* bug#50953: auth-source-pass should not be limited to a local directory
@ 2021-10-01 22:06 Lorenzo Martinico
2021-10-02 9:10 ` Lars Ingebrigtsen
0 siblings, 1 reply; 6+ messages in thread
From: Lorenzo Martinico @ 2021-10-01 22:06 UTC (permalink / raw)
To: 50953
Apologies if this is not the appropriate mailing list for this message.
I would like to put in a bug report / feature request for
auth-source-pass to stop using the local file directory and just rely on
the output of the pass command (or provide an option to do that
instead).
For context, I would like to be able to use the pass command (or rather,
an alias) to fetch files from a different host on every request, but
not store the gpg files on my local machine. This workflow is currently
not supported by auth-source-pass, as I need to specify a local
directory from where to read a list of .gpg files. The behaviour I'd
like to see is that the current parsing of the directory and .gpg files
should be replaced with calling some equivalent functions from a pass
binary, and parse the results. This is currently supported by the
contrib password-store package, where the family of password-store--run
functions does return the output from the pass command directly.
However, that package is not suitable for building a complete solution,
as many functions are not implemented or relay on auth-source-pass.
I consider the above a high-impact bug, as smtpmail authentication
requires auth-source, making email password storage quite restrictive.
However, if there are some good reason for why the current behaviour
should be kept, I would be happy to just hear any suggestion on how to
adjust this through configuration, as I understand my usage for pass might
not be very common.
Cheers,
Lorenzo Martinico
^ permalink raw reply [flat|nested] 6+ messages in thread
* bug#50953: auth-source-pass should not be limited to a local directory
2021-10-01 22:06 bug#50953: auth-source-pass should not be limited to a local directory Lorenzo Martinico
@ 2021-10-02 9:10 ` Lars Ingebrigtsen
2021-10-04 20:53 ` Lorenzo Martinico
0 siblings, 1 reply; 6+ messages in thread
From: Lars Ingebrigtsen @ 2021-10-02 9:10 UTC (permalink / raw)
To: Lorenzo Martinico; +Cc: 50953
Lorenzo Martinico <lorenzo@martinico.me> writes:
> Apologies if this is not the appropriate mailing list for this message.
> I would like to put in a bug report / feature request for
> auth-source-pass to stop using the local file directory and just rely on
> the output of the pass command (or provide an option to do that
> instead).
What's the "pass" command?
larsi@elva:~/src/emacs/trunk$ type pass
bash: type: pass: not found
> For context, I would like to be able to use the pass command (or rather,
> an alias) to fetch files from a different host on every request, but
> not store the gpg files on my local machine.
Can't you just set the gpg file location to "/ssh:other-host:.authinfo.gpg"?
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
^ permalink raw reply [flat|nested] 6+ messages in thread
* bug#50953: auth-source-pass should not be limited to a local directory
2021-10-02 9:10 ` Lars Ingebrigtsen
@ 2021-10-04 20:53 ` Lorenzo Martinico
2021-10-05 7:08 ` Lars Ingebrigtsen
0 siblings, 1 reply; 6+ messages in thread
From: Lorenzo Martinico @ 2021-10-04 20:53 UTC (permalink / raw)
To: Lars Ingebrigtsen; +Cc: 50953
The pass command is the command to invoke password-store, "the
UNIX
password manager" (passwordstore.org), which is what
auth-source-pass
purports to use.
On my system, this is an alias for a process that fetches
passwords from another host in a compatible way to password store.
The
vault host is not accessible through ssh, so I
can't just change the gpg file location as suggested.
Lars Ingebrigtsen <larsi@gnus.org> writes:
> Lorenzo Martinico <lorenzo@martinico.me> writes:
>
>> Apologies if this is not the appropriate mailing list for this
>> message.
>> I would like to put in a bug report / feature request for
>> auth-source-pass to stop using the local file directory and
>> just rely on
>> the output of the pass command (or provide an option to do that
>> instead).
