GNU bug report logs -
#25328
gpg: "Operation cancelled" with pinentry 1.0.0 on GNOME
Previous Next
Reported by: Chris Marusich <cmmarusich <at> gmail.com>
Date: Mon, 2 Jan 2017 01:51:02 UTC
Severity: normal
Tags: unreproducible
Done: ludo <at> gnu.org (Ludovic Courtès)
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 25328 in the body.
You can then email your comments to 25328 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-guix <at> gnu.org:
bug#25328; Package
guix.
(Mon, 02 Jan 2017 01:51:02 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Chris Marusich <cmmarusich <at> gmail.com>:
New bug report received and forwarded. Copy sent to
bug-guix <at> gnu.org.
(Mon, 02 Jan 2017 01:51:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Hi,
Since upgrading pinentry from 0.9.7 to 1.0.0, I've noticed some strange
behavior. In GNOME only, when gpg tries to access my secret key, the
attempt fails without prompting me for my passphrase. For example, it
fails like this:
--8<---------------cut here---------------start------------->8---
[0] marusich <at> garuda:~
$ echo hello > /tmp/message
[0] marusich <at> garuda:~
$ gpg --sign /tmp/message
gpg: signing failed: Operation cancelled
gpg: signing failed: Operation cancelled
[2] marusich <at> garuda:~
$
--8<---------------cut here---------------end--------------->8---
No prompt appears, GUI or otherwise. However, if I repeat the "gpg
--sign" command many times, eventually a GUI does appear which asks me
for a password. In that case, everything works just fine. But about
90-95% of the time, the attempt just fails like above, without showing
me any prompt.
This problem is not limited to my manual command-line invocation. The
same kind of issue also occurs when emacs (the graphical version,
running in GNOME) tries to automatically decrypt encrypted files (e.g.,
when gnus needs to read my ~/.authinfo.gpg file to connect to an email
server). Normally, when emacs needs to decrypt a file like this, a new
window pops up to ask me for my passphrase, but because of this issue,
the decryption fails, without showing me a prompt, for a similar reason:
--8<---------------cut here---------------start------------->8---
Error while decrypting with "gpg":
gpg: encrypted with 4096-bit RSA key, ID 0FE3DE4943560F06, created 2016-02-19
"Chris Marusich <cmmarusich <at> gmail.com>"
gpg: public key decryption failed: Operation cancelled
gpg: decryption failed: No secret key
--8<---------------cut here---------------end--------------->8---
I suspect these are symptoms of the same issue.
My ~/.gnupg/gpg-agent.conf contains the following single line:
pinentry-program /home/marusich/.guix-profile/bin/pinentry
This issue does NOT occur in Xfce. This issue does NOT occur when I run
the "gpg --sign" command in a virtual terminal (e.g., by pressing
Control+Alt+F2 to switch to a virtual terminal). In GNOME, this issue
DOES occur regardless of which "pinentry" program I specify in my
~/.gnupg/gpg-agent.conf file (the same issue occurs with pinentry,
pinentry-curses, pinentry-gtk-2, and pinentry-tty).
I've run both "guix pull" and "sudo guix pull" successfully in the last
few days, and I've successfully reconfigured my system since then, so
I'm using the most recent Guix software. I'm using GuixSD.
Since I've added and modified many things to my home directory, I tried
creating a test user with a fresh home directory to rule out my local
customizations as a cause. I was able to reproduce the issue using a
fresh test user in GNOME after installing gnupg and pinentry via "guix
package -i gnupg pinentry". The only changes I made to the test user's
home directory were (1) I added the "export" statements to its ~/.bashrc
file which were suggested by Guix after installing those two packages,
and (2) I added a ~/.gnupg/gpg-agent.conf which uses the pinentry that
got installed into the test user's profile. So, I expect that other
users of GuixSD can probably reproduce this issue.
--
Chris
[signature.asc (application/pgp-signature, inline)]
Information forwarded
to
bug-guix <at> gnu.org:
bug#25328; Package
guix.
(Mon, 09 Jan 2017 09:19:02 GMT)
Full text and
rfc822 format available.
