Unable remove recipient even with --force flag

[Maximus905]

Summary

Try to remove recipient with --force flag
gopass> recipients rm --force=true --store store-name
choose recipient number from a list
get response:
failed to remove recipient "0CC1E5DD9B4208C3800B813C0735458EFE35F54B": recipient not in store

The same result with
gopass> recipients rm --force --store store-name

How can I fix it?

[dominikschulz]

I guess you'd need to turn on debug logs and provide us with some more information.

Run the command with GOPASS_DEBUG_LOG=/some/file set and provide us the (non-confidential part of the) content.

[exiahuang]

I have the same issuse when I use email to delete a user.
It works well when I use the public key of user.

Error pattern:

# init store
gopass init --store my-company

# add some key
gopass insert my-company/server1
gopass insert my-company/server2

# add a different user to my-company store
gopass recipients add --store my-company willy@email.com

# remove the user
gopass recipients rm --store my-company willy@email.com

then I got the message like :
failed to remove recipient "xxxxxxx": recipient not in store

I removed all the store, and created a new store with $PUBLIC_KEY_ID,
It worked well.
OK pattern:

gopass recipients add --store my-company $PUBLIC_KEY_ID_OF_WILLY

gopass recipients rm --store my-company $PUBLIC_KEY_ID_OF_WILLY

[nimarb]

I have the same issue with gopass 1.12.8 (2021-08-28).

Truncated (for privacy reasons) logs are below:

 /'_ '\ /'_'\ ( '_'\  /'_' )/',__)/',__)
( (_) |( (_) )| (_) )( (_| |\__, \\__, \
'\__  |'\___/'| ,__/''\__,_)(____/(____/
( )_) |       | |
 \___/'       (_)
2021/10/05 12:46:16.445101 action/repl.go:119	action.(*Action).REPL	🌟 Welcome to gopass!
2021/10/05 12:46:16.445108 action/repl.go:120	action.(*Action).REPL	⚠ This is the built-in shell. Type 'help' for a list of commands.
2021/10/05 12:46:16.445343 fs/store.go:118	fs.(*Store).List	Listing 
2021/10/05 12:46:16.450513 leaf/list.go:25	leaf.(*Store).List	Listing : [..........]
2021/10/05 12:46:16.450572 fs/store.go:118	fs.(*Store).List	Listing 
2021/10/05 12:46:16.451321 fs/store.go:118	fs.(*Store).List	Listing 
2021/10/05 12:46:20.790265 fs/store.go:109	fs.(*Store).Exists	Checking if .gpg-id exists at /home/USERNAME/.local/share/gopass/stores/root/.gpg-id: true
2021/10/05 12:46:20.790331 action/init.go:36	action.(*Action).IsInitialized	Store is already initialized
2021/10/05 12:46:20.790567 action/recipients.go:40	action.(*Action).RecipientsPrint	Hint: run 'gopass sync' to import any missing public keys
2021/10/05 12:46:20.790631 fs/store.go:118	fs.(*Store).List	Listing 
2021/10/05 12:46:20.792799 fsutil/fsutil.go:68	fsutil.IsFile	failed to check file /home/USERNAME/.local/share/gopass/stores/root/README.md/.gpg-id: stat /home/USERNAME/.local/share/gopass/stores/root/README.md/.gpg-id: not a directory
2021/10/05 12:46:20.794152 fs/store.go:109	fs.(*Store).Exists	Checking if .gpg-id exists at /home/USERNAME/.local/share/gopass/stores/root/.gpg-id: true
2021/10/05 12:46:20.797528 fs/store.go:109	fs.(*Store).Exists	Checking if .gpg-id exists at /home/USERNAME/.local/share/gopass/stores/root/.gpg-id: true
2021/10/05 12:46:20.797554 fs/store.go:41	fs.(*Store).Get	Reading .gpg-id from /home/USERNAME/.local/share/gopass/stores/root/.gpg-id
....
2021/10/05 12:46:20.915137 fs/store.go:118	fs.(*Store).List	Listing 
2021/10/05 12:46:20.915957 leaf/list.go:25	leaf.(*Store).List	Listing : [.gitattributes .............. FILES ..........]
2021/10/05 12:46:20.916022 fs/store.go:118	fs.(*Store).List	Listing 
2021/10/05 12:46:20.916875 fs/store.go:118	fs.(*Store).List	Listing 
2021/10/05 12:46:30.139207 fs/store.go:109	fs.(*Store).Exists	Checking if .gpg-id exists at /home/USERNAME/.local/share/gopass/stores/root/.gpg-id: true
2021/10/05 12:46:30.139270 action/init.go:36	action.(*Action).IsInitialized	Store is already initialized
2021/10/05 12:46:30.139518 fs/store.go:109	fs.(*Store).Exists	Checking if .gpg-id exists at /home/USERNAME/.local/share/gopass/stores/root/.gpg-id: true
2021/10/05 12:46:30.139567 action/init.go:36	action.(*Action).IsInitialized	Store is already initialized
2021/10/05 12:46:30.139745 cli/keyring.go:33	cli.(*GPG).listKeys	/usr/bin/gpg [/usr/bin/gpg --with-colons --with-fingerprint --fixed-list-mode --list-secret-keys 0xE99KD22E99F4E8C3]
2021/10/05 12:46:30.150506 cli/keyring.go:33	cli.(*GPG).listKeys	/usr/bin/gpg [/usr/bin/gpg --with-colons --with-fingerprint --fixed-list-mode --list-public-keys 0xE99KD22E99F4E8C3]
2021/10/05 12:46:30.159780 cli/keyring.go:74	cli.(*GPG).FindRecipients	found useable keys for [0xE99KD22E99F4E8C3]: [0xE99KD22E99F4E8C3] (all: [0xE99KD22E99F4E8C3])
2021/10/05 12:46:30.159842 cli/keyring.go:33	cli.(*GPG).listKeys	/usr/bin/gpg [/usr/bin/gpg --with-colons --with-fingerprint --fixed-list-mode --list-secret-keys 0xE99KD22E99F4E8C3]
2021/10/05 12:46:30.170009 cli/keyring.go:33	cli.(*GPG).listKeys	/usr/bin/gpg [/usr/bin/gpg --with-colons --with-fingerprint --fixed-list-mode --list-public-keys 0xE99KD22E99F4E8C3]
2021/10/05 12:46:30.178199 cli/keyring.go:33	cli.(*GPG).listKeys	/usr/bin/gpg [/usr/bin/gpg --with-colons --with-fingerprint --fixed-list-mode --list-public-keys 038CEACE45E8294284A682F2E99KD22E99F4E8C3]
2021/10/05 12:46:30.184165 cli/keyring.go:74	cli.(*GPG).FindRecipients	found useable keys for [038CEACE45E8294284A682F2E99KD22E99F4E8C3]: [0xE99KD22E99F4E8C3] (all: [0xE99KD22E99F4E8C3])
2021/10/05 12:46:30.184200 fs/store.go:41	fs.(*Store).Get	Reading .gpg-id from /home/USERNAME/.local/share/gopass/stores/root/.gpg-id
2021/10/05 12:46:30.184296 action/recipients.go:191	action.(*Action).RecipientsRemove	failed to remove recipient "038CEACE45E8294284A682F2E99KD22E99F4E8C3": recipient not in store - stacktrace: recipient not in store
2021/10/05 12:46:30.184327 action/repl.go:115	action.(*Action).REPL.func1	ERROR: failed to remove recipient "038CEACE45E8294284A682F2E99KD22E99F4E8C3": recipient not in store
2021/10/05 12:46:30.184377 fs/store.go:118	fs.(*Store).List	Listing 
2021/10/05 12:46:30.185719 leaf/list.go:25	leaf.(*Store).List	Listing : [.gitattributes .............FILES.............]
2021/10/05 12:46:30.185841 fs/store.go:118	fs.(*Store).List	Listing 
2021/10/05 12:46:30.187428 fs/store.go:118	fs.(*Store).List	Listing 
2021/10/05 12:46:31.881079 queue/background.go:88	queue.(*Queue).run	all tasks done

Hope this might help with debugging.

[AnomalRoil]

I'm guessing this could be related to #1843

[RayOei]

I had this issue as well and found that I had a mix of key ID's and emails and names, in the format name@domain.com and othername, in the .gpg-id file in the (git) store. Removing those emails and names resolved the issue that the recipients remove gave that error and continued to show the recipients in the list, regardless. I remember having some issues adding recipients some time ago, mixing email and keys to get them added. Something was off, anyway.

The email names are tied to public keys in my keyring.

As a side note: it also explains why some recipient could not get access while my overview claimed the person was added. They were not, ultimately.

[BenPhegan]

I came across a very similar issue, and have pushed up a PR that I have forward ported to master (I ran this on a branch of 1.13.1 and it resolved the issue). Essentially the code was not querying the crypto system for the ids that might be used but the string represented in .gpg-ids, however it was for the provided identifier to remove. In some instances this results in no match being found.

NOTE: I have used and tested this on 1.13.1. Golang 1.18 has thrown my dev environment slightly, and I have not been able to build/run this successfully on master. Also, normally I would build out a bunch of tests for this, but there were very few to enhance or extend in this case. It would probably take much longer than I have to build out the requisite test cases for this.

[oblique]

I have the same issue. It looks like gopass is searching only for the key id in .gpg-id and not the email.

