-
-
Notifications
You must be signed in to change notification settings - Fork 248
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] symlinks are clobbered by the app #636
Comments
Fixes #636 Always use the absolute file to decrypt passwords. Reference : https://stackoverflow.com/questions/7281612/android-determining-a-symbolic-link
I was looking into the function I created a file called "test" that's gonna be normal file and 2 symbolik link files.
And i opened the Device File Explorer from Android Studio and went where the file is stored. Just to see that the 2 files that i created doesn't have any issue. They are linking my file 'test' and working well with decryption. So... If what i'm saying is right, the problem is when importing the files and not the file itself. I'll try to validate this also, but just to know what you think. @msfjarvis |
I don't think that's the case, but I only checked with softlinks I created on my PC. I used |
Yeah, i did the same to create the file on my PC. So to validate, i created 2 files dinamically, and they went all good. Try to see the file from the Device File Explorer. You'll see that's a normal file. |
That's just the thing, a symlink is not a normal file! See this as an example, |
Right, so what do you believe is going wrong? Is JGit parsing these wrongly from the index? |
I think that the problem is when importing the files. Not sure when exactly. I'll try to see this tomorrow. Also the logic from decrypting a file that (really) is a soft link, works fine, i can decrypt test2 and test3 without problems. |
@msfjarvis After reading more about how git handles symbolic links, I can not see a good solution for this issue.
Source : https://stackoverflow.com/a/954575 Now i undestand why the In order to try it, i did a test. (Note 120000 is the mode listed in ls-files output. It would be something like 100644 for a regular file) After some modifications to my repository in my phone (commits and push), if i pull from my PC I see that my file is not anymore a soft link. With git diff is easier to see that my file changed its mode from 120000 to 100644, and also added the path file to its content.
So... I don't really see how to resolve this issue, each time that we pull from the phone, it's going to be a normal file, because it's a problem with git and how it stores files. |
@FabianHenneke what do you think? Would it be too expensive to try reading the first line of a file and seeing if it is a valid relative path before sending the file off to OpenKeychain? We can special-case this scenario but I still think this is a JGit bug rather than Git problem. |
We're also pretty behind on JGit releases, is the blocker still Java 8 APIs? |
I'm also pretty sure that this is a JGit bug that will only really go away once JGit does... I personally don't like these kind of hacks and would rather focus efforts on replacing JGit with something more easily maintainable. When I tried to use symbolic links in APS, they failed for completely different reasons, so I don't feel like opening this can of worms. But please keep in mind that I'm not using symbolic links in my pass repos myself, so I may be biased. |
Well, i don't know much about JGit so i can't really say if the probleme is with it. And i couldn't recreate the issue using only my PC (messing around with soft links), so it makes me wonder if it's maybe JGit's fault. |
In the doc from JGit i see they support Symbolic links, but i'm not sure which version we're using from JGit and if there's a bug in that specific version.
|
I'm not even sure whether symbolic links are supported on all phones. On FAT-formatted SD cards, this is certainly not the case, but this may also be something that could cause issues seemingly out of nowhere. |
I'd like to know what you think about this issue and possible solutions @FabianHenneke @msfjarvis |
Based on my limited understanding of this issue, git is doing the only reasonable thing here to serialize symlinks. When they end up broken on the phone after a push, that has to be JGits fault. I googled for a bit and found jenkinsci/git-client-plugin@11d9be2...d489829, which indicates to me that #719 may fix the symbolic link issue. @msfjarvis @Dioxo Could you give this a try? |
Just hit this issue with the latest release on Play Store, fyi. |
That's why it's still open :) We haven't found a way to resolve it across all Android versions yet. |
I was looking again at this issue to see if I could find a solution and it magically worked with the recommendation that Fabian had given before, when integrating the java7 version of jgit, it recognizes the symbolic links. The only problem is that if the link doesn't have a .gpg extension, APS doesn't show the file, in my case the file What do you think @FabianHenneke @msfjarvis ? I'll do a pull request to try again this solution? |
Files that should be symlinks are still plaintext files with symlink target as a content. |
Since this is still a bug, might as well. |
I just started debugging the issue and turned up very confused: I expected the issue to be that we don't set our custom |
Well that does throw a spanner in the works. Upgrading JGit could help, and desugaring is now available on stable AGP so we can give that a shot and see how far we can get without breaking API 23. Or we can just commit, go minSdk 26, and forget about the 115 Play Store users that would alienate. If people are surviving on APS 1.3.3 still (I got another "I recently tried switching from the legacy app" email today, so this is definitely real) they sure can handle APS 1.13.1? |
Switching to a higher minSdk for 2.0 would probably make sense. Most of our recent feature additions are only applicable to Oreo and up anyway and we are even dropping accessibility support. |
I'll try and upgrade JGit over the weekend then. |
Any progress on this? Just came across the same issue. After doing a Android Password Store sync, it added a commit with replaced the symlink with a plain text file (having the symlink path in it). Based on the comments above, I'm assuming that JGit fails to clone/pull properly and creates a plaintext file instead of a symlink. This is basically breaking my password store (on other devices) at the moment. |
Not at the moment and it doesn't seem like we can do a lot about this either. We've already applied the official recommendations on symbolic link support. |
Could an option to prevent pushing to the remote be added? That would prevent pushing the broken state to the git remote, and to the rest of my machines, at the cost of not adding passwords modified on my phone. I understand that this isn't a solution, but that would at least allow me to sync my passwords to my phone. I hope I'm not going too off-topic with this question. |
You can simply use the pull option rather than synchronize, unless I'm not understanding the request? |
@msfjarvis Awesome, just noticed the option now. I've always dragged down which apparently synchronizes. This is perfect, thanks for the quick response. |
This is the problem for me. I have symlinks in my store and apparently cannot avoid to mistakenly drag down when in passwordstore. This then requires a forced push from another clone to undo the desymlinking. Having an option to assign drag-down to pull instead of push+pull(?) or marking the upstream as read-only would really be useful, given the symlink issue. |
I think a read-only option would be a good idea, I'll see what I can do about it. |
Here's a little script I run to unfuck the symlinks (remove for f in ~/.password-store/**; do if [ 'text/plain' = "$(file -b --mime-type "$f")" ]; then echo ln -sf -- "$(cat "$f")" "$f"; fi; done |
It might be worth a shot to expand the |
I believe at this point we've exhausted all avenues and there is no progress to be made, so I'm closing this as part of issue tracker cleanup. |
Symlinks work properly in the latest snapshot build, make sure to delete and re-clone your existing repo for JGit's auto-detection of symlink support to kick in. |
Describe the bug
A password will fail to decrypt if it is a soft link as opposed to a normal file.
To Reproduce
Steps to reproduce the behavior:
ln -s <passwd>.gpg softlink.gpg
Expected behavior
Password is decrypted and shown in the UI
Device information (please complete the following information):
Additional context
Relevant log snippet
The text was updated successfully, but these errors were encountered: