Should I mark/announce GNOME as incompatible with gpg2 for now?

NIIBE Yutaka gniibe at fsij.org
Thu Apr 2 05:31:23 CEST 2015 

Hello,

This message is reply to the one in August 2014, since I keep
seeing reports from GnuPG users.

On 08/29/2014 12:24 AM, Stef Walter wrote:
> On 28.08.2014 16:31, NIIBE Yutaka wrote:
>> Hello,
>>
>> It's not new.  It has been incompatible for years, already.
>>
>> On 08/28/14 19:46, Stef Walter wrote:
>>> Should I go ahead and announce that gpg2 (version 2.0.23+) is
>>> incompatible with GNOME and people should USE gnupg 1.4.x with GNOME 3.x
>>> for now?
>>
>> Please note that gpg-agent is not the "GPG password caching daemon".
>>
>> It's not new issue for smartcard/token users and SSH users for gpg2
>> (both of 2.0 and 2.1) with GNOME.
>>
>>   (1) When users have smartcard/token, it doesn't work well.
>>
>>   (2) When users configure the SSH-agent feature of gpg-agent, it
>>       doesn't work well.
>>
>> We need to disable the features of gnome-keyring, for years.
>>
>> However, how to disable the features of gpg-agent/ssh-agent for
>> gnome-keyring has been changed in version to version.  I had figured
>> out how to do that in GNOME2 and in younger GNOME 3, but now, I don't
>> know how we can disable the features in GNOME 3.12 or later (using
>> proper gpg-agent).
> 
> I'm not against contributions which remove the gpg-agent and ssh-agent
> from gnome-keyring. The equivalent features and use cases should be
> provided elsewhere, and it's a done deal.

I wonder if you could consider applying the following patch (against
master of gnome-keyring git repo) as a first step.

This can be a message that the features are minor and possibly should
not be used as a default.

diff --git a/configure.ac b/configure.ac
index 6e6a92c..17120a9 100644
--- a/configure.ac
+++ b/configure.ac
@@ -337,34 +337,34 @@ fi
 #

 AC_ARG_ENABLE([ssh-agent],
-		AC_HELP_STRING([--disable-ssh-agent],
-		[Don't include SSH agent in gnome-keyring]))
+		AC_HELP_STRING([--enable-ssh-agent],
+		[Include SSH agent in gnome-keyring]))

-if test "$enable_ssh_agent" != "no"; then
+if test "$enable_ssh_agent" = "yes"; then
 	AC_DEFINE(WITH_SSH, 1, [Whether to build SSH agent or not])
 	ssh_status="yes"
 else
 	ssh_status="no"
 fi

-AM_CONDITIONAL(WITH_SSH, test "$enable_ssh_agent" != "no")
+AM_CONDITIONAL(WITH_SSH, test "$enable_ssh_agent" = "yes")

 # --------------------------------------------------------------------
 # GPG Agent support
 #

 AC_ARG_ENABLE([gpg-agent],
-		AC_HELP_STRING([--disable-gpg-agent],
-		[Don't include GPG agent in gnome-keyring]))
+		AC_HELP_STRING([--enable-gpg-agent],
+		[Include GPG agent in gnome-keyring]))

-if test "$enable_gpg_agent" != "no"; then
+if test "$enable_gpg_agent" = "yes"; then
 	AC_DEFINE(WITH_GPG, 1, [Whether to build GPG agent or not])
 	gpg_status="yes"
 else
 	gpg_status="no"
 fi

-AM_CONDITIONAL(WITH_GPG, test "$enable_gpg_agent" != "no")
+AM_CONDITIONAL(WITH_GPG, test "$enable_gpg_agent" = "yes")

 # --------------------------------------------------------------------
 # libgcrypt
--

More information about the Gnupg-devel mailing list