Message #8 received at 25328 <at> debbugs.gnu.org (full text, mbox):
Hi Chris,
Chris Marusich <cmmarusich <at> gmail.com> skribis:
> Since upgrading pinentry from 0.9.7 to 1.0.0, I've noticed some strange
> behavior. In GNOME only, when gpg tries to access my secret key, the
> attempt fails without prompting me for my passphrase. For example, it
> fails like this:
>
> [0] marusich <at> garuda:~
> $ echo hello > /tmp/message
> [0] marusich <at> garuda:~
> $ gpg --sign /tmp/message
> gpg: signing failed: Operation cancelled
> gpg: signing failed: Operation cancelled
> [2] marusich <at> garuda:~
> $
For the record, I’ve never experienced this problem (that’s outside of
GNOME) with:
--8<---------------cut here---------------start------------->8---
$ guix package -I '(gnupg|pinentry)'
pinentry 1.0.0 out /gnu/store/57dg2i4backl38bw4ipcsdg1b7df9j64-pinentry-1.0.0
gnupg 2.1.16 out /gnu/store/fz44xcp1iksikjvcc472bgsr9hs8ygkq-gnupg-2.1.16
--8<---------------cut here---------------end--------------->8---
ISTR that GNOME has a hack to force its own Pinentry tool. Could it be
what’s at fault?
Thanks,
Ludo’.
Information forwarded
to
bug-guix <at> gnu.org:
bug#25328; Package
guix.
(Fri, 20 Jan 2017 08:15:01 GMT)
Full text and
rfc822 format available.
Message #11 received at 25328 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Hi,
Previously, I wrote:
> In GNOME, this issue DOES occur regardless of which "pinentry" program
> I specify in my ~/.gnupg/gpg-agent.conf file (the same issue occurs
> with pinentry, pinentry-curses, pinentry-gtk-2, and pinentry-tty).
I don't think this is actually true. I believe I made an error when
testing the different pinentry programs. I believe I forgot to restart
the gpg-agent, which would explain why simply changing the contents of
the gpg-agent.conf file did not seem to fix the issue.
I did another test just now. I tried changing the contents of the
gpg-agent.conf file, and I made sure to kill the gpg-agent process after
each change, so that gpg-agent would reload the file for sure. When I
did this, I found that only pinentry-gtk-2 exhibits this issue (note
that pinentry is a symlink to pinentry-gtk-2). In particular,
pinentry-curses, pinentry-tty, and pinentry-gnome3 all worked for me.
Is anyone able to reproduce the issue using pinentry-gtk-2? The
following steps should reproduce the issue:
* Log into a GNOME session on (a recently updated) GuixSD.
* In $HOME/.gnupg/gpg-agent.conf, set pinentry-program to
pinentry-gtk-2, for example:
pinentry-program /home/marusich/.guix-profile/bin/pinentry-gtk-2
* If the gpg-agent process is running, kill it to make sure it loads the
new gpg-agent.conf.
* Try to sign a message, e.g.:
echo hello > /tmp/message
gpg --sign /tmp/message
You should get the error very frequently.
ludo <at> gnu.org (Ludovic Courtès) writes:
> For the record, I’ve never experienced this problem (that’s outside of
> GNOME) with:
For me, this problem doesn't happen outside of GNOME.
> $ guix package -I '(gnupg|pinentry)'
> pinentry 1.0.0 out /gnu/store/57dg2i4backl38bw4ipcsdg1b7df9j64-pinentry-1.0.0
> gnupg 2.1.16 out /gnu/store/fz44xcp1iksikjvcc472bgsr9hs8ygkq-gnupg-2.1.16
I'm using these versions:
$ guix package -I '(gnupg|pinentry)'
gnupg 2.1.17 out /gnu/store/mcsi9rp06q0xxds4mwdgh1p16bifjxvk-gnupg-2.1.17
pinentry-gnome3 1.0.0 out /gnu/store/4kq8isyz7k8y64l7mjy90y4rjv7mh9x8-pinentry-gnome3-1.0.0
The problem also occurred when using the "pinentry" package (instead of
the "pinentry-gnome3" package):
/gnu/store/b72r4rgr9irqy5zvb8i9hmrgrbb88ndf-pinentry-1.0.0
> ISTR that GNOME has a hack to force its own Pinentry tool. Could it be
> what’s at fault?
Where can I find more info about this hack? I did some Internet
searches, but I couldn't find anything specific.
This bug is no longer blocking me, since I can use pinentry-gnome3, but
I'm still concerned about the fact that pinentry-gtk-2 fails very
frequently, even though it didn't on the previous version.
