[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#24076: gnupg [-agent]: when signing [commits], it claims that there
From: |
Ludovic Courtès |
Subject: |
bug#24076: gnupg [-agent]: when signing [commits], it claims that there is no pinentry - but there is |
Date: |
Thu, 28 Jul 2016 13:52:35 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) |
Alex Kost <address@hidden> skribis:
> Ludovic Courtès (2016-07-27 14:01 +0300) wrote:
>
>> Hi,
>>
>> Danny Milosavljevic <address@hidden> skribis:
>>
>>>> My ~/.gnupg/gpg-agent.conf file reads this:
>>>>
>>>> --8<---------------cut here---------------start------------->8---
>>>> pinentry-program /home/ludo/.guix-profile/bin/pinentry-gtk-2
>>>> --8<---------------cut here---------------end--------------->8---
>>>
>>> Yes, the file didn't exist. I created it and it works now.
>>
>> Great.
>>
>>> I did install the pinentry package, though.
>>>
>>> Do you think it would make sense to put this in the skeleton for new user
>>> accounts?
>>
>> Maybe. Ideally, this would be addressed by GnuPG itself, which should
>> somehow make it easier to set it up, because there’s nothing
>> GuixSD-specific here AFAICS. What do other distros do to help?
>
> My guess: other distros do nothing, because GnuPG searches for
> pinentries in a default bindir, I mean in a dir where gpg is placed
> (/usr/bin or whatever).
>
> IMO this is Guix-specific, as you have to run gpg-agent with
> --pinentry-program option (or specify it in the "gpg-agent.conf" file).
Good point.
What about having GnuPG depend on pinentry-tty, and configuring it with:
--with-pinentry-pgm=/path/to/pinentry-tty
? That would at least provide a reasonable default. The closure size
of GnuPG would increase from 220 to 243 MiB (+10%).
Most of the time, people will want to use pinentry-gtk though.
Another option would be to change ‘gnupg_module_name’, in homedir.c, from:
--8<---------------cut here---------------start------------->8---
case GNUPG_MODULE_NAME_PINENTRY:
#ifdef GNUPG_DEFAULT_PINENTRY
return GNUPG_DEFAULT_PINENTRY;
#else
X(bindir, "pinentry");
#endif
--8<---------------cut here---------------end--------------->8---
to something like:
--8<---------------cut here---------------start------------->8---
case GNUPG_MODULE_NAME_PINENTRY:
X(homedir, ".guix-profile/bin/pinentry);
--8<---------------cut here---------------end--------------->8---
… in which case GnuPG would default to the user-installed pinentry, if
available. Not perfect either, but closer to what other distros do.
Thoughts?
Ludo’.
- bug#24076: gnupg [-agent]: when signing [commits], it claims that there is no pinentry - but there is, Danny Milosavljevic, 2016/07/26
- bug#24076: gnupg [-agent]: when signing [commits], it claims that there is no pinentry - but there is, Ludovic Courtès, 2016/07/26
- bug#24076: gnupg [-agent]: when signing [commits], it claims that there is no pinentry - but there is, Danny Milosavljevic, 2016/07/27
- bug#24076: gnupg [-agent]: when signing [commits], it claims that there is no pinentry - but there is, Ludovic Courtès, 2016/07/27
- bug#24076: gnupg [-agent]: when signing [commits], it claims that there is no pinentry - but there is, Alex Kost, 2016/07/28
- bug#24076: gnupg [-agent]: when signing [commits], it claims that there is no pinentry - but there is,
Ludovic Courtès <=
- bug#24076: gnupg [-agent]: when signing [commits], it claims that there is no pinentry - but there is, Danny Milosavljevic, 2016/07/28
- bug#24076: gnupg [-agent]: when signing [commits], it claims that there is no pinentry - but there is, Alex Kost, 2016/07/28