On Thursday 25 February 2010 00:09:17 Willie Wong wrote:
> On Wed, Feb 24, 2010 at 10:51:38PM +0000, Mick wrote:
> > Why is this? Invoking gpg to decrypt different (encrypted) files always
> > brings up that socket '/tmp/gpg-pNLb9Y/S.gpg-agent'. Shouldn't it be a
> > different socket each time?
I noticed that this morning (after a reboot) it was looking for a different
socket ...
> Ack, let's do this one step at a time then. First let's try to figure
> out the problem with the gpg-agent.
[snip...]
> In a new prompt, first paste the variable, then type gpg -vv *file*
This is now what the log shows:
============================================
2010-02-25 06:45:53 gpg-agent[6740] listening on socket
`/tmp/gpg-5Tgf3a/S.gpg-agent'
2010-02-25 06:45:53 gpg-agent[6741] gpg-agent (GnuPG) 2.0.14 started
2010-02-25 06:48:32 gpg-agent[6741] handler 0x98caa38 for fd 7 started
gpg-agent[6741.7] DBG: -> OK Pleased to meet you
gpg-agent[6741.7] DBG: <- RESET
gpg-agent[6741.7] DBG: -> OK
gpg-agent[6741.7] DBG: <- OPTION ttyname=/dev/pts/3
gpg-agent[6741.7] DBG: -> OK
gpg-agent[6741.7] DBG: <- OPTION ttytype=rxvt
gpg-agent[6741.7] DBG: -> OK
gpg-agent[6741.7] DBG: <- OPTION display=:0.0
gpg-agent[6741.7] DBG: -> OK
gpg-agent[6741.7] DBG: <- OPTION lc-ctype=C
gpg-agent[6741.7] DBG: -> OK
gpg-agent[6741.7] DBG: <- OPTION lc-messages=C
gpg-agent[6741.7] DBG: -> OK
gpg-agent[6741.7] DBG: <- OPTION allow-pinentry-notify
gpg-agent[6741.7] DBG: -> OK
gpg-agent[6741.7] DBG: <- GETINFO cmd_has_option GET_PASSPHRASE repeat
gpg-agent[6741.7] DBG: -> OK
gpg-agent[6741.7] DBG: <- GET_PASSPHRASE --data --repeat=0 --
A7029FW0V2G567G225FST52689GV822Rf230gkw8F X X
Please+enter+the+passphrase+to+unlock+the+secret+k ey+
for+the+OpenPGP+certificate:%0A%22me+<me@gmail.com >%22%0A2048-bit+ELG+key,
+ID+XXXXXXXX,%0Acreated+2010-01-25+(main+key+ID+YYYYYYY).%0A
2010-02-25 06:48:32 gpg-agent[6741] DBG: agent_get_cache
`A7029FW0V2G567G225FST52689GV822Rf230gkw8F'...
2010-02-25 06:48:32 gpg-agent[6741] DBG: ... miss
2010-02-25 06:48:32 gpg-agent[6741] starting a new PIN Entry
gpg-agent[6741]: can't connect server: `ERR 67109133 can't exec
`/usr/bin/pinentry-qt': No such file or directory'
2010-02-25 06:48:32 gpg-agent[6741] can't connect to the PIN entry module: IPC
connect call failed
2010-02-25 06:48:32 gpg-agent[6741] command get_passphrase failed: No pinentry
gpg-agent[6741.7] DBG: -> ERR 67108949 No pinentry <GPG Agent>
gpg-agent[6741.7] DBG: <- [EOF]
2010-02-25 06:48:32 gpg-agent[6741] handler 0x98caa38 for fd 7 terminated
============================================
Why is it trying to call /usr/bin/pinentry-qt?!
`ERR 67109133 can't exec `/usr/bin/pinentry-qt'
Is this a valid binary these days, or an older qt3 version? I think it should
be /usr/bin/pinentry:
$ ls -la /usr/bin/pinentry
lrwxrwxrwx 1 root root 12 Feb 24 07:01 /usr/bin/pinentry -> pinentry-qt4
Please note that the: "Please+enter+the+passphrase+to+unlock+the+secret+ key"
does not show up on the screen even when I use the gpg -vv option.
