From andrew.thorp.dev at gmail.com  Mon Nov  4 15:17:11 2019
From: andrew.thorp.dev at gmail.com (Andrew Thorp)
Date: Mon, 04 Nov 2019 09:17:11 -0500
Subject: MIgrating gpg keys?
Message-ID: <1572877031.2082.0@smtp.gmail.com>

Hello,

I am in the process of migrating GPG keys, and I couldn't find 
documentation
 on the best way to go about adding or changing the key used for 
encryption
in the pass database. Does anyone have any experience with this?

Thanks!

Andrew Thorp
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191104/94ac01c3/attachment.html>

From contact at eddiebarraco.fr  Mon Nov  4 15:31:34 2019
From: contact at eddiebarraco.fr (Eddie Barraco)
Date: Mon, 04 Nov 2019 15:31:34 +0100
Subject: MIgrating gpg keys?
In-Reply-To: <1572877031.2082.0@smtp.gmail.com>
Message-ID: <BY76OHP15W3A.44M21OBD0JQH@green-medusa>

Hello !

> I am in the process of migrating GPG keys, and I couldn't find
> documentation
>  on the best way to go about adding or changing the key used for
> encryption
> in the pass database. Does anyone have any experience with this?

Yes you probably just have to pass init YOUR_NEW_GPG_KEY

The pass manual is not so clear about all this right.

Tell us if this now work as expected.

Kiss


From mkesper at schokokeks.org  Mon Nov  4 15:33:55 2019
From: mkesper at schokokeks.org (Michael Kesper)
Date: Mon, 4 Nov 2019 15:33:55 +0100
Subject: MIgrating gpg keys?
In-Reply-To: <1572877031.2082.0@smtp.gmail.com>
References: <1572877031.2082.0@smtp.gmail.com>
Message-ID: <ce42c57a-a84a-d84f-2e0e-5688e68a8958@schokokeks.org>

Hi Andrew,

On 04.11.19 15:17, Andrew Thorp wrote:
> Hello,
> 
> I am in the process of migrating GPG keys, and I couldn't find documentation
> on the best way to go about adding or changing the key used for encryption?
> in the pass database. Does anyone have any experience with this?

pass init <new_gpg_ID> will do that.
Be sure to use the ID you get by running
gpg --list-key <email>
as only that will be unique.

For checking, create a temporary gnupg setup containing only your new key
but not the old one and try to decrypt your secrets.
pass itself is a little bit low/level here and doesn't really give you much
support here.

Best wishes
Michael

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: OpenPGP digital signature
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191104/405b37d5/attachment.asc>

From contact at eddiebarraco.fr  Mon Nov  4 15:39:15 2019
From: contact at eddiebarraco.fr (Eddie Barraco)
Date: Mon, 04 Nov 2019 15:39:15 +0100
Subject: MIgrating gpg keys?
In-Reply-To: <ce42c57a-a84a-d84f-2e0e-5688e68a8958@schokokeks.org>
Message-ID: <BY76UD7O327G.25THIQOUE81I3@green-medusa>

> pass init <new_gpg_ID> will do that.
> Be sure to use the ID you get by running
> gpg --list-key <email>
> as only that will be unique.

As I know you can use the global keyring id (gpg2 -K) or the encryption
subkey (gpg2 -K --with-subkey-fingerprint).

This allow to migrate to a new subkey when the old expires.

Stacy

From cmskog at gmail.com  Mon Nov  4 17:06:50 2019
From: cmskog at gmail.com (Carl Michael Skog)
Date: Mon, 4 Nov 2019 17:06:50 +0100
Subject: [PATCH] Fix for some flaws when using a key with multiple subkeys
Message-ID: <CAATHS42e4E=Ey_b5fYnNaHDbHRZyq923kBCVfwy4TO-=L9=M9Q@mail.gmail.com>

When encrypting with a gpg key that has multiple encryption subkeys ONLY
the newest encryption subkey is used when encrypting.
This leads to potential problems in pass when using such a key.

Consider this scenario:
Let's say we are using a key K with encryption subkey A.
We set up two password stores(S1 and S2) plus a git repository(G) with this
key.
All fine so far.
Let's say now that S1 adds a encryption subkey(B) to K.
S2 is still unchanged.
S1 then adds a new password P, and pushes this to G, which S2 then pulls.
When S2 tries to read password P it will get an error message from gpg:
"gpg: decryption failed: No secret key".
Even more dangerous: if S1 after adding the key does a "pass init" with K,
S2 will not be able to read a single password, if it pulls this change.

Patch 1,2,3 is just some tests exposing the problem.
The actual fix is in patch 4.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191104/a2a452c9/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Add-an-init-test-with-a-key-with-multiple-subkeys.patch
Type: text/x-diff
Size: 10502 bytes
Desc: not available
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191104/a2a452c9/attachment-0001.patch>

From cmskog at gmail.com  Mon Nov  4 17:08:28 2019
From: cmskog at gmail.com (Carl Michael Skog)
Date: Mon, 4 Nov 2019 17:08:28 +0100
Subject: [PATCH] Fix for some flaws when using a key with multiple subkeys
In-Reply-To: <CAATHS42e4E=Ey_b5fYnNaHDbHRZyq923kBCVfwy4TO-=L9=M9Q@mail.gmail.com>
References: <CAATHS42e4E=Ey_b5fYnNaHDbHRZyq923kBCVfwy4TO-=L9=M9Q@mail.gmail.com>
Message-ID: <CAATHS434wC8ZtOyU4XOyUoMAb6Qp7VSbwhLGg6Za+tcjbAeX=Q@mail.gmail.com>

And of the rest of the patches also....

Den m?n 4 nov. 2019 kl 17:06 skrev Carl Michael Skog <cmskog at gmail.com>:

> When encrypting with a gpg key that has multiple encryption subkeys ONLY
> the newest encryption subkey is used when encrypting.
> This leads to potential problems in pass when using such a key.
>
> Consider this scenario:
> Let's say we are using a key K with encryption subkey A.
> We set up two password stores(S1 and S2) plus a git repository(G) with
> this key.
> All fine so far.
> Let's say now that S1 adds a encryption subkey(B) to K.
> S2 is still unchanged.
> S1 then adds a new password P, and pushes this to G, which S2 then pulls.
> When S2 tries to read password P it will get an error message from gpg:
> "gpg: decryption failed: No secret key".
> Even more dangerous: if S1 after adding the key does a "pass init" with K,
> S2 will not be able to read a single password, if it pulls this change.
>
> Patch 1,2,3 is just some tests exposing the problem.
> The actual fix is in patch 4.
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191104/b5b69ac5/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-Test-for-multisubkey-group-reinit.patch
Type: text/x-diff
Size: 1611 bytes
Desc: not available
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191104/b5b69ac5/attachment-0003.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0003-Add-a-test-for-init-ing-with-multiple-subkey-key.patch
Type: text/x-diff
Size: 15237 bytes
Desc: not available
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191104/b5b69ac5/attachment-0004.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0004-Fixes-for-having-keys-with-multiple-subkeys.patch
Type: text/x-diff
Size: 6035 bytes
Desc: not available
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191104/b5b69ac5/attachment-0005.patch>

From contact at eddiebarraco.fr  Mon Nov  4 17:20:05 2019
From: contact at eddiebarraco.fr (Eddie Barraco)
Date: Mon, 04 Nov 2019 17:20:05 +0100
Subject: [PATCH] Fix for some flaws when using a key with multiple subkeys
In-Reply-To: <CAATHS42e4E=Ey_b5fYnNaHDbHRZyq923kBCVfwy4TO-
 =L9=M9Q@mail.gmail.com>
Message-ID: <BY78ZKR1KFRI.379R3BVN1D4EC@green-medusa>

Hey !

> When encrypting with a gpg key that has multiple encryption subkeys ONLY
> the newest encryption subkey is used when encrypting.

Notes that you can use the subkey fingerprint
Reed

From contact at eddiebarraco.fr  Mon Nov  4 17:21:14 2019
From: contact at eddiebarraco.fr (Eddie Barraco)
Date: Mon, 04 Nov 2019 17:21:14 +0100
Subject: [PATCH] Fix for some flaws when using a key with multiple subkeys
In-Reply-To: <CAATHS42e4E=Ey_b5fYnNaHDbHRZyq923kBCVfwy4TO-
 =L9=M9Q@mail.gmail.com>
Message-ID: <BY790GG6L06E.8EGLZ5PM7TAO@green-medusa>

Hey

> When encrypting with a gpg key that has multiple encryption subkeys ONLY
> the newest encryption subkey is used when encrypting.

Notes that you can use the encryption subkey fingerprint displayed with
gpg2 -K --with-subkey-fingerprint

From cmskog at gmail.com  Mon Nov  4 17:37:49 2019
From: cmskog at gmail.com (Carl Michael Skog)
Date: Mon, 4 Nov 2019 17:37:49 +0100
Subject: [PATCH] Fix for some flaws when using a key with multiple subkeys
In-Reply-To: <BY790GG6L06E.8EGLZ5PM7TAO@green-medusa>
References: <BY790GG6L06E.8EGLZ5PM7TAO@green-medusa>
Message-ID: <CAATHS40opdtBAVj04PMbvzgPhRzPXMrpKgYQeOmiy4XNov5eNA@mail.gmail.com>

Den m?n 4 nov. 2019 kl 17:21 skrev Eddie Barraco <contact at eddiebarraco.fr>:

> Hey
>
> > When encrypting with a gpg key that has multiple encryption subkeys ONLY
> > the newest encryption subkey is used when encrypting.
>
> Notes that you can use the encryption subkey fingerprint displayed with
> gpg2 -K --with-subkey-fingerprint
>

Yes, I suppose you could do "pass init" manually with all subkey
fingerprints(with an ampersand appended), which is what the patch is
doing...