--
Chris
[signature.asc (application/pgp-signature, inline)]
Information forwarded
to
bug-guix <at> gnu.org:
bug#25328; Package
guix.
(Fri, 20 Jan 2017 12:17:02 GMT)
Full text and
rfc822 format available.
Message #14 received at 25328 <at> debbugs.gnu.org (full text, mbox):
I used this:
gpg-agent --daemon --use-standard-socket --pinentry-program
/home/dani/.guix-profile/bin/pinentry-curses
It's works for me. More in my site: https://d4n1.org/gnupg.html
Thanks,
---
Daniel Pimentel (d4n1)
On 2017-01-20 05:14, Chris Marusich wrote:
> Hi,
>
> Previously, I wrote:
>
>> In GNOME, this issue DOES occur regardless of which "pinentry" program
>> I specify in my ~/.gnupg/gpg-agent.conf file (the same issue occurs
>> with pinentry, pinentry-curses, pinentry-gtk-2, and pinentry-tty).
>
> I don't think this is actually true. I believe I made an error when
> testing the different pinentry programs. I believe I forgot to restart
> the gpg-agent, which would explain why simply changing the contents of
> the gpg-agent.conf file did not seem to fix the issue.
>
> I did another test just now. I tried changing the contents of the
> gpg-agent.conf file, and I made sure to kill the gpg-agent process
> after
> each change, so that gpg-agent would reload the file for sure. When I
> did this, I found that only pinentry-gtk-2 exhibits this issue (note
> that pinentry is a symlink to pinentry-gtk-2). In particular,
> pinentry-curses, pinentry-tty, and pinentry-gnome3 all worked for me.
>
> Is anyone able to reproduce the issue using pinentry-gtk-2? The
> following steps should reproduce the issue:
>
> * Log into a GNOME session on (a recently updated) GuixSD.
>
> * In $HOME/.gnupg/gpg-agent.conf, set pinentry-program to
> pinentry-gtk-2, for example:
>
> pinentry-program /home/marusich/.guix-profile/bin/pinentry-gtk-2
>
> * If the gpg-agent process is running, kill it to make sure it loads
> the
> new gpg-agent.conf.
>
> * Try to sign a message, e.g.:
>
> echo hello > /tmp/message
> gpg --sign /tmp/message
>
> You should get the error very frequently.
>
> ludo <at> gnu.org (Ludovic Courtès) writes:
>
>> For the record, I’ve never experienced this problem (that’s outside of
>> GNOME) with:
>
> For me, this problem doesn't happen outside of GNOME.
>
>> $ guix package -I '(gnupg|pinentry)'
>> pinentry 1.0.0 out /gnu/store/57dg2i4backl38bw4ipcsdg1b7df9j64-pinentry-1.0.0
>> gnupg 2.1.16 out /gnu/store/fz44xcp1iksikjvcc472bgsr9hs8ygkq-gnupg-2.1.16
>
> I'm using these versions:
>
> $ guix package -I '(gnupg|pinentry)'
>
> gnupg 2.1.17 out /gnu/store/mcsi9rp06q0xxds4mwdgh1p16bifjxvk-gnupg-2.1.17
>
> pinentry-gnome3 1.0.0 out /gnu/store/4kq8isyz7k8y64l7mjy90y4rjv7mh9x8-pinentry-gnome3-1.0.0
>
>
> The problem also occurred when using the "pinentry" package (instead of
> the "pinentry-gnome3" package):
>
> /gnu/store/b72r4rgr9irqy5zvb8i9hmrgrbb88ndf-pinentry-1.0.0
>
>> ISTR that GNOME has a hack to force its own Pinentry tool. Could it
>> be
>> what’s at fault?
>
> Where can I find more info about this hack? I did some Internet
> searches, but I couldn't find anything specific.
>
> This bug is no longer blocking me, since I can use pinentry-gnome3, but
> I'm still concerned about the fact that pinentry-gtk-2 fails very
> frequently, even though it didn't on the previous version.
Information forwarded
to
bug-guix <at> gnu.org:
bug#25328; Package
guix.
(Fri, 20 Jan 2017 12:40:02 GMT)
Full text and
rfc822 format available.
Message #17 received at 25328 <at> debbugs.gnu.org (full text, mbox):
Hi Chris,
Chris Marusich <cmmarusich <at> gmail.com> skribis:
> Previously, I wrote:
>
>> In GNOME, this issue DOES occur regardless of which "pinentry" program
>> I specify in my ~/.gnupg/gpg-agent.conf file (the same issue occurs
>> with pinentry, pinentry-curses, pinentry-gtk-2, and pinentry-tty).
