotplug hook daemon
  cloud-init-local.service               loaded    inactive dead    Initial cloud-init job (pre-networking)
  cloud-init.service                     loaded    inactive dead    Initial cloud-init job (metadata service crawler)
● connman.service                        not-found inactive dead    connman.service
  console-getty.service                  loaded    active   running Console Getty
● console-screen.service                 not-found inactive dead    console-screen.service
  console-setup.service                  loaded    active   exited  Set console font and keymap
  containerd.service                     loaded    active   running containerd container runtime
  cron.service                           loaded    active   running Regular background program processing daemon
● cups-browsed.service                   masked    inactive dead    cups-browsed.service
● cups.service                           masked    inactive dead    cups.service
  dbus.service                           loaded    active   running D-Bus System Message Bus
  dm-event.service                       loaded    inactive dead    Device-mapper event daemon
  dmesg.service                          loaded    inactive dead    Save initial kernel messages after boot
  dpkg-db-backup.service                 loaded    inactive dead    Daily dpkg database backup service
  e2scrub_all.service                    loaded    inactive dead    Online ext4 Metadata Check for All Filesystems
  e2scrub_reap.service                   loaded    inactive dead    Remove Stale Online ext4 Metadata Check Snapshots
  emergency.service                      loaded    inactive dead    Emergency Shell
● fcoe.service                           not-found inactive dead    fcoe.service
  finalrd.service                        loaded    active   exited  Create final runtime dir for shutdown pivot root
  fstrim.service                         loaded    inactive dead    Discard unused blocks on filesystems from /etc/fstab
  fwupd-refresh.service                  loaded    inactive dead    Refresh fwupd metadata and update motd
  gdm3.service                           loaded    active   exited  LSB: GNOME Display Manager
  getty-static.service                   loaded    inactive dead    getty on tty2-tty6 if dbus and logind are not available
  getty@tty1.service                     loaded    active   running Getty on tty1
● gpu-manager.service                    masked    inactive dead    gpu-manager.service
● grub-common.service                    masked    inactive dead    grub-common.service
● grub-initrd-fallback.service           masked    inactive dead    grub-initrd-fallback.service
● hv_kvp_daemon.service                  not-found inactive dead    hv_kvp_daemon.service
  irqbalance.service                     loaded    inactive dead    irqbalance daemon
● iscsi-shutdown.service                 not-found inactive dead    iscsi-shutdown.service
  iscsid.service                         loaded    inactive dead    iSCSI initiator daemon (iscsid)
● kbd.service                            not-found inactive dead    kbd.service
  keyboard-setup.service                 loaded    active   exited  Set the console keyboard layout
  kmod-static-nodes.service              loaded    inactive dead    Create List of Static Device Nodes
  lightdm.service                        loaded    active   exited  LSB: Start lightdm
  logrotate.service                      loaded    inactive dead    Rotate log files
● lvm2-activation-early.service          not-found inactive dead    lvm2-activation-early.service
● lvm2-activation.service                not-found inactive dead    lvm2-activation.service
  lvm2-lvmpolld.service                  loaded    inactive dead    LVM2 poll daemon
  lvm2-monitor.service                   loaded    inactive dead    Monitoring of LVM2 mirrors, snapshots etc. using dmeventd or progress polling
● lxc.service                            not-found inactive dead    lxc.service
  lxcfs.service                          loaded    inactive dead    FUSE filesystem for LXC
● lxd-agent-9p.service                   not-found inactive dead    lxd-agent-9p.service
  lxd-agent.service                      loaded    inactive dead    LXD - agent
  man-db.service                         loaded    inactive dead    Daily man-db regeneration
● mariadb.service                        masked    inactive dead    mariadb.service
  ModemManager.service                   loaded    inactive dead    Modem Manager
  modprobe@chromeos_pstore.service       loaded    inactive dead    Load Kernel Module chromeos_pstore
  modprobe@configfs.service              loaded    inactive dead    Load Kernel Module configfs
  modprobe@drm.service                   loaded    inactive dead    Load Kernel Module drm
  modprobe@efi_pstore.service            loaded    inactive dead    Load Kernel Module efi_pstore
  modprobe@fuse.service                  loaded    inactive dead    Load Kernel Module fuse