Regards,
Carl Michael Skog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191104/ab82ebdd/attachment.html>

From cmskog at gmail.com  Mon Nov  4 17:42:32 2019
From: cmskog at gmail.com (Carl Michael Skog)
Date: Mon, 4 Nov 2019 17:42:32 +0100
Subject: [PATCH] Fix for some flaws when using a key with multiple subkeys
In-Reply-To: <CAATHS40opdtBAVj04PMbvzgPhRzPXMrpKgYQeOmiy4XNov5eNA@mail.gmail.com>
References: <BY790GG6L06E.8EGLZ5PM7TAO@green-medusa>
 <CAATHS40opdtBAVj04PMbvzgPhRzPXMrpKgYQeOmiy4XNov5eNA@mail.gmail.com>
Message-ID: <CAATHS42bCz9PJ1XyLeVSbrDuQjBx-6vVW5ryS=k8wZObWT0zyw@mail.gmail.com>

Disregard my answer...
You were obviously answering in the "Migrating gpg keys ?" discussion...

Den m?n 4 nov. 2019 kl 17:37 skrev Carl Michael Skog <cmskog at gmail.com>:

> Den m?n 4 nov. 2019 kl 17:21 skrev Eddie Barraco <contact at eddiebarraco.fr
> >:
>
>> Hey
>>
>> > When encrypting with a gpg key that has multiple encryption subkeys ONLY
>> > the newest encryption subkey is used when encrypting.
>>
>> Notes that you can use the encryption subkey fingerprint displayed with
>> gpg2 -K --with-subkey-fingerprint
>>
>
> Yes, I suppose you could do "pass init" manually with all subkey
> fingerprints(with an ampersand appended), which is what the patch is
> doing...
>
> Regards,
> Carl Michael Skog
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191104/7819b6ca/attachment.html>

From contact at eddiebarraco.fr  Mon Nov  4 17:55:56 2019
From: contact at eddiebarraco.fr (Eddie Barraco)
Date: Mon, 4 Nov 2019 17:55:56 +0100
Subject: [PATCH] Fix for some flaws when using a key with multiple subkeys
In-Reply-To: <CAATHS40opdtBAVj04PMbvzgPhRzPXMrpKgYQeOmiy4XNov5eNA@mail.gmail.com>
References: <BY790GG6L06E.8EGLZ5PM7TAO@green-medusa>
 <CAATHS40opdtBAVj04PMbvzgPhRzPXMrpKgYQeOmiy4XNov5eNA@mail.gmail.com>
Message-ID: <20191104165556.pmziq4squxatufvy@green-medusa>

> > > When encrypting with a gpg key that has multiple encryption subkeys ONLY
> > > the newest encryption subkey is used when encrypting.
> >
> > Notes that you can use the encryption subkey fingerprint displayed with
> > gpg2 -K --with-subkey-fingerprint
> >
>
> Yes, I suppose you could do "pass init" manually with all subkey
> fingerprints(with an ampersand appended), which is what the patch is
> doing...

In fact I'm questioning the point.

IMHO:

If you are using subkeys, you just have to specify the subkey id.
Then you can add as many subkeys you want, pass will still be using the
specified one. It is also usefull to give sort of access permissions on
some pc that have or not have some subkeys.

I don't really see the point on giving pass the mind behind the subkey
selection.

It is strongly probable that I'm missing something. I'm sorry if this is
the case.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191104/e6d71046/attachment.asc>

From cmskog at gmail.com  Mon Nov  4 18:14:12 2019
From: cmskog at gmail.com (Carl Michael Skog)
Date: Mon, 4 Nov 2019 18:14:12 +0100
Subject: [PATCH] Fix for some flaws when using a key with multiple subkeys
In-Reply-To: <20191104165556.pmziq4squxatufvy@green-medusa>
References: <BY790GG6L06E.8EGLZ5PM7TAO@green-medusa>
 <CAATHS40opdtBAVj04PMbvzgPhRzPXMrpKgYQeOmiy4XNov5eNA@mail.gmail.com>
 <20191104165556.pmziq4squxatufvy@green-medusa>
Message-ID: <CAATHS41070RPM4QnSKuLg708ubzXuvKDUNVV=Z54geQKDz8zmA@mail.gmail.com>

Den m?n 4 nov. 2019 kl 17:56 skrev Eddie Barraco <contact at eddiebarraco.fr>:

>
> In fact I'm questioning the point.
>
> IMHO:
>
> If you are using subkeys, you just have to specify the subkey id.
> Then you can add as many subkeys you want, pass will still be using the
> specified one. It is also usefull to give sort of access permissions on
> some pc that have or not have some subkeys.
>
> I don't really see the point on giving pass the mind behind the subkey
> selection.
>
> It is strongly probable that I'm missing something. I'm sorry if this is
> the case.
>

Look for example at "pass init".
It explicitly claims to be reencrypting with all subkeys(It even prints
them out).
"Claims" is the keyword here, because it doesn't.
It reencrypts in the normal gpg way(ONLY with the latest encryption subkey).
There is also tests in the test suite that checks that all subkeys are used.
There is just no keys with more than one subkey.

Regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191104/ae17dda1/attachment.html>

From cmskog at gmail.com  Mon Nov  4 18:32:12 2019
From: cmskog at gmail.com (Carl Michael Skog)
Date: Mon, 4 Nov 2019 18:32:12 +0100
Subject: [PATCH] Fix for some flaws when using a key with multiple subkeys
In-Reply-To: <CAATHS41070RPM4QnSKuLg708ubzXuvKDUNVV=Z54geQKDz8zmA@mail.gmail.com>
References: <BY790GG6L06E.8EGLZ5PM7TAO@green-medusa>
 <CAATHS40opdtBAVj04PMbvzgPhRzPXMrpKgYQeOmiy4XNov5eNA@mail.gmail.com>
 <20191104165556.pmziq4squxatufvy@green-medusa>
 <CAATHS41070RPM4QnSKuLg708ubzXuvKDUNVV=Z54geQKDz8zmA@mail.gmail.com>
Message-ID: <CAATHS41K2C-xwVwaXKxm+EXW2uEAb6k8YU5DK0=Rs1wyoWMZQA@mail.gmail.com>

> Den m?n 4 nov. 2019 kl 17:56 skrev Eddie Barraco <contact at eddiebarraco.fr
> >:
>
>>
>> In fact I'm questioning the point.
>
>
In fact,  you seem to have been bitten by this exact flaw in an earlier
message("Re-encryption with another rsa gpg subkey" at Sep 18).

Regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191104/34a4fed3/attachment-0001.html>

From contact at eddiebarraco.fr  Mon Nov  4 18:45:34 2019
From: contact at eddiebarraco.fr (Eddie Barraco)
Date: Mon, 4 Nov 2019 18:45:34 +0100
Subject: [PATCH] Fix for some flaws when using a key with multiple subkeys
In-Reply-To: <CAATHS41K2C-xwVwaXKxm+EXW2uEAb6k8YU5DK0=Rs1wyoWMZQA@mail.gmail.com>
References: <BY790GG6L06E.8EGLZ5PM7TAO@green-medusa>
 <CAATHS40opdtBAVj04PMbvzgPhRzPXMrpKgYQeOmiy4XNov5eNA@mail.gmail.com>
 <20191104165556.pmziq4squxatufvy@green-medusa>
 <CAATHS41070RPM4QnSKuLg708ubzXuvKDUNVV=Z54geQKDz8zmA@mail.gmail.com>
 <CAATHS41K2C-xwVwaXKxm+EXW2uEAb6k8YU5DK0=Rs1wyoWMZQA@mail.gmail.com>
Message-ID: <20191104174534.ufm4fatjilkgzn2c@flying-jesusraptor>

> >> In fact I'm questioning the point.
> >
> >
> In fact,  you seem to have been bitten by this exact flaw in an earlier
> message("Re-encryption with another rsa gpg subkey" at Sep 18).

Totaly true. And so I learned to use the subkey id. And in fact, I
think this is the best way to do it. The next time I'll have to "roll" my
subkey, this problem will not occurs again.

I didn't know there was a lack in the tests. So It's always a good
things to fill thoses buguy lacks :)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191104/c5216cc5/attachment.asc>

From grmat at sub.red  Tue Nov 19 13:03:33 2019
From: grmat at sub.red (grmat)
Date: Tue, 19 Nov 2019 13:03:33 +0100
Subject: Wayland status
Message-ID: <53170c87-c226-990b-54e7-e1b8ddd205d2@sub.red>

Hi there,



I have two concerns regarding wayland:




1. the wl-clipboard patch has been upstream since February, but no
stable release happened since. As distributions already roll Wayland by
default, I think it would be reasonable to make a release to make
pass+wayland functionality hit the distribution repos.


2. wl-clipboard has a --paste-once option that clears the clipboard
immediately after pasting. I think it would make sense for pass to use
this feature, but make it configurable.

I could send a patch but I'm not sure if it's an option for upstream, so
here are my ideas first:

a) introduce a new env var, PASSWORD_STORE_PASTE_ONCE. If set, use the
option. Problem: xclip doesn't have the feature, hence the config
wouldn't work under X.

b) activate it without an extra variable, e.g. by setting
PASSWORD_STORE_CLIP_TIME to 0.

What do you think?


Matt

From agazza at gmail.com  Thu Nov 21 11:19:25 2019
From: agazza at gmail.com (Andrea Gazzaniga)
Date: Thu, 21 Nov 2019 11:19:25 +0100
Subject: Problem listing password store
Message-ID: <f42ecc58-e67f-1f1c-cab9-f01957995b86@gmail.com>

Hi,

I'm new to pass and I've just started adding my sensitive info into it. 
All was fine until today, after adding an entry, I get a line of 
unreadable answer when I ask the full list:

$ pass
Cc<...unreadable>C5L

While if I ask? the list of a subfolder it works. Also QtPass can read 
the db just fine.

I'm running version v1.7.3 on MacOs 10.13.6, installed from homebrew.

