unofficial mirror of bug-guix@gnu.org 
 help / color / Atom feed
* bug#41941: Signing git commits with PGP fails
@ 2020-06-18 22:35 Jonathan Brielmaier
  2020-06-19  1:52 ` Leo Famulari
  0 siblings, 1 reply; 6+ messages in thread
From: Jonathan Brielmaier @ 2020-06-18 22:35 UTC (permalink / raw)
  To: 41941

I have a strange error/problem with signing git commits with PGP.

Following situation

`git` is installed via system configuration
`git:send-email` via `guix install` into the user profile

~/.gitconfig has
```
[commit]
  gpgsign = true
```

but trying to sign a git commit fails:
```
git commit -m "test"
error: gpg failed to sign the data
fatal: failed to write commit object
```

`guix remove git:send-email` does not help, still the same.
`guix install git` also doesn't help.

What is wrong here?

P.S: As long as commit signing is not working I cannot become a commiter
to the repo. Marius and Ricardo already pledged their support :P




^ permalink raw reply	[flat|nested] 6+ messages in thread

* bug#41941: Signing git commits with PGP fails
  2020-06-18 22:35 bug#41941: Signing git commits with PGP fails Jonathan Brielmaier
@ 2020-06-19  1:52 ` Leo Famulari
  2020-06-19 14:43   ` Jonathan Brielmaier
  0 siblings, 1 reply; 6+ messages in thread
From: Leo Famulari @ 2020-06-19  1:52 UTC (permalink / raw)
  To: Jonathan Brielmaier; +Cc: 41941

On Fri, Jun 19, 2020 at 12:35:09AM +0200, Jonathan Brielmaier wrote:
> I have a strange error/problem with signing git commits with PGP.

The setup can be complicated...

> Following situation
> 
> `git` is installed via system configuration
> `git:send-email` via `guix install` into the user profile
> 
> ~/.gitconfig has
> ```
> [commit]
>   gpgsign = true
> ```

I also have:

------
[gpg]
        program = gpg 
[user]
        signingkey = B0515948F1E7D3C1B98038A02646FA30BACA7F08
------

> but trying to sign a git commit fails:
> ```
> git commit -m "test"
> error: gpg failed to sign the data
> fatal: failed to write commit object
> ```

Do you also have a GPG pinentry program installed? Are you able to sign
an arbitrary file with GPG, outside of Git? For example:

$ gpg --output test.sig --sign file




^ permalink raw reply	[flat|nested] 6+ messages in thread

* bug#41941: Signing git commits with PGP fails
  2020-06-19  1:52 ` Leo Famulari
@ 2020-06-19 14:43   ` Jonathan Brielmaier
  2020-06-19 16:17     ` Leo Famulari
  0 siblings, 1 reply; 6+ messages in thread
From: Jonathan Brielmaier @ 2020-06-19 14:43 UTC (permalink / raw)
  To: Leo Famulari; +Cc: 41941

On 19.06.20 03:52, Leo Famulari wrote:
> On Fri, Jun 19, 2020 at 12:35:09AM +0200, Jonathan Brielmaier wrote:
>> I have a strange error/problem with signing git commits with PGP.
>
> The setup can be complicated...
>
>> Following situation
>>
>> `git` is installed via system configuration
>> `git:send-email` via `guix install` into the user profile
>>
>> ~/.gitconfig has
>> ```
>> [commit]
>>   gpgsign = true
>> ```
>
> I also have:
>
> ------
> [gpg]
>         program = gpg
> [user]
>         signingkey = B0515948F1E7D3C1B98038A02646FA30BACA7F08
> ------

Oke, the signingkey parameter is also present in my config.

>> but trying to sign a git commit fails:
>> ```
>> git commit -m "test"
>> error: gpg failed to sign the data
>> fatal: failed to write commit object
>> ```
>
> Do you also have a GPG pinentry program installed? Are you able to sign
> an arbitrary file with GPG, outside of Git? For example:
>
> $ gpg --output test.sig --sign file

I have pinentry installed from the config.scm, but it's still
```
gpg --output test.sig --sign TODO.md
gpg: signing failed: No pinentry
gpg: signing failed: No pinentry
```
Do I need an additional service?




