Hello list, I am attempting to upgrade software to use gpg2 instead of gpg. After fixing the usual "Inappropriate ioctl for device" and "Sorry, we are in batchmode - can't get input" messages and applying all the gpg_agent security workarounds, I am now stuck at this sequence:
The key generation command ['/usr/bin/gpg', '--homedir', '/tmp/tmp-3abk6l8', '--with-colons', '--status-fd', '2', '--pinentry-mode', 'loopback', '--batch', '--gen-key', '--command-fd', '0'] with the security-sensitive passphrase-input via the command-fd b'%echo Generating key\nKey-Type: RSA\nKey-Length: 1024\nSubkey-Type: ELG-E\nSubkey-Length: 1024\nName-Real: AutomationKey\nExpire-Date: 0\n%commit\n', will generate following output: gpg: keybox '/tmp/tmp-3abk6l8/pubring.kbx' created gpg: Generating key [GNUPG:] INQUIRE_MAXLEN 100 [GNUPG:] GET_HIDDEN passphrase.enter [GNUPG:] GOT_IT gpg: agent_genkey failed: Operation cancelled gpg: key generation failed: Operation cancelled [GNUPG:] ERROR key_generate 33554531 [GNUPG:] KEY_NOT_CREATED It seems that agent and gpg are going through some "brain-split" episode as the errors seem to indicate, that everyone is thinking the other party canceled the transfer. The strace indicates, that gnupg itself sends the "cancel" request to the agent and is astonished by the result - it cannot even give a meaningful error message about the current condition. As there is no other syscall activity, all the reasons for have to be in gpg2. 2138 write(2, "[GNUPG:] INQUIRE_MAXLEN 100", 27) = 27 2138 write(2, "\n", 1) = 1 2138 write(2, "[GNUPG:] GET_HIDDEN passphrase.enter", 36) = 36 2138 write(2, "\n", 1) = 1 2138 read(0, "", 1) = 0 2138 write(2, "[GNUPG:] GOT_IT", 15) = 15 --- not knowing what gnupg successfully got here as there is no passphrase to read 2138 write(2, "\n", 1) = 1 2138 write(3, "CAN", 3) = 3 --- Gnupg sending cancel 2138 write(3, "\n", 1) = 1 2138 read(3, <unfinished ...> 2142 read(9, "CAN\n", 1002) = 4 --- Agent reading cancel 2142 getpid() = 2141 2142 write(2, "gpg-agent[2141]: command 'GENKEY' failed: IPC call has been cancelled", 69) = 69 2142 write(2, "\n", 1) = 1 2142 write(9, "ERR 67109141 IPC call has been cancelled <GPG Agent>", 52) = 52 --- Agent telling gnupg about cancel 2138 <... read resumed> "ERR 67109141 IPC call has been cancelled <GPG Agent>", 1002) = 52 -- gpg reading cancel 2138 read(3, <unfinished ...> 2142 write(9, "\n", 1) = 1 2138 <... read resumed> "\n", 950) = 1 2138 write(2, "gpg: agent_genkey failed: Operation cancelled", 45) = 45 2138 write(2, "\n", 1) = 1 2138 write(2, "gpg: key generation failed: Operation cancelled", 47) = 47 2138 write(2, "\n", 1) = 1 2138 write(2, "[GNUPG:] ERROR key_generate 33554531", 36) = 36 2138 write(2, "\n", 1) = 1 2138 write(2, "[GNUPG:] KEY_NOT_CREATED ", 25) = 25 2138 write(2, "\n", 1) = 1 2138 read(0, "", 8192) = 0 2138 munmap(0x7faad0a44000, 65536) = 0 2138 exit_group(2) = ? 2138 +++ exited with 2 +++ Does someone know how to fix that? LG Roman _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