Thanks,
Andrea


From ondrejsynacek at fastmail.com  Thu Nov 21 12:37:27 2019
From: ondrejsynacek at fastmail.com (=?utf-8?b?T25kxZllaiBTeW7DocSNZWs=?=)
Date: Thu, 21 Nov 2019 12:37:27 +0100
Subject: Password-Store Digest, Vol 78, Issue 6
In-Reply-To: <mailman.1.1574334001.27234.password-store@lists.zx2c4.com>
References: <mailman.1.1574334001.27234.password-store@lists.zx2c4.com>
Message-ID: <EDF0B6D7-179A-4A4E-ACCD-BD15BFDF5C45@fastmail.com>

Not sure what?s going on at your end. I?m on MacOS and what 
sometimes happens to me
is that `pinentry` program hangs up for some reason so I can?t decrypt 
my passwords.

I?m not an expert but I believe this program is managed by `gpg-agent` 
so what I usually do
is that I restart it via `gpgconf --kill gpg-agent` and then it usually 
works fine.

You can still try using `gpg` directly to decrypt the items which should 
work unless something
is botched. I?d try logging out and logging in, maybe that?ll help 
as a quick fix.
To be honest I?ve never encountered that specific error message and my 
quick
online search hasn?t provided me with any information either.

On 21 Nov 2019, at 12:00, password-store-request at lists.zx2c4.com wrote:

> Send Password-Store mailing list submissions to
> 	password-store at lists.zx2c4.com
>
> To subscribe or unsubscribe via the World Wide Web, visit
> 	https://lists.zx2c4.com/mailman/listinfo/password-store
> or, via email, send a message with subject or body 'help' to
> 	password-store-request at lists.zx2c4.com
>
> You can reach the person managing the list at
> 	password-store-owner at lists.zx2c4.com
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Password-Store digest..."
>
>
> Today's Topics:
>
>    1. Problem listing password store (Andrea Gazzaniga)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Thu, 21 Nov 2019 11:19:25 +0100
> From: Andrea Gazzaniga <agazza at gmail.com>
> To: password-store at lists.zx2c4.com
> Subject: Problem listing password store
> Message-ID: <f42ecc58-e67f-1f1c-cab9-f01957995b86 at gmail.com>
> Content-Type: text/plain; charset=utf-8; format=flowed
>
> Hi,
>
> I'm new to pass and I've just started adding my sensitive info into 
> it.
> All was fine until today, after adding an entry, I get a line of
> unreadable answer when I ask the full list:
>
> $ pass
> Cc<...unreadable>C5L
>
> While if I ask? the list of a subfolder it works. Also QtPass can read
> the db just fine.
>
> I'm running version v1.7.3 on MacOs 10.13.6, installed from homebrew.
>
> Thanks,
> Andrea
>
>
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> Password-Store mailing list
> Password-Store at lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/password-store
>
>
> ------------------------------
>
> End of Password-Store Digest, Vol 78, Issue 6
> *********************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191121/93e71527/attachment.html>

From zhelezoff at gmail.com  Thu Nov 21 13:02:58 2019
From: zhelezoff at gmail.com (Vladimir Zhelezoff)
Date: Thu, 21 Nov 2019 13:02:58 +0100
Subject: Problem listing password store
In-Reply-To: <f42ecc58-e67f-1f1c-cab9-f01957995b86@gmail.com>
References: <f42ecc58-e67f-1f1c-cab9-f01957995b86@gmail.com>
Message-ID: <CAP_UGp=0d2gX_hyb0FvbuUfoP6aLcK5jKZ8yuFpsWQYcqcretg@mail.gmail.com>

I remember having this issue and for me the problem was a .gpg file in the
root password-store directory. Not sure how it got created but I've removed
it and all is fine now. So maybe check for any extraneous hidden files in
you password store root directory.

On Thu, Nov 21, 2019 at 11:20 AM Andrea Gazzaniga <agazza at gmail.com> wrote:

> Hi,
>
> I'm new to pass and I've just started adding my sensitive info into it.
> All was fine until today, after adding an entry, I get a line of
> unreadable answer when I ask the full list:
>
> $ pass
> Cc<...unreadable>C5L
>
> While if I ask  the list of a subfolder it works. Also QtPass can read
> the db just fine.
>
> I'm running version v1.7.3 on MacOs 10.13.6, installed from homebrew.
>
> Thanks,
> Andrea
>
> _______________________________________________
> Password-Store mailing list
> Password-Store at lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/password-store
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191121/33310fca/attachment.html>

From fabricius at autistici.org  Thu Nov 21 13:00:45 2019
From: fabricius at autistici.org (Fabricius Flamen)
Date: Thu, 21 Nov 2019 17:30:45 +0530
Subject: Problem listing password store
In-Reply-To: <f42ecc58-e67f-1f1c-cab9-f01957995b86@gmail.com>
References: <f42ecc58-e67f-1f1c-cab9-f01957995b86@gmail.com>
Message-ID: <87o8x5a0ig.fsf@autistici.org>


Andrea Gazzaniga <agazza at gmail.com> writes:

> I'm new to pass and I've just started adding my sensitive info into it.
> All was fine until today, after adding an entry, I get a line of
> unreadable answer when I ask the full list:
>
> $ pass
> Cc<...unreadable>C5L
>
> While if I ask  the list of a subfolder it works. Also QtPass can read
> the db just fine.

There is no db, just files that are stored in .password-store. Try
asking for list of all subfolder one by one to see what breaks
pass. Remove the bad entry and insert it again, maybe something went
wrong while saving that entry.

Pass uses this to find the list of entries:

tree -C -l --noreport "/home/<user>/.password-store" | tail -n +2 | sed
-E 's/\.gpg(\x1B\[[0-9]+m)?( ->|$)/\1\2/g'

Play with this to see what went wrong. If you are able to reproduce this
then tell us the name and subfolder of bad entry, just the name not
contents.

--
Fabricius Flamen
3E3825E0 D81106E8 6247DD6E 61B7073C 8217D187
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191121/1d71dce8/attachment.asc>

From zhelezoff at gmail.com  Thu Nov 21 13:21:49 2019
From: zhelezoff at gmail.com (Vladimir Zhelezoff)
Date: Thu, 21 Nov 2019 13:21:49 +0100
Subject: Problem listing password store
In-Reply-To: <87o8x5a0ig.fsf@autistici.org>
References: <f42ecc58-e67f-1f1c-cab9-f01957995b86@gmail.com>
 <87o8x5a0ig.fsf@autistici.org>
Message-ID: <CAP_UGpmL_HMJ6TTDotDaB0m+CjmChtynG9ixFD02QOfHGiz96A@mail.gmail.com>

Look at my previous reply, the faulty filename for me was a bare .gpg, so
hidden before more close investigation.

On Thu, Nov 21, 2019 at 1:17 PM Fabricius Flamen <fabricius at autistici.org>
wrote:

>
> Andrea Gazzaniga <agazza at gmail.com> writes:
>
> > I'm new to pass and I've just started adding my sensitive info into it.
> > All was fine until today, after adding an entry, I get a line of
> > unreadable answer when I ask the full list:
> >
> > $ pass
> > Cc<...unreadable>C5L
> >
> > While if I ask  the list of a subfolder it works. Also QtPass can read
> > the db just fine.
>
> There is no db, just files that are stored in .password-store. Try
> asking for list of all subfolder one by one to see what breaks
> pass. Remove the bad entry and insert it again, maybe something went
> wrong while saving that entry.
>
> Pass uses this to find the list of entries:
>
> tree -C -l --noreport "/home/<user>/.password-store" | tail -n +2 | sed
> -E 's/\.gpg(\x1B\[[0-9]+m)?( ->|$)/\1\2/g'
>
> Play with this to see what went wrong. If you are able to reproduce this
> then tell us the name and subfolder of bad entry, just the name not
> contents.
>
> --
> Fabricius Flamen
> 3E3825E0 D81106E8 6247DD6E 61B7073C 8217D187
> _______________________________________________
> Password-Store mailing list
> Password-Store at lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/password-store
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191121/a1b456da/attachment.html>

From fabricius at autistici.org  Thu Nov 21 13:25:56 2019
From: fabricius at autistici.org (Fabricius Flamen)
Date: Thu, 21 Nov 2019 17:55:56 +0530
Subject: Problem listing password store
In-Reply-To: <CAP_UGpmL_HMJ6TTDotDaB0m+CjmChtynG9ixFD02QOfHGiz96A@mail.gmail.com>
References: <f42ecc58-e67f-1f1c-cab9-f01957995b86@gmail.com>
 <87o8x5a0ig.fsf@autistici.org>
 <CAP_UGpmL_HMJ6TTDotDaB0m+CjmChtynG9ixFD02QOfHGiz96A@mail.gmail.com>
Message-ID: <87mucp9zwe.fsf@autistici.org>


Vladimir Zhelezoff <zhelezoff at gmail.com> writes:

> Look at my previous reply, the faulty filename for me was a bare .gpg, so
> hidden before more close investigation.

Yeah I read that and placing a dot file in my password-store root didn't
break pass. I don't think that is the issue here.

Please DO NOT reply to me directly and use the mailing list, whatever
client you are using sent this email to me instead of list.

