On Wed, Mar 17, 2010 at 11:59:55AM -0400, Anton Aylward wrote:
Petr Uzel said the following on 03/17/2010 11:01 AM:
Graphical pinentry's have precedence over pinentry-curses. If DISPLAY is not set, then pinentry-{qt,gtk-2} runs pinentry-curses instead. If you don't like this behavior, you can modify gpg-agent.conf as mentioned above.
That is not the case. From tty2 I ran 'sh - /usr/bin/pinentry' I recorded it with 'script' Sadly, "who am i" doens't seem to work within script, so you'll have to take my word that this was on tty2
The result is:
Script started on Wed 17 Mar 2010 11:49:22 AM EDT anton@BigBoy:~/tmp> anton@BigBoy:~/tmp> unset DISPLAY anton@BigBoy:~/tmp> sh -x /usr/bin/pinentry + kde_running= + '[' -n '' ']' + '[' -n '' ']' + arg= + display= + '[' -n '' ']' + '[' -n '' -a x = 4x -a -f /usr/bin/pinentry-qt4 ']' + '[' -n '' -a -f /usr/bin/pinentry-qt ']' + '[' -f /usr/bin/pinentry-gtk-2 ']' + export PINENTRY_BINARY=/usr/bin/pinentry-gtk-2 + PINENTRY_BINARY=/usr/bin/pinentry-gtk-2 + exec /usr/bin/pinentry-gtk-2 OK Your orders please
Yes, that's expected. Most likely I wasn't clear before. You are right that in such case it is pinentry-gtk-2, what is 'selected' by /usr/bin/pinentry script. But since it figures out there is no $DISPLAY, it runs pinentry-curses-like interface which is embedded into pinentry-gtk-2 binary (as well as to other graphical pinentry's). You can verify this by doing the following at tty2: gpg --sign some_file -> pinentry-curses dialog appears, don't close it switch to another console and issue ps aux | grep pinentry -> it shows it is actually pinentry-gtk-2, which does the curses-like interface.
^C anton@BigBoy:~/tmp> exit
Script done on Wed 17 Mar 2010 11:50:02 AM EDT
That's what I eamn about the if/elseif chain being wrong. That code segment reads
# otherwise test if pinentry-gtk-2 is installed elif [ -f /usr/bin/pinentry-gtk-2 ] then export PINENTRY_BINARY="/usr/bin/pinentry-gtk-2" # otherwise test if pinentry-qt4 exists although KDE is not detected elif [ -f /usr/bin/pinentry-qt4 ] then export PINENTRY_BINARY="/usr/bin/pinentry-qt4" # otherwise test if pinentry-qt exists although KDE is not detected elif [ -f /usr/bin/pinentry-qt ] then export PINENTRY_BINARY="/usr/bin/pinentry-qt" # pinentry-curses is installed by default else export PINENTRY_BINARY="/usr/bin/pinentry-curses" fi
So if -gtk-2 or -qt4 or -qt exist they well be used EVEN IF KDE IS NOT DETECTED.
And what would you suggest to use instead?
I think this is WRONG !
Pinentry-curses is used as a fallback only if there is no graphical pinentry installed. That's intentional. Since every graphical pinentry provides also embedded pinentry-curses interface, this is fine IMHO.
The test for KDE only happens if DISPLAY is set.
If DISPLAY is not set, why should we care about KDE/GNOME? It even does not make sense. Or am I missing something?
So what about other window managers? Sorry, I don't get this question.
Anyway, this whole question about which pinentry version should be ran under various circumstances seems to be totally unrelated to the original issue with keychain freezing. Did you manage to test the workaround? Thanks, Petr -- Petr Uzel, openSUSE Boosters Team IRC: ptr_uzl @ freenode