New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
~/.cache/gopass/gpg-binary.loc is storing an absolute path to gpg, which overrides the environment $PATH #1662
Comments
~/.cache/gopass/gpg-binary.loc
is storing an absolute path to the gpg
executable, which overrides the environment $PATH
$PATH
$PATH
This file is used as an optimization for the awkwardly slow gpg operations we had before. |
gopass maintains a ~/.cache/gopass/gpg-binary.loc file which stores an absolute path to the gpg executable, overriding (and ignoring) the environment $PATH. This creates a situation where gopass will work for a period of time after install, but after gpg is upgraded and a 'nix-store --gc' is performed, the cached gpg path will throw an error. A gopass maintainer has declared this a wont-fix in gopasspw/gopass#1662 As a workaround, add a --run clause in the wrapper script that removes this cache file. Once (if) upstream fixes this issue, this cruft can be removed. Signed-off-by: Sirio Balmelli <sirio@b-ad.ch>
I understand the problem, and I see it's a difficult engineering tradeoff to make. Unfortunately, Nix is very broken by this failure to respect May I make a couple suggestions? The Ideal CaseIdeally, there is a solution which can be found which will respect This is also a possible security issue because if a serious vulnerability is patched in It is worth mentioning that even when I am deleting the cache file before each time $ time rm -f "${XDG_CONFIG_HOME:-~/.config}/gopass/gpg-binary.loc" && gopass show -C my_password
Entry 'my_password' not found. Starting search...
Found exact match in 'my_folder/my_password'
✔ Copied my_folder/my_password to clipboard. Will clear in 45 seconds.
login: user_name
password: ********
real 0m0.377s
user 0m0.169s
sys 0m0.263s By not maintaining the cache file in the first place, this would actually be (slightly) faster. Perhaps there is a clever solution which leverages the parallelism of Go to search all components of The Patch CaseIf, after evaluating the above, the decision is still wont-fix, would you at least consider a fall-back path in the code, where:
This is not ideal because it still breaks a basic invariant on how programs should behave with |
Fixes gopasspw#1662 RELEASE_NOTES=[BUGFIX] Remove GPG location caching Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org>
@siriobalmelli Thank you for detailing your reasoning. Please have a look at #1684 and let me know what you think. |
Fixes gopasspw#1662 RELEASE_NOTES=[BUGFIX] Remove GPG location caching Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org>
This seems like the right way to go, I appreciate your work on this 😄 I'll keep this open until #1684 goes through and then I'll test on my end also. |
Fixes gopasspw#1662 RELEASE_NOTES=[BUGFIX] Remove GPG location caching Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org>
Fixes gopasspw#1662 RELEASE_NOTES=[BUGFIX] Remove GPG location caching Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org>
Fixes #1662 RELEASE_NOTES=[BUGFIX] Remove GPG location caching Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org>
Remove workaround introduced in dda50e7: gopasspw/gopass#1662 has now been fixed upstream. Signed-off-by: Sirio Balmelli <sirio@b-ad.ch>
Looking good, thank you again @dominikschulz for your assistance getting this sorted. |
Fixes gopasspw#1662 RELEASE_NOTES=[BUGFIX] Remove GPG location caching Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org>
Summary
~/.cache/gopass/gpg-binary.loc
is storing an absolute path to thegpg
executable, which overrides the environment$PATH
.Steps To Reproduce
Config file:
Expected behavior
Any UNIX program should always respect the contents of
$PATH
Environment
Darwin computer.home 19.6.0 Darwin Kernel Version 19.6.0: Thu Oct 29 22:56:45 PDT 2020; root:xnu-6153.141.2.2~1/RELEASE_X86_64 x86_64 i386 MacBookPro16,1 Darwin
gopass 1.10.1+af9c95d20b722dee331adcc3cc1ab1ce0108dc2b (af9c95d20b722dee331adcc3cc1ab1ce0108dc2b) go1.15.6 darwin amd64
The text was updated successfully, but these errors were encountered: