Gpg-agent is mysteriously started by systemd

Similar Messages

• Keychain and gpg-agent not getting along

  I have a problem with gpg-agent. I have been using the Funtoo keychain tool for a while, for my SSH keys exclusively. Works flawlessly - I log in, I call keychain, I type in my passphrases, and it caches my keys. Never get prompted for a passphrase during SSH connection attempts.
  GPG is a different story. I have a GPG key, and I occasionally en- and decrypt files with it. So far so good. I also found out how to get keychain to cache the GPG key. It also picks up my gpg-agent, which is started as per the wiki entry (except that instead of putting it systemwide in /etc/profile.d, I put it in Openbox's ~/.config/openbox/environment file, which is where the SSH agent stuff is supposed to go as well.
  Gpg-agent seemingly launches fine, it exports its environment variables just fine:
  $ echo $GPG_AGENT_INFO
  /tmp/gpg-3faT29/S.gpg-agent:2352:1
  $ cat .gnupg/gpg-agent.env
  GPG_AGENT_INFO=/tmp/gpg-3faT29/S.gpg-agent:2352:1
  There's only one gpg-agent process running:
  $ ps aux|grep gpg-agent
  luser 2352 0.0 0.0 16252 1184 ? Ss 00:00 0:00 gpg-agent --daemon --write-env-file /home/stijn/.gnupg/gpg-agent.env
  luser 3411 0.0 0.0 9276 1016 pts/0 S+ 00:16 0:00 grep gpg-agent
  Keychain picks that up as well:
  $ keychain --eval
  * keychain 2.7.1 ~ http://www.funtoo.org
  * Found existing ssh-agent: 2346
  SSH_AUTH_SOCK=/tmp/ssh-YhDgORoL2345/agent.2345; export SSH_AUTH_SOCK;
  SSH_AGENT_PID=2346; export SSH_AGENT_PID;
  * Found existing gpg-agent: 2352
  GPG_AGENT_INFO=/tmp/gpg-3faT29/S.gpg-agent:2352:1; export GPG_AGENT_INFO;
  * Known ssh key: /home/stijn/.ssh/id_rsa-amalthea
  * Known ssh key: /home/stijn/.ssh/id_rsa-athena
  * Known ssh key: /home/stijn/.ssh/id_rsa-zeus
  * Known ssh key: /home/stijn/.ssh/id_rsa-mnemosyne
  * Known gpg key: [8 digit hex key]
  However, when I open Mutt (or just try to decrypt about any GPG encrypted file), it will prompt me for the passphrase, despite the key already being cached. Passing --use-agent does not help (I also set that in ~/.gnupg/gpg.conf).
  The bizarre thing being, of course, that the keychain-cached key did not get picked up, but if I enter my passphrase into the prompt I get the first time I call gpg, it does seem to get cached - I can open mutt, decrypt files, etc., it will all use that cached key.
  Any tips? I get the feeling I'm missing something, but couldn't find what exactly.
  Last edited by .:B:. (2011-12-06 22:25:27)

  Gpg-agent by itself works fine, although I get the feeling that, a bit like sudo, there's an expiration date on the cached key - it seems I need to type the passphrase again after a few hours or so.
  Either way, I'd love to get this working with keychain.

• Script to clear cached gpg-agent passphrase?

  Hello,
  I recently setup enigmail with thunderbird so I can sign and encrypt email. I had an issue with the passphrase being cached by seahorse, and was unable to find a setting to change the time. Doing a lot of searching I found that setting "use-agent" in ~/.gnupg/gpg.conf and setting appropriate timeouts in ~/.gnupg/gpg-agent.conf was supposed to work. But after many, many failed attempts, I switched from gnome to xfce and got rid of seahorse (probably making this far more complicated than I needed to, but I like xfce, too). As soon as I did that the timeouts I set in gpg-agent.conf started working correctly. Currently using 300 seconds. I would like to extend this time to 10 or 20 minutes to save the password hassle while going through emails, but would like an "easy" way to clear the cached passphrase when I'm finished. I always lock my desktop when I'm away, but would prefer to know my signature and key passphrase is no longer cached when I get up.
  I found this in the kde wiki:
  killall gpg-agent    -stops all instances
  eval "$(gpg-agent --daemon)"     -will restart the agent
  gpg-agent status     -should tell you if the agent is running.
  If I execute eval "$(gpg-agent --daemon)" nothing seems to happen, I can click any message and it decrypts without asking for my passphrase (as long as the 5 minute timeout hasn't expired of course).
  If I kill gpg-agent, and then use eval "$(gpg-agent --daemon)" to start it back up, when I click on an encrypted message in thunderbird I get this error in the signature banner "Error - signature verification failed; click on 'Details' button for more information"
  OpenPGP security info reveals the following:
  Error - signature verification failed
  gpg command line and output:
  /usr/bin/gpg
  can't connect to `/tmp/gpg-ZoVzCT/S.gpg-agent': No such file or directory
  gpg: can't connect to `/tmp/gpg-ZoVzCT/S.gpg-agent': connect failed
  gpg: can't query passphrase in batch mode
  gpg: Invalid passphrase; please try again ...
  gpg: can't query passphrase in batch mode
  gpg: Invalid passphrase; please try again ...
  gpg: can't query passphrase in batch mode
  gpg: encrypted with 4096-bit RSA key, ID XXXXXXX, created 2012-XXXX
        "XXXXXX <XXXXXX>"
  gpg: encrypted with 4096-bit RSA key, ID XXXXXXX, created 2012-XXXX
        "XXXXXX <XXXXXX>"
  gpg: public key decryption failed: bad passphrase
  gpg: decryption failed: secret key not available
  Restarting thunderbird doesn't help. Restarting the computer fixes it. It looks like when gpg-agent starts it creates a gpg-RANDOM temp directory, and when I restart it that changes, but enigmail doesn't pick this up even after restarting thunderbird. How does it figure it out on a fresh start?
  Is there anyway to simply clear the gpg-agent cached passphrase and then be able to use it again (supply the password) without having to restart the computer?
  Thanks!

  Send a SIGHUP signal to the gpg-agent process. This will clear all stored passphrases.
  pkill -SIGHUP gpg-agent

• Gpg-agent with systemd

  Hey!
  I am a novice Arch user and I am having problems with the latest gpg distribution when used with systemd and ssh-support. Currently, I am using i3 with lightdm, and I am using systemd to start gpg-agent with ssh support. Specifically, I have the following gpg-agent.service file in my ${HOME}/.config/systemd/user/ directory:
  [Unit]
  Description=gpg-agent Daemon with SSH Support
  [Service]
  Type=forking
  ExecStart=/usr/bin/gpg-agent --quiet --daemon --enable-ssh-support
  Restart=on-success
  [Install]
  WantedBy=default.target
  which is expected to restart when exited properly and/or due to a signal. When I enable and start the service with systemctl --user prefix, it works as it is supposed to be. I have the following gpg-agent.conf file:
  default-cache-ttl 600
  default-cache-ttl-ssh 3600
  max-cache-ttl 7200
  max-cache-ttl-ssh 7200
  enforce-passphrase-constraints
  min-passphrase-len 10
  min-passphrase-nonalpha 4
  max-passphrase-days 180
  pinentry-program /usr/bin/pinentry-curses
  and the following excerpt in my .zshrc:
  # GPG configuration
  # Check for the gpg-agent socket, and set SSH_AUTH_SOCK and GPG_TTY
  # environment variables accordingly:
  if [[ -S "${HOME}/.gnupg/S.gpg-agent.ssh" ]]; then
  export GPG_TTY=$(tty)
  if [[ ${SSH_AUTH_SOCK} != "${HOME}/.gnupg/S.gpg-agent.ssh" ]]; then
  export SSH_AUTH_SOCK="${HOME}/.gnupg/S.gpg-agent.ssh"
  fi
  fi
  The problem is, everything is working properly except for one thing: "When I want to ssh to my server, I get an 'Agent admitted failure to sign using the key' error." I mean, the environment variables seem to be fine when I fire up a zsh session (terminal emulator) and/or everything seems ok when I issue systemctl --user status gpg-agent, but I cannot ssh to my server using my gpg-key. However, when I stop the systemd unit and just issue eval $(gpg-agent --quiet --daemon --enable-ssh-support) in a new terminal emulator, ssh works fine. In both of the aforementioned versions, when I issue gpg --clearsign some_file.txt command, I am asked in the terminal emulator for my password (I suppose in the so called curses pinentry program).
  I thank you in advance for your time, and appreciate any suggestions. Best,

  You might need to make a script to start it. Like "/usr/local/bin/gpg-agent-daemon.zsh"
  then in that file have:
  #!/usr/bin/zsh
  gpg-agent --quiet --daemon --enable-ssh-support --write-env-file "${HOME}/.gpg-agent-info"
  And do chmod +x
  And in your gpg-agent.service file:
  [Service]
  Type=forking
  ExecStart=gpg-agent-daemon.zsh
  <...>
  And then in $ZDOTDIR/.zprofile
  # GPG configuration
  # Check for the gpg-agent socket, and set SSH_AUTH_SOCK and GPG_TTY
  # environment variables accordingly:
  if [[ -S "${HOME}/.gnupg/S.gpg-agent.ssh" ]]; then
  export GPG_TTY=$(tty)
  export GPG_TTY
  if [[ ${SSH_AUTH_SOCK} != "${HOME}/.gnupg/S.gpg-agent.ssh" ]]; then
  export SSH_AUTH_SOCK="${HOME}/.gnupg/S.gpg-agent.ssh"
  fi
  if [ -f "${HOME}/.gpg-agent-info" ]; then
  . "${HOME}/.gpg-agent-info"
  export GPG_AGENT_INFO
  fi
  fi

• SSH Key login not working when added to gpg-agent

  Hello,
  As I use gnupg, I run the gpg-agent. I run it with systemd --user and it works flawlessly. As I already run gpg-agent, I figured I might as well just add my ssh keys to it as well. Therefore I start gpg-agent with --enable-ssh-support. I use my SSH keys a lot and never had any problems with connecting to anything with a simple ssh .... or pushing things to git etc.
  As the SOCKS_AUTH_SSH envvar needs to be set for ssh-add to work, I added this line to my .bashrc
  export SSH_AUTH_SOCK=~/.gnupg/S.gpg-agent.ssh
  Now, adding my SSH Keys with a simple ssh-add seems to work fine (no errors etc).
  However, when I try to connect to a server now, the following happens:
  ssh -vT [email protected]
  OpenSSH_6.8p1, OpenSSL 1.0.2a 19 Mar 2015
  debug1: Reading configuration data /etc/ssh/ssh_config
  debug1: Connecting to XXXXXXXXX port XXXXX.
  debug1: Connection established.
  debug1: identity file /home/XXXXX/.ssh/id_rsa type 1
  debug1: key_load_public: No such file or directory
  debug1: identity file /home/XXXXX/.ssh/id_rsa-cert type -1
  debug1: Enabling compatibility mode for protocol 2.0
  debug1: Local version string SSH-2.0-OpenSSH_6.8
  debug1: Remote protocol version 2.0, remote software version OpenSSH_6.8
  debug1: match: OpenSSH_6.8 pat OpenSSH* compat 0x04000000
  debug1: SSH2_MSG_KEXINIT sent
  debug1: SSH2_MSG_KEXINIT received
  debug1: kex: server->client aes128-ctr [email protected] none
  debug1: kex: client->server aes128-ctr [email protected] none
  debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
  debug1: Server host key: ecdsa-sha2-nistp256 SHA256:Mw5MTDp91yExgStdoMPMwi2yZdoG9MruOm+6XiC5Vks
  debug1: Host '[XXXXXXX]:XXX' is known and matches the ECDSA host key.
  debug1: Found key in /home/XXXX/.ssh/known_hosts:1
  debug1: SSH2_MSG_NEWKEYS sent
  debug1: expecting SSH2_MSG_NEWKEYS
  debug1: SSH2_MSG_NEWKEYS received
  debug1: Roaming not allowed by server
  debug1: SSH2_MSG_SERVICE_REQUEST sent
  debug1: SSH2_MSG_SERVICE_ACCEPT received
  debug1: Authentications that can continue: publickey
  debug1: Next authentication method: publickey
  debug1: Offering RSA public key: /home/XXXXX/.ssh/id_rsa
  debug1: Server accepts key: pkalg ssh-rsa blen 279
  debug1: No more authentication methods to try.
  Permission denied (publickey).
  Which is very strange as id_rsa is my (ecrypted) private key. I am also prompted to enter the corresponding password when issuing ssh-add.
  What could the problem be in this case? Thanks a lot!!
  Last edited by replax (2015-05-18 19:06:58)

  replax wrote:Well, there is something listed in .gnupg/sshcontrol , I am not sure if it is connected to my own key though. I tried ssh-add -l and it will list my one key, although it is different from the one in sshcontrol. I suspect that that is an issue of presentation though, as ssh-add spews out the SHA256 of my key..
  How could I go about verifying that they key is indeed correct? Shouldn't it be added automatically by ssh-add?
  Thanks a lot!!
  Yes it should be added automatically. I suppose you could try it in a new user just to start fresh and see if it works, at least then you'll have either verified that your steps were correct or incorrect.

• GPG-AGENT "ignoring" pinentry program? wrong pinentry app for ssh-keys

  Hi!
  I am using gpg-agent to handle my gpg keys and wanted it to handle my ssh keys too, since it is running anyway.
  it works perfectly fine with gpg keys, my pinentry program is pinentry-qt4 , upon request that window pops up for me to enter my passphrase.
  as window manager i use awesome wm.
  however, when i try to use my ssh key, e.g. for github, no pinentry program pops up and in xterm it looks like:
  [me@mybox dotfiles]$ git push origin master
  it seems that is is waiting for my passphrase input but it isnt asking for it. neither does it accept it.
  when i quit my WM, i see that it executed the pinentry program directly in my tty1, to which i do not have access while running my WM.
  my gpg-agent.conf:
  me@mybox ~/.gnupg> cat gpg-agent.conf
  default-cache-ttl 300
  max-cache-ttl 7200
  pinentry-program /usr/bin/pinentry-qt4
  how do i get gpg-agent to respect my pinentry choice for my ssh keys as well?
  thanks for your time !

  I use this
  $ cat /etc/kde/env/gpg-agent-startup.sh
  #!/bin/sh
  # see https://wiki.archlinux.org/index.php/SSH_Keys
  GPG_AGENT=/usr/bin/gpg-agent
  ## Run gpg-agent only if not already running, and available
  if [ -x "${GPG_AGENT}" ] ; then
  # check validity of GPG_SOCKET (in case of session crash)
  GPG_AGENT_INFO_FILE=${HOME}/.gpg-agent-info
  if [ -f "${GPG_AGENT_INFO_FILE}" ]; then
  GPG_AGENT_PID=`cat ${GPG_AGENT_INFO_FILE} | grep GPG_AGENT_INFO | cut -f2 -d:`
  GPG_PID_NAME=`cat /proc/${GPG_AGENT_PID}/comm`
  if [ ! "x${GPG_PID_NAME}" = "xgpg-agent" ]; then
  rm -f "${GPG_AGENT_INFO_FILE}" 2>&1 >/dev/null
  else
  GPG_SOCKET=`cat "${GPG_AGENT_INFO_FILE}" | grep GPG_AGENT_INFO | cut -f1 -d: | cut -f2 -d=`
  if ! test -S "${GPG_SOCKET}" -a -O "${GPG_SOCKET}" ; then
  rm -f "${GPG_AGENT_INFO_FILE}" 2>&1 >/dev/null
  fi
  fi
  unset GPG_AGENT_PID GPG_SOCKET GPG_PID_NAME SSH_AUTH_SOCK
  fi
  if [ -f "${GPG_AGENT_INFO_FILE}" ]; then
  eval "$(cat "${GPG_AGENT_INFO_FILE}")"
  eval "$(cut -d= -f 1 "${GPG_AGENT_INFO_FILE}" | xargs echo export)"
  export GPG_TTY=$(tty)
  else
  eval "$(${GPG_AGENT} -s --enable-ssh-support --daemon --pinentry-program /usr/bin/pinentry-qt4 --write-env-file)"
  fi
  fi
  I think I could probably use the /etc/profile.d location but when I first set it up, kde was already running gpg-agent so I adapted its file. Later, I uninstalled the thing which does that in kde and just kept my own customised version.
  Are you sure that your xinitrc isn't starting a second gpg-agent?