--
Fabricius Flamen
3E3825E0 D81106E8 6247DD6E 61B7073C 8217D187
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191121/3ada1a9d/attachment-0001.asc>

From zhelezoff at gmail.com  Thu Nov 21 13:43:23 2019
From: zhelezoff at gmail.com (Vladimir Zhelezoff)
Date: Thu, 21 Nov 2019 13:43:23 +0100
Subject: Problem listing password store
In-Reply-To: <87mucp9zwe.fsf@autistici.org>
References: <f42ecc58-e67f-1f1c-cab9-f01957995b86@gmail.com>
 <87o8x5a0ig.fsf@autistici.org>
 <CAP_UGpmL_HMJ6TTDotDaB0m+CjmChtynG9ixFD02QOfHGiz96A@mail.gmail.com>
 <87mucp9zwe.fsf@autistici.org>
Message-ID: <CAP_UGpnMTi6E=B0KS8RH7UDS__qQMBc3g+e0jBJDcrA+sxy8eg@mail.gmail.com>

On Thu, Nov 21, 2019 at 1:28 PM Fabricius Flamen <fabricius at autistici.org>
wrote:

>
> Vladimir Zhelezoff <zhelezoff at gmail.com> writes:
>
> > Look at my previous reply, the faulty filename for me was a bare .gpg, so
> > hidden before more close investigation.
>
> Yeah I read that and placing a dot file in my password-store root didn't
> break pass. I don't think that is the issue here.
>
> Please DO NOT reply to me directly and use the mailing list, whatever
> client you are using sent this email to me instead of list.
>

--
> Fabricius Flamen
> 3E3825E0 D81106E8 6247DD6E 61B7073C 8217D187
>

Sorry, can use only Gmail's web interface right now. Anyway I can recreate
it by doing e.g.:

$ echo 'Hello pass' | gpg --encrypt --recipient PASSGPGID >
~/.password-store/.gpg
$ pass
Hello pass
$ rm ~/.password-store/.gpg
$ pass
listing follows as expected...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191121/152517ad/attachment.html>

From fabricius at autistici.org  Thu Nov 21 13:48:12 2019
From: fabricius at autistici.org (Fabricius Flamen)
Date: Thu, 21 Nov 2019 18:18:12 +0530
Subject: Problem listing password store
In-Reply-To: <CAP_UGpnMTi6E=B0KS8RH7UDS__qQMBc3g+e0jBJDcrA+sxy8eg@mail.gmail.com>
References: <f42ecc58-e67f-1f1c-cab9-f01957995b86@gmail.com>
 <87o8x5a0ig.fsf@autistici.org>
 <CAP_UGpmL_HMJ6TTDotDaB0m+CjmChtynG9ixFD02QOfHGiz96A@mail.gmail.com>
 <87mucp9zwe.fsf@autistici.org>
 <CAP_UGpnMTi6E=B0KS8RH7UDS__qQMBc3g+e0jBJDcrA+sxy8eg@mail.gmail.com>
Message-ID: <87lfs99ynb.fsf@autistici.org>


Vladimir Zhelezoff <zhelezoff at gmail.com> writes:

> Sorry, can use only Gmail's web interface right now. Anyway I can recreate
> it by doing e.g.:

When you reply put the lists address from Cc to To and remove my address
from there.

> $ echo 'Hello pass' | gpg --encrypt --recipient PASSGPGID >
> ~/.password-store/.gpg
> $ pass
> Hello pass
> $ rm ~/.password-store/.gpg
> $ pass
> listing follows as expected...

Weird, this tree output lists everthing and doesn't break which I
believe is what pass uses to list entries. Yeah maybe it is this issue.

tree -C -l --noreport "/home/<user>/.password-store" | tail -n +2 | sed -E 's/\.gpg(\x1B\[[0-9]+m)?( ->|$)/\1\2/g'

--
Fabricius Flamen
3E3825E0 D81106E8 6247DD6E 61B7073C 8217D187
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191121/f37cbb69/attachment.asc>

From congdanhqx at gmail.com  Thu Nov 21 14:20:29 2019
From: congdanhqx at gmail.com (Doan Tran Cong Danh)
Date: Thu, 21 Nov 2019 20:20:29 +0700
Subject: [PATCH] show/ls: handle pass file with empty basename
Message-ID: <20191121132029.10918-1-congdanhqx@gmail.com>

We're handling both show/ls with cmd_show, with a default to show
password if the password file exists and list if not.

In case of user have a .gpg file in the top level directory,
we will show that password because "$PREFIX/.gpg" exists.

It's surprising to some users, since our manual clearly states that
pass-show needs required argument.

Correct it by adding a check for number of arguments.

If users really want to show that password, they should explicitly ask
by:
    pass ""

Signed-off-by: Doan Tran Cong Danh <congdanhqx at gmail.com>
---
 src/password-store.sh     | 2 +-
 tests/t0020-show-tests.sh | 7 +++++++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/src/password-store.sh b/src/password-store.sh
index 1d119f2..c1ea2fd 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -379,7 +379,7 @@ cmd_show() {
 	local path="$1"
 	local passfile="$PREFIX/$path.gpg"
 	check_sneaky_paths "$path"
-	if [[ -f $passfile ]]; then
+	if [[ $# != 0 && -f $passfile ]]; then
 		if [[ $clip -eq 0 && $qrcode -eq 0 ]]; then
 			pass="$($GPG -d "${GPG_OPTS[@]}" "$passfile" | $BASE64)" || exit $?
 			echo "$pass" | $BASE64 -d
diff --git a/tests/t0020-show-tests.sh b/tests/t0020-show-tests.sh
index a4b782f..3836ed2 100755
--- a/tests/t0020-show-tests.sh
+++ b/tests/t0020-show-tests.sh
@@ -15,6 +15,13 @@ test_expect_success 'Test "show" command with spaces' '
 	[[ $("$PASS" show "I am a cred with lots of spaces") == "BLAH!!" ]]
 '
 
+test_expect_success 'Test "show/ls" command with empty name' '
+	"$PASS" insert -e ""<<<"BLAH!!!" &&
+	[[ $("$PASS" "") == "BLAH!!!" ]] &&
+	[[ $("$PASS" | wc -l) == 3 ]]
+'
+
+
 test_expect_success 'Test "show" of nonexistant password' '
 	test_must_fail "$PASS" show cred2
 '
-- 
2.24.0.158.gd77a74f4dd.dirty


From agazza at gmail.com  Thu Nov 21 15:32:07 2019
From: agazza at gmail.com (Andrea Gazzaniga)
Date: Thu, 21 Nov 2019 15:32:07 +0100
Subject: Problem listing password store
In-Reply-To: <87lfs99ynb.fsf@autistici.org>
References: <f42ecc58-e67f-1f1c-cab9-f01957995b86@gmail.com>
 <87o8x5a0ig.fsf@autistici.org>
 <CAP_UGpmL_HMJ6TTDotDaB0m+CjmChtynG9ixFD02QOfHGiz96A@mail.gmail.com>
 <87mucp9zwe.fsf@autistici.org>
 <CAP_UGpnMTi6E=B0KS8RH7UDS__qQMBc3g+e0jBJDcrA+sxy8eg@mail.gmail.com>
 <87lfs99ynb.fsf@autistici.org>
Message-ID: <d22f3e5f-5baf-bab3-daac-e2ffe9fa721a@gmail.com>

Hi,

it was indeed a .gpg file without name in the root folder - don't know 
how it was created (I just did a 'pass insert' before breaking it).

Thanks all guys, this community is amazing :)

Cheers,
Andrea

On 21/11/2019 13:48, Fabricius Flamen wrote:
> Vladimir Zhelezoff <zhelezoff at gmail.com> writes:
>
>> Sorry, can use only Gmail's web interface right now. Anyway I can recreate
>> it by doing e.g.:
> When you reply put the lists address from Cc to To and remove my address
> from there.
>
>> $ echo 'Hello pass' | gpg --encrypt --recipient PASSGPGID >
>> ~/.password-store/.gpg
>> $ pass
>> Hello pass
>> $ rm ~/.password-store/.gpg
>> $ pass
>> listing follows as expected...
> Weird, this tree output lists everthing and doesn't break which I
> believe is what pass uses to list entries. Yeah maybe it is this issue.
>
> tree -C -l --noreport "/home/<user>/.password-store" | tail -n +2 | sed -E 's/\.gpg(\x1B\[[0-9]+m)?( ->|$)/\1\2/g'
>
> --
> Fabricius Flamen
> 3E3825E0 D81106E8 6247DD6E 61B7073C 8217D187
>
> _______________________________________________
> Password-Store mailing list
> Password-Store at lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/password-store
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191121/21d60003/attachment.html>

From remi.lapeyre at lenstra.fr  Thu Nov 21 17:10:48 2019
From: remi.lapeyre at lenstra.fr (=?UTF-8?Q?R=C3=A9mi_Lapeyre?=)
Date: Thu, 21 Nov 2019 08:10:48 -0800
Subject: Problem listing password store
In-Reply-To: <d22f3e5f-5baf-bab3-daac-e2ffe9fa721a@gmail.com>
References: <f42ecc58-e67f-1f1c-cab9-f01957995b86@gmail.com>
 <87o8x5a0ig.fsf@autistici.org>
 <CAP_UGpmL_HMJ6TTDotDaB0m+CjmChtynG9ixFD02QOfHGiz96A@mail.gmail.com>
 <87mucp9zwe.fsf@autistici.org>
 <CAP_UGpnMTi6E=B0KS8RH7UDS__qQMBc3g+e0jBJDcrA+sxy8eg@mail.gmail.com>
 <87lfs99ynb.fsf@autistici.org>
 <d22f3e5f-5baf-bab3-daac-e2ffe9fa721a@gmail.com>
Message-ID: <CAFsReqSw-stKJyQK4k6Kbd7Av+wsxOUXy-GO68fz6k-+2GwkXg@mail.gmail.com>

I sent a patch to fix this a few weeks back when I got this issue:
https://lists.zx2c4.com/pipermail/password-store/2019-July/003698.html

I think it?s ready to be merged but will make any appropriate change if
needed.



Le 21 novembre 2019 ? 15:35:17, Andrea Gazzaniga (agazza at gmail.com) a ?crit:

Hi,

it was indeed a .gpg file without name in the root folder - don't know how
it was created (I just did a 'pass insert' before breaking it).

Thanks all guys, this community is amazing :)

Cheers,
Andrea
On 21/11/2019 13:48, Fabricius Flamen wrote:

Vladimir Zhelezoff <zhelezoff at gmail.com> <zhelezoff at gmail.com> writes:


Sorry, can use only Gmail's web interface right now. Anyway I can recreate
it by doing e.g.:

When you reply put the lists address from Cc to To and remove my address
from there.


$ echo 'Hello pass' | gpg --encrypt --recipient PASSGPGID >
~/.password-store/.gpg
$ pass
Hello pass
$ rm ~/.password-store/.gpg
$ pass
listing follows as expected...

