tags 880111 + moreinfo severity 880111 normal thanks On Sun, 29 Oct 2017 16:38:10 +0100, "Francesco Poli (wintermute)" writes: >When doing so, duplicity (or maybe gpg) complains that it could not >perform any decryption, since no passphrase was given:
hmm. i suspect the interaction of gpg v2.2, the gnupg-agent and
some leftover/broken data in the local cache
that duplicity thinks it needs to to decrypt before doing its backup job.
as far as i'm aware, the local manifest/cache is the only thing
which duplicity possibly needs to decrypt, given your encrypt-only
command line.
>I tried to restore one file from my backup (from inside an X graphical
>session) and it seems to work correctly: it asks for the GPG key passphrase
>(on the terminal emulator) and successfully restore a file identical to
>the original.
ok, good, that confirms that at least the core functionality works.
>Please note that this bug is similar to #565398,
yes, superficially similar - but debian's duplicity has ignored locales
as a workaround for this bug for a long time now; that's most certainly not it.
>Is there anything I failed to understand?
not that i'm aware of; you're using duplicity pretty much like i
do myself, except that i've decided to stay with gpg v1 for a while
longer (b/c i dislike the gnupg-vs-agent architecture).
a few things might helpful for further diagnostics/triage:
1. what does collection-status report?
does that also attempt to decrypt something and fail?
does a cleanup improve matters?
2. could you run another backup invocation with -v9 and attach the output?
feel free to blank your keyid and other sensitives; the
remaining fine print of what is being attempted when/why would be
helpful.
3. does a totally new backup to a different location, with an
empty/new .cache/duplicity directory work?
(alternative to nuking cache: --archive-dir <somewhere> in the
invocation)
4. does your gnupg config contain anything special that might
interfere with --pinentry-mode=loopback?
most specifically, does your agent config contain
anything like no-allow-loopback-pinentry?
5. does duplicity work correctly if you run it with --use-agent?
see --use-agent in man duplicity; this directly affects who might
ask for a passphrase, duplicity or gpg-agent.
6. does the duplicity backup work if you run it from X?
7. does gnupg sign work if you run it from a non-X console,
like where your failing duplicity was run?
regards
az
--
Alexander Zangerl + GPG Key 2FCCF66BB963BD5F + http://snafu.priv.at/
Fachbegriffe der Informatik, Halflife-Server:
Server, der nur halb lebt. Kurz: IIS. -- Andreas Dau
signature.asc
Description: Digital Signature
