Closed ltsdw closed 2 years ago
nullobsi
commented
2 years ago you can try stopping pass-secrets, deleting the entire secretservice dir to reset, and having it recreate the directories another guess is that the gpg-agent was unable to create password dialog, so you may want to restart your gpg agent and ensure you get a dialog
ltsdw
commented
2 years ago ok, what I tried was deleting the secretservice dir, restarting gpg-agent.service, and trying again, and the result was the same.
ps: not directly related to my problem here, but when starting the pass-secrets.service if there's no .password-store, the unit will fail to start, while this isn't the job of pass-secrets, but pass, shouldn't the directory be created by pass-secrets, instead of failing to start? or I don't know, call pass earlier just for it to create the directories needed (maybe we should add more steps to the instructions on the readme?)
nullobsi
commented
2 years ago the service does a check for the existence of just the "secretservice" dir, but it will fail to create it if parent directories don't exist either. in that case, I think I will add a little more of a guide to the readme
also, does running pass-secrets manually (just from the command line) work? i will see if I can get pass to output its logs to the stderr of pass-secrets as well to make debugging the issue easier
ltsdw
commented
2 years ago the service does a check for the existence of just the "secretservice" dir, but it will fail to create it if parent directories don't exist either. in that case, I think I will add a little more of a guide to the readme
yeah, I think that will really help.
also, does running pass-secrets manually (just from the command line) work? i will see if I can get pass to output its logs to the stderr of pass-secrets as well to make debugging the issue easier
negative, it still fails. Again that would be great, as right now I'm clueless from what is wrong with pass.
like I can set up things manually, gpg --gen-key will pop up the dialog to configure a password and reconfirm it. pass init/pass insert will also goes well.
nullobsi
commented
2 years ago okay, i used a different library to spawn the pass process that puts the stderr onto the main process
if you could recompile and test out the new version, it should show whatever error pass had :)
ltsdw
commented
2 years ago Thank you!
found out why pass is failing.
Loaded collection /home/mg_user/.password-store/secretservice/l6oERZaD931RmHk3AE8Rv
Found pass at /usr/bin/pass
mkdir: created directory '/home/mg_user/.password-store/secretservice/l6oERZaD931RmHk3AE8Rv/89ldasB0tJGCKshtdTaYz'
Error: You must run:
pass init your-gpg-id
before you may use the password store.should I generate an key before running the pass-secrets? because I already tried that with gpg --gen-key and after that did pass init \<my gpg id> (also tried with the email, no erros), how I should I proceed here?
what I did so far was enabling gpg-agent.service (it's enabled and running), do I need something more besides having agent running?
nullobsi
commented
2 years ago hm, no, that just means that pass was unable to find a .gpg-id file to get the right key ID the password store should be 100% initialized and working before setting up/running pass-secrets but since you already did that i'm unsure...
ltsdw
commented
2 years ago it shouldn't be looking for it under ~/.gnupg or where the GNUPGHOME was set to?
I'm almost certain I screwed something while setting this.
ltsdw
commented
2 years ago Oh, ok, I got it. Nuked all directories and started all over.
my steps was:
probably what I was doing wrong was trying set it up with email and the short version of key-id.
we should definitely add more steps to the readme page, while it's not the scope of this project to taught people how to set up gpg, people like me will definitely appreciate an "how to 101 for dummies".
Again thank you for your patience and great project. Closing.
ltsdw
commented
2 years ago now I'm having another issue.
first, the systemd unit will always fail at the time I launch minecraft-launcher:
× pass-secrets.service - Pass SecretService
Loaded: loaded (/usr/lib/systemd/user/pass-secrets.service; enabled; vendor preset: enabled)
Active: failed (Result: signal) since Thu 2021-09-30 18:16:52 -03; 10s ago
Process: 3694 ExecStart=/usr/bin/pass-secrets (code=killed, signal=ABRT)
Main PID: 3694 (code=killed, signal=ABRT)
CPU: 26ms
set 30 18:16:52 shadow systemd[544]: Starting Pass SecretService...
set 30 18:16:52 shadow systemd[544]: Started Pass SecretService.
set 30 18:16:52 shadow pass-secrets[3694]: Loaded collection /home/mg_user/.password-store/secretservice/ULDzdHJbVGNetph9snfZ1
set 30 18:16:52 shadow pass-secrets[3694]: Found pass at /usr/bin/pass
set 30 18:16:52 shadow pass-secrets[3701]: gpg: decryption failed: No secret key
set 30 18:16:52 shadow pass-secrets[3694]: terminate called after throwing an instance of 'subprocess::exceptions::command_error'
set 30 18:16:52 shadow pass-secrets[3694]: what(): command exitstatus 2 : subprocess_error
set 30 18:16:52 shadow systemd[544]: pass-secrets.service: Main process exited, code=killed, status=6/ABRT
set 30 18:16:52 shadow systemd[544]: pass-secrets.service: Failed with result 'signal'.but running the pass-secrects from a terminal will succeed, the pop up to type the password to unlock the store key will shows up. (almost always, sometimes it will segfault).
