[pkg-gnupg-maint] Bug#869416: pinentry-gtk2: fails to request passphrase when importing OpenPGP secret key with Seahorse

intrigeri at debian.org intrigeri at debian.org
Sun Jul 23 11:02:34 UTC 2017 

Package: pinentry-gtk2
Version: 1.0.0-2
Severity: normal
User: tails-dev at boum.org
Usertags: crypto-gui

Hi,

both on Tails 3.0.1 (Stretch) and current Debian sid (GNOME), if
/usr/bin/pinentry-gtk-2 is configured as the pinentry tool with
update-alternatives (or pinentry-program in gpg-agent.conf), then
importing a passphrase-protected secret key from Seahorse fails.

Seahorse says:

  Import failed: key 0x...: public key "uid <email>" imported

And the Journal says:

  gpg-agent[11835]: starting a new PIN Entry
  gpg-agent[11835]: DBG: connection to PIN entry established
  gpg-agent[11835]: DBG: chan_6 -> INQUIRE PINENTRY_LAUNCHED 11914 gtk2:curses 1.0.0 ? ? ?
  gpg-agent[11835]: DBG: chan_6 <- END
  gpg-agent[11835]: DBG: error calling pinentry: Inappropriate ioctl for device <Pinentry>
  gpg-agent[11835]: command 'IMPORT_KEY' failed: Inappropriate ioctl for device <Pinentry>
  gpg-agent[11835]: DBG: chan_6 -> ERR 83918950 Inappropriate ioctl for device <Pinentry>
  gpg-agent[11835]: DBG: chan_6 <- [eof]

Note that:

 * This problem doesn't happen when using pinentry-gnome3.
   The difference I see in gpg-agent's debug log is that when using
   pinentry-gnome3, I see a number of OPTION commands sent to
   gpg-agent, e.g. OPTION display=:1, while I see no such thing when
   using pinentry-gtk-2. I'm not sure who's responsible for sending
   these options.

 * Importing the same key with gpg on the command line in GNOME
   Terminal works just fine: the expected pinentry-gtk2 dialog is
   displayed and the key is imported as a result.

 * This might be a bug in Seahorse, or in some underlying plumbing it
   uses, or in pinentry-gtk2.

Details and some initial research:
https://labs.riseup.net/code/issues/12733

Anything else I should try?

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (500, 'oldstable-updates'), (500, 'oldoldstable-updates'), (500, 'oldoldstable'), (500, 'testing'), (500, 'stable'), (500, 'oldstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.11.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages pinentry-gtk2 depends on:
ii  libassuan0     2.4.3-2
ii  libc6          2.24-12
ii  libglib2.0-0   2.52.3-1
ii  libgpg-error0  1.27-3
ii  libgtk2.0-0    2.24.31-2
ii  libncursesw5   6.0+20170715-2
ii  libsecret-1-0  0.18.5-3.1
ii  libtinfo5      6.0+20170715-2

pinentry-gtk2 recommends no packages.

Versions of packages pinentry-gtk2 suggests:
pn  pinentry-doc  <none>

-- no debconf information

-- 
intrigeri

More information about the pkg-gnupg-maint mailing list