Hey, Marius:

Thanks for the quick reply. :)

On Sat, Oct 22, 2016 at 22:16:34 +0100, Marius Bakke wrote:
>> * gnu/packages/gnupg.scm (libpcsclite): New variable.
>
> I think this should be named "pcsc-lite" to match the upstream name.

I wasn't sure what the Guix naming convention was here---in Debian it's
libpcsclite1.  I'll make the change, though.

>> * gnu/packages/gnupg.scm (gnupg): Add libpcsclite as propagated-input
> [...]
>
>> +    (propagated-inputs
>> +     `(("libpcsclite" ,libpcsclite)))
>>     (arguments
>> -    `(#:configure-flags '("--enable-gpg2-is-gpg")
>> +    `(#:configure-flags
>> +      (list "--enable-gpg2-is-gpg"
>> +            (string-append "LDFLAGS=-Wl,-rpath="
>> +                           (assoc-ref %build-inputs "libpcsclite")
>> +                           "/lib"))
>
> The intention here is to make gnupg locate the libpcsclite library at
> runtime, since it has no build-time checks for it, correct?

Correct.  This is where I spent most of my time Guix-wise.

> I think this approach is fine, if there is no way to make it search
> the Guix profile paths for the library.

It uses dlopen which looks in RUNPATH.  I used strace to try to figure
out what else it might be doing, but it looked like the RUNPATH paths
were all it was checking.

That said, I have no idea what I'm doing, so I'd love to hear a better
way!  I saw other packages doing this, so I hoped it was somewhat
acceptable, however dirty.

> However, the LDFLAGS need to be in #:make-flags for this to work, and
> then pcsc-lite does not need to be propagated, since Guix will scan the
> output for store references (including rpath entries) and add them as
> runtime dependencies.

Ah!  Awesome.

Right now I'm using %build-inputs, but that's not going to work anymore
if pcsc-lite isn't an input.  Should I be adding it to the `input' list
instead, or is there a better way?

I assume you're looking for something like this:

   (arguments
    `(#:configure-flags '("--enable-gpg2-is-gpg")
      #:make-flags (string-append "LDFLAGS=-Wl,-rpath="
                                  (assoc-ref %build-inputs "pcsc-lite")
                                  "/lib")

> Meanwhile I'll see if I can find a way to test this with a Yubikey.
> Currently I get:
> scdaemon[4600]: pcsc_list_readers failed: unknown PC/SC error code (0x8010002e)
> ..when using the "gpg-agent --debug-all" command mentioned earlier.

I'm trying to figure out how I got myself into that situation by undoing
configuration changes, but I'm having trouble reproducing it.  Is that
the error you're getting from gpg-agent itself, or from gpg based on
gpg-agent's reply?

I'm not Guix SD yet, but on Trisquel+Guix using my Nitrokey I had to
modify /etc/libccid_Info.plist, which is part of libccid, according to
this:

  https://www.nitrokey.com/documentation/installation
  (Just disable CSS to view without JS.)

I actually completely forgot about libccid.  Perhaps I should add a
package for that too.

Please let me know what solution you find, and if libccid does in fact
solve that problem.  My goal for these changes is to have smartcard
stuff for popular readers work without any additional effort in Guix; I
found I was writing an article with a lot of exceptions for getting GPG
2.1 working, and would rather just tell people to "use Guix". :)

-- 
Mike Gerwitz
Free Software Hacker+Activist | GNU Maintainer & Volunteer
GPG: D6E9 B930 028A 6C38 F43B  2388 FEF6 3574 5E6F 6D05
Old: 2217 5B02 E626 BC98 D7C0  C2E5 F22B B815 8EE3 0EAB
https://mikegerwitz.com