Open whimbree opened 7 months ago
I think this related if not same as #5135
After updating and having issues getting my pinentry to work, I ran into this issue and can confirm I also have the same issue. However, my pinentry started working after I gpg-connect-agent reloadagent /bye
(thought restarting my computer would be enough?). So maybe I was having a different issue and the missing binary in gpgconf is not affecting me.
For me this seems to be resolved, any objections closing this? /review 1 week
After updating and having issues getting my pinentry to work, I ran into this issue and can confirm I also have the same issue. However, my pinentry started working after I
gpg-connect-agent reloadagent /bye
(thought restarting my computer would be enough?). So maybe I was having a different issue and the missing binary in gpgconf is not affecting me.
I had a similar issue, but for me gpg-connect-agent reloadagent /bye
wasn't enough. I had to kill the agent as well (pkill gpg-agent
).
I had to both set a pinentryPackage
as in #5488, and run gpg-connect-agent reloadagent /bye
. After that, even though gpgconf
still returned a non-existent pinentry, I could use gpg again. Maybe a restart would fix the entry in gpgconf
?
I also tried systemctl --user restart gpg-agent.socket
, but that also didn't fix the entry in gpgconf
.
So IMO, this is not fixed at all, it's atually broken out of the box, and I think the default pinentryPackage
should not be null
but pinentry-tty
'.
I'm trying to use gpg from home-manager for the first time and it seems broken out of the box to me as well.
With home-manager f99eace7c167b8a6a0871849493b1c613d0f1b80 and nixpkgs faf912b086576fd1a15fca610166c98d47bc667e and this configuration:
services.gpg-agent = {
enable = true;
pinentryFlavor = "tty";
};
gpg fails:
gpg: public key decryption failed: No pinentry
gpg: decryption failed: No pinentry
until I kill gpg-agent.
With home-manager https://github.com/nix-community/home-manager/commit/f99eace7c167b8a6a0871849493b1c613d0f1b80 and nixpkgs faf912b086576fd1a15fca610166c98d47bc667e and this configuration:
Not sure what's the issue is but it appears to me that you are building from random hashes from February rather than using stable/unstable branch?
The option e.g. pinentryFlavor
does not exist anymore in home-manager:
https://nix-community.github.io/home-manager/options.xhtml
should be pinentryPackage
now.
Not sure what's the issue is but it appears to me that you are building from random hashes from February rather than using stable/unstable branch?
I was guessing the issue is exactly this one - that the module sometimes generates configurations with bogus pinentry config. As for the revisions, they were from the unstable branch at some point. Then time passed and those branches moved on.
I'm currently on nixpkgs/nixos-24.05
and home-manager/release-24.05
and still running into this issue. Here's the relevant chunk from my flake.lock
:
"home-manager": {
"inputs": {
"nixpkgs": [
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1682203081,
"narHash": "sha256-kRL4ejWDhi0zph/FpebFYhzqlOBrk0Pl3dzGEKSAlEw=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "32d3e39c491e2f91152c84f8ad8b003420eab0a1",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
}
And here are the relevant chunks from my config:
programs.gpg.enable = true;
services.gpg-agent = {
enable = true;
pinentryPackage = pkgs.pinentry-gnome3;
};
I've done a lot of reloading/pkill
ing of the gpg agent process but I'm still seeing:
❯ gpgconf
gpg:OpenPGP:/nix/store/ayvxxjman90w72dlzwx7xxa5p1vqhhl3-gnupg-2.4.5/bin/gpg
gpgsm:S/MIME:/nix/store/ayvxxjman90w72dlzwx7xxa5p1vqhhl3-gnupg-2.4.5/bin/gpgsm
keyboxd:Public Keys:/nix/store/ayvxxjman90w72dlzwx7xxa5p1vqhhl3-gnupg-2.4.5/libexec/keyboxd
gpg-agent:Private Keys:/nix/store/ayvxxjman90w72dlzwx7xxa5p1vqhhl3-gnupg-2.4.5/bin/gpg-agent
scdaemon:Smartcards:/nix/store/ayvxxjman90w72dlzwx7xxa5p1vqhhl3-gnupg-2.4.5/libexec/scdaemon
tpm2daemon:TPM:/nix/store/ayvxxjman90w72dlzwx7xxa5p1vqhhl3-gnupg-2.4.5/libexec/tpm2daemon
dirmngr:Network:/nix/store/ayvxxjman90w72dlzwx7xxa5p1vqhhl3-gnupg-2.4.5/bin/dirmngr
pinentry:Passphrase Entry:/nix/store/ayvxxjman90w72dlzwx7xxa5p1vqhhl3-gnupg-2.4.5/bin/pinentry
nixos on main [!?⇡]
❯ l /nix/store/ayvxxjman90w72dlzwx7xxa5p1vqhhl3-gnupg-2.4.5/bin/pinentry
"/nix/store/ayvxxjman90w72dlzwx7xxa5p1vqhhl3-gnupg-2.4.5/bin/pinentry": No such file or directory (os error 2)
Thank you for your contribution! I marked this issue as stale due to inactivity. Please be considerate of people watching this issue and receiving notifications before commenting 'I have this issue too'. We welcome additional information that will help resolve this issue. Please read the relevant sections below before commenting.
* If this is resolved, please consider closing it so that the maintainers know not to focus on this. * If this might still be an issue, but you are not interested in promoting its resolution, please consider closing it while encouraging others to take over and reopen an issue if they care enough. * If you know how to solve the issue, please consider submitting a Pull Request that addresses this issue.
* If you are also experiencing this issue, please add details of your situation to help with the debugging process. * If you know how to solve the issue, please consider submitting a Pull Request that addresses this issue.
Don't be afraid to manually close an issue, even if it holds valuable information. Closed issues stay in the system for people to search, read, cross-reference, or even reopen – nothing is lost! Closing obsolete issues is an important way to help maintainers focus their time and effort.
Are you following the right branch?
Is there an existing issue for this?
Issue description
After the refactor to pinentry packaging, gpgconf now returns an invalid path to pinentry.
This breaks apps that depend on gpgconf's output for configuring paths to gnupg tools. One such app is GpgFrontend.
example:
Maintainer CC
No response
System information