  modprobe@pstore_blk.service            loaded    inactive dead    Load Kernel Module pstore_blk
  modprobe@pstore_zone.service           loaded    inactive dead    Load Kernel Module pstore_zone
  modprobe@ramoops.service               loaded    inactive dead    Load Kernel Module ramoops
  motd-news.service                      loaded    inactive dead    Message of the Day
  multipathd.service                     loaded    inactive dead    Device-Mapper Multipath Device Controller
  netplan-ovs-cleanup.service            loaded    inactive dead    OpenVSwitch configuration for cleanup
● network-manager.service                not-found inactive dead    network-manager.service
  networkd-dispatcher.service            loaded    active   running Dispatcher daemon for systemd-networkd
● networking.service                     not-found inactive dead    networking.service
  NetworkManager-wait-online.service     loaded    active   exited  Network Manager Wait Online
  NetworkManager.service                 loaded    active   running Network Manager
  nginx.service                          loaded    active   running A high performance web server and a reverse proxy server
  open-iscsi.service                     loaded    inactive dead    Login to default iSCSI targets
  open-vm-tools.service                  loaded    inactive dead    Service for virtual machines hosted on VMware
● ovsdb-server.service                   not-found inactive dead    ovsdb-server.service
  plocate-updatedb.service               loaded    inactive dead    Update the plocate database
  plymouth-quit-wait.service             loaded    active   exited  Hold until boot process finishes up
  plymouth-quit.service                  loaded    active   exited  Terminate Plymouth Boot Screen
  plymouth-read-write.service            loaded    active   exited  Tell Plymouth To Write Out Runtime Data
  plymouth-start.service                 loaded    inactive dead    Show Plymouth Boot Screen
  polkit.service                         loaded    active   running Authorization Manager
  pollinate.service                      loaded    inactive dead    Pollinate to seed the pseudo random number generator
● postgresql.service                     masked    inactive dead    postgresql.service
● power-profiles-daemon.service          masked    inactive dead    power-profiles-daemon.service
● rbdmap.service                         not-found inactive dead    rbdmap.service
  rc-local.service                       loaded    inactive dead    /etc/rc.local Compatibility
  redis-server.service                   loaded    active   running Advanced key-value store
  rescue.service                         loaded    inactive dead    Rescue Shell
  rsync.service                          loaded    inactive dead    fast remote file copy program daemon
  rsyslog.service                        loaded    active   running System Logging Service
  rtkit-daemon.service                   loaded    active   running RealtimeKit Scheduling Policy Service
  secureboot-db.service                  loaded    inactive dead    Secure Boot updates for DB and DBX
  setvtrgb.service                       loaded    active   exited  Set console scheme
  snapd.aa-prompt-listener.service       loaded    inactive dead    Userspace listener for prompt events
  snapd.apparmor.service                 loaded    inactive dead    Load AppArmor profiles managed internally by snapd
  snapd.autoimport.service               loaded    inactive dead    Auto import assertions from block devices
  snapd.core-fixup.service               loaded    inactive dead    Automatically repair incorrect owner/permissions on core devices
  snapd.failure.service                  loaded    inactive dead    Failure handling of the snapd snap
  snapd.recovery-chooser-trigger.service loaded    inactive dead    Wait for the Ubuntu Core chooser trigger
  snapd.seeded.service                   loaded    active   exited  Wait until snapd is fully seeded
  snapd.service                          loaded    active   running Snap Daemon
  snapd.snap-repair.service              loaded    inactive dead    Automatically fetch and run repair assertions
  ssh.service                            loaded    active   running OpenBSD Secure Shell server
● sshd-keygen.service                    not-found inactive dead    sshd-keygen.service
● switcheroo-control.service             masked    inactive dead    switcheroo-control.service
  sysstat-collect.service                loaded    inactive dead    system activity accounting tool
  sysstat-summary.service                loaded    inactive dead    Generate a daily summary of process accounting
  sysstat.service                        loaded    active   exited  Resets System Activity Logs
  systemd-ask-password-console.service   loaded    inactive dead    Dispatch Password Requests to Console
  systemd-ask-password-plymouth.service  loaded    inactive dead    Forward Password Requests to Plymouth