--
Regards,
Mick
02-25-2010, 10:18 AM
Willie Wong
gnupg fails to decrypt on kmail
On Thu, Feb 25, 2010 at 07:01:12AM +0000, Mick wrote:
> 2010-02-25 06:48:32 gpg-agent[6741] starting a new PIN Entry
> gpg-agent[6741]: can't connect server: `ERR 67109133 can't exec
> `/usr/bin/pinentry-qt': No such file or directory'
> 2010-02-25 06:48:32 gpg-agent[6741] can't connect to the PIN entry module: IPC
> connect call failed
<snip>
> Why is it trying to call /usr/bin/pinentry-qt?!
>
> `ERR 67109133 can't exec `/usr/bin/pinentry-qt'
>
> Is this a valid binary these days, or an older qt3 version? I think it should
> be /usr/bin/pinentry:
>
> $ ls -la /usr/bin/pinentry
> lrwxrwxrwx 1 root root 12 Feb 24 07:01 /usr/bin/pinentry -> pinentry-qt4
Looks like you found your problem. I am not absolutely sure why
pinentry-qt is the default now. The man page says that running
'gpg-agent --version' will tell you what the default pinentry program
it calls is, and that depends on installation. So maybe file a bug? I
don't know whether this is a configuration/USE issue or something
hardcoded in the distribution.
In any case, two work-arounds are available:
*) create a symlink of pinentry-qt to your actual pinentry binary.
*) start gpg-agent with the '--pinentry-program' option.
Cheers,
W
--
Willie W. Wong wwong@math.princeton.edu
Data aequatione quotcunque fluentes quantitae involvente fluxiones invenire
et vice versa ~~~ I. Newton
02-25-2010, 07:45 PM
Mick
gnupg fails to decrypt on kmail
On Thursday 25 February 2010 11:18:54 Willie Wong wrote:
> On Thu, Feb 25, 2010 at 07:01:12AM +0000, Mick wrote:
> > Why is it trying to call /usr/bin/pinentry-qt?!
> >
> > `ERR 67109133 can't exec `/usr/bin/pinentry-qt'
> >
> > Is this a valid binary these days, or an older qt3 version? I think it
> > should be /usr/bin/pinentry:
> >
> > $ ls -la /usr/bin/pinentry
> > lrwxrwxrwx 1 root root 12 Feb 24 07:01 /usr/bin/pinentry -> pinentry-qt4
>
> Looks like you found your problem. I am not absolutely sure why
> pinentry-qt is the default now. The man page says that running
> 'gpg-agent --version' will tell you what the default pinentry program
> it calls is, and that depends on installation.
Hmm ... I saw that but I can't see the pinentry in there:
$ gpg-agent --version
gpg-agent (GnuPG) 2.0.14
libgcrypt 1.4.5
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
> So maybe file a bug? I
> don't know whether this is a configuration/USE issue or something
> hardcoded in the distribution.
I will file a bug, but I am not entirely sure what I should file it under, so
that it does not get rejected:
gpg-agent which is calling pinentry-qt?
app-crypt/pinentry, because it's done away with my previous pinentry-qt
symlink to the pinentry binary?
qt3 to qt4 move (in case this is linked to qt3 becoming deprecated)?
Thank you so much for holding my hand on this! :-)
--
Regards,
Mick
02-26-2010, 12:08 AM
Willie Wong
gnupg fails to decrypt on kmail
On Thu, Feb 25, 2010 at 08:45:27PM +0000, Mick wrote:
> > So maybe file a bug? I
> > don't know whether this is a configuration/USE issue or something
> > hardcoded in the distribution.
>
> I will file a bug, but I am not entirely sure what I should file it under, so
> that it does not get rejected:
>
> gpg-agent which is calling pinentry-qt?
I'd file it against gpg-agent and hope that if it is something related
to the qt3-qt4 transition, one of the bug-wranglers will cc the qt
team. I'd probably also file it as either minor or enhancement, since
technically the man page does warn you about it.
Normally I would ask around the list first to see if anyone can
reproduce your problem before filing a bug. But since I've practically
the only one answering your mail on this issue.... Let's hope that it
is either reproducible or that the bug wranglers can find out a
trivial reason why it isn't.
Cheers,
W
--
Willie W. Wong wwong@math.princeton.edu
Data aequatione quotcunque fluentes quantitae involvente fluxiones invenire
et vice versa ~~~ I. Newton
gnupg fails to decrypt on kmail
