Thunderbird Snap GPG keys


I am currently maintaining my own version of thunderbird with enigmail and it mostly works. It seems to have imported my public gpg keys just fine. but it seems to have issues when trying to access the private keys.

This is with the gpg-keys interface connected manually.

I try and run gpg --list-keys and it seems to list my keys just fine. This seems to work fine and the messages do seem encrypted.

However, when I try and list-secret-keys it tries to spawn gpg-agent and falls over because that service is already running on the host.

Now my understanding of this maybe basic, but AFAIK gpg-agent on the host spawns a bunch of sockets typically in /run/user/1000/gnupg/S.gpg-agent. These are accessible via gpg-connect-agent. The purpose of these sockets I assume is for multiple gpg programs to connect and have access, and for potential remote forwarding of access over SSH.

When I try and connect to this readable file from within the snap, I get some AppArmor denied messages in DMESG. In this case, should the gpg-keys interface allow access to these sockets? That seems like an easier solution maybe than trying to spawn multiple gpg-agents.

All I am trying to do is get Thunderbird access to my private key so i can decrypt encrypted emails, if I could get some guidance as to how to proceed that would be great.

Kind regards,