Weird, this tree output lists everthing and doesn't break which I
believe is what pass uses to list entries. Yeah maybe it is this issue.

tree -C -l --noreport "/home/<user>/.password-store" | tail -n +2 |
sed -E 's/\.gpg(\x1B\[[0-9]+m)?( ->|$)/\1\2/g'

--
Fabricius Flamen
3E3825E0 D81106E8 6247DD6E 61B7073C 8217D187


_______________________________________________
Password-Store mailing
listPassword-Store at lists.zx2c4.comhttps://lists.zx2c4.com/mailman/listinfo/password-store

_______________________________________________
Password-Store mailing list
Password-Store at lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/password-store
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191121/a07a0563/attachment-0001.html>

From grmat at sub.red  Thu Nov 21 17:17:12 2019
From: grmat at sub.red (grmat)
Date: Thu, 21 Nov 2019 17:17:12 +0100
Subject: [PATCH] clip: add option for wl-copy --paste-once
In-Reply-To: <53170c87-c226-990b-54e7-e1b8ddd205d2@sub.red>
References: <53170c87-c226-990b-54e7-e1b8ddd205d2@sub.red>
Message-ID: <20191121161712.72602-1-grmat@sub.red>

If environment variable PASSWORD_STORE_PASTE_ONCE is set, the clipboard
is cleared immediately after pasting.
---
 man/pass.1            | 4 ++++
 src/password-store.sh | 5 +++++
 2 files changed, 9 insertions(+)

diff --git a/man/pass.1 b/man/pass.1
index a555dcb..9101e27 100644
--- a/man/pass.1
+++ b/man/pass.1
@@ -429,6 +429,10 @@ for more info.
 Specifies the number of seconds to wait before restoring the clipboard, by default
 \fI45\fP seconds.
 .TP
+.I PASSWORD_STORE_PASTE_ONCE
+If this variable is set to \fItrue\fP, the clipboard is cleared immediately after the copied
+password has been pasted. This currently works only under wayland, using \fBwl-clipboard\fP.
+.TP
 .I PASSWORD_STORE_UMASK
 Sets the umask of all files modified by pass, by default \fI077\fP.
 .TP
diff --git a/src/password-store.sh b/src/password-store.sh
index 1d119f2..ecc5154 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -16,6 +16,7 @@ PREFIX="${PASSWORD_STORE_DIR:-$HOME/.password-store}"
 EXTENSIONS="${PASSWORD_STORE_EXTENSIONS_DIR:-$PREFIX/.extensions}"
 X_SELECTION="${PASSWORD_STORE_X_SELECTION:-clipboard}"
 CLIP_TIME="${PASSWORD_STORE_CLIP_TIME:-45}"
+PASTE_ONCE="${PASSWORD_STORE_PASTE_ONCE:-false}"
 GENERATED_LENGTH="${PASSWORD_STORE_GENERATED_LENGTH:-25}"
 CHARACTER_SET="${PASSWORD_STORE_CHARACTER_SET:-[:punct:][:alnum:]}"
 CHARACTER_SET_NO_SYMBOLS="${PASSWORD_STORE_CHARACTER_SET_NO_SYMBOLS:-[:alnum:]}"
@@ -153,12 +154,16 @@ check_sneaky_paths() {
 
 clip() {
 	if [[ -n $WAYLAND_DISPLAY ]]; then
+
 		local copy_cmd=( wl-copy )
 		local paste_cmd=( wl-paste -n )
 		if [[ $X_SELECTION == primary ]]; then
 			copy_cmd+=( --primary )
 			paste_cmd+=( --primary )
 		fi
+		if [[ $PASTE_ONCE == true ]]; then
+			copy_cmd+=( --paste-once )
+		fi
 		local display_name="$WAYLAND_DISPLAY"
 	elif [[ -n $DISPLAY ]]; then
 		local copy_cmd=( xclip -selection "$X_SELECTION" )
-- 
2.24.0


From impoorbuthappy at gmail.com  Tue Nov 26 06:30:57 2019
From: impoorbuthappy at gmail.com (Natalia Cruz)
Date: Tue, 26 Nov 2019 00:30:57 -0500
Subject: Sublime Text and Tab Completion
Message-ID: <CAKqzJtLdWmNt2Xu6hSvK-+=8fKEikEEnJr4xhyOKaGwMjv3F_g@mail.gmail.com>

Hello,

I would like to use Sublime Text when editing. I've tried using echo EDITOR
in several different ways but I think I need to use it explicitly with pass
and I'm not sure how to do that. Could you please explain it step by step?

I would like to use tab completion but it is not working.

Can someone please help me with these things?

Mac 10.15.1

Thanks,
Natalie
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191126/e09c0bc7/attachment.html>

From liberius at autistici.org  Tue Nov 26 07:27:55 2019
From: liberius at autistici.org (Liberius Clavus)
Date: Tue, 26 Nov 2019 11:57:55 +0530
Subject: Sublime Text and Tab Completion
In-Reply-To: <CAKqzJtLdWmNt2Xu6hSvK-+=8fKEikEEnJr4xhyOKaGwMjv3F_g@mail.gmail.com>
References: <CAKqzJtLdWmNt2Xu6hSvK-+=8fKEikEEnJr4xhyOKaGwMjv3F_g@mail.gmail.com>
Message-ID: <875zj7xic4.fsf@xenon.liberius>


Natalia Cruz <impoorbuthappy at gmail.com> writes:

> I would like to use Sublime Text when editing. I've tried using echo EDITOR
> in several different ways but I think I need to use it explicitly with pass
> and I'm not sure how to do that. Could you please explain it step by step?

Use `export EDITOR=your_editor` (place it in your rc file), you can also
run `EDITOR=your_editor pass` if you want to use it with pass only.

> I would like to use tab completion but it is not working.

https://wiki.archlinux.org/index.php/Pass <- search for completion on
this page and follow that.

--
Liberius Clavus
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191126/65955d80/attachment.asc>

From matthias at bullbytes.com  Tue Nov 26 09:32:48 2019
From: matthias at bullbytes.com (Matthias Braun)
Date: Tue, 26 Nov 2019 09:32:48 +0100
Subject: pass edit with non-GUI editor
Message-ID: <20191126083248.GE70874@zurich>

I'd like to open a password entry using NeoVim in a terminal window.

This is my current script:

    #!/usr/bin/env bash

    shopt -s nullglob globstar

    prefix=${PASSWORD_STORE_DIR-~/.password-store}
    password_files=( "$prefix"/**/*.gpg )

    # Remove the password store directories from its entries
    password_files=( "${password_files[@]#"$prefix"/}" )
    # Remove the ".gpg" ending
    password_files=( "${password_files[@]%.gpg}" )

    password_entry=$(printf '%s\n' "${password_files[@]}" | rofi -dmenu "$@")

    [[ -n $password_entry ]] || exit

    pass edit "$password_entry"

What I'd like to do is make `pass edit` open a new instance of termite (my terminal emulator) and pass the temporary file containing the password entry to NeoVim.

Is there a way to do this?

From liberius at autistici.org  Tue Nov 26 10:11:31 2019
From: liberius at autistici.org (Liberius Clavus)
Date: Tue, 26 Nov 2019 14:41:31 +0530
Subject: pass edit with non-GUI editor
In-Reply-To: <20191126083248.GE70874@zurich>
References: <20191126083248.GE70874@zurich>
Message-ID: <874kyrxarg.fsf@xenon.liberius>


Matthias Braun <matthias at bullbytes.com> writes:

> I'd like to open a password entry using NeoVim in a terminal window.
>
> This is my current script:
>
>     #!/usr/bin/env bash
>
>     shopt -s nullglob globstar
>
>     prefix=${PASSWORD_STORE_DIR-~/.password-store}
>     password_files=( "$prefix"/**/*.gpg )
>
>     # Remove the password store directories from its entries
>     password_files=( "${password_files[@]#"$prefix"/}" )
>     # Remove the ".gpg" ending
>     password_files=( "${password_files[@]%.gpg}" )
>
>     password_entry=$(printf '%s\n' "${password_files[@]}" | rofi -dmenu "$@")
>
>     [[ -n $password_entry ]] || exit
>
>     pass edit "$password_entry"
>
> What I'd like to do is make `pass edit` open a new instance of termite (my terminal emulator) and pass the temporary file containing the password entry to NeoVim.

From what I understand when you select the entry from dmenu you want it
to open a terminal emulator and edit that pass entry. If that's the case
then you should read the manual for termite.

For urxvt and xterm you can do, `urxvt/xterm -e sh -c "pass edit
entry"`. Does this work on termite?

