From mboxrd@z Thu Jan 1 00:00:00 1970 From: Mike Gerwitz Subject: Re: [PATCH 0/2] gnu: Add libpcsclite Date: Sat, 22 Oct 2016 21:30:27 -0400 Message-ID: <87wpgzlumk.fsf@gnu.org> References: <87r37813v1.fsf@duckhunt.i-did-not-set--mail-host-address--so-tickle-me> Mime-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:51616) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1by7dC-0005Am-Bq for guix-devel@gnu.org; Sat, 22 Oct 2016 21:31:23 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1by7dB-0000ly-1q for guix-devel@gnu.org; Sat, 22 Oct 2016 21:31:22 -0400 List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: Marius Bakke Cc: guix-devel@gnu.org --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Hey, Marius: Thanks for the quick reply. :) On Sat, Oct 22, 2016 at 22:16:34 +0100, Marius Bakke wrote: >> * gnu/packages/gnupg.scm (libpcsclite): New variable. > > I think this should be named "pcsc-lite" to match the upstream name. I wasn't sure what the Guix naming convention was here---in Debian it's libpcsclite1. I'll make the change, though. >> * gnu/packages/gnupg.scm (gnupg): Add libpcsclite as propagated-input > [...] > >> + (propagated-inputs >> + `(("libpcsclite" ,libpcsclite))) >> (arguments >> - `(#:configure-flags '("--enable-gpg2-is-gpg") >> + `(#:configure-flags >> + (list "--enable-gpg2-is-gpg" >> + (string-append "LDFLAGS=3D-Wl,-rpath=3D" >> + (assoc-ref %build-inputs "libpcsclite") >> + "/lib")) > > The intention here is to make gnupg locate the libpcsclite library at > runtime, since it has no build-time checks for it, correct? Correct. This is where I spent most of my time Guix-wise. > I think this approach is fine, if there is no way to make it search > the Guix profile paths for the library. It uses dlopen which looks in RUNPATH. I used strace to try to figure out what else it might be doing, but it looked like the RUNPATH paths were all it was checking. That said, I have no idea what I'm doing, so I'd love to hear a better way! I saw other packages doing this, so I hoped it was somewhat acceptable, however dirty. > However, the LDFLAGS need to be in #:make-flags for this to work, and > then pcsc-lite does not need to be propagated, since Guix will scan the > output for store references (including rpath entries) and add them as > runtime dependencies. Ah! Awesome. Right now I'm using %build-inputs, but that's not going to work anymore if pcsc-lite isn't an input. Should I be adding it to the `input' list instead, or is there a better way? I assume you're looking for something like this: (arguments `(#:configure-flags '("--enable-gpg2-is-gpg") #:make-flags (string-append "LDFLAGS=3D-Wl,-rpath=3D" (assoc-ref %build-inputs "pcsc-lite") "/lib") > Meanwhile I'll see if I can find a way to test this with a Yubikey. > Currently I get: > scdaemon[4600]: pcsc_list_readers failed: unknown PC/SC error code (0x801= 0002e) > ..when using the "gpg-agent --debug-all" command mentioned earlier. I'm trying to figure out how I got myself into that situation by undoing configuration changes, but I'm having trouble reproducing it. Is that the error you're getting from gpg-agent itself, or from gpg based on gpg-agent's reply? I'm not Guix SD yet, but on Trisquel+Guix using my Nitrokey I had to modify /etc/libccid_Info.plist, which is part of libccid, according to this: https://www.nitrokey.com/documentation/installation (Just disable CSS to view without JS.) I actually completely forgot about libccid. Perhaps I should add a package for that too. Please let me know what solution you find, and if libccid does in fact solve that problem. My goal for these changes is to have smartcard stuff for popular readers work without any additional effort in Guix; I found I was writing an article with a lot of exceptions for getting GPG 2.1 working, and would rather just tell people to "use Guix". :) =2D-=20 Mike Gerwitz Free Software Hacker+Activist | GNU Maintainer & Volunteer GPG: D6E9 B930 028A 6C38 F43B 2388 FEF6 3574 5E6F 6D05 Old: 2217 5B02 E626 BC98 D7C0 C2E5 F22B B815 8EE3 0EAB https://mikegerwitz.com --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCgAGBQJYDBKzAAoJEIyRe39dxRuifWkP/Rcc8bEY8zTvTg3dS4Y0J1KB AYivZmu5R0AXtoKJM59XP4bZT2xsq5+oEbnouRaDphvPXHDN6aQINa/1ZCNAfZbO Jaf2XhPNQ2CyGNgm6Epccqri+MFu8sFrLgIIwJKq9WQO89WBvI1s71LXnbwhoEJc ro7UN+nxrgEi1W5ya1Y+9DFcifT/4nWjYJkqhq1vCc2Ki7sKD6eGLyDTEINDGsT4 1EtYjPg8phve0U+LOiYJWPlJK/NJVwImTnBsBpbCFrGIImUYYaHfu6V1ceFXVhw/ Tt69CcITzHLItTczgFvJusoK77y/T6oa73idNBH74oUWpCfWeP/rw8ijENSgXSX4 AEqaTytD8qxXrXznOPAlinihSy/3la/+ImePDNFjWeEOEE8bBYfH4cbDbgH9r4Pc z0O0gRdmSBq+HkQiv6NjsEICirCaIVpjLuSdsYer4yqq3B2LlDEbHN7HvBrxJjik sGbWxGIZESzKGan9Yvbdy/AjGjfJX7JETWb/9WRQ2f2LKO01gybJpFT2lmnA/kt1 hd2HE2NXk69lNMSwSMleWygb8xMCNKZK4MPbPWagJ6/1XHkHV2QmQWXEZNILXhHp j0tFAMNwtX4JwtHM3f1QsqWfIfvvr+j0BkE9y5LD6eTpge+iU0wqJboisQP2ro4c M+QPEDLIPu8FRHe7JdYY =5diO -----END PGP SIGNATURE----- --=-=-=--