From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <guix-science-bounces+larch=yhetil.org@gnu.org>
Received: from mp11.migadu.com ([2001:41d0:8:6d80::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms5.migadu.com with LMTPS
	id 0CIsLCLWHmPMUgEAbAwnHQ
	(envelope-from <guix-science-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Mon, 12 Sep 2022 08:48:02 +0200
Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp11.migadu.com with LMTPS
	id gJQ3LCLWHmO8dQAA9RJhRA
	(envelope-from <guix-science-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Mon, 12 Sep 2022 08:48:02 +0200
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id 641F3290F3
	for <larch@yhetil.org>; Mon, 12 Sep 2022 08:48:02 +0200 (CEST)
Received: from localhost ([::1]:52510 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-science-bounces+larch=yhetil.org@gnu.org>)
	id 1oXckn-0005t7-8t
	for larch@yhetil.org; Mon, 12 Sep 2022 02:17:09 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:35062)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <konrad.hinsen@fastmail.net>)
 id 1oXckM-0005rW-5l
 for guix-science@gnu.org; Mon, 12 Sep 2022 02:16:49 -0400
Received: from wout5-smtp.messagingengine.com ([64.147.123.21]:34019)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <konrad.hinsen@fastmail.net>)
 id 1oXckI-0005er-NC; Mon, 12 Sep 2022 02:16:40 -0400
Received: from compute2.internal (compute2.nyi.internal [10.202.2.46])
 by mailout.west.internal (Postfix) with ESMTP id A95D332004ED;
 Mon, 12 Sep 2022 02:16:33 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162])
 by compute2.internal (MEProxy); Mon, 12 Sep 2022 02:16:33 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastmail.net; h=
 cc:cc:content-transfer-encoding:content-type:date:date:from:from
 :in-reply-to:in-reply-to:message-id:mime-version:references
 :reply-to:sender:subject:subject:to:to; s=fm2; t=1662963393; x=
 1663049793; bh=AuD3YFZ8IbMplIgjRDAU4cXUoHoFAc1TvnqQzwTVtXM=; b=b
 mcy9FnodGlXVl9eYCzn7Lwyuf3WVeSIux7u8gsQUb+vFi20sEYTBAN1GAKxnZrer
 40hO0KvPDbU2zSGnBd4q+wzLYeiRj9b3Sb/4l5sfHO2SyKi08cWMhyTIaet0yMHo
 yDwaCIGIq3Zk+ERy+wp3P5RGGEdZSix3GMVx9anwBg5EfZeqgfVRXgVfLxgK1kmt
 Qj1mwFhpLr6KyWmR2xjjaHoGNucVXhlHu3TZPh2GuQUnao+NgSI+/cezrvC9PLBT
 V4MB+8lhpWlzzf3REquWmq83ZSyvXxU/qSKHGjTO+sRqcal7fFLpgcm3owcI8bEF
 8Ibgw5RnHOhFexahW9/3A==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=cc:cc:content-transfer-encoding
 :content-type:date:date:feedback-id:feedback-id:from:from
 :in-reply-to:in-reply-to:message-id:mime-version:references
 :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy
 :x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t=1662963393; x=
 1663049793; bh=AuD3YFZ8IbMplIgjRDAU4cXUoHoFAc1TvnqQzwTVtXM=; b=R
 y/iu81+8W7yIFs/MqnGIbTtaSU2dPapJP4ocxhT/caJLslMW2BUpCdFl3Fkrl583
 TSmyTIifQ+1PjSYcbHsStBio8dDNND6J2O1KZfbmIxD5kI0u0/sGrPsQaleCuKCm
 qhp6s4JCRQCTUVUAEfHVCQbUDMeRv9cwLFgKq2ycC5XygqL6XrIhirLdKq9s9FPE
 xTyWrR+aryjNSDT/5+WikfTVvloVD/6q7FixBEce2iBGGNFvF2mlNQEjwhRs095c
 6+5AhaCD2QcOGRA5XKwJoa58MFTCGnCHxNdssGfgYwMhJeLDvTnwPpW9+IYusrCE
