| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since the removal[1] of the Perl test driver, our tests will no longer
run or even evaluate.
Fortunately, the test API is more or less the same, so the transition to
Python was not very involved.
However, I did add a "# fmt: off" on top of every testScript, since
formatting with black not only has issues with parameterised
antiquotations but is also plain ugly to mix 2 spaces of indentation
with 4 spaces of indentation.
Additionally, I'd like to have a maximum line length of 79 characters in
my Nix expressions while black on the other side even *insists* of using
longer lines.
[1]: https://github.com/NixOS/nixpkgs/commit/0620184f3f94f1bf8de014ab168
Signed-off-by: aszlig <aszlig@nix.build>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since a while[1], the services.xserver.displayManager.auto option is
deprecated. Since first of all SLiM got removed and now every display
manager supports auto-login, I switched the labtops module to use the
LightDM implementation.
Since the common x11 test module still exposes a similar interface, we
only need to use the same options from the test-support option, which
should hopefully be a "sane default" suitable for tests.
[1]: https://github.com/NixOS/nixpkgs/commit/c95612a5a2d4bd93011c042066c
Signed-off-by: aszlig <aszlig@nix.build>
Cc: @Profpatsch
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sinc the Tesseract update to version 4.0.0[1], the OCR result is much
better than what we had before.
The string we want to match is the following:
Please enter the passphrase to unlock the OpenPGP secret key
In the previous Tesseract alpha version (4.00.00alpha-git-20170410), the
word "passphrase" was detected with an upper-case "P", which now is no
longer the case.
Nevertheless, I've changed it to matching both "Passphrase" and
"passphrase", just to be sure.
[1]: https://github.com/NixOS/nixpkgs/commit/d4b9752212f77b122b9166dc52f
Signed-off-by: aszlig <aszlig@nix.build>
|
|
|
|
|
|
|
| |
Yet another occasion where we import nixpkgs-path.nix unconditionally,
so let's actually pass a nixpkgsPath to every test function.
Signed-off-by: aszlig <aszlig@nix.build>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is in reaction to upstream commit
NixOS/nixpkgs@e34ce9d1c551fb43742aada6bb43ccb1a52e64a1.
One of the changes in GnuPG 2.1.23 is that the main binary is now called
gpg instead of gpg2. See the full release announcement here:
https://lists.gnupg.org/pipermail/gnupg-announce/2017q3/000412.html
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When using systemctl restart or systemctl stop on any of the GnuPG
services, the sockets were closed and removed.
However we are using socket activation, so a simple restart of for
example the agent would cause the socket to be closed and removed and
afterwards the gpg-agent service is unable to pick up the socket again,
thus failing to start.
This in turn has led to GnuPG starting the agent by its own, entirely
bypassing socket activation and our shiny service module.
In order to cope with this, we need to provide LD_PRELOAD wrappers also
for remove() and close(), so that we can prevent GnuPG from closing the
systemd file descriptors.
I've also added a small subtest to ensure this won't happen again in the
future.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
| |
The shell script embedded into the expect script had "set -x" enabled.
While this doesn't really hurt it doesn't really aid in debugging
either (expect -d works much better), so let's remove it.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
| |
We're not testing this thoroughly though, but this makes sure that we
don't accidentally break module support for scdaemon.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
| |
We do things such as placing gnupg into environment.systemPackages, so
calling this just "programs.gpg-agent" doesn't fit that. Especially if
we really want to have a way to specify configuration values in case I'm
getting masochistic someday ;-)
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
Since NixOS/nixpkgs@5391882 there no longer is the option to start the
agent during X session startup, which prompted me to write this module.
I was unhappy how GnuPG is handled in NixOS since a long time and wanted
to OCD all the configuration files directly into the module.
Unfortunately, this is something I eventually gave up because GnuPG's
design makes it very hard to preseed configuration. My first attempt was
to provide default configuration files in /etc/gnupg, but that wasn't
properly picked up by GnuPG.
Another way would have been to change the default configuration files,
but that would have the downside that we could only override those
configurations using command line options for each individual GnuPG
component.
The approach I tried to go for was to patch GnuPG so that all the
defaults are directly set in the source code using a giant sed
expression. It turned out that this approach doesn't work very well,
because every component has implemented its own ways how to handle
commandline arguments versus (default) configuration files.
In the end I gave up trying to OCD anything related to GnuPG
configuration and concentrated just on the agent.
And that's another beast, which unfortunately doesn't work very well
with systemd.
While searching the net for existing patches I stumbled upon one done by
@shlevy:
https://lists.gnupg.org/pipermail/gnupg-devel/2014-November/029092.html
Unfortunately, the upstream author seems to be quite anti-systemd and
didn't want to accept that into the upstream project.
Because of this I went for using LD_PRELOAD to pick up the file
descriptors provided by the systemd sockets, because in the end I don't
want to constantly catch up with upstream and rebase the patch on every
new release.
Apart from just wrapping the agent to be socket activated, we also wrap
the pinentry program, so that we can inject a _CLIENT_PID environment
variable from the LD_PRELOAD wrapper that is picked up by the pinentry
wrapper to determine the TTY and/or display of the client communicating
with the agent.
The wrapper uses the proc filesystem to get all the relevant information
and passes it to the real pinentry.
The advantage of this is that we don't need to do things such as
"gpg-connect-agent updatestartuptty /bye" or any other workarounds and
even if we connect via SSH the agent should be able to correctly pick up
the TTY and/or display.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|