--
Liberius Clavus
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191126/06df7e2b/attachment.asc>

From matthias at bullbytes.com  Tue Nov 26 15:47:05 2019
From: matthias at bullbytes.com (Matthias Braun)
Date: Tue, 26 Nov 2019 15:47:05 +0100
Subject: pass edit with non-GUI editor
In-Reply-To: <874kyrxarg.fsf@xenon.liberius>
References: <20191126083248.GE70874@zurich>
 <874kyrxarg.fsf@xenon.liberius>
Message-ID: <20191126144705.GA1861419@zurich>

On 2019-11-26 at 10:11:31, Liberius Clavus (liberius at autistici.org) wrote:
> 
> Matthias Braun <matthias at bullbytes.com> writes:
> 
> > I'd like to open a password entry using NeoVim in a terminal window.
> >
> > This is my current script:
> >
> >     #!/usr/bin/env bash
> >
> >     shopt -s nullglob globstar
> >
> >     prefix=${PASSWORD_STORE_DIR-~/.password-store}
> >     password_files=( "$prefix"/**/*.gpg )
> >
> >     # Remove the password store directories from its entries
> >     password_files=( "${password_files[@]#"$prefix"/}" )
> >     # Remove the ".gpg" ending
> >     password_files=( "${password_files[@]%.gpg}" )
> >
> >     password_entry=$(printf '%s\n' "${password_files[@]}" | rofi -dmenu "$@")
> >
> >     [[ -n $password_entry ]] || exit
> >
> >     pass edit "$password_entry"
> >
> > What I'd like to do is make `pass edit` open a new instance of termite (my terminal emulator) and pass the temporary file containing the password entry to NeoVim.
> 
> From what I understand when you select the entry from dmenu you want it
> to open a terminal emulator and edit that pass entry. If that's the case
> then you should read the manual for termite.
> 
> For urxvt and xterm you can do, `urxvt/xterm -e sh -c "pass edit
> entry"`. Does this work on termite?
> 
> --
> Liberius Clavus

Thanks Liberius Clavus, I figured it out:

    # This opens the entry in the $EDITOR inside a new termite instance
    termite -e "pass edit "$password_entry"" 2> /dev/null


> _______________________________________________
> Password-Store mailing list
> Password-Store at lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/password-store


From liberius at autistici.org  Tue Nov 26 19:30:26 2019
From: liberius at autistici.org (Liberius Clavus)
Date: Wed, 27 Nov 2019 00:00:26 +0530
Subject: Sublime Text and Tab Completion
In-Reply-To: <CAKqzJtKwUsxF-KMOxF_A45F5yC8EfjRzOSSKdMhXsQSwbf=p5Q@mail.gmail.com>
References: <CAKqzJtLdWmNt2Xu6hSvK-+=8fKEikEEnJr4xhyOKaGwMjv3F_g@mail.gmail.com>
 <875zj7xic4.fsf@xenon.liberius>
 <CAKqzJt+EyU3YGgdgrN01uwkowMXDnt_p_UFrxta54=nMHoObZA@mail.gmail.com>
 <87k17ma8d4.fsf@xenon.liberius>
 <CAKqzJtKwUsxF-KMOxF_A45F5yC8EfjRzOSSKdMhXsQSwbf=p5Q@mail.gmail.com>
Message-ID: <87h82qa3st.fsf@xenon.liberius>


Natalia Cruz <impoorbuthappy at gmail.com> writes:

> On Tue, Nov 26, 2019 at 11:52 AM Liberius Clavus <liberius at autistici.org>
> wrote:
>>
>> > I'm using zsh and was going to try using bash but I was unable to get
>> past
>> > the first part which stated to make sure bash_completion was installed.
>> > Getting tab completion to work seems a bit more complicated and a bit
>> over
>> > my current knowledge base. I'm wondering if someone could give me
>> > step-by-step instructions on how to enable zsh tab completion on MacOS?
>> :)
>>
>> I am not familiar with zsh, look at this zsh guide for completion:
>> zsh.sourceforge.net/Guide/zshguide06.html
>>
>> Maybe this can help:
>> https://wiki.archlinux.org/index.php/Zsh#Command_completion
>>
>> If you can't figure it out with these links then ask on their mailing
>> list or irc channel.
>
> Thank you! This worked! I love pass! <3
>
>> Please don't top post.
>
> Interesting. I've never had to do that before but I found an entire article
> that discusses list etiquette ;) Hopefully this is the correct formatting
> this time. I like to learn.

I see that you are new to this, please DO NOT send personal emails and
instead reply to the list. I just discovered all our conversations
didn't came from the list. Whatever client you are using should be
configured to reply to list, that helps everyone.

If you are not able to configure your client to do that then please
choose a better client.

--
Liberius Clavus
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191127/29a08b83/attachment.asc>

From matt at connell.tech  Wed Nov 27 05:18:28 2019
From: matt at connell.tech (Matt Connell)
Date: Wed, 27 Nov 2019 05:18:28 +0100 (CET)
Subject: Sublime Text and Tab Completion
In-Reply-To: <87h82qa3st.fsf@xenon.liberius>
References: <CAKqzJtLdWmNt2Xu6hSvK-+=8fKEikEEnJr4xhyOKaGwMjv3F_g@mail.gmail.com>
 <875zj7xic4.fsf@xenon.liberius>
 <CAKqzJt+EyU3YGgdgrN01uwkowMXDnt_p_UFrxta54=nMHoObZA@mail.gmail.com>
 <87k17ma8d4.fsf@xenon.liberius>
 <CAKqzJtKwUsxF-KMOxF_A45F5yC8EfjRzOSSKdMhXsQSwbf=p5Q@mail.gmail.com>
 <87h82qa3st.fsf@xenon.liberius>
Message-ID: <2f5d91af-c161-56dd-4113-0f700a9359dc@connell.tech>

On 2019-11-26 12:30, Liberius Clavus wrote:
> Whatever client you are using should be
> configured to reply to list, that helps everyone.
> 
> If you are not able to configure your client to do that then please
> choose a better client.

For what it is worth, reply-list is the default behavior in Thunderbird.  Mailing lists are the perfect place for this feature.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191127/91ec4962/attachment.asc>

From madduck at madduck.net  Thu Nov 28 00:33:18 2019
From: madduck at madduck.net (martin f. krafft)
Date: Thu, 28 Nov 2019 12:33:18 +1300
Subject: (fwd) [PATCH] Use eval() to shell-parse $EDITOR for pass-edit
In-Reply-To: <20190812052123.21737-1-madduck@madduck.net>
Message-ID: <20191127233318.GA34077@lotus.rw.madduck.net>

Hello,

Wondering if there's anything I can do to further facilitate?
acceptance of this patch I sent 3 months ago?

Thank you,
martin

----- Forwarded message from "martin f. krafft" <madduck at madduck.net> -----

Date: Mon, 12 Aug 2019 17:21:23 +1200
From: "martin f. krafft" <madduck at madduck.net>
To: password-store at lists.zx2c4.com
Cc: "martin f. krafft" <madduck at madduck.net>
Subject: [PATCH] Use eval() to shell-parse $EDITOR for
	pass-edit
Message-Id: <20190812052123.21737-1-madduck at madduck.net>
X-Spam: no (crm114:16.49 SA:-102.1)
X-Justme: from machine in my domain

Enables shell-parsing of $EDITOR when executing its contents on
temporary files during `pass edit`.

Previously, trying to invoke e.g. vim with a set of commands, such as

```
vim -c 'set nostmp'
```

would result in `pass` calling

```
execve("/usr/bin/vim", ["vim", "-c", "'set", "nostmp'", "/dev/shm/pass.?"...], ?
```

i.e. it would ignore quotes when splitting up the command line.

With this patch, the editor is properly called:

```
execve("/usr/bin/vim", ["vim", "-c", "set nostmp", "/dev/shm/pass.?"...], ?
```

Signed-off-by: martin f. krafft <madduck at madduck.net>
---
  src/password-store.sh     |  2 +-
  tests/t0201-edit-tests.sh | 17 +++++++++++++++++
  2 files changed, 18 insertions(+), 1 deletion(-)
  create mode 100755 tests/t0201-edit-tests.sh

diff --git a/src/password-store.sh b/src/password-store.sh
index 1d119f2..46425f9 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -497,7 +497,7 @@ cmd_edit() {
  		$GPG -d -o "$tmp_file" "${GPG_OPTS[@]}" "$passfile" || exit 1
  		action="Edit"
  	fi
-	${EDITOR:-vi} "$tmp_file"
+	eval ${EDITOR:-vi} "$tmp_file"
  	[[ -f $tmp_file ]] || die "New password not saved."
  	$GPG -d -o - "${GPG_OPTS[@]}" "$passfile" 2>/dev/null | diff - "$tmp_file" &>/dev/null && die "Password unchanged."
  	while ! $GPG -e "${GPG_RECIPIENT_ARGS[@]}" -o "$passfile" "${GPG_OPTS[@]}" "$tmp_file"; do
diff --git a/tests/t0201-edit-tests.sh b/tests/t0201-edit-tests.sh
new file mode 100755
index 0000000..8f32881
--- /dev/null
+++ b/tests/t0201-edit-tests.sh
@@ -0,0 +1,17 @@
+#!/usr/bin/env bash
+
+test_description='Test edit with spaces in $EDITOR'
+cd "$(dirname "$0")"
+. ./setup.sh
+
+test_expect_success 'Test shell-parsing of $EDITOR' '
+	"$PASS" init $KEY1 &&
+	"$PASS" generate cred1 90 &&
+	export PASSWORD_WITH_SPACE="Password with space" &&
+	export EDITOR="sed -i -e \"1s,^.*\$,$PASSWORD_WITH_SPACE,\"" &&
+	"$PASS" edit cred1 2> /tmp/cred1 &&
+	"$PASS" show cred1 > /tmp/cred1 &&
+	[[ $("$PASS" show cred1) == "$PASSWORD_WITH_SPACE" ]]
+'
+
+test_done

-- 
@martinkrafft | https://riot.im/app/#/room/#madduck:madduck.net
  
"when a gentoo admin tells me that the KISS principle is good for
  'busy sysadmins', and that it's not an evolutionary step backwards,
  i wonder whether their tape is already running backwards."
  
spamtraps: madduck.bogus at madduck.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191128/9ac48507/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: digital_signature_gpg.asc
Type: application/pgp-signature
Size: 1187 bytes
Desc: Digital GPG signature (see http://martin-krafft.net/gpg/sig-policy/999bbcc4/current)
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191128/9ac48507/attachment.asc>

From madduck at madduck.net  Thu Nov 28 00:34:31 2019
From: madduck at madduck.net (martin f. krafft)
Date: Thu, 28 Nov 2019 12:34:31 +1300
Subject: (fwd) [PATCH v2] Unset variables messing with Git use
In-Reply-To: <20190813222655.3524-1-madduck@madduck.net>
Message-ID: <20191127233431.GB34077@lotus.rw.madduck.net>

Hello,

Wondering if there's anything I can do to further
facilitate acceptance of this patch I sent 3 months ago?