• Help with gpg-agent, ssh, and pinentry-curses

  I use gpg-agent to manage my ssh keys, and for a system that I regularly ssh into, I would like to use pinentry-curses instead of the default pinentry-gtk-2. However, this doesn't work.
  Specifically, I start gpg-agent using script from the arch wiki, /etc/profile.d/gpg-agent.sh:
  if [ $EUID -ne 0 ] ; then
  envfile="$HOME/.gnupg/gpg-agent.env"
  if [[ -e "$envfile" ]] && kill -0 $(grep GPG_AGENT_INFO "$envfile" | cut -d: -f 2) 2>/dev/null; then
  eval "$(cat "$envfile")"
  else
  eval "$(gpg-agent --daemon --enable-ssh-support --write-env-file "$envfile")"
  fi
  export GPG_AGENT_INFO # the env file does not contain the export statement
  export SSH_AUTH_SOCK # enable gpg-agent for ssh
  fi
  and have the following config files
  ~/.gnupg/gpg-agent.conf:
  # Keyboard control
  no-grab
  # PIN entry program
  pinentry-program /usr/bin/pinentry-curses
  #pinentry-program /usr/bin/pinentry-qt4
  #pinentry-program /usr/bin/pinentry-kwallet
  #pinentry-program /usr/bin/pinentry-gtk-2
  ~/.gnupg/gpg.conf:
  use-agent
  ~/.bashrc:
  GPG_TTY=$(tty)
  export GPG_TTY
  Whenever I attempt to ssh using the key that's already been added to gpg-agent, I get the following message:
  Agent admitted failure to sign using the key.
  Permission denied (public key).
  If I change my ~/.gnupg/gpg-agent.conf file to the following:
  # Keyboard control
  #no-grab
  # PIN entry program
  #pinentry-program /usr/bin/pinentry-curses
  #pinentry-program /usr/bin/pinentry-qt4
  #pinentry-program /usr/bin/pinentry-kwallet
  pinentry-program /usr/bin/pinentry-gtk-2
  then everything works fine, and I'm prompted for my passphrase when using ssh.
  I've read posts having to do with a similar issue:
  https://bbs.archlinux.org/viewtopic.php?id=138546
  https://bugs.archlinux.org/task/29156
  It looks like the difference between those and my issue is that I'm using ssh, not just gpg, and I'm not using su. In fact, if I have pinentry-curses set in gpg-agent.conf, and I try to use gpg to encrypt and decrypt a file, everything works fine. The file encrypts, and when decrypting, I am prompted by pinentry-curses for my passphrase. It's just ssh combined with pinentry-curses that gives me troubles.

  I think it actually is the tty capability bug that's biting you...try adding '--without-libcap' to the pinentry-curses PKGBUILD from ABS (/var/abs/core/pinentry/) and rebuilding the package.
  Scott

• [SOLVED] Thunderbird & Enigmail: Using gpg-agent to cache key

  Hi,
  I set up Thunderbird with Enigmail to encrypt my emails.
  However, I do not want to enter my password EVERYTIME I want to read an encrypted email. A quick tab change etc. gets annoying, so I wanted to set-up a time out of 10min.
  Also, I want to use gpg-agent for that (unless there are by far better options), as I could also manage my SSH keys with that (haven't look into it yet, though)
  What I have done:
  - Installed TB & Enigmail, gerated keypair, uploaded to keyserver, tried it with a friend (works)
  - Added gpg-agent startupscript to xinitrc, verified that it runs on x startup (also writes env file so it will only run once, even if x is started multiple times)
  - In enigmail settings selected to use gpg-agent
  - Checked gpg-agent cache timeout (set to 300sec (default-cache-ttl))
  Problem:
  Thunderbird/Enigmail still promts for my passphrase everytime I want to view an encrypted email, even when I quickly switch tabs..
  I would really appreciate some pointing into the right directioin/help on how to ideally solve this problem.
  Thanks for your time
  Last edited by replax (2013-07-31 09:04:03)

  I guess you mean: OpenPGP->Preferences->Passphrase Settings
  These settings do not apply because it only works when the passphrase handling is done by enigmail/TB. It also gives you a warning, that, if you use gpg 2.0 or later you have to use gpg-agent for passphrase handling and have to set the cache time in the agent itself somehow.
  EDIT: Seems to have gotten it to work, I simply added a pinentry-program to the gpg-agent.conf (qt4 version). Strange though, as it should use the gtk entry program by default....
  Is this a feature or a bug? Or is it special in the arch package, e.g. compiled with no default or something like that?

