Chris Marusich writes: > Chris Marusich writes: > >> Hi, >> >> Since upgrading pinentry-gtk-2 from 0.9.7 to 1.0.0, I've noticed some >> strange behavior. Whenever I try to do something that requires access >> to my secret key, no window appears, and I get an error like the >> following: >> >> $ gpg --sign /tmp/message >> gpg: signing failed: Operation cancelled >> gpg: signing failed: Operation cancelled >> $ >> >> Is this expected behavior with 1.0.0? >> >> This happens about 90% of the time. About 10% of the time, a pinentry >> window actually does pop up. When using version 0.9.7, a pinentry >> window popped up 100% of the time. I expected the behavior of 1.0.0 to >> be the same. >> >> My software versions are: >> >> * GuixSD 0.12.0 >> * GNOME 3 (GNOME shell 3.22.2) >> * gnupg 2.1.16 >> * pinentry-gtk-2 1.0.0 >> >> My ~/.gnupg/gpg-agent.conf file contains the following single line: >> >> pinentry-program /home/marusich/.guix-profile/bin/pinentry-gtk-2 >> >> When I change my gpg-agent.conf file to use pinentry-gnome3 , >> pinentry-curses, or pinentry-tty (and I kill gpg-agent to make sure it >> uses the modified file), the problem doesn't occur. >> >> When I keep pinentry-gtk-2 in my gpg-agent.conf file, and I log into an >> Xfce session, the problem doesn't occur. Likewise, when I log in via a >> virtual terminal (e.g. the kind you can get by pressing Control+Alt+F2), >> the problem doesn't occur. >> >> In other words, the problem only seems to occur when I use >> pinentry-gtk-2 as my pinentry-program, and I'm logged into a GNOME 3 >> session. The problem occurs regardless of what program I am running >> inside of that GNOME 3 session; for example, it happens in emacs when >> emacs tries to automatically decrypt files ending in ".gpg", too. >> >> Here's how to reproduce the issue: >> >> * Log into a GNOME session on (a recently updated) GuixSD. >> >> * In $HOME/.gnupg/gpg-agent.conf, set pinentry-program to >> pinentry-gtk-2, for example: >> >> pinentry-program /home/marusich/.guix-profile/bin/pinentry-gtk-2 >> >> * If the gpg-agent process is running, kill it to make sure it loads the >> new gpg-agent.conf. >> >> * Open up any terminal (GNOME terminal and emacs' "M-x term" will both >> reproduce the issue) to sign a message, e.g.: >> >> echo hello > /tmp/message >> gpg --sign /tmp/message >> >> You should get the error very frequently. > > Did anybody get this message? I sent it in January of 2017, but I can't > find it in the online archives, so I'm worried maybe it never got > delivered: > > https://lists.gnupg.org/pipermail/gnupg-devel/ > > This time, I've CC'd 25328@debbugs.gnu.org so that my email gets > delivered to at least one location for posterity. Looks like I might need to be subscribed to gnupg-devel in order to post to it, so I've subscribed for this purpose. I'll update this bug report again if my message actually shows up in the gnupg-devel list. -- Chris