Closed ltsdw closed 2 years ago
you can try stopping pass-secrets, deleting the entire secretservice dir to reset, and having it recreate the directories another guess is that the gpg-agent was unable to create password dialog, so you may want to restart your gpg agent and ensure you get a dialog
ok, what I tried was deleting the secretservice dir, restarting gpg-agent.service, and trying again, and the result was the same.
ps: not directly related to my problem here, but when starting the pass-secrets.service if there's no .password-store, the unit will fail to start, while this isn't the job of pass-secrets, but pass, shouldn't the directory be created by pass-secrets, instead of failing to start? or I don't know, call pass earlier just for it to create the directories needed (maybe we should add more steps to the instructions on the readme?)
the service does a check for the existence of just the "secretservice" dir, but it will fail to create it if parent directories don't exist either. in that case, I think I will add a little more of a guide to the readme
also, does running pass-secrets manually (just from the command line) work? i will see if I can get pass to output its logs to the stderr of pass-secrets as well to make debugging the issue easier
the service does a check for the existence of just the "secretservice" dir, but it will fail to create it if parent directories don't exist either. in that case, I think I will add a little more of a guide to the readme
yeah, I think that will really help.
also, does running pass-secrets manually (just from the command line) work? i will see if I can get pass to output its logs to the stderr of pass-secrets as well to make debugging the issue easier
negative, it still fails. Again that would be great, as right now I'm clueless from what is wrong with pass.
like I can set up things manually, gpg --gen-key will pop up the dialog to configure a password and reconfirm it. pass init/pass insert will also goes well.
okay, i used a different library to spawn the pass
process that puts the stderr onto the main process
if you could recompile and test out the new version, it should show whatever error pass had :)
Thank you!
found out why pass is failing.
Loaded collection /home/mg_user/.password-store/secretservice/l6oERZaD931RmHk3AE8Rv
Found pass at /usr/bin/pass
mkdir: created directory '/home/mg_user/.password-store/secretservice/l6oERZaD931RmHk3AE8Rv/89ldasB0tJGCKshtdTaYz'
Error: You must run:
pass init your-gpg-id
before you may use the password store.
should I generate an key before running the pass-secrets? because I already tried that with gpg --gen-key and after that did pass init \<my gpg id> (also tried with the email, no erros), how I should I proceed here?
what I did so far was enabling gpg-agent.service (it's enabled and running), do I need something more besides having agent running?
hm, no, that just means that pass was unable to find a .gpg-id file to get the right key ID the password store should be 100% initialized and working before setting up/running pass-secrets but since you already did that i'm unsure...
it shouldn't be looking for it under ~/.gnupg or where the GNUPGHOME was set to?
I'm almost certain I screwed something while setting this.
Oh, ok, I got it. Nuked all directories and started all over.
my steps was:
probably what I was doing wrong was trying set it up with email and the short version of key-id.
we should definitely add more steps to the readme page, while it's not the scope of this project to taught people how to set up gpg, people like me will definitely appreciate an "how to 101 for dummies".
Again thank you for your patience and great project. Closing.
now I'm having another issue.
first, the systemd unit will always fail at the time I launch minecraft-launcher:
× pass-secrets.service - Pass SecretService
Loaded: loaded (/usr/lib/systemd/user/pass-secrets.service; enabled; vendor preset: enabled)
Active: failed (Result: signal) since Thu 2021-09-30 18:16:52 -03; 10s ago
Process: 3694 ExecStart=/usr/bin/pass-secrets (code=killed, signal=ABRT)
Main PID: 3694 (code=killed, signal=ABRT)
CPU: 26ms
set 30 18:16:52 shadow systemd[544]: Starting Pass SecretService...
set 30 18:16:52 shadow systemd[544]: Started Pass SecretService.
set 30 18:16:52 shadow pass-secrets[3694]: Loaded collection /home/mg_user/.password-store/secretservice/ULDzdHJbVGNetph9snfZ1
set 30 18:16:52 shadow pass-secrets[3694]: Found pass at /usr/bin/pass
set 30 18:16:52 shadow pass-secrets[3701]: gpg: decryption failed: No secret key
set 30 18:16:52 shadow pass-secrets[3694]: terminate called after throwing an instance of 'subprocess::exceptions::command_error'
set 30 18:16:52 shadow pass-secrets[3694]: what(): command exitstatus 2 : subprocess_error
set 30 18:16:52 shadow systemd[544]: pass-secrets.service: Main process exited, code=killed, status=6/ABRT
set 30 18:16:52 shadow systemd[544]: pass-secrets.service: Failed with result 'signal'.
but running the pass-secrects from a terminal will succeed, the pop up to type the password to unlock the store key will shows up. (almost always, sometimes it will segfault).