• Kmail and gpg-agent

  as we have now gpg-agent in the repos, i just wondered why kmail do not work with it
  i did everything from http://kmail.kde.org/kmail-pgpmime-howto.html
  but still kmail is opening the dialogue to type the passphrase and kgpg is complaining now this:
  i'm starting gpg-agent from ~/.xinitrc with this line:
  gpg-agent --daemon
  and
  [damir@Asteraceae ~]$ ps -e | grep gpg-agent
  6628 ? 00:00:00 gpg-agent
  thanx in advance for any help

  tpowa wrote:strange you also did that pinentry stuff?
  i have
  pinentry-program /usr/bin/pinentry-qt
  in ~/.gnupg/gpg-agent.conf, if you mean that ... maybe there is some other things to do?
  tpowa wrote:i didn't test the funcionality of gpg
  can someone do some reasearch on that
  kde 3.3.2 is round the corner would be great if it works till then
  yea, that would be nice ...
  well, without the gpg-agent (the classical way), gpg works fine, but it is not really cool having to type a long passphrase each time you send a signed email (especially, if you write lots of emails to lots of different peoples /day)
  here the dialogue i get always when i want to send an email (in kde 3.3.x the gpg-agent lines are new, but the dialogue itself is old (since 3.1.4 working fine the classical way))

• Loop-aes/mount with gpg-agent

  Hey,
  this is not really an Arch related problem, but as this is the only forum I'm using, I'll try it here. The system I'm testing on is Debian etch. loop-aes and gpg-agent alone work fine, when I decrypt data with gpg, pinentry is called and gpg-agent stores the passphrase. I can encrypt/decrypt partitions with loop-aes using a keyfile etc. Now the problem: to decrypt encrypted partitions I want to use a keyfile which is encrypted with gpg. The fstab entry is like this:
  /dev/hda10 /yyy ext3 defaults,loop=/dev/loop4,encryption=AES128,gpgkey=/root/key.asc 0 0
  When I now mount /yyy, the system asks for the passphrase, but not with pinentry. So gpg-agent doesn't store the passphrase. Any ideas?

  Hey,
  this is not really an Arch related problem, but as this is the only forum I'm using, I'll try it here. The system I'm testing on is Debian etch. loop-aes and gpg-agent alone work fine, when I decrypt data with gpg, pinentry is called and gpg-agent stores the passphrase. I can encrypt/decrypt partitions with loop-aes using a keyfile etc. Now the problem: to decrypt encrypted partitions I want to use a keyfile which is encrypted with gpg. The fstab entry is like this:
  /dev/hda10 /yyy ext3 defaults,loop=/dev/loop4,encryption=AES128,gpgkey=/root/key.asc 0 0
  When I now mount /yyy, the system asks for the passphrase, but not with pinentry. So gpg-agent doesn't store the passphrase. Any ideas?

• Server Intelligence Agent won't start after repair of Business Objects 4.0

  I migrated our company's business objects contents and documents from previous BO 3.1 server to new BI 4.0  server using standard BI tools. (That is, using the export wizard in BO 3.1 to create BIAR file and using upgrade management tool to import this biar file to new BI 4.0 server).
  After that, everything looks fine, I can log in to launch pad and can see all the folders, reports, etc have been moved over.
  But Life Cycle Management stopped working. I guess the reason is, when I created the biar file from source 3.1 server, I basically included everything that may include LCM folder as well, and this folder overwrite the LCM folder in BI 4.0 server. In order to fix this issue, I did "repair" of BI platform. After this, the Server Intelligen Agent won't start.
  Tried to log on to cmc, got error message 
  "Error: Server SERVERTest:6400 not found or server may be down (FWM 01003) null"
  Tried to start the Server Intelligence Agent from "services", got message:"windows could not start the server intelligence agent (servertest) from local computer..." Checked the event log, no much useful information.
  Can anyone please give me some ideas? what might have caused this issue? where should I look to? I hope we don't have to go through uninstall/reinstall.
  thanks.

