FS#34674 - [kde-agent] Hardwired invocation of gpg-agent overrides config file

Attached to Project: Arch Linux
Opened by George (gh403) - Monday, 08 April 2013, 07:31 GMT
Last edited by Andrea Scarpino (BaSh) - Thursday, 07 November 2013, 22:40 GMT
Task Type Bug Report
Category Packages: Extra
Status Closed
Assigned To Andrea Scarpino (BaSh)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 3
Private No

Details

Description:

The invocation of gpg-agent in line 28 of the script /etc/kde/env/gpg-agent-startup.sh uses the option --pinentry-program to force gpg-agent to use the Qt PIN program. This option clobbers any user-defined settings in ~/.gnupg/gpg-agent.conf (such as "pinentry-program /usr/bin/pinentry-kwallet"). I understand that causing it to use Qt is a good idea, but users' settings need to be checked for before overriding.

Additional info:
* package version:
20130226-1
This task depends upon

Closed by  Andrea Scarpino (BaSh)
Thursday, 07 November 2013, 22:40 GMT
Reason for closing:  Won't fix
Additional comments about closing:  Per-user configuration can go in ~/.kde4/env/
Comment by Andrea Scarpino (BaSh) - Monday, 22 April 2013, 11:03 GMT
We cannot remove the pinentry line form the gpg-agent script, so I don't see how we could "fix" this.
Comment by George (gh403) - Monday, 22 April 2013, 15:20 GMT
I agree; gpg-agent needs to run. But *something* needs to be changed because it is entirely non-obvious to the user where to even change the system script (which they should not have to do anyway according to separation-of-privileges).
Comment by Niklas Schnelle (spacenick) - Friday, 24 May 2013, 15:34 GMT
For me kde-agent now seems completely broken. The started gpg-agent can't find even the hard coded pinentry. The only way I could
get any kind of gpg (command line and evolution) working under KDE now is using GDM AND removing kde-agent. Then gpg-agent is started
by GDM as "gpg-agent -s --enable-ssh-support --daemon"
Comment by Martin Tang (olfhrmgcyh) - Thursday, 25 July 2013, 17:28 GMT
A workaround for this is to make a copy of /etc/kde/env/gpg-agent-startup.sh in ~/.kde/env and edit that copy to remove the --pinentry-program /usr/bin/pinentry-qt4 portion in order to use the default/user's pinentry (or hardwire to another pinentry of your choice). The scripts in ~/.kde/env are started prior to the ones in /etc/kde/env, and so the latter won't attempt to start another gpg-agent.

Loading...