Open Bialogs opened 8 years ago
I'm running into this problem also. The issue seems to be the particular shell & runtime environment of the git
and subsequently the spawned gpg
or gpg2
(the exact program git runs is set via the config option: gpg.program
. Check yours with git config --global --get gpg.program
). It does appear that Sublime Text spawns git
in a way which respects the commit.gpgsign
option (git config --global --get commit.gpgsign
should return true
).
In a normal terminal, GPG_TTY
is supposed to be set to the output of tty
(e.g.: export GPG_TTY=$(tty)
).
For setting this in my ~/.bashrc
file, I've got:
## Set up GPG Agent for SSH keys & git commit signing
export GPG_TTY=$(tty)
if [ -f "${HOME}/.gnupg/gpg-agent-info" ]; then
. "${HOME}/.gnupg/gpg-agent-info"
export GPG_AGENT_INFO
export SSH_AUTH_SOCK
export SSH_AGENT_PID
fi
After installing the Sublime Fix Mac Path plugin, and adding the path for gpg2
provided by GPGTools, it does spawn the gpg2
process correctly. To do this, I added the following under Preferences
=> Settings - User
:
"additional_path_items":
[
"/usr/local/MacGPG2/bin",
"~/bin"
]
However, when committing through the plugin, the GPG_TTY
is set to what appears to be the default: /dev/tty
. Really, we want to run gpg2
with --no-tty
instead, and have pinentry-mac
run to ask for GPG key passwords when needed. This can be accomplished globally by doing the following:
Set pinentry-program
in ~/.gnupg/gpg-agent.conf
:
use-standard-socket
enable-ssh-support
pinentry-program /usr/local/MacGPG2/libexec/pinentry-mac.app/Contents/MacOS/pinentry-mac
default-cache-ttl 600
max-cache-ttl 7200
log-file /var/log/gpg-agent.log
write-env-file /Users/<YOUR_USER_HERE>/.gnupg/gpg-agent-info
Set no-tty
in ~/.gnupg/gpg.conf
:
# Passphrase agent
#
# We support the old experimental passphrase agent protocol as well as
# the new Assuan based one (currently available in the "newpg" package
# at ftp.gnupg.org/gcrypt/alpha/aegypten/). To make use of the agent,
# you have to run an agent as daemon and use the option
#
# For Ubuntu we now use-agent by default to support more automatic
# use of GPG and S/MIME encryption by GUI programs. Depending on the
# program, users may still have to manually decide to install gnupg-agent.
use-agent
# This disables ALL tty input / output globally!
no-tty
This works, but _you won't see any confirmation or output AT ALL whether your commits were signed (or if they failed to sign due to some error!)._
The real solution is to set the GPG_TTY
correctly for Sublime Text, or have the Sublime Text Git plugin either pass --no-tty
to gpg2
or take over the I/O through popen or pty
somehow.
This is still a problem. Is there a way to pass --no-tty
to gpg2
yet?
Another workaround would be to disable PGP signing altogether but this is not recommended:
git config commit.gpgsign false
I am GPG signing my commits automatically and when I close the Sublime tab after writing my commit message the follow error pops up in the console
gpg: cannot open tty
/dev/tty': Device not configured error: gpg failed to sign the data fatal: failed to write commit object`It would be nice if the plugin could support GPG signing of commits commits.