From mboxrd@z Thu Jan 1 00:00:00 1970 From: Chris Marusich Subject: bug#25328: gpg: "Operation cancelled" with pinentry 1.0.0 on GNOME Date: Sun, 01 Jan 2017 17:50:30 -0800 Message-ID: <87a8ba44d5.fsf@gmail.com> Mime-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:60307) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cNrmB-00086o-EA for bug-guix@gnu.org; Sun, 01 Jan 2017 20:51:04 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cNrmA-0004Ht-K2 for bug-guix@gnu.org; Sun, 01 Jan 2017 20:51:03 -0500 Received: from debbugs.gnu.org ([208.118.235.43]:51764) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1cNrmA-0004Hi-GM for bug-guix@gnu.org; Sun, 01 Jan 2017 20:51:02 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1cNrmA-0000gp-Ab for bug-guix@gnu.org; Sun, 01 Jan 2017 20:51:02 -0500 Sender: "Debbugs-submit" Resent-Message-ID: Received: from eggs.gnu.org ([2001:4830:134:3::10]:60271) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cNrlp-00085u-CN for bug-guix@gnu.org; Sun, 01 Jan 2017 20:50:42 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cNrlo-00047p-FO for bug-guix@gnu.org; Sun, 01 Jan 2017 20:50:41 -0500 Received: from mail-pg0-x231.google.com ([2607:f8b0:400e:c05::231]:34768) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1cNrlo-00047b-7x for bug-guix@gnu.org; Sun, 01 Jan 2017 20:50:40 -0500 Received: by mail-pg0-x231.google.com with SMTP id y62so146777313pgy.1 for ; Sun, 01 Jan 2017 17:50:40 -0800 (PST) List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: "bug-Guix" To: 25328@debbugs.gnu.org --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Hi, Since upgrading pinentry from 0.9.7 to 1.0.0, I've noticed some strange behavior. In GNOME only, when gpg tries to access my secret key, the attempt fails without prompting me for my passphrase. For example, it fails like this: =2D-8<---------------cut here---------------start------------->8--- [0] marusich@garuda:~ $ echo hello > /tmp/message [0] marusich@garuda:~ $ gpg --sign /tmp/message=20 gpg: signing failed: Operation cancelled gpg: signing failed: Operation cancelled [2] marusich@garuda:~ $=20 =2D-8<---------------cut here---------------end--------------->8--- No prompt appears, GUI or otherwise. However, if I repeat the "gpg =2D-sign" command many times, eventually a GUI does appear which asks me for a password. In that case, everything works just fine. But about 90-95% of the time, the attempt just fails like above, without showing me any prompt. This problem is not limited to my manual command-line invocation. The same kind of issue also occurs when emacs (the graphical version, running in GNOME) tries to automatically decrypt encrypted files (e.g., when gnus needs to read my ~/.authinfo.gpg file to connect to an email server). Normally, when emacs needs to decrypt a file like this, a new window pops up to ask me for my passphrase, but because of this issue, the decryption fails, without showing me a prompt, for a similar reason: =2D-8<---------------cut here---------------start------------->8--- Error while decrypting with "gpg": gpg: encrypted with 4096-bit RSA key, ID 0FE3DE4943560F06, created 2016-02-= 19 "Chris Marusich " gpg: public key decryption failed: Operation cancelled gpg: decryption failed: No secret key =2D-8<---------------cut here---------------end--------------->8--- I suspect these are symptoms of the same issue. My ~/.gnupg/gpg-agent.conf contains the following single line: pinentry-program /home/marusich/.guix-profile/bin/pinentry This issue does NOT occur in Xfce. This issue does NOT occur when I run the "gpg --sign" command in a virtual terminal (e.g., by pressing Control+Alt+F2 to switch to a virtual terminal). In GNOME, this issue DOES occur regardless of which "pinentry" program I specify in my ~/.gnupg/gpg-agent.conf file (the same issue occurs with pinentry, pinentry-curses, pinentry-gtk-2, and pinentry-tty). I've run both "guix pull" and "sudo guix pull" successfully in the last few days, and I've successfully reconfigured my system since then, so I'm using the most recent Guix software. I'm using GuixSD. Since I've added and modified many things to my home directory, I tried creating a test user with a fresh home directory to rule out my local customizations as a cause. I was able to reproduce the issue using a fresh test user in GNOME after installing gnupg and pinentry via "guix package -i gnupg pinentry". The only changes I made to the test user's home directory were (1) I added the "export" statements to its ~/.bashrc file which were suggested by Guix after installing those two packages, and (2) I added a ~/.gnupg/gpg-agent.conf which uses the pinentry that got installed into the test user's profile. So, I expect that other users of GuixSD can probably reproduce this issue. =2D-=20 Chris --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEy/WXVcvn5+/vGD+x3UCaFdgiRp0FAlhpseYACgkQ3UCaFdgi Rp0m8RAAjmswfheDR01c7OpH1YjFdgj4jVZdx+s171hVGrJ71iDYbIUJIlhgyXHY yPt8XJJ2p2GZzYGCDUcFBFy9endNC+tw1jTVSRtjprP3Fc5PjOeene9vZDFmKiwD SckWSRcGq4xOgF4SGuTwad13TdasVmcBcOqZ1GyfJINwpDL59yCMgO5fQ+M/j/9e JSKW4RQqqZFJyVarbSQWTEEKm4h8RXx1ewJLtS9EbLlzXxd+lN4uRo7KK+2Xh6fN us5tzJnM0tawo4/x2PL+2ryS18wsNf1x6bNf2SJ1WoX7KmO4b4wfl0FCOUsq7Ey1 sdk0kMqRGCd8LClEULI/jt9Nc3DJ9vuvoSA5IBPyJbxdf3QyzxTm9LN7Kqf2uG5+ nItJTnmk7jVwWaxggQMFlM0t0lkAmhODGuCdBqS7TWgASg9Q47NtX41QTTHmiPOM r2eWkDGAT37JdHmIMreXel7uiF3ePZed/XvRa9XtOCXSlN8Wqep2FuZ3LuBFAk46 MUWCt3sk4S3SmOL1nGbf+47Ghk3HxSFA6P1tSDch+L81UvbHbbbEkMm40pCqkacg Xq6XwDY38VpyfTa77DlTigvqNBuxRHlQRcFE2AeH0VXjRMQniuJk5T/4CTrlLlUU P8dq9gcIFtbD5GcrUsIRv2M6uhqj7yEKGymvUY5l6I4Gx5J84Yo= =7tms -----END PGP SIGNATURE----- --=-=-=--