Pass environment variables from rbw to rbw-agent #221
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This makes it easier to read the code on first glance, and we don't win anything by using the shorthands meant for easier typing.
|
applied, thanks! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I use
rbwon a workstation with X.org, but also regularly connect through SSH from my laptop. This setup causes issues with therbw-agent, since it is started by the firstrbwcommand, and inherits the environment from there.rbw-agentis responsible for startingpinentry. If I runrbwfirst in my X session,rbw-agentwill always startpinentryin the X session, even if I runrbwfrom an SSH session. Vice-versa, when first startingrbwfrom an SSH session,rbw-agent, and thereforepinentrynever inherits the X session and it will always prompt through its curses UI.I never had this issue when I was still using
passwith GPG, even though GPG's architecture is similar torbwin that thegpg-agentprocess is responsible for starting thepinentryprocess. I investigated the GPG source code to see whatgpg-agentdoes differently compared torbwto makepinentryalways use the environment wheregpgwas executed.As it turns out, GPG maintains a list of environment variables that are read from the
gpgprocess and passed throughgpg-agentto thepinentryprocess. Sincerbwalready does something similar with the TTY, I extended that functionality in this PR to add environment variables as well. In addition, GPG allows overriding the TTY through theGPG_TTYenvironment variable, so I added anRBW_TTYvariable as well.It's fairly hard to grok the GPG source code, since it mostly interacts with
pinentrythrough libassuan (which is the protocol used bypinentry), so not everything is communicated through environment variables and there are multiple entry points (gpgis not the only process that usesgpg-agent). However, I am reasonably confident that I've extracted the relevant parts, and the current state of this PR should be functional. That said, I haven't tested all the different environment variables. You can try the main idea by switching between X and non-X TTYs and interacting withrbw. I haven't tested Wayland, so if someone has a Wayland desktop, I'd like to know if that works as expected.Finally, I've updated
rbw-pinentry-keyringsuch that thepinentryinvocations inherit the arguments passed into the script. This should resolve the issue described in #196.