bug#25328: pinentry-gtk-2 fails after upgrade to 1.0.0: "Operation cancelled"
Chris Marusich
cmmarusich at gmail.com
Wed May 10 10:00:29 CEST 2017
Chris Marusich <cmmarusich at gmail.com> writes:
> Chris Marusich <cmmarusich at gmail.com> writes:
>
>> Hi,
>>
>> Since upgrading pinentry-gtk-2 from 0.9.7 to 1.0.0, I've noticed some
>> strange behavior. Whenever I try to do something that requires access
>> to my secret key, no window appears, and I get an error like the
>> following:
>>
>> $ gpg --sign /tmp/message
>> gpg: signing failed: Operation cancelled
>> gpg: signing failed: Operation cancelled
>> $
>>
>> Is this expected behavior with 1.0.0?
>>
>> This happens about 90% of the time. About 10% of the time, a pinentry
>> window actually does pop up. When using version 0.9.7, a pinentry
>> window popped up 100% of the time. I expected the behavior of 1.0.0 to
>> be the same.
>>
>> My software versions are:
>>
>> * GuixSD 0.12.0
>> * GNOME 3 (GNOME shell 3.22.2)
>> * gnupg 2.1.16
>> * pinentry-gtk-2 1.0.0
>>
>> My ~/.gnupg/gpg-agent.conf file contains the following single line:
>>
>> pinentry-program /home/marusich/.guix-profile/bin/pinentry-gtk-2
>>
>> When I change my gpg-agent.conf file to use pinentry-gnome3 ,
>> pinentry-curses, or pinentry-tty (and I kill gpg-agent to make sure it
>> uses the modified file), the problem doesn't occur.
>>
>> When I keep pinentry-gtk-2 in my gpg-agent.conf file, and I log into an
>> Xfce session, the problem doesn't occur. Likewise, when I log in via a
>> virtual terminal (e.g. the kind you can get by pressing Control+Alt+F2),
>> the problem doesn't occur.
>>
>> In other words, the problem only seems to occur when I use
>> pinentry-gtk-2 as my pinentry-program, and I'm logged into a GNOME 3
>> session. The problem occurs regardless of what program I am running
>> inside of that GNOME 3 session; for example, it happens in emacs when
>> emacs tries to automatically decrypt files ending in ".gpg", too.
>>
>> Here's how to reproduce the issue:
>>
>> * Log into a GNOME session on (a recently updated) GuixSD.
>>
>> * In $HOME/.gnupg/gpg-agent.conf, set pinentry-program to
>> pinentry-gtk-2, for example:
>>
>> pinentry-program /home/marusich/.guix-profile/bin/pinentry-gtk-2
>>
>> * If the gpg-agent process is running, kill it to make sure it loads the
>> new gpg-agent.conf.
>>
>> * Open up any terminal (GNOME terminal and emacs' "M-x term" will both
>> reproduce the issue) to sign a message, e.g.:
>>
>> echo hello > /tmp/message
>> gpg --sign /tmp/message
>>
>> You should get the error very frequently.
>
> Did anybody get this message? I sent it in January of 2017, but I can't
> find it in the online archives, so I'm worried maybe it never got
> delivered:
>
> https://lists.gnupg.org/pipermail/gnupg-devel/
>
> This time, I've CC'd 25328 at debbugs.gnu.org so that my email gets
> delivered to at least one location for posterity.
I can no longer reproduce this issue. I tried following the steps above
on my current GuixSD system, and the problem does not occur. It seems
like pinentry-gtk-2 works fine now, which is curious because the version
is still 1.0.0. I don't know why it works now but didn't earlier.
My emails never seem to have made it to the gnupg-devel list, but in
this case I suppose it doesn't matter any more. I think we can resolve
this bug report, unless someone else can reproduce the issue reliably.
--
Chris
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: </pipermail/attachments/20170510/51fb003c/attachment.sig>
More information about the Gnupg-devel
mailing list