>
> I don't think this is actually true. I believe I made an error when
> testing the different pinentry programs. I believe I forgot to restart
> the gpg-agent, which would explain why simply changing the contents of
> the gpg-agent.conf file did not seem to fix the issue.
>
> I did another test just now. I tried changing the contents of the
> gpg-agent.conf file, and I made sure to kill the gpg-agent process after
> each change, so that gpg-agent would reload the file for sure. When I
> did this, I found that only pinentry-gtk-2 exhibits this issue (note
> that pinentry is a symlink to pinentry-gtk-2). In particular,
> pinentry-curses, pinentry-tty, and pinentry-gnome3 all worked for me.
>
> Is anyone able to reproduce the issue using pinentry-gtk-2? The
> following steps should reproduce the issue:
>
> * Log into a GNOME session on (a recently updated) GuixSD.
>
> * In $HOME/.gnupg/gpg-agent.conf, set pinentry-program to
> pinentry-gtk-2, for example:
>
> pinentry-program /home/marusich/.guix-profile/bin/pinentry-gtk-2
>
> * If the gpg-agent process is running, kill it to make sure it loads the
> new gpg-agent.conf.
>
> * Try to sign a message, e.g.:
>
> echo hello > /tmp/message
> gpg --sign /tmp/message
>
> You should get the error very frequently.
Could you report these steps upstream? That does not seem to be
Guix-specific, though I suppose other distros probably install
pinentry-gnome3 automatically when you install GNOME, such that the
problem doesn’t show up.
>> ISTR that GNOME has a hack to force its own Pinentry tool. Could it be
>> what’s at fault?
>
> Where can I find more info about this hack? I did some Internet
> searches, but I couldn't find anything specific.
The “hack” I was referring to is probably just pinentry-gnome3.
> This bug is no longer blocking me, since I can use pinentry-gnome3, but
> I'm still concerned about the fact that pinentry-gtk-2 fails very
> frequently, even though it didn't on the previous version.
It seems like bad interaction between pinentry-gtk2 and GNOME.
On this topic, I found
<https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=791379>. Strangely,
that bug discusses the opposite problem. :-)
Ludo’.
Information forwarded
to
bug-guix <at> gnu.org:
bug#25328; Package
guix.
(Sat, 21 Jan 2017 10:39:02 GMT)
Full text and
rfc822 format available.
Message #20 received at 25328 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
ludo <at> gnu.org (Ludovic Courtès) writes:
> Could you report these steps upstream? That does not seem to be
> Guix-specific, though I suppose other distros probably install
> pinentry-gnome3 automatically when you install GNOME, such that the
> problem doesn’t show up.
I've sent an email to gnupg-devel <at> gnupg.org asking for help. I'll
update this bug report when I have more to report.
> The “hack” I was referring to is probably just pinentry-gnome3.
I see.
>> This bug is no longer blocking me, since I can use pinentry-gnome3, but
>> I'm still concerned about the fact that pinentry-gtk-2 fails very
>> frequently, even though it didn't on the previous version.
>
> It seems like bad interaction between pinentry-gtk2 and GNOME.
>
> On this topic, I found
> <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=791379>. Strangely,
> that bug discusses the opposite problem. :-)
Weird. I'm not sure how to approach bugs like this. I could strace in
the dark and hope to see something that shows me the light, but
hopefully the gnupg email list will know better how to troubleshoot it.
--
Chris
[signature.asc (application/pgp-signature, inline)]
Information forwarded
to
bug-guix <at> gnu.org:
bug#25328; Package
guix.
(Sun, 07 May 2017 20:52:02 GMT)
Full text and
rfc822 format available.
Message #23 received at 25328 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Chris Marusich <cmmarusich <at> gmail.com> writes:
> Hi,
>
> Since upgrading pinentry-gtk-2 from 0.9.7 to 1.0.0, I've noticed some
> strange behavior. Whenever I try to do something that requires access
> to my secret key, no window appears, and I get an error like the
> following:
>
> $ gpg --sign /tmp/message
> gpg: signing failed: Operation cancelled
> gpg: signing failed: Operation cancelled
> $
>
> Is this expected behavior with 1.0.0?
