"gpg: cannot open `/dev/tty': No such device or address" on Ubuntu when signing commits

Hi, Mark, thanks for looking into this.

I suspect using --no-tty unconditionally will break signing from the terminal, so at most we want to do this only when the device doesn't exist.

But I wonder why it isn't finding the agent? What happens if you pass --use-agent? I wonder if GPG_AGENT_INFO is set properly.

I tried this out by commiting by just using the terminal (since for some reason, invoking bzr explorer says it can't find some import if i run it from the code i checked out from launchpad) and it still works. It also still manages (or bazaar does at least) to print messages if you enter your password wrong. So it does work on the terminal, and when i edited bzrlib/gpg.py in my install on ubuntu and added the --no-tty line, it worked in bazaar explorer too

I think gpg can find the agent fine, its just trying to print SOMETHING to /dev/tty, and when it can't find that it freaks out and then bazaar catches the exception and then says you can't sign it, as i see the pinentry-gtk-2 window when i commit with the changes i made. I will have to check to see if this works with windows and mac as well (with the gpg installations i have on those computers)

Also, My original changes were to only use --no-tty if os.environ("TTY") returned None, however it seems that on Ubuntu at least, os.environ("TTY") always returns none, no matter if you are running bzr through the terminal or through bzr explorer. I thought it would only return None if it was running through a GUI environment, but it appears to not be the case.

Actually, looking more carefully at the manpage

       --no-tty
              Make sure that the TTY (terminal) is never used for any output. This option is needed in some cases because GnuPG
              sometimes prints warnings to the TTY even if --batch is used.

so, setting this unconditionally might be harmless, and it might well be the behaviour you describe of it trying to write output that causes a problem.

I think --no-tty is always safe to run.

I have been exploring a work around for bug 436874 which might be considered a dupe of this bug. My case is
    Gedit started from launcher > GDP Bazaar > bzr-gtk > bzr
which always fails because there in no tty. Setting up a pty and setting GPG_TTY in the env fails.

I tested the call to gpg in a subprocess in GDP Bazaar to reproduce the error in bzrlib.gpg, then added the --no-tty arg. We always get the stdout, stderr, and returncode. I think this is hamless to add in all posix OSes, maybe win32 as well.

My current hack to do a commit without starting gedit from the terminal is to use this file as my gpg command
    #!/bin/bash
    gpg --no-tty $@

I contemplated making a fix in bzr-gtk to add the --no-tty arg, but that will also require a change to bzrlib.gpg to split the gpg_signing_command value, which must also consider that there might be spaces in the dirnames. bzr-gtk could monkeypatch the GPGStrategy._command_line, but that is naughty. If --no-tty is not considered safe for bzrlib.gpg, then bzr-gtk would want a way to provide it's own GPGStrategy with it's own _command_line prop.

so should i try and test this on mac and windows just to be safe? or how are we determining that -no-tty is ok to have as an argument?

MacOS is posix (BSD Unix which handles gpg, tty, and shells as linux does), only win32 is in doubt.

I finally got around to checking this out on windows and trying it with the --no-tty argument in gpg.py, and it worked fine.

fix was committed into 2.5 here: http://bazaar.launchpad.net/~bzr-pqm/bzr/2.5/revision/6484

Hello Mark, or anyone else affected,

Accepted bzr into precise-proposed. The package will build now and be available in a few hours. Please test and give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

I updated to the proposed package and commiting with a signature using bazaar explorer works, (doesn't fail with failed to sign with gpg), So I think it works fine!

This bug was fixed in the package bzr - 2.5.1-0ubuntu1

---------------
bzr (2.5.1-0ubuntu1) precise-proposed; urgency=low

  * New upstream release.
   + Fixes handling of colocated branches in `bzr rmbranch`. LP: #920653
   + rmbranch now refuses to remove active branch. LP: #922953
   + Connecting with HTTPS via HTTP correctly uses host name of destination
     rather than that of proxy. LP: #944696
   + No longer requires tty when GPG signing commits. LP: #847388
   + Fixes unicode erorrs when translated progress task messages
     contain non-ascii text. LP: #966934
   + Fixes display of help for configuration options that overlap
     with other topics. LP: #941672
  * Drop 06_spurious_test_failure: applied upstream.
 -- Jelmer Vernooij <email address hidden> Mon, 28 May 2012 13:36:02 +0200

This looks like it causes the regression described in bug 1014570 for people not running an agent, which is a little worrying.

The Precise Pangolin has reached end of life, so this bug will not be fixed for that release