  Hi,
  check the Task Manager if you have running the processes running "SIA.exe" ans "cms.exe"
  Regards
  -Seb.

• Oracle Intelligent Agent cannot be started

  I have installed Oracle 9i into RedHat Linux 9. When I start the Oracle Intelligent Agent, I get nothing response, and find the agent cannot be started.
  I find the error message in dbsnmp.nohup which is showed below:
  /opt/ora9/product/9.2/bin/dbsnmp: error while loading shared libraries: libvppdc.so: cannot open shared object file: No such file or directory
  Agent exited at Thu Nov 13 23:20:31 HKT 2003 with return value 127
  Agent thrashing. Exiting dbsnmpwd at Thu Nov 13 23:20:31 HKT 2003
  I found the library object is existed.
  [oracle@localhost lib]$ ll libvpp*
  -rw-r--r-- 1 oracle oinstall 552036 Apr 26 2002 libvppdc.so
  Can anyone help me to solve the problem?
  Thank you.
  Regards,
  Franklin

  Problem of method 1 (for re-install the oem agent / dbsnmp)
  When I follow the "work Around Procedure" from
  http://www.puschitz.com/InstallingOracle9i.shtml#OracleInstallationErrors
  and download the RPMs (glibc-2.3.2-5.i686.rpm glibc-common-2.3.2-5.i386.rpm glibc-devel-2.3.2-5.i386.rpm) for the procedures.
  When I run the command (#rpm -Uvh --oldpackage glibc-2.3.2-5.i686.rpm glibc-common-2.3.2-5.i386.rpm glibc-devel-2.3.2-5.i386.rpm),I found the error shown below:
  error:glibc-2.3.2-5.i686.rpm:V3 DSA Signature:BAD, key ID db42a60e
  error:glibc-2.3.2-5.i686.rpm cannot be installed
  Problem of method 2
  When I try to unpack glibc-2.3.2-5.i686.rpm and replace libc-2.3.2.so and libc.so.6 by using the following steps
  # mkdir /root/tmp
  # mv glibc-2.3.2-5.i686.rpm /root/tmp
  # cd /root/tmp
  # rpm2cpio glibc-2.3.2-5.i686.rpm | cpio -idmv
  # cp /lib/libc-2.3.2.so /lib/libc-2.3.2.so.ORIG
  # cp lib/libc-2.3.2.so /lib/.
  # rm -f /lib/libc.so.6
  # ln -s /lib/libc-2.3.2.so /lib/libc.so.6
  I find the system is halted, when I run (# cp lib/libc-2.3.2.so /lib/.) When I reboot the system, I find error
  init:error while loading shared libraries:libc.so.6:cannot open shared object file:No such file or directory
  Kernel panic: Attempted to kill init.
  Please help me to fix the problem. Many thanks.
  Regards,
  Franklin.

• SQL Server Agent can't start

  Hi Expert,
  I have a problem when using SQL Server 2005.
  I also use Windows Server 2008
  My SQL Server Agent can't start.
  When I try to start, I have message "The SQL Server Agent (MSSQLSERVER)  service on Local Computer started and then stopped (object explorer).
  Why does this problem happen?
  Thanks
  Regards,
  Vicky Oktavianus

  > 2010-08-16 15:28:21 - ! [241] Startup error: Unable to initialize error reporting system (reason: The EventLog service has not been started)
  > 2010-08-16 15:28:21 - ? [098] SQLServerAgent terminated (normally)
  You seem to have an issue with your machine, I suggest you check further up in the event log for problems concerning the event log.
  Uploading files here is not possible, open an OSS call (component BC-DB-MSS) and ask the support for help, there you can upload the file.
  Markus

