gpg uses popup dialog instead of cli by default

Bug #367163 reported by Matt Jones on 2009-04-26
Affects Status Importance Assigned to Milestone
gnupg (Ubuntu)

Bug Description

Binary package hint: gnupg

On ubuntu jaunty 32bit:

For some reason gnupg uses a popup dialog to ask for passphrases, instead of using the command line. This means that things like debuild will also use popup dialogs when signing packages.

This breaks lots of software and scripts that are reliant on it being able to pragmatically drive gpg and debuild.

The default behaviour should be to use the cli. With an option for popup dialogs.

This was not a problem in hardy or intrepid.

That is IMO a self-caused "issue" in Ubuntu. In the Ubuntu package the `use-agent' option is enabled by default (#15485). Turn it off and be satisfied.

I'm closing this, as Ubuntu has explicitly enabled this option be default. Please reopen your report if you wish to revert this change (JFTR: I'm not responsible for the Ubuntu gnupg package).

Changed in gnupg (Ubuntu):
status: New → Invalid
Matt Jones (workhorsy) wrote :

I think the use-agent option should not be enabled by default.

As mentioned above: It breaks lots of scripts, and makes no sense to have a command line app also use a gui dialog by default, when it can do the same thing in cli just fine.

I've also looked around for an explanation for this change, and found none. If there is a good reason for it, then I will have to live with it. But until then, my vote is on pure cli for cli apps.

Changed in gnupg (Ubuntu):
status: Invalid → Confirmed
Michael Bienia (geser) wrote :

It was added to enable gnupg support in kmail (see bug 15485).

@Michael: What about invoking gnupg by kmail with the related switch instead of relying on having this option in the user configuration? This sounds more reasonable to me and it won't break any behaviour.

Michael Bienia (geser) wrote :

I don't believe that would work as the Xsession.d file for gnupg-agent starts the gnupg-agent only if "use-agent" is active in the configuration file.

As I don't use KDE and kmail, I don't know if "use-agent" is the only solution to let kmail work with gnupg. Better talk to some kubuntu devs about it. Scott Kitterman introduced this change, so he hopefully still knows about the reasons.

Rolf Leggewie (r0lf) wrote :

FWIW, "sudo aptitude pinentry-ncurses;sudo aptitude purge pinentry-gtk2" or simply "sudo update-alternatives --config pinentry" should fix the issue for those with headless installations.

Maybe having gpg-agent depend on "pinentry-ncurses | pinentry-gtk2 | pinentry" would be a better option over the current situation of preferring the gtk2 variant (why not qt?). If you want to argue that case, please open a separate ticket, I suggest.

I agree the change in question had some fallout (and I am a frequent user of headless systems and often annoyed by the lack of consideration for that group) but it's been a conscious choice it seems. Setting to Opinion as resolution.

Changed in gnupg (Ubuntu):
status: Confirmed → Opinion
Rolf Leggewie (r0lf) wrote :

make that

"sudo aptitude install pinentry-ncurses;sudo aptitude purge pinentry-gtk2" or simply "sudo aptitude install pinentry-ncurses;sudo update-alternatives --config pinentry"

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers