[PINENTRY PATCH v2 2/2] pinentry-gnome3: fall back to curses if gcr prompt creation fails

Daniel Kahn Gillmor dkg at fifthhorseman.net
Tue Oct 4 17:45:19 CEST 2016 

On Tue 2016-10-04 04:54:21 -0400, Werner Koch wrote:
> On Fri,  9 Sep 2016 10:43, dkg at fifthhorseman.net said:
>
>> In some cases, the user is running in a session that has an active
>> D-Bus session, but that session is not attached to a graphical desktop
>> environment (e.g. sshing into a machine whose login stack initializes
>> a D-Bus session).  In that case, gcr can be reached over dbus, but it
>> will complain that it does not know how to prompt the user.
>
> This happens also if you have not a full GNOME installation, which is
> the case for me.
>
> The problems I see witch your patch is that the fallback to curses 
>
>  1. could also triggered by other errors

I'd be happy to narrowly target some specific error message if you would
rather do that, by testing error->code and/or error->domain.  What
specific error case do you think is acceptable to handle?

>  2. that it may happen during a running pinentry session in case the
>     SystemPromper gets removed of installed during the session.  That
>     would be pretty suprising.

gpg and gpg-agent and pinentry probably have more of these sorts of race
conditions, especially around package installation or removal.  I think
a surprise during package removal would be be bad, but i think it would
be outweighed by the good of having pinentry-gnome3 actually provide a
prompt when dbus is running but no graphical session is in place.

> I would prefer to return a better error message instead of the auto
> fallback.  The idea with the auto fallback is that it is used if a user
> switches between a plain tty and an Xsession.  But not to resolve
> configuration errors.

I'm not sure it's a configuration error.  Consider a machine where the
configuration is that pinentry should be pinentry-gnome3.

I log in on the graphical console and get gnome3-style prompts.

then i log out of the graphical console, and i log in on the text-mode
virtual terminal.  I should now get curses prompts.  right?  except that
doesn't currently work, because i have a dbus session but no graphical
session.  What is the "configuration error" in this case?

        --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 930 bytes
Desc: not available
URL: </pipermail/attachments/20161004/4fccd763/attachment.sig>

More information about the Gnupg-devel mailing list