Thank you,
martin

----- Forwarded message from "martin f. krafft" 
<madduck at madduck.net> -----

Date: Wed, 14 Aug 2019 10:26:55 +1200
From: "martin f. krafft" <madduck at madduck.net>
To: password-store at lists.zx2c4.com
Cc: "martin f. krafft" <madduck at madduck.net>
Subject: [PATCH v2] Unset variables messing with Git
	use
Message-Id: <20190813222655.3524-1-madduck at madduck.net>
X-Spam: no (crm114:17.14 SA:-102.1)
X-Justme: from machine in my domain

This patch makes sure that variables from the environment cannot
override e.g. the Git directory to operate on, as well as other critical
parts of Git operations. These variables are:

   - GIT_DIR
   - GIT_WORK_TREE
   - GIT_NAMESPACE
   - GIT_INDEX_FILE
   - GIT_INDEX_VERSION
   - GIT_OBJECT_DIRECTORY
   - GIT_COMMON_DIR

If any of those are set, pass might end up operating on another
repository, and things would break.

I caught this having GIT_DIR set, but fortunately the other repository
had a .gitignore that would have ignored the file:

```
fishbowl~% echo $GIT_DIR
/home/madduck/.config/vcsh/repo.d/zsh.git

fishbowl~% pass generate test
The following paths are ignored by one of your .gitignore files:
.password-store/test.gpg
Use -f if you really want to add them.
The generated password for test is:
?
```

The result was an orphan file `test.gpg` in the password-store root.

Signed-off-by: martin f. krafft <madduck at madduck.net>
---
  src/password-store.sh | 4 ++++
  1 file changed, 4 insertions(+)

diff --git a/src/password-store.sh b/src/password-store.sh
index 1d119f2..ddb30f2 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -20,6 +20,10 @@ GENERATED_LENGTH="${PASSWORD_STORE_GENERATED_LENGTH:-25}"
  CHARACTER_SET="${PASSWORD_STORE_CHARACTER_SET:-[:punct:][:alnum:]}"
  CHARACTER_SET_NO_SYMBOLS="${PASSWORD_STORE_CHARACTER_SET_NO_SYMBOLS:-[:alnum:]}"

+unset GIT_DIR GIT_WORK_TREE GIT_NAMESPACE \
+  GIT_INDEX_FILE GIT_INDEX_VERSION \
+  GIT_OBJECT_DIRECTORY GIT_COMMON_DIR
+
  export GIT_CEILING_DIRECTORIES="$PREFIX/.."

  #

-- 
@martinkrafft | https://riot.im/app/#/room/#madduck:madduck.net
  
"most people become bankrupt through having invested too heavily in
  the prose of life. to have ruined one's self over poetry is an
  honour."
                                                       -- oscar wilde
  
spamtraps: madduck.bogus at madduck.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191128/cd9ba3b6/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: digital_signature_gpg.asc
Type: application/pgp-signature
Size: 1187 bytes
Desc: Digital GPG signature (see http://martin-krafft.net/gpg/sig-policy/999bbcc4/current)
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191128/cd9ba3b6/attachment.asc>

From Jason at zx2c4.com  Thu Nov 28 12:14:53 2019
From: Jason at zx2c4.com (Jason A. Donenfeld)
Date: Thu, 28 Nov 2019 12:14:53 +0100
Subject: [PATCH] Use eval() to shell-parse $EDITOR for pass-edit
In-Reply-To: <20190812052123.21737-1-madduck@madduck.net>
References: <20190812052123.21737-1-madduck@madduck.net>
Message-ID: <CAHmME9rtw-4HMe5edA_UeDDCut5P6rK08nUzXoYqj7Fr+mUX3w@mail.gmail.com>

Do you have any other examples of EDITOR being eval'd in this manner?

From kjetil.homme at redpill-linpro.com  Thu Nov 28 13:11:30 2019
From: kjetil.homme at redpill-linpro.com (Kjetil Torgrim Homme)
Date: Thu, 28 Nov 2019 13:11:30 +0100
Subject: [PATCH] Use eval() to shell-parse $EDITOR for pass-edit
In-Reply-To: <CAHmME9rtw-4HMe5edA_UeDDCut5P6rK08nUzXoYqj7Fr+mUX3w@mail.gmail.com>
References: <20190812052123.21737-1-madduck@madduck.net>
 <CAHmME9rtw-4HMe5edA_UeDDCut5P6rK08nUzXoYqj7Fr+mUX3w@mail.gmail.com>
Message-ID: <ca244b35-55af-4129-0f00-eb4bb296d498@redpill-linpro.com>

Den 28.11.2019 12:14, skreiv Jason A. Donenfeld:
> Do you have any other examples of EDITOR being eval'd in this manner?
> 

I agree with your skepticism.  It is best if pass(1) handles $EDITOR
like other scripts, I'm wary of breaking other people's setup.

I would write a trivial wrapper ~/bin/vimsecure and use that as my
$EDITOR, or even simpler, use EDITOR=vi :)

'shelltemp' 'stmp'	boolean	(Vi default off, Vim default on)
			global
			{not in Vi}

-- 
Kjetil T. Homme
Redpill Linpro - Changing the game

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191128/ac1ce26c/attachment.asc>

From Jason at zx2c4.com  Thu Nov 28 13:52:31 2019
From: Jason at zx2c4.com (Jason A. Donenfeld)
Date: Thu, 28 Nov 2019 13:52:31 +0100
Subject: [PATCH] Use eval() to shell-parse $EDITOR for pass-edit
In-Reply-To: <ca244b35-55af-4129-0f00-eb4bb296d498@redpill-linpro.com>
References: <20190812052123.21737-1-madduck@madduck.net>
 <CAHmME9rtw-4HMe5edA_UeDDCut5P6rK08nUzXoYqj7Fr+mUX3w@mail.gmail.com>
 <ca244b35-55af-4129-0f00-eb4bb296d498@redpill-linpro.com>
Message-ID: <CAHmME9psP=_6ApLsyhy3sJ-kR13ZUvJvYLZg7aurzN7PNK6rYg@mail.gmail.com>

On Thu, Nov 28, 2019 at 1:12 PM Kjetil Torgrim Homme
<kjetil.homme at redpill-linpro.com> wrote:
>
> Den 28.11.2019 12:14, skreiv Jason A. Donenfeld:
> > Do you have any other examples of EDITOR being eval'd in this manner?
> >
>
> I agree with your skepticism.  It is best if pass(1) handles $EDITOR
> like other scripts, I'm wary of breaking other people's setup.

I'm not expressing skepticism. I'm genuinely interested to see other examples.

From Jason at zx2c4.com  Thu Nov 28 13:54:30 2019
From: Jason at zx2c4.com (Jason A. Donenfeld)
Date: Thu, 28 Nov 2019 13:54:30 +0100
Subject: [PATCH] Unset variables messing with Git use
In-Reply-To: <20190813095353.328-1-madduck@madduck.net>
References: <20190813095353.328-1-madduck@madduck.net>
Message-ID: <CAHmME9omx5CD3xOXx98M5o3Ux=0Z+Jvcqx5gxa_jHaA_OVhzmw@mail.gmail.com>

Thanks for the patch. Sorry for the delay.

https://git.zx2c4.com/password-store/commit/?id=88936b11aff49e48f79842e4628c55620e0ad736

From madduck at madduck.net  Thu Nov 28 19:43:54 2019
From: madduck at madduck.net (martin f. krafft)
Date: Fri, 29 Nov 2019 07:43:54 +1300
Subject: [PATCH] Use eval() to shell-parse $EDITOR for pass-edit
In-Reply-To: <ca244b35-55af-4129-0f00-eb4bb296d498@redpill-linpro.com>
References: <20190812052123.21737-1-madduck@madduck.net>
 <CAHmME9rtw-4HMe5edA_UeDDCut5P6rK08nUzXoYqj7Fr+mUX3w@mail.gmail.com>
 <ca244b35-55af-4129-0f00-eb4bb296d498@redpill-linpro.com>
Message-ID: <20191128184354.GB1245347@fishbowl.rw.madduck.net>

Regarding the following, written by "Kjetil Torgrim Homme" on 2019-11-28 at 13:11 Uhr +0100:
>I would write a trivial wrapper ~/bin/vimsecure and use that as my 
>$EDITOR, or even simpler, use EDITOR=vi :)

Yeah, I can do that instead. I agree that my patch may be too risky.

Best,

-- 
@martinkrafft | https://riot.im/app/#/room/#madduck:madduck.net
  
"doesn't he know who i think i am?"
                                                      -- phil collins
  
spamtraps: madduck.bogus at madduck.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191129/7c6a90cc/attachment.html>

From Jason at zx2c4.com  Thu Nov 28 21:25:45 2019
From: Jason at zx2c4.com (Jason A. Donenfeld)
Date: Thu, 28 Nov 2019 21:25:45 +0100
Subject: [PATCH] Use eval() to shell-parse $EDITOR for pass-edit
In-Reply-To: <20191128184354.GB1245347@fishbowl.rw.madduck.net>
References: <20190812052123.21737-1-madduck@madduck.net>
 <CAHmME9rtw-4HMe5edA_UeDDCut5P6rK08nUzXoYqj7Fr+mUX3w@mail.gmail.com>
 <ca244b35-55af-4129-0f00-eb4bb296d498@redpill-linpro.com>
 <20191128184354.GB1245347@fishbowl.rw.madduck.net>
Message-ID: <CAHmME9q4ycPR0jwfX9zwi768J6=DhOKnbsoCbsMVCpz6OfV+3g@mail.gmail.com>

On Thu, Nov 28, 2019, 19:44 martin f. krafft <madduck at madduck.net> wrote:

> Regarding the following, written by "Kjetil Torgrim Homme" on 2019-11-28
> at 13:11 Uhr +0100:
>
> I would write a trivial wrapper ~/bin/vimsecure and use that as my
> $EDITOR, or even simpler, use EDITOR=vi :)
>
> Yeah, I can do that instead. I agree that my patch may be too risky.
>

I *don't* agree that it's too risky. Rather, I'm interested in learning if
there's precedent for the change before we make it. Can you research how
EDITOR is handled elsewhere, please?