• EM Agent is not starting -

  Hi DBAs,
  I have installed the Oracle Grid Control Grid Control 10.2.0.5.0 on RHEL 5.4 (64 bit) and repository DB is 11.1.0.7. I installed the agent 10.2.0.5.0 on the Database server sucessfully but it is giving me the following error while starting.
  [oracle@myhost bin]$ ./emctl start agent
  Oracle Enterprise Manager 10g Release 5 Grid Control 10.2.0.5.0.
  Copyright (c) 1996, 2009 Oracle Corporation. All rights reserved.
  Starting agent ...... failed.
  The agentTZRegion value in /u01/app/oracle/db/tech_st/10.2.0/agent10g/sysman/config/emd.properties is not in agreement with what agent thinks it should be.Please verify your environment to make sure that TZ setting has not changed since the last start of the agent.
  If you modified the timezone setting in the environment, please stop the agent and exectute 'emctl resetTZ agent' and also execute the script mgmt_target.set_agent_tzrgn(<agent_name>, <new_tz_rgn>) to get the value propagated to repository.
  Consult the log files in: /u01/app/oracle/db/tech_st/10.2.0/agent10g/sysman/log
  I searched over this forum and found the following fix:
  $export TZ=US/Eastern
  $export ORACLE_HOME=/u01/app/oracle/db/tech_st/10.2.0/agent10g
  $EMDROOT=$ORACLE_HOME
  $EMSTATE=$ORACLE_HOME
  $export EMDROOT EMSTATE
  $emdctl validateTZ agent US/Eastern
  but I am getting same error while starting. I am trying the emctl resetTZ agent but getting following error
  $export TZ=US/Eastern
  $./emctl resetTZ agent
  Oracle Enterprise Manager 10g Release 5 Grid Control 10.2.0.5.0.
  Copyright (c) 1996, 2009 Oracle Corporation. All rights reserved.
  Updating /u01/app/oracle/db/tech_st/10.2.0/agent10g/sysman/config/emd.properties...
  ----- Thu Jul 8 01:18:17 2010::tzOffset for US/Eastern is 0(min), but agent is runnning with tzOffset -240(min)
  ----- Thu Jul 8 01:18:17 2010::trying again after waiting for 1 sec to account for daylight transition
  ----- Thu Jul 8 01:18:17 2010::tzOffset for US/Eastern is 0(min), but agent is runnning with tzOffset -240(min)
  resetTZ failed.
  I verified the agent is not running. Please help to resolve the issue.
  Thanks
  Shashi

  You are hitting a Time Zone issue
  Please check Startup Agent: Agent fails to start due to TZ issues [ID 403018.1]
  On support.oracle.com
  https://support.oracle.com/CSP/ui/flash.html#tab=KBHome(page=KBHome&id=()),(page=KBNavigator&id=(bmDocDsrc=KB&bmDocType=PROBLEM&bmDocID=403018.1&viewingMode=1143&from=BOOKMARK&bmDocTitle=Startup%20Agent:%20Agent%20fails%20to%20start%20due%20to%20TZ%20issues))
  Regards
  Rob
  http:/oemgc.wordpress.com

• Zen (Agent) service delayed start

  Hi!
  ZCM 10.3.3 on SLES 11 SP1, Windows XP and 7 ws's. One problem or thing I noticed long time. When device is restarted then even ZCC show ws in green and agent service is started on on ws it seems to that Agent Service start is not in effect ... delayed for minutes. I mean, when I have set something for setup on device boot then it takes some 10 minutes or so (depends on ws, but even fast one has delay) to start this installation (device is refreshed and app is cached). Also, most worrying for me is that on computer labs we use for students dynamic volatile profiles and we rely fully on Novell Application Launcher (from ZfD days) to get apps and when device is just (re)started student can login, but NAL window does not appear - empty Desktop. Something I can do about this delayed start or it is by design so.
  Sorry, can't explain it more in details as every service on ws and server is ok as service. Just seems to on ws it does not take effect right away after ws is (re)started. Hope You understand what I mean.
  More thanks, Alar.

  Hi again!
  Usually it (delayed service "wakeup") is not a problem as I start all ws's on site on workdays at morning and shut them down at evening. But, when on some reason user does restart ws (even shutdown/restart is removed as option for user, but ... sometimes hardware let You down etc.) or ws's is needed at weekends (also in computer rooms) then ... I'm little bit in trouble!
  Alar.