Can't enter passphrase in su session.
Stan Tobias
sttob at mailshack.com
Mon May 25 01:18:51 CEST 2009
mike _ <arizonagroovejet at gmail.com> wrote:
> So maybe the problem is that under su, gpg-agent fails to launch
> /usr/bin/pinentry (which in turn decides whether to launch
> pinentry-curses, or a QT or GTK equivalent). If I run gpg under strace
> and look through the output there is no mention of /usr/bin/pinentry
> being called, but there is in the ssh session. Why no attempt is to
> launch /usr/bin/pinentry though I have not been able to determine.
I don't use and I don't know how `pinentry' works, so let it be a blind
shot. `ssh' opens a new terminal session, while `su' doesn't. When you
`su - newuser', you run with stdin/stdout/stderr attached to the olduser
terminal, with the olduser owner and most probably zeroed permission
bits for the "other" group, which means newuser cannot open /dev/tty.
If a program (like `pinentry' maybe, or `screen') run by newuser tries
to read directly from a terminal which belongs to olduser, it will fail.
I sometimes "fix" this by running `exec script /dev/null'.
Regards,
Stan
More information about the Gnupg-users
mailing list