>
> This happens about 90% of the time. About 10% of the time, a pinentry
> window actually does pop up. When using version 0.9.7, a pinentry
> window popped up 100% of the time. I expected the behavior of 1.0.0 to
> be the same.
>
> My software versions are:
>
> * GuixSD 0.12.0
> * GNOME 3 (GNOME shell 3.22.2)
> * gnupg 2.1.16
> * pinentry-gtk-2 1.0.0
>
> My ~/.gnupg/gpg-agent.conf file contains the following single line:
>
> pinentry-program /home/marusich/.guix-profile/bin/pinentry-gtk-2
>
> When I change my gpg-agent.conf file to use pinentry-gnome3 ,
> pinentry-curses, or pinentry-tty (and I kill gpg-agent to make sure it
> uses the modified file), the problem doesn't occur.
>
> When I keep pinentry-gtk-2 in my gpg-agent.conf file, and I log into an
> Xfce session, the problem doesn't occur. Likewise, when I log in via a
> virtual terminal (e.g. the kind you can get by pressing Control+Alt+F2),
> the problem doesn't occur.
>
> In other words, the problem only seems to occur when I use
> pinentry-gtk-2 as my pinentry-program, and I'm logged into a GNOME 3
> session. The problem occurs regardless of what program I am running
> inside of that GNOME 3 session; for example, it happens in emacs when
> emacs tries to automatically decrypt files ending in ".gpg", too.
>
> Here's how to reproduce the issue:
>
> * Log into a GNOME session on (a recently updated) GuixSD.
>
> * In $HOME/.gnupg/gpg-agent.conf, set pinentry-program to
> pinentry-gtk-2, for example:
>
> pinentry-program /home/marusich/.guix-profile/bin/pinentry-gtk-2
>
> * If the gpg-agent process is running, kill it to make sure it loads the
> new gpg-agent.conf.
>
> * Open up any terminal (GNOME terminal and emacs' "M-x term" will both
> reproduce the issue) to sign a message, e.g.:
>
> echo hello > /tmp/message
> gpg --sign /tmp/message
>
> You should get the error very frequently.
Did anybody get this message? I sent it in January of 2017, but I can't
find it in the online archives, so I'm worried maybe it never got
delivered:
https://lists.gnupg.org/pipermail/gnupg-devel/
This time, I've CC'd 25328 <at> debbugs.gnu.org so that my email gets
delivered to at least one location for posterity.
--
Chris
[signature.asc (application/pgp-signature, inline)]
Information forwarded
to
bug-guix <at> gnu.org:
bug#25328; Package
guix.
(Sun, 07 May 2017 22:17:01 GMT)
Full text and
rfc822 format available.
Message #26 received at 25328 <at> debbugs.gnu.org (full text, mbox):
>> Since upgrading pinentry-gtk-2 from 0.9.7 to 1.0.0, I've noticed some
>> strange behavior. Whenever I try to do something that requires access
>> to my secret key, no window appears, and I get an error like the
>> following:
>>
>> $ gpg --sign /tmp/message
>> gpg: signing failed: Operation cancelled
>> gpg: signing failed: Operation cancelled
I am experiencing the exact same problem with pinentry-gtk-2 in exwm
(Emacs X Window Manager). The pinentry window seems to get closed
immediately after it appears. I thought that this was some bug in
exwm. But, now that you mention this, maybe something's wrong with
pinentry-gtk-2.
Information forwarded
to
bug-guix <at> gnu.org:
bug#25328; Package
guix.
(Sun, 07 May 2017 23:35:01 GMT)
Full text and
rfc822 format available.
Message #29 received at 25328 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
On Mon, May 08, 2017 at 03:45:40AM +0530, Arun Isaac wrote:
> >> Since upgrading pinentry-gtk-2 from 0.9.7 to 1.0.0, I've noticed some
> >> strange behavior. Whenever I try to do something that requires access
> >> to my secret key, no window appears, and I get an error like the
> >> following:
> >>
> >> $ gpg --sign /tmp/message
> >> gpg: signing failed: Operation cancelled
> >> gpg: signing failed: Operation cancelled
>
> I am experiencing the exact same problem with pinentry-gtk-2 in exwm
> (Emacs X Window Manager). The pinentry window seems to get closed
> immediately after it appears. I thought that this was some bug in
> exwm. But, now that you mention this, maybe something's wrong with
> pinentry-gtk-2.
