GNU bug report logs -
#24076
gnupg [-agent]: when signing [commits], it claims that there is no pinentry - but there is
Previous Next
Full log
View this message in rfc822 format
[Message part 1 (text/plain, inline)]
Your bug report
#24076: gnupg [-agent]: when signing [commits], it claims that there is no pinentry - but there is
which was filed against the guix package, has been closed.
The explanation is attached below, along with your original report.
If you require more details, please reply to 24076 <at> debbugs.gnu.org.
--
24076: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=24076
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems
[Message part 2 (message/rfc822, inline)]
Hi!
ludo <at> gnu.org (Ludovic Courtès) skribis:
> What about having GnuPG depend on pinentry-tty, and configuring it with:
>
> --with-pinentry-pgm=/path/to/pinentry-tty
>
> ? That would at least provide a reasonable default. The closure size
> of GnuPG would increase from 220 to 243 MiB (+10%).
>
> Most of the time, people will want to use pinentry-gtk though.
>
> Another option would be to change ‘gnupg_module_name’, in homedir.c, from:
>
> case GNUPG_MODULE_NAME_PINENTRY:
> #ifdef GNUPG_DEFAULT_PINENTRY
> return GNUPG_DEFAULT_PINENTRY;
> #else
> X(bindir, "pinentry");
> #endif
>
>
> to something like:
>
> case GNUPG_MODULE_NAME_PINENTRY:
> X(homedir, ".guix-profile/bin/pinentry);
>
> … in which case GnuPG would default to the user-installed pinentry, if
> available. Not perfect either, but closer to what other distros do.
I (finally!) implemented this second option in commit
c7af9d0b5ebaa1fdb08ff5d8a56004998bcd8103.
I confirmed that it has the indented effect like this:
--8<---------------cut here---------------start------------->8---
ludo <at> ribbon ~/src/guix$ ./pre-inst-env guix environment --ad-hoc gnupg strace coreutils sed grep -C
ludo <at> ribbon ~/src/guix [env]$ strace -f -o ,,s -s 500 gpg --generate-key
gpg (GnuPG) 2.2.20; Copyright (C) 2020 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
gpg: directory '/home/ludo/.gnupg' created
gpg: keybox '/home/ludo/.gnupg/pubring.kbx' created
Note: Use "gpg --full-generate-key" for a full featured key generation dialog.
GnuPG needs to construct a user ID to identify your key.
Real name: Foo Bar
Email address: foo <at> example.org
You selected this USER-ID:
"Foo Bar <foo <at> example.org>"
Change (N)ame, (E)mail, or (O)kay/(Q)uit? o
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: agent_genkey failed: No pinentry
Key generation failed: No pinentry
--8<---------------cut here---------------end--------------->8---
where the strace log shows:
10 execve("/home/ludo/.gnupg/.guix-profile/bin/pinentry", ["pinentry"], 0x7f7aa80035e0 /* 14 vars */) = -1 ENOENT (No such file or directory)
So now one just needs to install one of the pinentry packages.
Thanks,
Ludo’.
[Message part 3 (message/rfc822, inline)]
dannym <at> dayas ~/src/guix$ strace -f git commit -S -m "x" gnu/packages/databases.scm 2>&1 |grep pinentry
[pid 32548] write(4, "OPTION allow-pinentry-notify", 28) = 28
[pid 32548] read(4, "ERR 67108949 No pinentry <GPG Ag"..., 1002) = 37
[pid 32548] write(2, "gpg: signing failed: No pinentry", 32gpg: signing failed: No pinentry) = 32
[pid 32548] write(2, "gpg: signing failed: No pinentry", 32gpg: signing failed: No pinentry) = 32
dannym <at> dayas ~$ which pinentry
/home/dannym/.guix-profile/bin/pinentry
dannym <at> dayas ~$ pinen<TAB>
pinentry pinentry-curses pinentry-gtk-2 pinentry-tty
dannym <at> dayas ~$ pinentry
OK Pleased to meet you
This bug report was last modified 4 years and 30 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.