pulp-oci-images icon indicating copy to clipboard operation
pulp-oci-images copied to clipboard
verified publisher icon pulp

[BUG] "Error creating signature: No pinentry"

Open git-hyagi opened this issue 2 years ago • 2 comments

Describe the bug Configuring signing services with a passphrase in the gpg key will fail with:

Traceback (most recent call last):
  File "/usr/bin/pulpcore-manager", line 33, in <module>
    sys.exit(load_entry_point('pulpcore==3.23.2', 'console_scripts', 'pulpcore-manager')())
...
    signed = self.sign(
  File "/usr/lib/python3.9/site-packages/pulpcore/app/models/content.py", line 807, in sign
    raise RuntimeError(str(completed_process.stderr))
RuntimeError: b'time="2023-06-29T16:26:58Z" level=fatal msg="Error creating signature: No pinentry"\n'

To Reproduce Steps to reproduce the behavior: Follow the steps from https://github.com/pulp/pulp-oci-images/blob/latest/docs/signing_script.md, but in the Creating a gpg key step, define a passhrase (instead of passing the %no-ask-passphrase parameter).

git-hyagi avatar Jun 30 '23 16:06 git-hyagi

FYI: The example script shows a password inside the script, but it does not work successfully.

We are going to assume users will set the PASSWORD env variable separately for a real secure solution, we just need to make the example script work.

And the solution to making the example script work seems to be to install the pinentry package. Specifically, it seems to make gpg --passphrase work.

mikedep333 avatar Jul 12 '23 15:07 mikedep333

Just a note.

This worked for me without the package.

gpg --pinentry-mode loopback etc .....

Janr2 avatar Jul 21 '23 08:07 Janr2