  systemd-ask-password-wall.service      loaded    inactive dead    Forward Password Requests to Wall
  systemd-binfmt.service                 loaded    inactive dead    Set Up Additional Binary Formats
  systemd-boot-system-token.service      loaded    inactive dead    Store a System Token in an EFI Variable
  systemd-fsck-root.service              loaded    inactive dead    File System Check on Root Device
  systemd-fsckd.service                  loaded    inactive dead    File System Check Daemon to report status
● systemd-hwdb-update.service            not-found inactive dead    systemd-hwdb-update.service
  systemd-initctl.service                loaded    inactive dead    initctl Compatibility Daemon
  systemd-journal-flush.service          loaded    active   exited  Flush Journal to Persistent Storage
  systemd-journald.service               loaded    active   running Journal Service
  systemd-logind.service                 loaded    active   running User Login Management
  systemd-machine-id-commit.service      loaded    inactive dead    Commit a transient machine-id on disk
  systemd-modules-load.service           loaded    inactive dead    Load Kernel Modules
  systemd-networkd-wait-online.service   loaded    active   exited  Wait for Network to be Configured
  systemd-networkd.service               loaded    active   running Network Configuration
  systemd-pstore.service                 loaded    inactive dead    Platform Persistent Storage Archival
  systemd-random-seed.service            loaded    inactive dead    Load/Save Random Seed
● systemd-remount-fs.service             loaded    failed   failed  Remount Root and Kernel File Systems
  systemd-resolved.service               loaded    active   running Network Name Resolution
  systemd-sysctl.service                 loaded    active   exited  Apply Kernel Variables
  systemd-sysusers.service               loaded    active   exited  Create System Users
  systemd-timesyncd.service              loaded    inactive dead    Network Time Synchronization
  systemd-tmpfiles-clean.service         loaded    inactive dead    Cleanup of Temporary Directories
  systemd-tmpfiles-setup-dev.service     loaded    active   exited  Create Static Device Nodes in /dev
  systemd-tmpfiles-setup.service         loaded    active   exited  Create Volatile Files and Directories
  systemd-udev-trigger.service           loaded    active   exited  Coldplug All udev Devices
  systemd-udevd.service                  loaded    active   running Rule-based Manager for Device Events and Files
● systemd-update-done.service            not-found inactive dead    systemd-update-done.service
  systemd-update-utmp-runlevel.service   loaded    inactive dead    Record Runlevel Change in UTMP
  systemd-update-utmp.service            loaded    active   exited  Record System Boot/Shutdown in UTMP
  systemd-user-sessions.service          loaded    active   exited  Permit User Sessions
● systemd-vconsole-setup.service         not-found inactive dead    systemd-vconsole-setup.service
● ua-auto-attach.service                 not-found inactive dead    ua-auto-attach.service
  ua-reboot-cmds.service                 loaded    inactive dead    Ubuntu Advantage reboot cmds
  ua-timer.service                       loaded    inactive dead    Ubuntu Advantage Timer for running repeated jobs
● ubuntu-advantage-cloud-id-shim.service not-found inactive dead    ubuntu-advantage-cloud-id-shim.service
  ubuntu-advantage.service               loaded    inactive dead    Ubuntu Pro Background Auto Attach
  udisks2.service                        loaded    active   running Disk Manager
  ufw.service                            loaded    active   exited  Uncomplicated firewall
  unattended-upgrades.service            loaded    active   running Unattended Upgrades Shutdown
  update-notifier-download.service       loaded    inactive dead    Download data for packages that failed at package install time
  update-notifier-motd.service           loaded    inactive dead    Check to see whether there is a new version of Ubuntu available
  user-runtime-dir@0.service             loaded    active   exited  User Runtime Directory /run/user/0
  user-runtime-dir@1000.service          loaded    active   exited  User Runtime Directory /run/user/1000
● user@0.service                         loaded    failed   failed  User Manager for UID 0
  user@1000.service                      loaded    active   running User Manager for UID 1000
  uuidd.service                          loaded    inactive dead    Daemon for generating UUIDs
  vgauth.service                         loaded    inactive dead    Authentication service for virtual machines hosted on VMware  whoopsie.service                       loaded    active   exited  LSB: crash report submission daemon
  wpa_supplicant.service                 loaded    active   running WPA supplicant
  wslg-mount.service                     loaded    inactive dead    WSLg Remount Service
● zfs-mount.service                      not-found inactive dead    zfs-mount.service

