diff --git a/docs/faq.md b/docs/faq.md index 8f4d9258b6..dfad40ac3f 100644 --- a/docs/faq.md +++ b/docs/faq.md @@ -33,9 +33,6 @@ Yes, there is a gopass-based [Terraform provider](https://github.com/camptocamp/ ## How can I fix `"gpg: decryption failed: No secret key"` errors? Set the `auto-expand-secmem` option in your gpg-agent.conf, if your version of GnuPG supports it. -## I'm getting `Path too long for Unix domain socket` errors, usually on MacOS. -This can be fixed by setting `export TMPDIR=/tmp` (or any other suiteable location with a path shorter than 80 characters). - ## Empty secret? Old version of `gpg` may fail to decode message encrypted with newer version without any message. The encrypted secret in such case is just empty and gopass will warn you about this. One case of such behaviour we have seen so far is when the encryption key generated with `gpg` version 2.3.x encrypt a password that is then decrypted on `gpg` version 2.2.x (default on Ubuntu 18.04). In this particular case old `gpg` does not understand `AEAD` encryption extension, and it fails without any error. If it is your case then follw the instructions in listed in #2283. diff --git a/internal/action/reminder.go b/internal/action/reminder.go index 38d4bd8a75..c0f15daba1 100644 --- a/internal/action/reminder.go +++ b/internal/action/reminder.go @@ -4,7 +4,6 @@ import ( "context" "os" - "github.com/kpitt/gopass/internal/env" "github.com/kpitt/gopass/internal/out" "github.com/kpitt/gopass/pkg/ctxutil" ) @@ -22,18 +21,6 @@ func (s *Action) printReminder(ctx context.Context) { return } - // this might be printed along other reminders - if s.rem.Overdue("env") { - msg, err := env.Check(ctx) - if err != nil { - out.Warningf(ctx, "Failed to check environment: %s", err) - } - if msg != "" { - out.Warningf(ctx, "%s", msg) - } - _ = s.rem.Reset("env") - } - // Note: We only want to print one reminder per day (at most). // So we intentionally return after printing one, leaving the others // for the following days. diff --git a/internal/backend/storage/gitfs/config.go b/internal/backend/storage/gitfs/config.go index 3018bde7f0..1f58d81a47 100644 --- a/internal/backend/storage/gitfs/config.go +++ b/internal/backend/storage/gitfs/config.go @@ -21,17 +21,6 @@ const ( // that git has. We'd prefer if that wasn't necessary but git has way too many modes of operation // and we need it to behave a predicatable as possible. func (g *Git) fixConfig(ctx context.Context) error { - // set push default, to avoid issues with - // "fatal: The current branch master has multiple upstream branches, refusing to push" - // https://stackoverflow.com/questions/948354/default-behavior-of-git-push-without-a-branch-specified. - if err := g.ConfigSet(ctx, "push.default", "matching"); err != nil { - return fmt.Errorf("failed to set git config for push.default: %w", err) - } - - if err := g.ConfigSet(ctx, "pull.rebase", "false"); err != nil { - return fmt.Errorf("failed to set git config for pull.rebase: %w", err) - } - // setup for proper diffs. if err := g.ConfigSet(ctx, "diff.gpg.binary", "true"); err != nil { out.Errorf(ctx, "Error while initializing git: %s", err) @@ -40,12 +29,7 @@ func (g *Git) fixConfig(ctx context.Context) error { out.Errorf(ctx, "Error while initializing git: %s", err) } - // setup for persistent SSH connections. - if sc := gitSSHCommand(); sc != "" { - if err := g.ConfigSet(ctx, "core.sshCommand", sc); err != nil { - out.Errorf(ctx, "Error while configuring persistent SSH connections: %s", err) - } - } + // TODO: should set up for age encryption also, or check the crypto backend return nil } @@ -73,6 +57,7 @@ func (g *Git) InitConfig(ctx context.Context, userName, userEmail string) error return fmt.Errorf("failed to fix git config: %w", err) } + // TODO: handle `*.age` files if using `age` crypto backend if err := os.WriteFile(filepath.Join(g.fs.Path(), ".gitattributes"), []byte("*.gpg diff=gpg\n"), fileMode); err != nil { return