https://bugs.kde.org/show_bug.cgi?id=458085
--- Comment #39 from michaelk83 <mk.mat...@gmail.com> --- (In reply to Nicolas Fella from comment #38) > we just needs to find one approach that works and stick with it Option A (`no-allow-external-cache`) is the correct solution IMO, if you want to use a GPG wallet with Secret Service enabled. It breaks the circular dependency without affecting other Secret Service clients or potentially introducing race condition bugs, and using a feature of GnuPG that was intended specifically to address similar situations - https://man.archlinux.org/man/gpg-agent.1#no-allow-external-cache : > Some desktop environments prefer to unlock all credentials with one master > password and > may have installed a Pinentry which employs an additional external cache to > implement > such a policy. By using this option the Pinentry is advised not to make use > of such a > cache and instead always ask the user for the requested passphrase. Options B and C (disable Sercret Service or not use a GPG wallet) are alternatives that a user may choose depending on what they want to achieve. But the `no-allow-external-cache` setting is pretty esoteric. Users trying to set up a GPG wallet with Secret Service enabled would not usually know about it, and will run into this issue. So it either needs to be set by KWallet when needed (by calling `gpgconf`), or documented clearly enough for users to not miss it. -- You are receiving this mail because: You are watching all bug changes.