 M4RycAp5WKl7M01Hufb2w==
X-ME-Sender: <xms:wc4eY8ONAd5cpPX879hwsL96DEW_JEYXEDIa5t5CCcIpeIwVWupJjw>
 <xme:wc4eYy-qwP2NIqXVX7OSGHOj3JeD_yZ7BIJiyymYlFnumtKLMsU_145ATEivxaFS3
 7ICNrvtUXJ4rinI>
X-ME-Received: <xmr:wc4eYzQIo8DQkg8g06ZzunX-0V_bQCoi9G7a3te_lyseTdqGVMFVmj72kKBBm7qpCyg115PzD-AkG7aFnxASs6gSDiZNd2o5SZY>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrfeduuddguddtkecutefuodetggdotefrod
 ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh
 necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd
 enucfjughrpefhvfevufgjfhffkfggtgfgsehtqhertddttdejnecuhfhrohhmpefmohhn
 rhgrugcujfhinhhsvghnuceokhhonhhrrggurdhhihhnshgvnhesfhgrshhtmhgrihhlrd
 hnvghtqeenucggtffrrghtthgvrhhnpeeihedvleehudejjedvfeduheeiieefgeeuieei
 geetheffudellefggeeuieefleenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmh
 epmhgrihhlfhhrohhmpehkohhnrhgrugdrhhhinhhsvghnsehfrghsthhmrghilhdrnhgv
 th
X-ME-Proxy: <xmx:wc4eY0uinGv6vJgBereTrW6DehfHksIFU75KQEOa6z46z8lUnWic1g>
 <xmx:wc4eY0dA6G41DsDWi7gtqkP_rSvdw5K6Cb1fWehms6R3jMuEbmj80g>
 <xmx:wc4eY43E_TYnH7VSSbU2s5Pz40qL2kpndhd5TkgmkVaK-LEgeGK-lg>
 <xmx:wc4eYwGMK03JvNRw9Q1MBzBXasVbMiDEKTe-mCJRbBpkeHLE0-HuUw>
Feedback-ID: i184641e2:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Mon,
 12 Sep 2022 02:16:32 -0400 (EDT)
From: Konrad Hinsen <konrad.hinsen@fastmail.net>
To: Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@gnu.org>
Cc: guix-science@gnu.org
Subject: Re: Help! I messed up guix-past
In-Reply-To: <87h71eypfo.fsf@gnu.org>
References: <m1mtb87f3r.fsf@fastmail.net>
 <CAJ3okZ0hohrWoLfLcXi2VrAiyK2xH6=cwwB9i=S6PbAfqdh+dw@mail.gmail.com>
 <m1k06c7cky.fsf@fastmail.net> <86v8pwo39x.fsf@gmail.com>
 <m1edwj7k5c.fsf@fastmail.net> <868rmr7e81.fsf@gmail.com>
 <m17d2b6w0z.fsf@fastmail.net> <87h71eypfo.fsf@gnu.org>
Date: Mon, 12 Sep 2022 08:16:32 +0200
Message-ID: <m14jxd6rsv.fsf@fastmail.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass client-ip=64.147.123.21;
 envelope-from=konrad.hinsen@fastmail.net; helo=wout5-smtp.messagingengine.com
X-Spam_score_int: -27
X-Spam_score: -2.8
X-Spam_bar: --
X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001,
 RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001,
 T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: guix-science@gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <guix-science.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-science>,
 <mailto:guix-science-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-science>
List-Post: <mailto:guix-science@gnu.org>
List-Help: <mailto:guix-science-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-science>,
 <mailto:guix-science-request@gnu.org?subject=subscribe>
Errors-To: guix-science-bounces+larch=yhetil.org@gnu.org
Sender: "Guix-Science" <guix-science-bounces+larch=yhetil.org@gnu.org>
X-Migadu-Flow: FLOW_IN
X-Migadu-To: larch@yhetil.org
X-Migadu-Country: US
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org;
	s=key1; t=1662965282;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post:dkim-signature;
	bh=AuD3YFZ8IbMplIgjRDAU4cXUoHoFAc1TvnqQzwTVtXM=;
