Merge lp:~mwilck/duplicity/duplicity into lp:duplicity

Proposed by Martin Wilck on 2016-09-21
Status: Merged
Merged at revision: 1150
Proposed branch: lp:~mwilck/duplicity/duplicity
Merge into: lp:duplicity
Diff against target: 58 lines (+27/-3)
2 files modified
bin/duplicity.1 (+9/-3)
duplicity/gpg.py (+18/-0)
To merge this branch: bzr merge lp:~mwilck/duplicity/duplicity
Reviewer Review Type Date Requested Status
duplicity-team 2016-09-21 Pending
Review via email: mp+306331@code.launchpad.net

Description of the change

GPG: enable truly non-interactive operation with gpg2

This patch fixes the IMO unexpected behavior that, when using GnuPG2, a pass phrase dialog always pops up for saving backups. This is particularly annoying when trying to do unattended / fully automatic backups.

The patch changes the behavior of the "--use-agent" option when GnuPG 2 is in use. The man page is updated accordingly.

To post a comment you must log in.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'bin/duplicity.1'
2--- bin/duplicity.1 2016-08-22 10:58:28 +0000
3+++ bin/duplicity.1 2016-09-21 13:03:22 +0000
4@@ -917,9 +917,15 @@
5 if needed.
6 .br
7 .B Note:
8-GnuPG 2 and newer ignore this option and will always use a running
9-.B gpg-agent
10-if no passphrase was delivered.
11+Contrary to previous versions of duplicity, this option will also be honored
12+by GnuPG 2 and newer versions. If GnuPG 2 is in use, duplicity passes the option
13+.I --pinentry-mode=cancel
14+to the the gpg process unless
15+.I --use-agent
16+is specified on the duplicity command line. This has the effect that GnuPG 2
17+uses the agent only if
18+.I --use-agent
19+is given, just like GnuPG 1.
20
21 .TP
22 .BI "--verbosity " level ", -v" level
23
24=== modified file 'duplicity/gpg.py'
25--- duplicity/gpg.py 2015-11-05 15:36:58 +0000
26+++ duplicity/gpg.py 2016-09-21 13:03:22 +0000
27@@ -87,6 +87,20 @@
28 else:
29 self.hidden_recipients = []
30
31+ self.gpg_major = self.get_gpg_major(globals.gpg_binary)
32+
33+ _version_re = re.compile(r'^gpg.*\(GnuPG\) (?P<maj>[0-9])\.[0-9]+\.[0-9]+$')
34+
35+ def get_gpg_major(self, binary):
36+ gpg = gpginterface.GnuPG()
37+ if binary is not None:
38+ gpg.call = binary
39+ res = gpg.run(["--version"], create_fhs=["stdout"])
40+ line = res.handles["stdout"].readline().rstrip()
41+ mtc = self._version_re.search(line)
42+ if mtc is not None:
43+ return int(mtc.group("maj"), 10)
44+ raise GPGError("failed to determine gpg version of %s from %s" % (binary, line))
45
46 class GPGFile:
47 """
48@@ -121,6 +135,10 @@
49 gnupg.options.extra_args.append('--no-secmem-warning')
50 if globals.use_agent:
51 gnupg.options.extra_args.append('--use-agent')
52+ elif profile.gpg_major == 2:
53+ # This forces gpg2 to ignore the agent.
54+ # Necessary to enforce truly non-interactive operation.
55+ gnupg.options.extra_args.append('--pinentry-mode=cancel')
56 if globals.gpg_options:
57 for opt in globals.gpg_options.split():
58 gnupg.options.extra_args.append(opt)

Subscribers

People subscribed via source and target branches