I had the following .gpg-id:

foo@example.com

And the key id of foo@example.com was 9F5C009C874DAB8B66760F0D9ACD640970BF2F6D.
Then I tried to remove it:

gopass recipients rm foo@example.com

And got the error:

Error: failed to remove recipient "9F5C009C874DAB8B66760F0D9ACD640970BF2F6D": recipient not in store

As a workaround, I replaced the foo@example.com in .gpg-id with the 9F5C009C874DAB8B66760F0D9ACD640970BF2F6D and the removal worked.

[arthur-c]

I had a similar issue with and old deleted cert: Error: failed to remove recipient "": recipient not in store

% gopass recipients rm --force foobar
WARNING: Failed to list public key "foobar": exit status 2: tru::1:1653059585:0:3:1:5
|gpg: error reading key: No public key

Hint: You can use `--force` to remove unknown keys.
⚠ Warning: Failed to get GPG Key Info for : exit status 2: tru::1:1653059585:0:3:1:5
|gpg: error reading key: Invalid user ID

⚠ Warning: Failed to get GPG Key Info for foobar: exit status 2: tru::1:1653059585:0:3:1:5
|gpg: error reading key: No public key


Error: failed to remove recipient "": recipient not in store

I recreated a key named "foobar" as realname and gopass was able to delete the recipient:

gopass recipients rm --force foobar
Do you want to remove yourself (foobar) from the recipients? [y/N/q]: y
Starting reencrypt

[AnomalRoil]

You should always be able to remove a key by specifying its fingerprint.

What happens behind the scene is that we rely on GPG to select the right key, so if running:

gpg --with-colons --with-fingerprint --fixed-list-mode --list-public-keys "Anomal"

or whatever identifier you want. If it is not finding your key, it's normal it's not working without specifying --force.
Here "Anomal", or the email, or the fingerprint can be any identifier and it should be usable in the .gpg-id, although we store the "first identity" usually in the file.

My wild guess is that you are trying to delete a key from your store for which you don't have the public key locally in your GPG keyring.

But that's why we have --force in theory: removing "unknown keys".

But I think we have a bug: a quick lookup seems to show we might have a bug when removing "unknown keys" indeed:

gopass/internal/action/recipients.go

Lines 176 to 204 in d122a9c

	keys, err := crypto.FindRecipients(ctx, r)
	if err != nil {
	out.Printf(ctx, "WARNING: Failed to list public key %q: %s", r, err)
	out.Printf(ctx, "Hint: You can use `--force` to remove unknown keys.")
	if !force {
	continue
	}
	keys = []string{r}
	}
	if len(keys) < 1 && !force {
	out.Printf(ctx, "Warning: No matching valid key found. If the key is in your keyring you may need to validate it.")
	out.Printf(ctx, "If this is your key: gpg --edit-key %s; trust (set to ultimate); quit", r)
	out.Printf(ctx, "If this is not your key: gpg --edit-key %s; lsign; trust; save; quit", r)
	out.Printf(ctx, "You may need to run 'gpg --update-trustdb' afterwards")
	continue
	}
	recp := r
	if len(keys) > 0 {
	recp = crypto.Fingerprint(ctx, keys[0])
	}
	if err := s.Store.RemoveRecipient(ctx, store, recp); err != nil {
	return exit.Error(exit.Recipients, err, "failed to remove recipient %q: %s", recp, err)
	}
	fmt.Fprintf(stdout, removalWarning, r)
	removed++
	}

because when force is true, we have that:

gopass/internal/action/recipients.go

Lines 180 to 183 in d122a9c

	if !force {
	continue
	}
	keys = []string{r}

but then len(keys) > 0 is true and then

gopass/internal/action/recipients.go

Lines 194 to 197 in d122a9c

	recp := r
	if len(keys) > 0 {
	recp = crypto.Fingerprint(ctx, keys[0])
	}

will rely on:

gopass/internal/backend/crypto/gpg/cli/keyring.go

Lines 49 to 56 in d122a9c

	func (g *GPG) Fingerprint(ctx context.Context, id string) string {
	k, found := g.findKey(ctx, id)
	if !found {
	return ""
	}
	return k.Fingerprint
	}

which won't find the key since it's not in your keyring and therefore returns "" instead, and then we have that id = "" and it never matches when we lookup the recipient here:

gopass/internal/store/leaf/recipients.go

Lines 122 to 126 in d122a9c

	for _, k := range rs { //nolint:whitespace
	// First lets try a simple match of the stored ids
	if k == id {
	debug.Log("removing recipient based on id match %s", k)

WDYT @dominikschulz ?
That's probably something that should be caught by a test as well ^^''

[arthur-c]

I'm glad to have found this edgy bug :)

My problem: I did not have the fingerprint of this non-published key. I deleted the pub key a long time ago (it was a mistake) and gopass recipients only showed the name. I only found the name in .gpg-id.

Now everything is fine and my recipients are clean.

[dominikschulz]

@AnomalRoil That looks like a bug indeed. But for better test coverage someone would need to add a test harness with GPG. We have only very limited GPG test coverage right now.