when segfaulting (segfaults always when I click to select my minecraft account):
$ pass-secrets
Loaded collection /home/mg_user/.password-store/secretservice/ULDzdHJbVGNetph9snfZ1
Found pass at /usr/bin/pass
removed '/home/mg_user/.password-store/secretservice/ULDzdHJbVGNetph9snfZ1/gWN34fe_Xq0sWtdNpIf4Q/secret.gpg'
removed '/home/mg_user/.password-store/secretservice/ULDzdHJbVGNetph9snfZ1/gWN34fe_Xq0sWtdNpIf4Q/item.json'
removed directory '/home/mg_user/.password-store/secretservice/ULDzdHJbVGNetph9snfZ1/gWN34fe_Xq0sWtdNpIf4Q/'
zsh: segmentation fault pass-secretsif I re-start the pass-secrets before proceeding (typing my email and password from my microsoft account), it will succeed:
Loaded collection /home/mg_user/.password-store/secretservice/ULDzdHJbVGNetph9snfZ1
Found pass at /usr/bin/pass
mkdir: created directory '/home/mg_user/.password-store/secretservice/ULDzdHJbVGNetph9snfZ1/pkH5fGXaclwrrok2pTF7O'
Enter contents of secretservice/ULDzdHJbVGNetph9snfZ1/pkH5fGXaclwrrok2pTF7O/secret and press Ctrl+D when finished:
Enter contents of secretservice/ULDzdHJbVGNetph9snfZ1/Hg3GKMYre00ffdT8GHT0E/secret and press Ctrl+D when finished:
Enter contents of secretservice/ULDzdHJbVGNetph9snfZ1/FE0QEj_5CkJ4BRMtf9YiU/secret and press Ctrl+D when finished:
Enter contents of secretservice/ULDzdHJbVGNetph9snfZ1/7aU2kFYZfefSUjxKlndYP/secret and press Ctrl+D when finished:
Enter contents of secretservice/ULDzdHJbVGNetph9snfZ1/5ZHNltTuOyTzHn_Szi8Wa/secret and press Ctrl+D when finished:
Enter contents of secretservice/ULDzdHJbVGNetph9snfZ1/FG_0Hz_gesCMYA_4K3HCc/secret and press Ctrl+D when finished:
Enter contents of secretservice/ULDzdHJbVGNetph9snfZ1/7aU2kFYZfefSUjxKlndYP/secret and press Ctrl+D when finished:
Enter contents of secretservice/ULDzdHJbVGNetph9snfZ1/7KKZIi81iYEWC5y2KK_X2/secret and press Ctrl+D when finished:
qEnter contents of secretservice/ULDzdHJbVGNetph9snfZ1/7KKZIi81iYEWC5y2KK_X2/secret and press Ctrl+D when finished:does this gives you any idea? (this time I don't think it's something I did wrong, this time I think it's some kind of incompatibility with minecraft-launcher)
nullobsi
commented
2 years ago I had the segfault issue while doing my test and it happens because the app refers to a closed session I thought I added a check for it, but obviously it was not enough! ill check it out
nullobsi
commented
2 years ago as for the systemd service, depending on what DE you are using, you need to runsystemctl --user import-environment HOME DISPLAY WAYLAND_DISPLAY or other envvars needed
ltsdw
commented
2 years ago I'm not using any desktop environment right now, starting all with startx and running dwm, does I need some special envar?
I had a problem with gnome-keyring (wasn't working when switching user with su) but solved it with dbus-update-activation-environment --systemd DISPLAY, maybe I should do the same for HOME DISPLAY? As I'm not using wayland I don't think I'll need the last one.
EDIT:
tried the systemctl --user import-environment HOME DISPLAY but the result was the same.
nullobsi
commented
2 years ago in that case doing the same for home and display may be needed for the GPG agent and pass-secrets
dbus activation is a mess unfortunately
ltsdw
commented
2 years ago in that case doing the same for home and display may be needed for the GPG agent and pass-secrets
I'm sorry, what do you mean by that?
ltsdw
commented
2 years ago if what you mean was doing dbus-update-activation-environment --systemd HOME DISPLAY?, in that case it isn't working neither.
ltsdw
commented
2 years ago ok, so I tried dbus-update-activation-environment --systemd --all that did the trick, now it's only the segfault part.
set 30 21:48:12 shadow systemd[544]: Starting Pass SecretService...
set 30 21:48:12 shadow systemd[544]: Started Pass SecretService.
set 30 21:48:12 shadow pass-secrets[165426]: Loaded collection /home/mg_user/.password-store/secretservice/ULDzdHJbVGNetph9snfZ1
set 30 21:48:12 shadow pass-secrets[165426]: Found pass at /usr/bin/pass
set 30 21:49:08 shadow pass-secrets[165426]: terminate called after throwing an instance of 'std::out_of_range'
set 30 21:49:08 shadow pass-secrets[165426]: what(): map::at
set 30 21:49:08 shadow systemd[544]: pass-secrets.service: Main process exited, code=killed, status=6/ABRT
set 30 21:49:08 shadow systemd[544]: pass-secrets.service: Failed with result 'signal'.actually I don't know if this is related to the segfaulting when running from command line, terminate called after throwing an instance of 'std::out_of_range' what(): map::at
ltsdw
commented
2 years ago So I wiped all out, started all over again.
- systemctl --user start pass-secrets
- systemctl --user start gpg-agent
- dbus-update-activation-environment --systemd --all
# when setting for the first time
- gpg --gen-key
- copied the id generated
- pass init <pasted the id of the key generated>It seems all working now, the gpg-agent service gets stopped (I think that's supposed to happen):
out 08 03:11:13 shadow gpg-agent[990]: listening on: std=5 extra=6 browser=3 ssh=4
out 08 03:12:17 shadow gpg-agent[990]: socket is now serviced by another server
out 08 03:12:17 shadow gpg-agent[990]: this process is useless - shutting down
out 08 03:12:21 shadow gpg-agent[990]: gpg-agent (GnuPG) 2.2.29 stoppedand then it sometimes will ask for my password in a infinite loop, only stopping when I re-start gpg-agent, but that is probably another thing that I'm doing wrong.
I'll close this issue though. Thank you for your support!
after enabling/starting the systemd service unit I tried to log in into minecraft, but the unit get stopped because pass couldn't write:
I probably not setting something right, I followed part of the example from arch wiki and it went all good.
what more do I need to do?