[opensuse-factory] pinentry-qt4 asking for gpg passphrase 2nd time
Hi, I'm using mutt and while I'm sending a mail I'm getting asked two times when sending the first mail to enter my pass phrase. That has not been the case in the past. Is this a side effect of KDE 5? The system in question got initially installed as openSUSE 13.2 from DVD and later switched to Factory. Cheers, Lars -- Lars Müller [ˈlaː(r)z ˈmʏlɐ] Samba Team + SUSE Labs SUSE Linux, Maxfeldstraße 5, 90409 Nürnberg, Germany
On Friday 19 June 2015 13:58:42 Lars Müller wrote:
Hi,
I'm using mutt and while I'm sending a mail I'm getting asked two times when sending the first mail to enter my pass phrase.
That has not been the case in the past.
Is this a side effect of KDE 5?
I wonder why you believe this would be a side effect of the switch to Frameworks/Plasma 5. Looking at mutt itself, then it has not requirements for neither Qt nor for anything KDE4/Plasma5 related. Also the mutt package wasn't changed recently. Looking however at pinentry, then a couple of days ago a newer version was accepted. Furthermore pinentry does not use KDE4 for anything, so it would seem highly unlikely that the switch to Plasma 5 had anything to do with this. Regards Raymond -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
I use mutt on factory and I do not see anything like that. Regards, Alin On Fri, Jun 19, 2015 at 02:10:55PM +0200, Raymond Wooninck wrote:
On Friday 19 June 2015 13:58:42 Lars Müller wrote:
Hi,
I'm using mutt and while I'm sending a mail I'm getting asked two times when sending the first mail to enter my pass phrase.
That has not been the case in the past.
Is this a side effect of KDE 5?
I wonder why you believe this would be a side effect of the switch to Frameworks/Plasma 5. Looking at mutt itself, then it has not requirements for neither Qt nor for anything KDE4/Plasma5 related. Also the mutt package wasn't changed recently.
Looking however at pinentry, then a couple of days ago a newer version was accepted. Furthermore pinentry does not use KDE4 for anything, so it would seem highly unlikely that the switch to Plasma 5 had anything to do with this.
Regards
Raymond -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-- Without Questions there are no Answers! ________________________________________________________________________________ Dr. Alin Marin ELENA http://alin.elena.space/ ________________________________________________________________________________
Hi, On Fri, Jun 19, 2015 at 01:33:13PM +0100, Alin Marin Elena wrote:
I use mutt on factory and I do not see anything like that.
Unfortunately for me it's even with a minimal ./mutt/muttrc which only sources /usr/share/doc/packages/mutt/samples/gpg.rc still the same. The same applies to a freshly created user on the same system too. I'll setup a fresh system based on the last openSUSE Factory snapshot and perform a default KDE install to identify what is causing this. Cheers, Lars -- Lars Müller [ˈlaː(r)z ˈmʏlɐ] Samba Team + SUSE Labs SUSE Linux, Maxfeldstraße 5, 90409 Nürnberg, Germany
On Fri, Jun 19, 2015 at 01:58:42PM +0200, Lars Müller wrote:
Hi,
I'm using mutt and while I'm sending a mail I'm getting asked two times when sending the first mail to enter my pass phrase.
Hi Lars, I also began experiencing this problem, although I don't use KDE. I found that adding: set pgp_use_gpg_agent = yes to my .muttrc solved this problem. Hope this helps. -- Regards, Karol
Hi Lars, On Fri, 19 Jun 2015, 13:58:42 +0200, Lars Müller wrote:
Hi,
I'm using mutt and while I'm sending a mail I'm getting asked two times when sending the first mail to enter my pass phrase.
That has not been the case in the past.
Is this a side effect of KDE 5?
no, it exists (at least for me) since gpg-2.1; according to its release notes: With GnuPG 2.1 the need of GPG_AGENT_INFO has been completely removed and the variable is ignored. Instead a fixed Unix domain socket named S.gpg-agent in the GnuPG home directory (by default ~/.gnupg) is used. The agent is also started on demand by all tools requiring services from the agent. This means it is correct, that the GPG_AGENT_INFO variable isn't defined anymore. It appears, though, that at least mutt still expects it to be defined. I just put the following into my ~/.xinitrc: # With GnuPG 2.1 the need of GPG_AGENT_INFO has been completely removed # and the variable is ignored. Instead a fixed Unix domain socket named # S.gpg-agent in the GnuPG home directory (by default ~/.gnupg) is used. # The agent is also started on demand by all tools requiring services # from the agent. # # It appears that mutt, at least, still wants to see the GPG_AGENT_INFO # variable: [ -z "${GPG_AGENT_INFO}" ] && export GPG_AGENT_INFO=$HOME/.gnupg/S.gpg-agent Now mutt happily shows all signed and/or encrypted messages without showing "Enter PGP passphrase:" before.
Cheers,
Lars
HTH, cheers. l8er manfred
Hi, On Tue, Jun 23, 2015 at 04:09:05PM +0200, Manfred Hollstein wrote:
On Fri, 19 Jun 2015, 13:58:42 +0200, Lars Müller wrote:
I'm using mutt and while I'm sending a mail I'm getting asked two times when sending the first mail to enter my pass phrase.
