gnome keyring & gpg agent
Neal H. Walfield
neal at walfield.org
Thu May 14 20:34:40 CEST 2015
At Thu, 14 May 2015 09:36:17 -0400,
Daniel Kahn Gillmor wrote:
> But having a clearer/cleaner relationship between the released tarballs
> and the upstream repo makes it easier for debian developers to
> contribute back to upstream, and to pull narrowly-targeted changesets
> from the upstream revision control if they're needed to fix identified
> bugs before a new release comes out.
The pieces are now basically in place to fix the GPG Agent / Gnome
Keyring issue. There are three minor issues:
- There are a couple of small deficiencies in the gnome3 pinentry
(e.g., no one button confirmation messages, but this is easily
worked around). These deficiencies have more to do with
limitations in Gcr than with the Pinentry implementation.
- Gnome Keyring's maintainer hasn't yet ripped out the GPG Agent
support, but fully agrees with the changes so far. (Of course,
the GPG Agent proxy can be trivially disabled since it is a
- To fully replace Gnome Keyring's GPG Agent Proxy, a couple of
minor changes had to be made to GPG. These are so far only in
2.1, but I will backport them to 2.0 soon.
Is it possible to fix this issue in Debian Stable (e.g., in the next
So far, I've identified these requirements:
- Adding a new pinentry-gnome3 package with the yet-to-be-released
pinentry with Gnome3 support.
- An update to GPG with the relatively small change.
- An update to Gnome-Keyring that disables it GPG Agent proxy.
- Make Gnome Keyring depend on pinentry-gnome3.
More information about the Gnupg-devel