From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp11.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id WCUyKPQF1WIjMAAAbAwnHQ (envelope-from ) for ; Mon, 18 Jul 2022 09:04:20 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp11.migadu.com with LMTPS id GE4mKPQF1WIjewEA9RJhRA (envelope-from ) for ; Mon, 18 Jul 2022 09:04:20 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 091F7625B for ; Mon, 18 Jul 2022 09:04:20 +0200 (CEST) Received: from localhost ([::1]:50056 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1oDKnj-0001oz-7K for larch@yhetil.org; Mon, 18 Jul 2022 03:04:19 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:42926) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oDKnT-0001jk-6J for bug-guix@gnu.org; Mon, 18 Jul 2022 03:04:06 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:51312) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1oDKnR-0003vZ-SV for bug-guix@gnu.org; Mon, 18 Jul 2022 03:04:01 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1oDKnR-0001N8-KO for bug-guix@gnu.org; Mon, 18 Jul 2022 03:04:01 -0400 X-Loop: help-debbugs@gnu.org Subject: bug#54014: guix home pinentry weirdness Resent-From: Andrew Tropin Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Mon, 18 Jul 2022 07:04:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 54014 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: Zacchaeus Scheffer , 54014@debbugs.gnu.org Received: via spool by 54014-submit@debbugs.gnu.org id=B54014.16581277915209 (code B ref 54014); Mon, 18 Jul 2022 07:04:01 +0000 Received: (at 54014) by debbugs.gnu.org; 18 Jul 2022 07:03:11 +0000 Received: from localhost ([127.0.0.1]:49071 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1oDKmY-0001Lr-Pr for submit@debbugs.gnu.org; Mon, 18 Jul 2022 03:03:11 -0400 Received: from relay8-d.mail.gandi.net ([217.70.183.201]:33901) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1oDKmJ-0001L6-Rr for 54014@debbugs.gnu.org; Mon, 18 Jul 2022 03:03:05 -0400 Received: (Authenticated sender: andrew@trop.in) by mail.gandi.net (Postfix) with ESMTPSA id 27E2B1BF210; Mon, 18 Jul 2022 07:02:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=trop.in; s=gm1; t=1658127765; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=eoPuJJrIBF6wj+hhISCxox0BrRg+5h9m96R+2kvmX+A=; b=N5PTEUNICTfqSpdxRSjTp4wzxrKaYEPVV4QogcWu1kiTImbV0W22ii8vqLB16EWSaIYvym sxjkZT4Z9JwtP6XAAR+s58IayVx6iZ6WRK4W+bsj0ltjUc0sTlZfKcZxfTZKh1kkdIkUIe kalfkmhreWTvg63klg4Y3RJ0zRGtLN9WH5oJCb5rUn0uqDi0R9f9aLKQ56+ehM1jBYGIBx WuTlRI/vThZNarXXzddRKw3UVtM11iOc/3WmcuxejSgjS+QjkXxMH90tFM7RRl2vA5fv/v JrP5MLsTHzx+OtEeRJFooctYibI+vGrO467TpMpC9z3pNbp1Vp2AlnqiaSLl8w== From: Andrew Tropin In-Reply-To: References: <877d4t5sue.fsf@trop.in> Date: Mon, 18 Jul 2022 10:02:39 +0300 Message-ID: <87r12i6gz4.fsf@trop.in> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: "bug-Guix" X-Migadu-Flow: FLOW_IN X-Migadu-To: larch@yhetil.org X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1658127860; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:resent-cc:resent-from:resent-sender: resent-message-id:in-reply-to:in-reply-to:references:references: list-id:list-help:list-unsubscribe:list-subscribe:list-post: dkim-signature; bh=eoPuJJrIBF6wj+hhISCxox0BrRg+5h9m96R+2kvmX+A=; b=C7q3hin41jiqo1ACBWBwvLomVA5/rFe8lDXZZ9hb9bbFxnTsItJYMBM8ZoybS9jS6Qko5O efcbPxHl8tGOFUw8hAW5+mWbmKF0K1fEWuaGZDHISpnWp8mH0W186QJqRJnnr61j9CIczO 35wVlH7ZzMVnE4CXPAGxCPFpskXtLTrm0Tr3vVpExm8PtuV8OM5F41CpFom0Wtn+lIzVeZ 36AZdBFg1j/DH0cS/nLbojLF4xcNO4sYjy3SktoWEhkBH30to/cyaYe/TaMQzg0/53WM5G xZhUIQWN9VzKbXSOPdLDjSMDQccUxsKF7ZFebo4/Ny3hKHwgc4wQA8QWhCIxxQ== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1658127860; a=rsa-sha256; cv=none; b=iIZKZR3tcoTuWOqPb7vRe5NdeZ9aAM1yyr7wYe72qjwD2cWWSct9VF367xS9ZOycMS0FQM FBze+2wpYNqjmwHbaS5eTc4lVDX3iJNqY9wDRO92YaOJuZ7zpLajJlramk/S9ffvuXjsq6 tL8PPHVTw4enMIHtul85b7WZoPeXlSDfC2VFIzxTOJCnxBLDo2mmlo++Z5AaYM3VwazdSF tX1PYQOI660tCB6BW74jUxO/86ufCj4s0RjYnSw17IKbbM7Bc3jisVoB7D94YFLxlH46Rd jbH967G+HUwOpD81eo2Q5EqPraZRP5EGwyDfT4bsyOrD4UPNvyzO2sPaaHQSJQ== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=trop.in header.s=gm1 header.b=N5PTEUNI; dmarc=none; spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: -0.63 Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=trop.in header.s=gm1 header.b=N5PTEUNI; dmarc=none; spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: 091F7625B X-Spam-Score: -0.63 X-Migadu-Scanner: scn1.migadu.com X-TUID: gEocm7DwhzA6 --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On 2022-07-17 00:44, Zacchaeus Scheffer wrote: > On Mon, Jul 4, 2022 at 1:50 AM Andrew Tropin wrote: > >> On 2022-02-15 13:46, Zacchaeus Scheffer wrote: >> > There seems to be some problem installing password-store + pinentry >> > entirely via guix home. When I have both installed as such, I get the >> > following outputs: >> > >> > $ pinentry >> > OK Pleased to meet you >> > >> > $ gpg --import ... >> > [prompts normally with pinentry, allows me to import] >> > $ pass >> > [my password entries] >> > $ pass [entry name] >> > gpg: decryption failed: No secret key >> > $ guix package -i pinentry >> > $ pass [entry name] >> > [prompts with pinentry and works normally] >> > >> > So pinentry and pass seem to both be available, but don't work together >> > unless I install pinentry via guix package. >> >> I suspect that the problem is that someone at some moment of time >> doesn't have ~/.guix-home/profile/bin in its $PATH and thus it can't >> find a pinentry. Can you show `which gpg`, `which pass`, `which >> pinentry`? >> > Before running "guix package -i pinentry" > $ which -a pinentry > /home/zacchae/.guix-home/profile/bin/pinentry > $ which -a gpg > /home/zacchae/.guix-home/profile/bin/gpg > $ which -a pass > /home/zacchae/.guix-home/profile/bin/pass > After runing "guix package -i pinentry" > $ which -a pinentry > /home/zacchae/.guix-home/profile/bin/pinentry > /home/zacchae/.guix-profile/bin/pinentry > $ which -a gpg > /home/zacchae/.guix-home/profile/bin/gpg > $ which -a pass > /home/zacchae/.guix-home/profile/bin/pass > > I can easily reproduce the behavior by removing or installing pinentry wi= th > guix package. Paths behave as expected. Probably there are some hardcoded PATHs for .guix-profile, but not for .guix-home/profile. One of such examples, which can be unrelated to the current issue: https://git.savannah.gnu.org/cgit/guix.git/tree/gnu/system.scm?h=3D7046e777= 212233b89df68379c270b448c45195ce#n1012 It will require investigation to find all the places, where and at what time PATH (and maybe some other env vars) is/are set for all the participants of the party to trace the root of the problem and properly solve it =3D) Anyway, there is a workaround, which should help: > > The gnupg home service from rde project goes a slightly other way and >> just sets pinentry-program to absolute path in the store. Such approach >> works with pass well, you can take a look at it for inspiration: >> >> https://git.sr.ht/~abcdw/rde/tree/master/item/gnu/home-services/gnupg.sc= m#L127 >> > I don't totally follow what's going on here, but maybe it will make more > sense later. Basically it adds the following content to gpg-agent.conf: =2D-8<---------------cut here---------------start------------->8--- enable-ssh-support=20 pinentry-program /gnu/store/r5j2gmfv8akp8p746l6jqy5qwpz0zkhm-pinentry-qt-1.= 2.0/bin/pinentry-qt =2D-8<---------------cut here---------------end--------------->8--- You can try to set pinentry-program to /home/zacchae/.guix-home/profile/bin/pinentry Or better directly use gnupg home service. =2D-=20 Best regards, Andrew Tropin --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEKEGaxlA4dEDH6S/6IgjSCVjB3rAFAmLVBY8ACgkQIgjSCVjB 3rC5tg//eHdxf8mM301JLMIhXyfWoJZuV6Ry5gI6DU80wOUpiYYc6yD2VbupY0Sd Wo7O0maOlSuIUsYs8d2/usyOSPwcq7vHmRN3FU3j08Nt57k+ls3QxOA+M71rSQC7 98t+x3gTleBr4QVxbOSWI2w5GjyF0QDkJlXcvlD2y78+/hlDtqj/1cdJKhjhuq76 zYtobN7k7auQ3NXKie1oTPNHZ5k5LbHWrWMxCT7RaMHVukKjAwQiR8E7SR50mu4e cy4pyGidrGR+vDrGxWnKRX8d0hHb2hhvWJsx2nPCRkOOgV8eigG1jfu7ZDyyiKCm aO+JBhkwJDMU6ktjYnS2UD+AGf/YCitPZ/+23qMfLJ+6I8kmy6jBLQlwrTY2gnZu wnio3x4TXK0QCSD9SQ7DR03RBK+wxRnP7K4P2N01YXUYGtFdbGe8jWKg2tQMDKN7 hYPXODAXJ6XvBSLz4rvQAFZkCIfUVbuD3oeBYT3Qu/j4vKxUky8VxowMeNQuKjtX daGewTGWSeGezJyqw+8iZZgu8sybe68IbW5niz0ccTBO112h/13p9rGFqqL2NF4R gk0JEqHzRVZv8WEf18DJHFMfQ47ZXbcpYYZp6z0xuJEzvLKO16ukWPJaxlYy4F0v JnpJ/6uHbcl+JJqsFsJvDpGSXlIFAuIQwULk+34K2cu/h3QOSVY= =Tzm5 -----END PGP SIGNATURE----- --=-=-=--