That has not been the case in the past.
Is this a side effect of KDE 5?
no, it exists (at least for me) since gpg-2.1; according to its release notes:
With GnuPG 2.1 the need of GPG_AGENT_INFO has been completely removed and the variable is ignored. Instead a fixed Unix domain socket named S.gpg-agent in the GnuPG home directory (by default ~/.gnupg) is used. The agent is also started on demand by all tools requiring services from the agent.
This means it is correct, that the GPG_AGENT_INFO variable isn't defined anymore. It appears, though, that at least mutt still expects it to be defined. I just put the following into my ~/.xinitrc:
# With GnuPG 2.1 the need of GPG_AGENT_INFO has been completely removed # and the variable is ignored. Instead a fixed Unix domain socket named # S.gpg-agent in the GnuPG home directory (by default ~/.gnupg) is used. # The agent is also started on demand by all tools requiring services # from the agent. # # It appears that mutt, at least, still wants to see the GPG_AGENT_INFO # variable: [ -z "${GPG_AGENT_INFO}" ] && export GPG_AGENT_INFO=$HOME/.gnupg/S.gpg-agent
Now mutt happily shows all signed and/or encrypted messages without showing "Enter PGP passphrase:" before.
Following your ~/.xinitrc approach made it impossible for me to login afterwards from the displaymanager (sddm). I'm using the same from ~/.bashrc instead and that works. But do we have to consider to make it for everyone easier by default or would we only artificially expand the time till more software honors the new approach? Even if setting GPG_AGENT_INFO works for mutt it might even cause some trouble to other components as the old format offered offered three fields: <path to Unix Domain Socket>:<gpg-agent PID>:<protocol version> while with the setting GPG_AGENT_INFO workaround we're only able to offer the first. Cheers, Lars -- Lars Müller [ˈlaː(r)z ˈmʏlɐ] Samba Team + SUSE Labs SUSE Linux, Maxfeldstraße 5, 90409 Nürnberg, Germany
On Wed, Jun 24, 2015 at 10:29:42PM +0200, Lars Müller wrote: [ 8< ]
Even if setting GPG_AGENT_INFO works for mutt it might even cause some trouble to other components as the old format offered offered three fields:
<path to Unix Domain Socket>:<gpg-agent PID>:<protocol version>
while with the setting GPG_AGENT_INFO workaround we're only able to offer the first.
test -z "${GPG_AGENT_INFO}" && \ export GPG_AGENT_INFO="$HOME/.gnupg/S.gpg-agent.$( pidof gpg-agent).1" But the question still remains: do we like something like this systemwide for the next six or 12 months? Cheers, Lars -- Lars Müller [ˈlaː(r)z ˈmʏlɐ] Samba Team + SUSE Labs SUSE Linux, Maxfeldstraße 5, 90409 Nürnberg, Germany
On Wed, 24 Jun 2015, 22:43:11 +0200, Lars Müller wrote:
On Wed, Jun 24, 2015 at 10:29:42PM +0200, Lars Müller wrote: [ 8< ]
Even if setting GPG_AGENT_INFO works for mutt it might even cause some trouble to other components as the old format offered offered three fields:
<path to Unix Domain Socket>:<gpg-agent PID>:<protocol version>
while with the setting GPG_AGENT_INFO workaround we're only able to offer the first.
test -z "${GPG_AGENT_INFO}" && \ export GPG_AGENT_INFO="$HOME/.gnupg/S.gpg-agent.$( pidof gpg-agent).1"
are you sure this works with gpg-2.1? If I understood the release notes correctly, it's just the plain "S.gpg-agent"; but, for mutt its value doesn't matter at all. The sources only check if such an environment variable is defined and if so simply skip asking for the passphrase itself, assuming gpg-agent will deal with it; you can try without GPG_AGENT_INFO being defined and enter a wrong passphrase when mutt asks for it... ;) Another option to avoid mutt asking for the passphrase might be to set crypt_use_gpgme=yes
But the question still remains: do we like something like this systemwide for the next six or 12 months?
I think we should. FWIW, it belongs into some X related startup file because there you can decide, if it's a new gpg-2.1 related configuration or if some older version is in use (which can be detected _because_ GPG_AGENT_INFO is already defined (by gnome-keyring-daemon via pam_gnome_keyring.so)). If you want to do this from within .bashrc, you should at least check if gpg-agent is already running. So, something like the following might work: ~/.bashrc: ... if [ -z "${GPG_AGENT_INFO}" ]; then # maybe gpg-2.1? if [ -n "$(pidof gpg-agent)" ]; # yep, this must be gpg-2.1 export GPG_AGENT_INFO="$HOME/.gnupg/S.gpg-agent" else # no gpg-agent is running, don't inject anything : fi else # OK, looks sane : fi BUT, what if there are several users logged in, each with their own gpg-agent process running...? Therefore the simple form belongs into the X session startup: test -z "${GPG_AGENT_INFO}" && \ export GPG_AGENT_INFO="$HOME/.gnupg/S.gpg-agent"
Cheers,
Lars
HTH, cheers. l8er manfred
participants (5)
-
Alin Marin Elena
-
Karol Mroz
-
Lars Müller
-
Manfred Hollstein
-
Raymond Wooninck