LOAD   = Reflects whether the unit definition was properly loaded.
ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
SUB    = The low-level unit activation state, values depend on unit type.
170 loaded units listed.
To show all installed unit files use 'systemctl list-unit-files'.

$ systemctl --user -t service --all
  UNIT                           LOAD   ACTIVE   SUB     DESCRIPTION
  dbus.service                   loaded active   running D-Bus User Message Bus
  dirmngr.service                loaded inactive dead    GnuPG network certificate management daemon
  gpg-agent.service              loaded inactive dead    GnuPG cryptographic agent and passphrase cache
  pipewire-media-session.service loaded active   running PipeWire Media Session Manager
  pipewire.service               loaded active   running PipeWire Multimedia Service
  pk-debconf-helper.service      loaded inactive dead    debconf communication service
  pulseaudio.service             loaded active   running Sound Service
  snapd.session-agent.service    loaded inactive dead    snapd user session agent

LOAD   = Reflects whether the unit definition was properly loaded.
ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
SUB    = The low-level unit activation state, values depend on unit type.
8 loaded units listed.
To show all installed unit files use 'systemctl list-unit-files'.

@jonaskuske
Copy link

With systemd enabled, XDG_RUNTIME_DIR is set and the gpg sockets are in /run/user/1000/gnupg instead of ~/.gnupg. Your script still creates the relay sockets in ~/.gnupg, but those are ignored by the gpg-agent, which uses the sockets in /run/user/1000 instead.

@huangnazu
Copy link
Author

Thank you for your advice.
I have followed your comment and updated the script path from '~/.gnupg' to '/run/user/1000/gnupg'.
As a result, the error message now reads as follows.

$ gpg --card-status
gpg: selecting card failed: No such device
gpg: OpenPGP card not available: No such device

@mosullivan93
Copy link

mosullivan93 commented May 16, 2023
edited

I had this problem, too. GnuPG prioritises placing its sockets under $XDG_RUNTIME_DIR/gnupg when that environment variable is set. I also found that the GnuPG installation adds unit files for systemd that handle socket creation and launching the agent automatically on user login.

I don't remember if all of these are required but I took a rather heavy handed approach. The following will disable the unit files that create the sockets found in the GPG socket directory. After you restart WSL2 you should be golden.

sudo systemctl disable --global gpg-agent.socket
sudo systemctl disable --global gpg-agent-extra.socket
sudo systemctl disable --global gpg-agent-ssh.socket
sudo systemctl disable --global gpg-agent-browser.socket
sudo systemctl disable --global dirmngr.socket

Edit: My statement about the use of the XDG_RUNTIME_DIR variable was incorrect. GnuPG checks a few directories but doesn't explicit rely on the environment variable as previously described. Regardless, I describe a solution in my comment below.

@internalsystemerror
Copy link

Getting the same issue. Disabling systemd, gpg works as expected.

@mosullivan93 I tried disabling those, but no luck.

@mosullivan93
Copy link

mosullivan93 commented May 25, 2023
edited

@internalsystemerror Ah, you're right. I had to go back and double check all of the changes I made to my startup scripts. I've had my YubiKey+GPG working in systemd/WSL2 for some time, but there was one more problem I had to track down.

What I found was that after WSL2 starts (i.e. you open Ubuntu in Windows Terminal) and your first terminal is ready, a second login shell spawns in the background that serves as a persistent systemd login session (it remains when you exit your terminal and can be seen with loginctl list-sessions). Unfortunately, this shell doesn't come with the environment variables needed by the relay script I use for the GnuPG so it would try to start up, fail, then kill off the daemon that had launched from my working shell.

My solution now (which works regardless of whether I enable systemd) is two fold: use gpgconf --list-dirs socketdir in my relay script to determine the correct socket location, and add another check at the top of my ~/.profile script to ignore the login shell spawned by WSL. I poked around WSL for a while and came up with the following that I believe is suitable:

if [[ -n "${XDG_SESSION_ID}" && "${TERM}" == "dumb" &&
        "$(ps -p $PPID -o comm=)" == "login" ]]; then
        # Running in the background login process. Do nothing.
        return
fi

@huangnazu
Copy link
Author

I solved the problem by just following this.
Thank you all for your cooperation.

@shinji257
Copy link

I had this problem, too. GnuPG prioritises placing its sockets under $XDG_RUNTIME_DIR/gnupg when that environment variable is set. I also found that the GnuPG installation adds unit files for systemd that handle socket creation and launching the agent automatically on user login.

I don't remember if all of these are required but I took a rather heavy handed approach. The following will disable the unit files that create the sockets found in the GPG socket directory. After you restart WSL2 you should be golden.

sudo systemctl disable --global gpg-agent.socket
sudo systemctl disable --global gpg-agent-extra.socket
sudo systemctl disable --global gpg-agent-ssh.socket
sudo systemctl disable --global gpg-agent-browser.socket
sudo systemctl disable --global dirmngr.socket

Edit: My statement about the use of the XDG_RUNTIME_DIR variable was incorrect. GnuPG checks a few directories but doesn't explicit rely on the environment variable as previously described. Regardless, I describe a solution in my comment below.

Old post I know but I had to sort out why it seemed to break on my Debian install when I had it working in Ubuntu. I figured out for the reason why I had my script a certain way and your mention of disabling the socket services resolved why some of my sockets were not being created. In the end all is working again.

My additional heavy handedness is that I create sockets in both /run/user/UID and /home/USER/.gnupg because for whatever reason it doesn't just use the copy in /run/user/UID or /home/USER/.gnupg. It might pick one randomly and break if that one doesn't exist so this ensures that they will exist.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@shinji257 @internalsystemerror @mosullivan93 @OneBlue @jonaskuske @huangnazu