Best,
> --
> @martinkrafft | https://riot.im/app/#/room/#madduck:madduck.net
>
> "doesn't he know who i think i am?"
> -- phil collins
>
> spamtraps: madduck.bogus at madduck.net
> _______________________________________________
> Password-Store mailing list
> Password-Store at lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/password-store
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191128/d3b31bc9/attachment-0001.html>

From madduck at madduck.net  Thu Nov 28 21:51:42 2019
From: madduck at madduck.net (martin f. krafft)
Date: Fri, 29 Nov 2019 09:51:42 +1300
Subject: [PATCH] Use eval() to shell-parse $EDITOR for pass-edit
In-Reply-To: <CAHmME9q4ycPR0jwfX9zwi768J6=DhOKnbsoCbsMVCpz6OfV+3g@mail.gmail.com>
References: <20190812052123.21737-1-madduck@madduck.net>
 <CAHmME9rtw-4HMe5edA_UeDDCut5P6rK08nUzXoYqj7Fr+mUX3w@mail.gmail.com>
 <ca244b35-55af-4129-0f00-eb4bb296d498@redpill-linpro.com>
 <20191128184354.GB1245347@fishbowl.rw.madduck.net>
 <CAHmME9q4ycPR0jwfX9zwi768J6=DhOKnbsoCbsMVCpz6OfV+3g@mail.gmail.com>
Message-ID: <20191128205142.GA61624@lotus.rw.madduck.net>

Regarding the following, written by "Jason A. Donenfeld" on 2019-11-28 at 21:25 Uhr +0100:
>I *don't* agree that it's too risky. Rather, I'm 
>interested in learning if there's precedent for the 
>change before we make it. Can you research how EDITOR is 
>handled elsewhere, please?

Debian's sensible-editor doesn't use eval.

/usr/bin/bashbug doesn't use eval.

/usr/bin/git-authors doesn't use eval.

That's all I have in /usr/bin here ;)

-- 
@martinkrafft | https://riot.im/app/#/room/#madduck:madduck.net
  
for years, we have thought that a million monkeys typing at a million
typewriters would eventually produce the complete works of shakespeare.
today, thanks to the internet, we know this is not true.
  
spamtraps: madduck.bogus at madduck.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191129/eaa14202/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: digital_signature_gpg.asc
Type: application/pgp-signature
Size: 1187 bytes
Desc: Digital GPG signature (see http://martin-krafft.net/gpg/sig-policy/999bbcc4/current)
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191129/eaa14202/attachment.asc>

From t-passwd at girst.at  Thu Nov 28 22:00:00 2019
From: t-passwd at girst.at (Tobias Girstmair)
Date: Thu, 28 Nov 2019 22:00:00 +0100
Subject: [PATCH] Use eval() to shell-parse $EDITOR for pass-edit
In-Reply-To: <20191128205142.GA61624@lotus.rw.madduck.net>
References: <20190812052123.21737-1-madduck@madduck.net>
 <CAHmME9rtw-4HMe5edA_UeDDCut5P6rK08nUzXoYqj7Fr+mUX3w@mail.gmail.com>
 <ca244b35-55af-4129-0f00-eb4bb296d498@redpill-linpro.com>
 <20191128184354.GB1245347@fishbowl.rw.madduck.net>
 <CAHmME9q4ycPR0jwfX9zwi768J6=DhOKnbsoCbsMVCpz6OfV+3g@mail.gmail.com>
 <20191128205142.GA61624@lotus.rw.madduck.net>
Message-ID: <20191128210000.GA15174@girst.at>

On Fri, Nov 29, 2019 at 09:51:42AM +1300, martin f. krafft wrote:
>That's all I have in /usr/bin here ;)

I've got /usr/bin/i3-sensible-editor and it _does_ eval it (not that i 
have a strong opinion on this topic):

    for editor in "$VISUAL" "$EDITOR" nano nvim vim vi emacs pico qe mg jed gedit mcedit gvim; do
	if command -v "$editor" > /dev/null 2>&1; then
	    exec "$editor" "$@"
	fi
    done

From lists+pass at simplit.com  Thu Nov 28 22:15:24 2019
From: lists+pass at simplit.com (Allan Odgaard)
Date: Thu, 28 Nov 2019 22:15:24 +0100
Subject: [PATCH] Use eval() to shell-parse $EDITOR for pass-edit
In-Reply-To: <20191128210000.GA15174@girst.at>
References: <20190812052123.21737-1-madduck@madduck.net>
 <CAHmME9rtw-4HMe5edA_UeDDCut5P6rK08nUzXoYqj7Fr+mUX3w@mail.gmail.com>
 <ca244b35-55af-4129-0f00-eb4bb296d498@redpill-linpro.com>
 <20191128184354.GB1245347@fishbowl.rw.madduck.net>
 <CAHmME9q4ycPR0jwfX9zwi768J6=DhOKnbsoCbsMVCpz6OfV+3g@mail.gmail.com>
 <20191128205142.GA61624@lotus.rw.madduck.net>
 <20191128210000.GA15174@girst.at>
Message-ID: <587A814D-5410-418D-98B1-31AF9AB2A62A@simplit.com>

On 28 Nov 2019, at 22:00, Tobias Girstmair wrote:

> On Fri, Nov 29, 2019 at 09:51:42AM +1300, martin f. krafft wrote:
>> That's all I have in /usr/bin here ;)
>
> I've got /usr/bin/i3-sensible-editor and it _does_ eval it (not that i 
> have a strong opinion on this topic):
>
>    for editor in "$VISUAL" "$EDITOR" nano nvim vim vi emacs pico qe mg 
> jed gedit mcedit gvim; do
> 	if command -v "$editor" > /dev/null 2>&1; then
> 	    exec "$editor" "$@"
> 	fi
>    done

I don?t know what the above is, but that does not use `eval` and it 
doesn?t even seem to support arguments as part of the `EDITOR` 
variable (as it uses quotes for the variable expansion, so `command` 
will see the command with arguments as a single shell word and fail).

`crontab` also does not support arguments as part of the `EDITOR` 
variable, but everything else that I am aware of does.

I have not seen anything use `eval` and I think it?s a bad idea 
because it?s not a specification, it?s just ?run it as a shell 
line? which can have different meaning depending on the shell.

Definitely the proper solution is to have `EDITOR` point to a shell 
script rather than try to treat the `EDTIOR` variable as an inline shell 
script.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191128/4a2d0ec9/attachment.html>

From t-passwd at girst.at  Thu Nov 28 22:28:30 2019
From: t-passwd at girst.at (Tobias Girstmair)
Date: Thu, 28 Nov 2019 22:28:30 +0100
Subject: [PATCH] Use eval() to shell-parse $EDITOR for pass-edit
In-Reply-To: <587A814D-5410-418D-98B1-31AF9AB2A62A@simplit.com>
References: <20190812052123.21737-1-madduck@madduck.net>
 <CAHmME9rtw-4HMe5edA_UeDDCut5P6rK08nUzXoYqj7Fr+mUX3w@mail.gmail.com>
 <ca244b35-55af-4129-0f00-eb4bb296d498@redpill-linpro.com>
 <20191128184354.GB1245347@fishbowl.rw.madduck.net>
 <CAHmME9q4ycPR0jwfX9zwi768J6=DhOKnbsoCbsMVCpz6OfV+3g@mail.gmail.com>
 <20191128205142.GA61624@lotus.rw.madduck.net>
 <20191128210000.GA15174@girst.at>
 <587A814D-5410-418D-98B1-31AF9AB2A62A@simplit.com>
Message-ID: <20191128212830.GA20973@girst.at>

On Thu, Nov 28, 2019 at 10:15:24PM +0100, Allan Odgaard wrote:
> I don?t know what the above is, but that does not use `eval` and it

apologies for the noise; it does indeed say 'exec' and not 'eval'.

as to not make this message a complete waste: I've peeked at github's code
search and googled `filetype:sh "eval.editor"`: not many results, apart from
some people's dotfiles.

i think it is safe to say that nearly nobody evals $EDITOR.

From jason.donenfeld at gmail.com  Fri Nov 29 13:43:30 2019
From: jason.donenfeld at gmail.com (Jason A. Donenfeld)
Date: Fri, 29 Nov 2019 13:43:30 +0100
Subject: [PATCH] Use eval() to shell-parse $EDITOR for pass-edit
In-Reply-To: <20191128212830.GA20973@girst.at>
References: <20190812052123.21737-1-madduck@madduck.net>
 <CAHmME9rtw-4HMe5edA_UeDDCut5P6rK08nUzXoYqj7Fr+mUX3w@mail.gmail.com>
 <ca244b35-55af-4129-0f00-eb4bb296d498@redpill-linpro.com>
 <20191128184354.GB1245347@fishbowl.rw.madduck.net>
 <CAHmME9q4ycPR0jwfX9zwi768J6=DhOKnbsoCbsMVCpz6OfV+3g@mail.gmail.com>
 <20191128205142.GA61624@lotus.rw.madduck.net>
 <20191128210000.GA15174@girst.at>
 <587A814D-5410-418D-98B1-31AF9AB2A62A@simplit.com>
 <20191128212830.GA20973@girst.at>
Message-ID: <CAHmME9o+0qOmvgfxt9aYf5sP20ejsjDq6-bV5L-pagSddbbUfA@mail.gmail.com>

On Thu, Nov 28, 2019, 22:28 Tobias Girstmair <t-passwd at girst.at> wrote:

> On Thu, Nov 28, 2019 at 10:15:24PM +0100, Allan Odgaard wrote:
> > I don?t know what the above is, but that does not use `eval` and it
>
> apologies for the noise; it does indeed say 'exec' and not 'eval'.
>
> as to not make this message a complete waste: I've peeked at github's code
> search and googled `filetype:sh "eval.editor"`: not many results, apart
> from
> some people's dotfiles.
>
> i think it is safe to say that nearly nobody evals $EDITOR.
>

Cool thanks for researching this. I guess that decides it then!

Jason


_______________________________________________
> Password-Store mailing list
> Password-Store at lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/password-store
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20191129/eda57618/attachment.html>