fmt.Errorf("failed to initialize git: %w", err) } diff --git a/internal/backend/storage/gitfs/ssh_darwin.go b/internal/backend/storage/gitfs/ssh_darwin.go deleted file mode 100644 index d0a96f93a7..0000000000 --- a/internal/backend/storage/gitfs/ssh_darwin.go +++ /dev/null @@ -1,19 +0,0 @@ -//go:build darwin -// +build darwin - -package gitfs - -// gitSSHCommand returns a SSH command instructing git to use SSH -// with persistent connections through a custom socket. -// See https://linux.die.net/man/5/ssh_config and -// https://git-scm.com/docs/git-config#Documentation/git-config.txt-coresshCommand -// -// Note: Setting GIT_SSH_COMMAND, possibly to an empty string, will take -// precedence over this setting. -// -// %C is a hash of %l%h%p%r and should avoid "path too long for unix domain socket" -// errors. On MacOS this doesn't always seem to work, so we're using a hardcoded -// /tmp instead. -func gitSSHCommand() string { - return "ssh -oControlMaster=auto -oControlPersist=600 -oControlPath=/tmp/.ssh-%C" -} diff --git a/internal/backend/storage/gitfs/ssh_others.go b/internal/backend/storage/gitfs/ssh_others.go deleted file mode 100644 index cddac97b6d..0000000000 --- a/internal/backend/storage/gitfs/ssh_others.go +++ /dev/null @@ -1,20 +0,0 @@ -//go:build !windows && !darwin -// +build !windows,!darwin - -package gitfs - -import "os" - -// gitSSHCommand returns a SSH command instructing git to use SSH -// with persistent connections through a custom socket. -// See https://linux.die.net/man/5/ssh_config and -// https://git-scm.com/docs/git-config#Documentation/git-config.txt-coresshCommand -// -// Note: Setting GIT_SSH_COMMAND, possibly to an empty string, will take -// precedence over this setting. -// -// %C is a hash of %l%h%p%r and should avoid "path too long for unix domain socket" -// errors. If you still encounter this error set TMPDIR to a short path, e.g. /tmp. -func gitSSHCommand() string { - return "ssh -oControlMaster=auto -oControlPersist=600 -oControlPath=" + os.TempDir() + "/.ssh-%C" -} diff --git a/internal/backend/storage/gitfs/ssh_windows.go b/internal/backend/storage/gitfs/ssh_windows.go deleted file mode 100644 index 2a0e1b5d67..0000000000 --- a/internal/backend/storage/gitfs/ssh_windows.go +++ /dev/null @@ -1,8 +0,0 @@ -//go:build windows -// +build windows - -package gitfs - -func gitSSHCommand() string { - return "" -} diff --git a/internal/env/env_darwin.go b/internal/env/env_darwin.go deleted file mode 100644 index 0a0cb7f945..0000000000 --- a/internal/env/env_darwin.go +++ /dev/null @@ -1,42 +0,0 @@ -//go:build darwin -// +build darwin - -package env - -import ( - "bytes" - "context" - "io" - "os" - "os/exec" - "strings" -) - -var ( - // Stdin is exported for tests. - Stdin io.Reader = os.Stdin - // Stderr is exported for tests. - Stderr io.Writer = os.Stderr -) - -func Check(ctx context.Context) (string, error) { - buf := &bytes.Buffer{} - - cmd := exec.CommandContext(ctx, "defaults", "read", "org.gpgtools.common", "UseKeychain") - cmd.Stdin = Stdin - cmd.Stdout = buf - cmd.Stderr = Stderr - - if err := cmd.Run(); err != nil { - return "", err - } - - // if the keychain is not used, we can skip the rest - if strings.ToUpper(strings.TrimSpace(buf.String())) == "NO" { - return "", nil - } - - // gpg uses the keychain to store the passphrase, warn once in a while that users - // might want to change that because it's not secure. - return "pinentry-mac will use the MacOS Keychain to store your passphrase indefinitely. Consider running 'defaults write org.gpgtools.common UseKeychain NO' to disable that.", nil -} diff --git a/internal/env/env_others.go b/internal/env/env_others.go deleted file mode 100644 index 25de2203cb..0000000000 --- a/internal/env/env_others.go +++ /dev/null @@ -1,11 +0,0 @@ -//go:build !darwin -// +build !darwin - -package env - -import "context" - -// Check does nothing on these OSes, yet. -func Check(ctx context.Context) (string, error) { - return "", nil -}