Preventing any configuration changes that would make the system not compliant through the GUI
Closed, ResolvedPublic

justus created this task.Jun 28 2017, 4:10 PM

Unfortunately, the configuration dialog does not work at all for me. It says "The shared library was not found.", but it fails to say which library was not found.

Hi,
on which platform? (You can probably compare it to a working version and see which libraries is uses there.)

Hi,

I'm not sure if this is really a thing, maybe it would be enough to just disable showing the advanced options in Kleopatra again. I only recently enabled them.

Regarding the plugin:
Do you use a custom prefix for your installation? If so you need to set QT_PLUGIN_PATH accordingly so that the KDE Configuration modules can be found.

I use:
export QT_PLUGIN_PATH=$KF5/lib/plugins:$KF5/lib64/plugins:$KF5/lib/x86_64-linux-gnu/plugins:$QTDIR/plugins:$QT_PLUGIN_PATH

With $KF5 pointing to my custom prefix. The amount of paths are overkill but I use the same environment settings on multiple platforms.

You could probably strace and grep for "plugins" to debug this.

"aheinecke (Andre Heinecke)" <noreply@dev.gnupg.org> writes:

I'm not sure if this is really a thing, maybe it would be enough to just disable showing the advanced options in Kleopatra again. I only recently enabled them.

The whole "GnuPG System" section?

Regarding the plugin:
Do you use a custom prefix for your installation? If so you need to set QT_PLUGIN_PATH accordingly so that the KDE Configuration modules can be found.

Yeah, I figured that out by now :)

In T3236#99865, @justus wrote:

The whole "GnuPG System" section?

No, only the options that are marked as "advanced" by gpgconf. That should include all config options that would make the system non compliant. Even though I'm not even sure this is possible because if "compliance-mode" is set in GnuPG GnuPG should handle this altogether and nothing should be needed in Kleopatra afaik.

"aheinecke (Andre Heinecke)" <noreply@dev.gnupg.org> writes:

aheinecke added a comment.

In https://dev.gnupg.org/T3236#99865, @justus wrote:

> The whole "GnuPG System" section?


No, only the options that are marked as "advanced" by gpgconf. That should include all config options that would make the system non compliant. Even though I'm not even sure this is possible because if "compliance-mode" is set in GnuPG GnuPG should handle this altogether and nothing should be needed in Kleopatra afaik.

Well, I tried that, and it is possible to change the compliance mode.

Werner mentioned something about profiles being able to change options
to read-only by using a syntax like '[no-change]' or something. The
example vsnfd profile does not make use of it though.

In T3236#99865, @justus wrote:

The whole "GnuPG System" section?

No, only the options that are marked as "advanced" by gpgconf.

Right, I found your recent change, and partially reverted that to not display advanced options if CO_DE_VS.

That should include all config options that would make the system non compliant.

I noticed that the cipher for gpgsm is configurable, and I was able to select 3DES. Maybe we should just make that an expert option?

Merged.

3DES is indeed an allowed cipher, so that is not a concern. Changing the cipher to something that is not allowed does not work.

justus closed this task as Resolved.Jul 11 2017, 12:44 PM