bug#25328: pinentry-gtk-2 fails after upgrade to 1.0.0: "Operation cancelled"

Chris Marusich cmmarusich at gmail.com
Wed May 10 10:00:29 CEST 2017

Chris Marusich <cmmarusich at gmail.com> writes:

> Chris Marusich <cmmarusich at gmail.com> writes:
>> Hi,
>> Since upgrading pinentry-gtk-2 from 0.9.7 to 1.0.0, I've noticed some
>> strange behavior.  Whenever I try to do something that requires access
>> to my secret key, no window appears, and I get an error like the
>> following:
>>     $ gpg --sign /tmp/message 
>>     gpg: signing failed: Operation cancelled
>>     gpg: signing failed: Operation cancelled
>>     $ 
>> Is this expected behavior with 1.0.0?
>> This happens about 90% of the time.  About 10% of the time, a pinentry
>> window actually does pop up.  When using version 0.9.7, a pinentry
>> window popped up 100% of the time.  I expected the behavior of 1.0.0 to
>> be the same.
>> My software versions are:
>> * GuixSD 0.12.0
>> * GNOME 3 (GNOME shell 3.22.2)
>> * gnupg 2.1.16
>> * pinentry-gtk-2 1.0.0
>> My ~/.gnupg/gpg-agent.conf file contains the following single line:
>>     pinentry-program /home/marusich/.guix-profile/bin/pinentry-gtk-2
>> When I change my gpg-agent.conf file to use pinentry-gnome3 ,
>> pinentry-curses, or pinentry-tty (and I kill gpg-agent to make sure it
>> uses the modified file), the problem doesn't occur.
>> When I keep pinentry-gtk-2 in my gpg-agent.conf file, and I log into an
>> Xfce session, the problem doesn't occur.  Likewise, when I log in via a
>> virtual terminal (e.g. the kind you can get by pressing Control+Alt+F2),
>> the problem doesn't occur.
>> In other words, the problem only seems to occur when I use
>> pinentry-gtk-2 as my pinentry-program, and I'm logged into a GNOME 3
>> session.  The problem occurs regardless of what program I am running
>> inside of that GNOME 3 session; for example, it happens in emacs when
>> emacs tries to automatically decrypt files ending in ".gpg", too.
>> Here's how to reproduce the issue:
>> * Log into a GNOME session on (a recently updated) GuixSD.
>> * In $HOME/.gnupg/gpg-agent.conf, set pinentry-program to
>>   pinentry-gtk-2, for example:
>>     pinentry-program /home/marusich/.guix-profile/bin/pinentry-gtk-2
>> * If the gpg-agent process is running, kill it to make sure it loads the
>>   new gpg-agent.conf.
>> * Open up any terminal (GNOME terminal and emacs' "M-x term" will both
>>   reproduce the issue) to sign a message, e.g.:
>>     echo hello > /tmp/message
>>     gpg --sign /tmp/message
>> You should get the error very frequently.
> Did anybody get this message?  I sent it in January of 2017, but I can't
> find it in the online archives, so I'm worried maybe it never got
> delivered:
> https://lists.gnupg.org/pipermail/gnupg-devel/
> This time, I've CC'd 25328 at debbugs.gnu.org so that my email gets
> delivered to at least one location for posterity.

I can no longer reproduce this issue.  I tried following the steps above
on my current GuixSD system, and the problem does not occur.  It seems
like pinentry-gtk-2 works fine now, which is curious because the version
is still 1.0.0.  I don't know why it works now but didn't earlier.

My emails never seem to have made it to the gnupg-devel list, but in
this case I suppose it doesn't matter any more.  I think we can resolve
this bug report, unless someone else can reproduce the issue reliably.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: </pipermail/attachments/20170510/51fb003c/attachment.sig>

More information about the Gnupg-devel mailing list