Chiming in to say that Guix's pinentry-gtk-2 works fine for me on Debian
unstable.
[signature.asc (application/pgp-signature, inline)]
Information forwarded
to
bug-guix <at> gnu.org:
bug#25328; Package
guix.
(Wed, 10 May 2017 07:47:02 GMT)
Full text and
rfc822 format available.
Message #32 received at 25328 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Chris Marusich <cmmarusich <at> gmail.com> writes:
> Chris Marusich <cmmarusich <at> gmail.com> writes:
>
>> Hi,
>>
>> Since upgrading pinentry-gtk-2 from 0.9.7 to 1.0.0, I've noticed some
>> strange behavior. Whenever I try to do something that requires access
>> to my secret key, no window appears, and I get an error like the
>> following:
>>
>> $ gpg --sign /tmp/message
>> gpg: signing failed: Operation cancelled
>> gpg: signing failed: Operation cancelled
>> $
>>
>> Is this expected behavior with 1.0.0?
>>
>> This happens about 90% of the time. About 10% of the time, a pinentry
>> window actually does pop up. When using version 0.9.7, a pinentry
>> window popped up 100% of the time. I expected the behavior of 1.0.0 to
>> be the same.
>>
>> My software versions are:
>>
>> * GuixSD 0.12.0
>> * GNOME 3 (GNOME shell 3.22.2)
>> * gnupg 2.1.16
>> * pinentry-gtk-2 1.0.0
>>
>> My ~/.gnupg/gpg-agent.conf file contains the following single line:
>>
>> pinentry-program /home/marusich/.guix-profile/bin/pinentry-gtk-2
>>
>> When I change my gpg-agent.conf file to use pinentry-gnome3 ,
>> pinentry-curses, or pinentry-tty (and I kill gpg-agent to make sure it
>> uses the modified file), the problem doesn't occur.
>>
>> When I keep pinentry-gtk-2 in my gpg-agent.conf file, and I log into an
>> Xfce session, the problem doesn't occur. Likewise, when I log in via a
>> virtual terminal (e.g. the kind you can get by pressing Control+Alt+F2),
>> the problem doesn't occur.
>>
>> In other words, the problem only seems to occur when I use
>> pinentry-gtk-2 as my pinentry-program, and I'm logged into a GNOME 3
>> session. The problem occurs regardless of what program I am running
>> inside of that GNOME 3 session; for example, it happens in emacs when
>> emacs tries to automatically decrypt files ending in ".gpg", too.
>>
>> Here's how to reproduce the issue:
>>
>> * Log into a GNOME session on (a recently updated) GuixSD.
>>
>> * In $HOME/.gnupg/gpg-agent.conf, set pinentry-program to
>> pinentry-gtk-2, for example:
>>
>> pinentry-program /home/marusich/.guix-profile/bin/pinentry-gtk-2
>>
>> * If the gpg-agent process is running, kill it to make sure it loads the
>> new gpg-agent.conf.
>>
>> * Open up any terminal (GNOME terminal and emacs' "M-x term" will both
>> reproduce the issue) to sign a message, e.g.:
>>
>> echo hello > /tmp/message
>> gpg --sign /tmp/message
>>
>> You should get the error very frequently.
>
> Did anybody get this message? I sent it in January of 2017, but I can't
> find it in the online archives, so I'm worried maybe it never got
> delivered:
>
> https://lists.gnupg.org/pipermail/gnupg-devel/
>
> This time, I've CC'd 25328 <at> debbugs.gnu.org so that my email gets
> delivered to at least one location for posterity.
Looks like I might need to be subscribed to gnupg-devel in order to post
to it, so I've subscribed for this purpose. I'll update this bug report
again if my message actually shows up in the gnupg-devel list.
--
Chris
[signature.asc (application/pgp-signature, inline)]
Information forwarded
to
bug-guix <at> gnu.org:
bug#25328; Package
guix.
(Wed, 10 May 2017 08:01:01 GMT)
Full text and
rfc822 format available.
Message #35 received at 25328 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Chris Marusich <cmmarusich <at> gmail.com> writes:
> Chris Marusich <cmmarusich <at> gmail.com> writes:
>
>> Hi,
>>
>> Since upgrading pinentry-gtk-2 from 0.9.7 to 1.0.0, I've noticed some
>> strange behavior. Whenever I try to do something that requires access
>> to my secret key, no window appears, and I get an error like the
>> following:
>>
>> $ gpg --sign /tmp/message
>> gpg: signing failed: Operation cancelled
>> gpg: signing failed: Operation cancelled
>> $
>>
>> Is this expected behavior with 1.0.0?