>
> What's the "pass" command?
>
> larsi@elva:~/src/emacs/trunk$ type pass
> bash: type: pass: not found
>
>> For context, I would like to be able to use the pass command
>> (or rather,
>> an alias) to fetch files from a different host on every
>> request, but
>> not store the gpg files on my local machine.
>
> Can't you just set the gpg file location to
> "/ssh:other-host:.authinfo.gpg"?
^ permalink raw reply [flat|nested] 6+ messages in thread
* bug#50953: auth-source-pass should not be limited to a local directory
2021-10-04 20:53 ` Lorenzo Martinico
@ 2021-10-05 7:08 ` Lars Ingebrigtsen
2021-10-05 8:01 ` Lorenzo Martinico
0 siblings, 1 reply; 6+ messages in thread
From: Lars Ingebrigtsen @ 2021-10-05 7:08 UTC (permalink / raw)
To: Lorenzo Martinico; +Cc: 50953
Lorenzo Martinico <lorenzo@martinico.me> writes:
> The pass command is the command to invoke password-store, "the UNIX
> password manager" (passwordstore.org), which is what auth-source-pass
> purports to use.
Is does? Where does it purport to do that? As far as I can tell, it
says that it support the Secrets API and ~/.authinfo files, but perhaps
I'm looking at the wrong place.
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
^ permalink raw reply [flat|nested] 6+ messages in thread
* bug#50953: auth-source-pass should not be limited to a local directory
2021-10-05 7:08 ` Lars Ingebrigtsen
@ 2021-10-05 8:01 ` Lorenzo Martinico
2021-10-05 8:07 ` Lars Ingebrigtsen
0 siblings, 1 reply; 6+ messages in thread
From: Lorenzo Martinico @ 2021-10-05 8:01 UTC (permalink / raw)
To: Lars Ingebrigtsen; +Cc: 50953
lisp/auth-source-pass.el "Integrate auth-source with
password-store"?
As far as I can tell this used to be a third-party project which
has now
been merged into Emacs.
Lars Ingebrigtsen <larsi@gnus.org> writes:
> Lorenzo Martinico <lorenzo@martinico.me> writes:
>
>> The pass command is the command to invoke password-store, "the
>> UNIX
>> password manager" (passwordstore.org), which is what
>> auth-source-pass
>> purports to use.
>
> Is does? Where does it purport to do that? As far as I can
> tell, it
> says that it support the Secrets API and ~/.authinfo files, but
> perhaps
> I'm looking at the wrong place.
^ permalink raw reply [flat|nested] 6+ messages in thread
* bug#50953: auth-source-pass should not be limited to a local directory
2021-10-05 8:01 ` Lorenzo Martinico
@ 2021-10-05 8:07 ` Lars Ingebrigtsen
0 siblings, 0 replies; 6+ messages in thread
From: Lars Ingebrigtsen @ 2021-10-05 8:07 UTC (permalink / raw)
To: Lorenzo Martinico; +Cc: 50953
Lorenzo Martinico <lorenzo@martinico.me> writes:
> lisp/auth-source-pass.el "Integrate auth-source with password-store"?
> As far as I can tell this used to be a third-party project which has
> now
> been merged into Emacs.
Oh! auth-source-pass! Sorry, I wasn't aware that there was such a
thing -- I assumed it was a misspelling of "auth-source".
Sorry for the noise.
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2021-10-05 8:07 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-10-01 22:06 bug#50953: auth-source-pass should not be limited to a local directory Lorenzo Martinico
2021-10-02 9:10 ` Lars Ingebrigtsen
2021-10-04 20:53 ` Lorenzo Martinico
2021-10-05 7:08 ` Lars Ingebrigtsen
2021-10-05 8:01 ` Lorenzo Martinico
2021-10-05 8:07 ` Lars Ingebrigtsen
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).