GNU bug report logs - #25328
gpg: "Operation cancelled" with pinentry 1.0.0 on GNOME

Previous Next

Full log

View this message in rfc822 format

From: Chris Marusich <cmmarusich <at> gmail.com>
To: gnupg-devel <at> gnupg.org
Cc: 25328 <at> debbugs.gnu.org
Subject: bug#25328: pinentry-gtk-2 fails after upgrade to 1.0.0: "Operation cancelled"
Date: Wed, 10 May 2017 01:00:29 -0700

[Message part 1 (text/plain, inline)]

Chris Marusich <cmmarusich <at> gmail.com> writes:

> Chris Marusich <cmmarusich <at> gmail.com> writes:
>
>> Hi,
>>
>> Since upgrading pinentry-gtk-2 from 0.9.7 to 1.0.0, I've noticed some
>> strange behavior.  Whenever I try to do something that requires access
>> to my secret key, no window appears, and I get an error like the
>> following:
>>
>>     $ gpg --sign /tmp/message 
>>     gpg: signing failed: Operation cancelled
>>     gpg: signing failed: Operation cancelled
>>     $ 
>>
>> Is this expected behavior with 1.0.0?
>>
>> This happens about 90% of the time.  About 10% of the time, a pinentry
>> window actually does pop up.  When using version 0.9.7, a pinentry
>> window popped up 100% of the time.  I expected the behavior of 1.0.0 to
>> be the same.
>>
>> My software versions are:
>>
>> * GuixSD 0.12.0
>> * GNOME 3 (GNOME shell 3.22.2)
>> * gnupg 2.1.16
>> * pinentry-gtk-2 1.0.0
>>
>> My ~/.gnupg/gpg-agent.conf file contains the following single line:
>>
>>     pinentry-program /home/marusich/.guix-profile/bin/pinentry-gtk-2
>>
>> When I change my gpg-agent.conf file to use pinentry-gnome3 ,
>> pinentry-curses, or pinentry-tty (and I kill gpg-agent to make sure it
>> uses the modified file), the problem doesn't occur.
>>
>> When I keep pinentry-gtk-2 in my gpg-agent.conf file, and I log into an
>> Xfce session, the problem doesn't occur.  Likewise, when I log in via a
>> virtual terminal (e.g. the kind you can get by pressing Control+Alt+F2),
>> the problem doesn't occur.
>>
>> In other words, the problem only seems to occur when I use
>> pinentry-gtk-2 as my pinentry-program, and I'm logged into a GNOME 3
>> session.  The problem occurs regardless of what program I am running
>> inside of that GNOME 3 session; for example, it happens in emacs when
>> emacs tries to automatically decrypt files ending in ".gpg", too.
>>
>> Here's how to reproduce the issue:
>>
>> * Log into a GNOME session on (a recently updated) GuixSD.
>>
>> * In $HOME/.gnupg/gpg-agent.conf, set pinentry-program to
>>   pinentry-gtk-2, for example:
>>
>>     pinentry-program /home/marusich/.guix-profile/bin/pinentry-gtk-2
>>
>> * If the gpg-agent process is running, kill it to make sure it loads the
>>   new gpg-agent.conf.
>>
>> * Open up any terminal (GNOME terminal and emacs' "M-x term" will both
>>   reproduce the issue) to sign a message, e.g.:
>>
>>     echo hello > /tmp/message
>>     gpg --sign /tmp/message
>>
>> You should get the error very frequently.
>
> Did anybody get this message?  I sent it in January of 2017, but I can't
> find it in the online archives, so I'm worried maybe it never got
> delivered:
>
> https://lists.gnupg.org/pipermail/gnupg-devel/
>
> This time, I've CC'd 25328 <at> debbugs.gnu.org so that my email gets
> delivered to at least one location for posterity.

I can no longer reproduce this issue.  I tried following the steps above
on my current GuixSD system, and the problem does not occur.  It seems
like pinentry-gtk-2 works fine now, which is curious because the version
is still 1.0.0.  I don't know why it works now but didn't earlier.

My emails never seem to have made it to the gnupg-devel list, but in
this case I suppose it doesn't matter any more.  I think we can resolve
this bug report, unless someone else can reproduce the issue reliably.

-- 
Chris

[signature.asc (application/pgp-signature, inline)]

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.