>>
>> This happens about 90% of the time. About 10% of the time, a pinentry
>> window actually does pop up. When using version 0.9.7, a pinentry
>> window popped up 100% of the time. I expected the behavior of 1.0.0 to
>> be the same.
>>
>> My software versions are:
>>
>> * GuixSD 0.12.0
>> * GNOME 3 (GNOME shell 3.22.2)
>> * gnupg 2.1.16
>> * pinentry-gtk-2 1.0.0
>>
>> My ~/.gnupg/gpg-agent.conf file contains the following single line:
>>
>> pinentry-program /home/marusich/.guix-profile/bin/pinentry-gtk-2
>>
>> When I change my gpg-agent.conf file to use pinentry-gnome3 ,
>> pinentry-curses, or pinentry-tty (and I kill gpg-agent to make sure it
>> uses the modified file), the problem doesn't occur.
>>
>> When I keep pinentry-gtk-2 in my gpg-agent.conf file, and I log into an
>> Xfce session, the problem doesn't occur. Likewise, when I log in via a
>> virtual terminal (e.g. the kind you can get by pressing Control+Alt+F2),
>> the problem doesn't occur.
>>
>> In other words, the problem only seems to occur when I use
>> pinentry-gtk-2 as my pinentry-program, and I'm logged into a GNOME 3
>> session. The problem occurs regardless of what program I am running
>> inside of that GNOME 3 session; for example, it happens in emacs when
>> emacs tries to automatically decrypt files ending in ".gpg", too.
>>
>> Here's how to reproduce the issue:
>>
>> * Log into a GNOME session on (a recently updated) GuixSD.
>>
>> * In $HOME/.gnupg/gpg-agent.conf, set pinentry-program to
>> pinentry-gtk-2, for example:
>>
>> pinentry-program /home/marusich/.guix-profile/bin/pinentry-gtk-2
>>
>> * If the gpg-agent process is running, kill it to make sure it loads the
>> new gpg-agent.conf.
>>
>> * Open up any terminal (GNOME terminal and emacs' "M-x term" will both
>> reproduce the issue) to sign a message, e.g.:
>>
>> echo hello > /tmp/message
>> gpg --sign /tmp/message
>>
>> You should get the error very frequently.
>
> Did anybody get this message? I sent it in January of 2017, but I can't
> find it in the online archives, so I'm worried maybe it never got
> delivered:
>
> https://lists.gnupg.org/pipermail/gnupg-devel/
>
> This time, I've CC'd 25328 <at> debbugs.gnu.org so that my email gets
> delivered to at least one location for posterity.
I can no longer reproduce this issue. I tried following the steps above
on my current GuixSD system, and the problem does not occur. It seems
like pinentry-gtk-2 works fine now, which is curious because the version
is still 1.0.0. I don't know why it works now but didn't earlier.
My emails never seem to have made it to the gnupg-devel list, but in
this case I suppose it doesn't matter any more. I think we can resolve
this bug report, unless someone else can reproduce the issue reliably.
--
Chris
[signature.asc (application/pgp-signature, inline)]
Added tag(s) unreproducible.
Request was from
ludo <at> gnu.org (Ludovic Courtès)
to
control <at> debbugs.gnu.org.
(Wed, 10 May 2017 12:08:01 GMT)
Full text and
rfc822 format available.
bug closed, send any further explanations to
25328 <at> debbugs.gnu.org and Chris Marusich <cmmarusich <at> gmail.com>
Request was from
ludo <at> gnu.org (Ludovic Courtès)
to
control <at> debbugs.gnu.org.
(Wed, 10 May 2017 12:08:01 GMT)
Full text and
rfc822 format available.
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org.
(Thu, 08 Jun 2017 11:24:04 GMT)
Full text and
rfc822 format available.
bug unarchived.
Request was from
Attila Lendvai <attila <at> lendvai.name>
to
control <at> debbugs.gnu.org.
(Mon, 08 Nov 2021 13:41:01 GMT)
Full text and
rfc822 format available.
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org.
(Tue, 07 Dec 2021 12:24:05 GMT)
Full text and
rfc822 format available.
This bug report was last modified 3 years and 188 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.