^ permalink raw reply	[flat|nested] 6+ messages in thread

* bug#41941: Signing git commits with PGP fails
  2020-06-19 14:43   ` Jonathan Brielmaier
@ 2020-06-19 16:17     ` Leo Famulari
  2020-06-19 16:42       ` Jonathan Brielmaier
  0 siblings, 1 reply; 6+ messages in thread
From: Leo Famulari @ 2020-06-19 16:17 UTC (permalink / raw)
  To: Jonathan Brielmaier; +Cc: 41941

[-- Attachment #1: Type: text/plain, Size: 616 bytes --]

On Fri, Jun 19, 2020 at 04:43:10PM +0200, Jonathan Brielmaier wrote:
> I have pinentry installed from the config.scm, but it's still
> [...]
> gpg: signing failed: No pinentry

I think the root of the problem is that GPG can't find pinentry.

With Guix, it should work automatically if you install GPG and a
pinentry to your user's profile. [0]

When installed via config.scm, you should set "pinentry-program" with
the right path, either on gpg-agent's command line or in
~/.gnupg/gpg-agent.conf.

[0] See 'gnu/packages/patches/gnupg-default-pinentry.patch' of commit
e5b44b06b3f, which fixed a longstanding UX bug

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

^ permalink raw reply	[flat|nested] 6+ messages in thread

* bug#41941: Signing git commits with PGP fails
  2020-06-19 16:17     ` Leo Famulari
@ 2020-06-19 16:42       ` Jonathan Brielmaier
  2020-06-19 18:13         ` Leo Famulari
  0 siblings, 1 reply; 6+ messages in thread
From: Jonathan Brielmaier @ 2020-06-19 16:42 UTC (permalink / raw)
  To: Leo Famulari; +Cc: 41941

On 19.06.20 18:17, Leo Famulari wrote:
> On Fri, Jun 19, 2020 at 04:43:10PM +0200, Jonathan Brielmaier wrote:
>> I have pinentry installed from the config.scm, but it's still
>> [...]
>> gpg: signing failed: No pinentry
>
> I think the root of the problem is that GPG can't find pinentry.
>
> With Guix, it should work automatically if you install GPG and a
> pinentry to your user's profile. [0]
>
> When installed via config.scm, you should set "pinentry-program" with
> the right path, either on gpg-agent's command line or in
> ~/.gnupg/gpg-agent.conf.
>
> [0] See 'gnu/packages/patches/gnupg-default-pinentry.patch' of commit
> e5b44b06b3f, which fixed a longstanding UX bug

A already tried that but had a typo
So
```
pinentry-program /run/current-system/profile/bin/pinentry
``` in ~/.gnupg/gpg-agent.conf

I wonder if we can do better here?




^ permalink raw reply	[flat|nested] 6+ messages in thread

* bug#41941: Signing git commits with PGP fails
  2020-06-19 16:42       ` Jonathan Brielmaier
@ 2020-06-19 18:13         ` Leo Famulari
  0 siblings, 0 replies; 6+ messages in thread
From: Leo Famulari @ 2020-06-19 18:13 UTC (permalink / raw)
  To: Jonathan Brielmaier; +Cc: 41941

On Fri, Jun 19, 2020 at 06:42:21PM +0200, Jonathan Brielmaier wrote:
> A already tried that but had a typo
> So
> ```
> pinentry-program /run/current-system/profile/bin/pinentry
> ``` in ~/.gnupg/gpg-agent.conf
> 
> I wonder if we can do better here?

Let us know if you have a suggestion :)




^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, back to index

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-06-18 22:35 bug#41941: Signing git commits with PGP fails Jonathan Brielmaier
2020-06-19  1:52 ` Leo Famulari
2020-06-19 14:43   ` Jonathan Brielmaier
2020-06-19 16:17     ` Leo Famulari
2020-06-19 16:42       ` Jonathan Brielmaier
2020-06-19 18:13         ` Leo Famulari

unofficial mirror of bug-guix@gnu.org 

Archives are clonable:
	git clone --mirror https://yhetil.org/guix-bugs/0 guix-bugs/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 guix-bugs guix-bugs/ https://yhetil.org/guix-bugs \
		bug-guix@gnu.org
	public-inbox-index guix-bugs

Example config snippet for mirrors

Newsgroups are available over NNTP:
	nntp://news.yhetil.org/yhetil.gnu.guix.bugs
	nntp://news.gmane.io/gmane.comp.gnu.guix.bugs


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git