Source: pinentry Version: 0.9.7 Severity: normal Dear Maintainer,
With the upstream (or at least the Arch Linux) package of pinentry 0.9.7, one can put allow-emacs-pinentry in ~/.gnupg/gpg-agent.conf, which allows using http://elpa.gnu.org/packages/pinentry.html to enter passphrases from within Emacs (and falls back to gtk or whatnot when not inside Emacs). There is code in the upstream pinentry package that checks the environment variable INSIDE_EMACS. However, on pinentry-curses_0.9.7-3_amd64.deb (tested on Ubuntu Xenial; apt-cache says it's originally Debian) if I put "allow-emacs-pinentry" in ~/.gnupg/gpg-agent.conf, the gpg-agent doesn't work at all, even outside Emacs: $ echo $INSIDE_EMACS $ cat ~/.gnupg/gpg-agent.conf allow-emacs-pinentry $ pkill gpg-agent $ gpg-agent --homedir $HOME/.gnupg --daemon $ gpg2 -d /tmp/foo.gpg | wc -l gpg: encrypted with 2048-bit RSA key, ID F013AFA5, created 2012-05-22 "Kevin Brubeck Unhammer <[email protected]>" gpg: public key decryption failed: Not supported gpg: decryption failed: No secret key 0 $ while it works fine without that setting: $ /bin/rm ~/.gnupg/gpg-agent.conf $ pkill gpg-agent $ gpg-agent --homedir $HOME/.gnupg --daemon $ gpg2 -d /tmp/foo.gpg | wc -l gpg: encrypted with 2048-bit RSA key, ID F013AFA5, created 2012-05-22 "Kevin Brubeck Unhammer <[email protected]>" 212 $ (Similarly if I start gpg-agent using --allow-emacs-pinentry. I also tried the pinentry-curses .deb from https://packages.debian.org/stretch/amd64/pinentry-curses/download and got the same behaviour.) https://bugs.gnupg.org/gnupg/issue2034 says that dkg removed the binary pinentry-emacs, I guess this is the configure option --disable-pinentry-emacs in https://anonscm.debian.org/cgit/pkg-gnupg/pinentry.git/tree/debian/rules (that binary is not needed for the allow-emacs-pinentry usage), but also removed support for checking the INSIDE_EMACS variable, presumably configure option --disable-inside-emacs. The comment by dkg says "If the documentation and failure modes are clarified, i'm happy to re-enable them in debian". From what I can tell in that thread and the sub-bugs, the concerns about INSIDE_EMACS are alleviated (e.g. allow-emacs-pinentry has to be explicitly enabled in gpg-agent for INSIDE_EMACS-checking to take effect), so ideally the package could be built without --disable-inside-emacs. However, even without --disable-inside-emacs, gpg-agent shouldn't completely stop working _outside Emacs_ just because allow-inside-emacs is set. -- System Information: Debian Release: stretch/sid APT prefers xenial-updates APT policy: (500, 'xenial-updates'), (500, 'xenial-security'), (500, 'xenial'), (100, 'xenial-backports') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.4.0-21-generic (SMP w/2 CPU cores) Locale: LANG=nn_NO.UTF-8, LC_CTYPE=nn_NO.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