	b=bHxU29+XMtjVTrgwk1sLLFxrO4p2nnC80FLq86FX8HYfsWLUqgke7vjhxvLfcxMwH9spoy
	60fZYbsD0T47tdkbjL9MwJhnTQlCcpltg6vh+NVK1RU8Am1CI7NM8Bymdp7JzGlYjxpsiF
	J9goJf/PTLaPvFcZCOndaDVwd9KtXCpZE7Tl01uidhjNTFQWvT9w03l3ghvJwHuoFY2Y4v
	BWZ5poRVQ4e12uleVRuSDFEgrwRyErgY3S4WhIvWqRMVjMqGvOgBfSAd1P0NWaBSyHcOmv
	YmMVcxgKdDvd8WM7lIkWuEpGUKkZLQ/I11wMvztQCXJ30aqDdJeePlhY6zkSzw==
ARC-Seal: i=1; s=key1; d=yhetil.org; t=1662965282; a=rsa-sha256; cv=none;
	b=BirRe5Da9cJpXEQQKucAgoA3N8GtjV8XhxaCxJVe/78234Zd+kMqWVyKz8hfHoIhajBpi1
	zUa8y4ujqkEKwEvDCYMfU1H3b2TVKds8WSjMeREtWhqNNUAfd7reYwJMmSEcT5pPXhJf3r
	cU0ZMVS9LYVo5XAuvarrSftZaOjwGtO02vQqV+8mvFeozJdsvKuLpkpfTkv4gcTNv5Grja
	s6iXesejpCMrlgjLnzOSE+fdUQbj+2aGuEHtZN1ZKDzPQ1EOvjiURl8w4YqNSkgiTyR8tK
	SvAj0vQ70uCVOtkmDtVVWrcSJVSVNMmRsE8udO2fsCGPFAPfidU9SPvZgNrq4Q==
ARC-Authentication-Results: i=1;
	aspmx1.migadu.com;
	dkim=fail ("headers rsa verify failed") header.d=fastmail.net header.s=fm2 header.b="b mcy9Fn";
	dkim=fail ("headers rsa verify failed") header.d=messagingengine.com header.s=fm2 header.b="R y/iu81";
	dmarc=fail reason="SPF not aligned (relaxed)" header.from=fastmail.net (policy=none);
	spf=pass (aspmx1.migadu.com: domain of "guix-science-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-science-bounces+larch=yhetil.org@gnu.org"
X-Migadu-Spam-Score: 6.30
Authentication-Results: aspmx1.migadu.com;
	dkim=fail ("headers rsa verify failed") header.d=fastmail.net header.s=fm2 header.b="b mcy9Fn";
	dkim=fail ("headers rsa verify failed") header.d=messagingengine.com header.s=fm2 header.b="R y/iu81";
	dmarc=fail reason="SPF not aligned (relaxed)" header.from=fastmail.net (policy=none);
	spf=pass (aspmx1.migadu.com: domain of "guix-science-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-science-bounces+larch=yhetil.org@gnu.org"
X-Migadu-Queue-Id: 641F3290F3
X-Spam-Score: 6.30
X-Migadu-Scanner: scn1.migadu.com
X-TUID: 8NYkVmDjuStg

Hi Ludo,

> I remember there were issues along these lines at the time GnuPG 2.2 (?)
> was released and the previous major version was still around, but that
> was quite some time ago.
>
> I don=E2=80=99t have the solution off the top if my head, but there ought=
 to be
> one; maybe having PATH consistently prefer either Guix=E2=80=99s profile =
or
> Ubuntu would help?

In my case, $PATH has my Guix profile first, and I always run the gpg
from my Guix profile. But it picks up the gpg-agent from Ubuntu, which
lives at /usr/bin/gpg-agent.

> Maybe we=E2=80=99ll improvise a GPG debugging sessions in Paris next week=
, who
> knows?  ;-)

It may well be possible to fix this issue (for example, patch gnupg such
that it launches the agent via the full path to the store), but for me
there is also a loss-of-confidence issue. If a messed-up software
installation grants password-less access to my keys, then my keys
effectively have no password protection any more. Attackers only need to
install two different gpg versions to have access to my keys. That's why
I want to get rid of gpg, rather than fix it superficially.

Cheers,
  Konrad