Created attachment 1644035 [details] pinentry.spec patch to add a pinentry-tty package Description of problem: The pinentry-tty executable is missing Version-Release number of selected component (if applicable): pinentry-1.1.0-6.fc31.x86_64 Expected results: Being able to be asked on the CLI for the gpg passphrase. Additional info: Please add pinentry-tty to the pinentry base package, or create a pinentry-tty package, so we don't have to build it locally. It's very simple and doesn't add any significant maintenance burden. I created a patch to pinentry.spec and attached it to this BZ for your convenience. Thanks, Corinna
Yes, please: can you provide this in the standard package?
This message is a reminder that Fedora 31 is nearing its end of life. Fedora will stop maintaining and issuing updates for Fedora 31 on 2020-11-24. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a Fedora 'version' of '31'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora 31 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior this bug is closed as described in the policy above. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete.
Bump version to Fedora 33
This package has changed maintainer in the Fedora. Reassigning to the new maintainer of this component.
Is there anything blocking the request to provide pinentry-tty? Using GUI is not always convenient.
The thing is we already provide a CLI version of pinentry -- pinentry-curses. The /usr/bin/pinentry itself is a relatively simple script that tries to find the version of pinentry that suits the current environment the best and is available on the system. Simply building pinentry-tty wouldn't add much value until you update the pinentry script to actually run it at some point (the only way to use it on your system would be to set PINENTRY_BINARY env variable). We could probably fallback to pinentry-tty in case interactive mode is disabled. That would require us including the binary in the main package though. If you want to force the CLI version of pinentry, you can override the PINENTRY_BINARY env variable and set it to /usr/bin/pinentry-curses or you can remove all the GUI versions of pinentry that are installed on your system.
The pinentry-curses still pops up a window inside of the terminal, making it hard to automate passphrase entry for gpg (correct me if there is a way to avoid that). In the past, with gpg(v1), it was simple as it asked in inline prompt, rather than drawing popup over the terminal window. We are looking into something similar and pinentry-tty does exactly that. For the reference, here is a bug reported by our customer #1821057
Yeah, curses requires an interactive terminal, otherwise it fails. You can automate it with tools that simulate the interactive terminal like expect. It is not ideal but it does work. Looking at the referenced bz, the curses password prompt does seem to work but the password is being cached so you don't get the prompt on second and third runs, right? Also, this bz is aimed at Fedora, not RHEL so the feature would need to be propagated back to RHEL to help you in any way.
I've enabled pinentry-tty including automation from the pinentry script in rawhide: https://koji.fedoraproject.org/koji/taskinfo?taskID=59064768 It is now part of the main pinentry package so that we can automatically use it in case we detect a non-interactive terminal emulator.
(In reply to Boris Ranto from comment #9) > I've enabled pinentry-tty including automation from the pinentry script in > rawhide: > > https://koji.fedoraproject.org/koji/taskinfo?taskID=59064768 > > It is now part of the main pinentry package so that we can automatically use > it in case we detect a non-interactive terminal emulator. Would you mind to enable this on F33 as well? Thanks, Corinna
I am just building the package for for Fedora 33.
FEDORA-2021-41e53d7e83 has been submitted as an update to Fedora 33. https://bodhi.fedoraproject.org/updates/FEDORA-2021-41e53d7e83
FEDORA-2021-41e53d7e83 has been pushed to the Fedora 33 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2021-41e53d7e83` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-41e53d7e83 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2021-41e53d7e83 has been pushed to the Fedora 33 stable repository. If problem still persists, please make note of it in this bug report.