when segfaulting (segfaults always when I click to select my minecraft account):
$ pass-secrets
Loaded collection /home/mg_user/.password-store/secretservice/ULDzdHJbVGNetph9snfZ1
Found pass at /usr/bin/pass
removed '/home/mg_user/.password-store/secretservice/ULDzdHJbVGNetph9snfZ1/gWN34fe_Xq0sWtdNpIf4Q/secret.gpg'
removed '/home/mg_user/.password-store/secretservice/ULDzdHJbVGNetph9snfZ1/gWN34fe_Xq0sWtdNpIf4Q/item.json'
removed directory '/home/mg_user/.password-store/secretservice/ULDzdHJbVGNetph9snfZ1/gWN34fe_Xq0sWtdNpIf4Q/'
zsh: segmentation fault pass-secrets
if I re-start the pass-secrets before proceeding (typing my email and password from my microsoft account), it will succeed:
Loaded collection /home/mg_user/.password-store/secretservice/ULDzdHJbVGNetph9snfZ1
Found pass at /usr/bin/pass
mkdir: created directory '/home/mg_user/.password-store/secretservice/ULDzdHJbVGNetph9snfZ1/pkH5fGXaclwrrok2pTF7O'
Enter contents of secretservice/ULDzdHJbVGNetph9snfZ1/pkH5fGXaclwrrok2pTF7O/secret and press Ctrl+D when finished:
Enter contents of secretservice/ULDzdHJbVGNetph9snfZ1/Hg3GKMYre00ffdT8GHT0E/secret and press Ctrl+D when finished:
Enter contents of secretservice/ULDzdHJbVGNetph9snfZ1/FE0QEj_5CkJ4BRMtf9YiU/secret and press Ctrl+D when finished:
Enter contents of secretservice/ULDzdHJbVGNetph9snfZ1/7aU2kFYZfefSUjxKlndYP/secret and press Ctrl+D when finished:
Enter contents of secretservice/ULDzdHJbVGNetph9snfZ1/5ZHNltTuOyTzHn_Szi8Wa/secret and press Ctrl+D when finished:
Enter contents of secretservice/ULDzdHJbVGNetph9snfZ1/FG_0Hz_gesCMYA_4K3HCc/secret and press Ctrl+D when finished:
Enter contents of secretservice/ULDzdHJbVGNetph9snfZ1/7aU2kFYZfefSUjxKlndYP/secret and press Ctrl+D when finished:
Enter contents of secretservice/ULDzdHJbVGNetph9snfZ1/7KKZIi81iYEWC5y2KK_X2/secret and press Ctrl+D when finished:
qEnter contents of secretservice/ULDzdHJbVGNetph9snfZ1/7KKZIi81iYEWC5y2KK_X2/secret and press Ctrl+D when finished:
does this gives you any idea? (this time I don't think it's something I did wrong, this time I think it's some kind of incompatibility with minecraft-launcher)
I had the segfault issue while doing my test and it happens because the app refers to a closed session I thought I added a check for it, but obviously it was not enough! ill check it out
as for the systemd service, depending on what DE you are using, you need to runsystemctl --user import-environment HOME DISPLAY WAYLAND_DISPLAY
or other envvars needed
I'm not using any desktop environment right now, starting all with startx and running dwm, does I need some special envar?
I had a problem with gnome-keyring (wasn't working when switching user with su) but solved it with dbus-update-activation-environment --systemd DISPLAY
, maybe I should do the same for HOME DISPLAY? As I'm not using wayland I don't think I'll need the last one.
EDIT:
tried the systemctl --user import-environment HOME DISPLAY
but the result was the same.
in that case doing the same for home and display may be needed for the GPG agent and pass-secrets
dbus activation is a mess unfortunately
in that case doing the same for home and display may be needed for the GPG agent and pass-secrets
I'm sorry, what do you mean by that?
if what you mean was doing dbus-update-activation-environment --systemd HOME DISPLAY
?, in that case it isn't working neither.
ok, so I tried dbus-update-activation-environment --systemd --all
that did the trick, now it's only the segfault part.
set 30 21:48:12 shadow systemd[544]: Starting Pass SecretService...
set 30 21:48:12 shadow systemd[544]: Started Pass SecretService.
set 30 21:48:12 shadow pass-secrets[165426]: Loaded collection /home/mg_user/.password-store/secretservice/ULDzdHJbVGNetph9snfZ1
set 30 21:48:12 shadow pass-secrets[165426]: Found pass at /usr/bin/pass
set 30 21:49:08 shadow pass-secrets[165426]: terminate called after throwing an instance of 'std::out_of_range'
set 30 21:49:08 shadow pass-secrets[165426]: what(): map::at
set 30 21:49:08 shadow systemd[544]: pass-secrets.service: Main process exited, code=killed, status=6/ABRT
set 30 21:49:08 shadow systemd[544]: pass-secrets.service: Failed with result 'signal'.
actually I don't know if this is related to the segfaulting when running from command line, terminate called after throwing an instance of 'std::out_of_range'
what(): map::at
So I wiped all out, started all over again.
- systemctl --user start pass-secrets
- systemctl --user start gpg-agent
- dbus-update-activation-environment --systemd --all
# when setting for the first time
- gpg --gen-key
- copied the id generated
- pass init <pasted the id of the key generated>
It seems all working now, the gpg-agent service gets stopped (I think that's supposed to happen):
out 08 03:11:13 shadow gpg-agent[990]: listening on: std=5 extra=6 browser=3 ssh=4
out 08 03:12:17 shadow gpg-agent[990]: socket is now serviced by another server
out 08 03:12:17 shadow gpg-agent[990]: this process is useless - shutting down
out 08 03:12:21 shadow gpg-agent[990]: gpg-agent (GnuPG) 2.2.29 stopped
and then it sometimes will ask for my password in a infinite loop, only stopping when I re-start gpg-agent, but that is probably another thing that I'm doing wrong.
I'll close this issue though. Thank you for your support!
after enabling/starting the systemd service unit I tried to log in into minecraft, but the unit get stopped because pass couldn't write:
I probably not setting something right, I followed part of the example from arch wiki and it went all good.
what more do I need to do?