Bug#760102: gnome keyring & gpg agent

Daniel Kahn Gillmor dkg at fifthhorseman.net
Fri Jun 5 20:57:40 CEST 2015

Control: clone 760102 -1
Control: reassign -1 seahorse
Control: tags -1 + patch
Control: retitle -1 build seahorse compatible with gpg2

On Fri 2015-06-05 13:25:42 -0400, Michael Biebl wrote:
> Am 05.06.2015 um 19:19 schrieb Daniel Kahn Gillmor:
>> Given that 1.4.7 is older than oldoldstable, you ought to be able to
>> drop the explicit gnupg dependency entirely from seahorse, iiuc.
> Well, assuming that seahorse does work properly with gnupg2.
> That's basically my question.

The seahorse source code seems to actually behave completely differently
depending on whether it is built with modern versions of any branch
(meaning: gpg >= 1.4.10, or gpg2 >= 2.0.12) versus older versions.  (see
pgp/seahorse-gpgme-key-op.h).  :(

This is not great engineering practice, because the version built
against isn't guaranteed to match the version that's running.

That said, even oldoldstable builds and runs "modern versions" by this

I just tested seahorse on a minimal-ish unstable gnome install, where i
did "dpkg --force-depend --purge gnupg".

Unfortunately, it looks like seahorse embeds the string "gpg" in it, so
it's looking for /usr/bin/gpg.

Running seahorse in this configuration produces lots of errors of this

   operation-Message: couldn't initialize gnupg properly: Invalid crypto engine

The attached patch should resolve things for future versions of
seahorse, though, both on build-time detection and on runtime

(the attached patch touches both ./configure.ac and ./configure -- since
the package appears to be doing autoreconf, maybe the modifications to
./configure are unnecessary)

The only failures i'm now running into with seahorse like this are
failures due to gcr_importer hard-coding paths to gpg as well, so those
are bugs i'll file separately..



-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-avoid-deps-on-a-certain-version-of-gpg.patch
Type: text/x-diff
Size: 3968 bytes
Desc: avoid dependencies on a certain version of gpg
URL: </pipermail/attachments/20150605/fe73dc82/attachment-0001.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 948 bytes
Desc: not available
URL: </pipermail/attachments/20150605/fe73dc82/attachment-0001.sig>

More information about the Gnupg-devel mailing list