hello,
i'm failing to configure my gnupg to use Trezor (an USB hw key store).
i have installed the trezord-udev-rules system-wide, but the rules refer to the "plugdev" group that is not present on guix. i see that some other packages do this:
(add-after 'autoreconf 'change-udev-group
(lambda _
(substitute* "contrib/60-openocd.rules"
(("plugdev") "dialout"))
#t))
but "dialout", for a trezor?
so, i proceeded to add the plugdev group to my system config. this didn't seem to help, /dev/usb/hiddev0 remained root:root even after a reboot, which is strange.
then i manually chgrp and chmod the file:
$ ls -l /dev/usb/
crw-rw---- 1 root plugdev 180, 0 Sep 3 09:25 hiddev0
$ groups
users plugdev [...]
$ trezor-gpg-agent &
[1] 11223
$ gpg --sign /tmp/x
2021-09-03 09:41:19,129 ERROR Failed to enumerate WebUsbTransport. USBErrorAccess: LIBUSB_ERROR_ACCESS [-3] [__init__.py:126]
2021-09-03 09:41:19,132 ERROR handler failed: Trezor not connected [__init__.py:273]
Traceback (most recent call last):
File "/gnu/store/iy5xgmn2hdcnnl2d0n9zv15y2di7hl7n-python-trezor-agent-0.13.1/lib/python3.8/site-packages/libagent/gpg/__init__.py", line 265, in run_agent
handler.handle(conn)
File "/gnu/store/iy5xgmn2hdcnnl2d0n9zv15y2di7hl7n-python-trezor-agent-0.13.1/lib/python3.8/site-packages/libagent/gpg/agent.py", line 242, in handle
handler(conn, args)
File "/gnu/store/iy5xgmn2hdcnnl2d0n9zv15y2di7hl7n-python-trezor-agent-0.13.1/lib/python3.8/site-packages/libagent/gpg/agent.py", line 102, in <lambda>
b'HAVEKEY': lambda _, args: self.have_key(*args),
File "/gnu/store/iy5xgmn2hdcnnl2d0n9zv15y2di7hl7n-python-trezor-agent-0.13.1/lib/python3.8/site-packages/libagent/gpg/agent.py", line 205, in have_key
self.get_identity(keygrip=keygrip)
File "/gnu/store/iy5xgmn2hdcnnl2d0n9zv15y2di7hl7n-python-trezor-agent-0.13.1/lib/python3.8/site-packages/libagent/util.py", line 230, in wrapper
result = method(self, *args, **kwargs)
File "/gnu/store/iy5xgmn2hdcnnl2d0n9zv15y2di7hl7n-python-trezor-agent-0.13.1/lib/python3.8/site-packages/libagent/gpg/agent.py", line 170, in get_identity
verifying_key = self.client.pubkey(identity=identity, ecdh=ecdh)
File "/gnu/store/iy5xgmn2hdcnnl2d0n9zv15y2di7hl7n-python-trezor-agent-0.13.1/lib/python3.8/site-packages/libagent/gpg/client.py", line 27, in pubkey
with self.device:
File "/gnu/store/iy5xgmn2hdcnnl2d0n9zv15y2di7hl7n-python-trezor-agent-0.13.1/lib/python3.8/site-packages/libagent/device/interface.py", line 126, in __enter__
self.conn = self.connect()
File "/gnu/store/iy5xgmn2hdcnnl2d0n9zv15y2di7hl7n-python-trezor-agent-0.13.1/lib/python3.8/site-packages/libagent/device/trezor.py", line 51, in connect
raise interface.NotFoundError('{} not connected'.format(self))
libagent.device.interface.NotFoundError: Trezor not connected
gpg: all values passed to '--default-key' ignored
gpg: keydb_search failed: Broken pipe
gpg: no default secret key: Broken pipe
gpg: signing failed: Broken pipe
how can i see/debug here which file has the wrong permissions? the python backtrace is not very useful without printing the variable values.
- attila
PGP: 5D5F 45C7 DFCD 0A39