On Tue, 13 Nov 2018 16:19, tia...@debian.org said: > Even for something that shouldn't have a reason to prompt, like > "--recv-keys" with a full fingerprint?
You are right, this should not be needed. I recall that we recently fixed a similar case where we accidentally printed to the tty. In any case --batch is always a good idea if you don't expect any interactivity. I agree that this --batch thing is contrary to standard Unix behavior where you would explicitly need to to select an interactive option. However, due to the legacy of of PGP and GPG 1.4 we had to use the tty anyway to query the passphrase and for the dedicated commands like --edit-key. For reasons of syncing prompts with tty input more and more output had to be send to the tty directly and, well, at some places we got it wrong. Now, with gpg-agent and its Pinentry, we could have inhibited the tty access by default and allow it only for interactive commands. But then came the request for --pinentry-loopback and the new Tofu prompts ... > Would it make sense to detect that there's no TTY present and assume > batch mode? (apologies if something like that's been proposed before) You can't do that in a reliable way. But let me check whether it is possible to turn this into a non-fatal error and terminate only when an input is requested. Nothing for 2.2, though. Given dkg's comments, your best choice is to use --no-tty or no-tty in gpg.conf. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
pgp3Tkj3qXLv1.pgp
Description: PGP signature
