GNU bug report logs -
#50953
auth-source-pass should not be limited to a local directory
Previous Next
To reply to this bug, email your comments to 50953 AT debbugs.gnu.org.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#50953; Package
emacs.
(Fri, 01 Oct 2021 22:34:02 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Lorenzo Martinico <lorenzo <at> martinico.me>:
New bug report received and forwarded. Copy sent to
bug-gnu-emacs <at> gnu.org.
(Fri, 01 Oct 2021 22:34:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
Apologies if this is not the appropriate mailing list for this message.
I would like to put in a bug report / feature request for
auth-source-pass to stop using the local file directory and just rely on
the output of the pass command (or provide an option to do that
instead).
For context, I would like to be able to use the pass command (or rather,
an alias) to fetch files from a different host on every request, but
not store the gpg files on my local machine. This workflow is currently
not supported by auth-source-pass, as I need to specify a local
directory from where to read a list of .gpg files. The behaviour I'd
like to see is that the current parsing of the directory and .gpg files
should be replaced with calling some equivalent functions from a pass
binary, and parse the results. This is currently supported by the
contrib password-store package, where the family of password-store--run
functions does return the output from the pass command directly.
However, that package is not suitable for building a complete solution,
as many functions are not implemented or relay on auth-source-pass.
I consider the above a high-impact bug, as smtpmail authentication
requires auth-source, making email password storage quite restrictive.
However, if there are some good reason for why the current behaviour
should be kept, I would be happy to just hear any suggestion on how to
adjust this through configuration, as I understand my usage for pass might
not be very common.
Cheers,
Lorenzo Martinico
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#50953; Package
emacs.
(Sat, 02 Oct 2021 09:11:02 GMT)
Full text and
rfc822 format available.
Message #8 received at 50953 <at> debbugs.gnu.org (full text, mbox):
Lorenzo Martinico <lorenzo <at> martinico.me> writes:
> Apologies if this is not the appropriate mailing list for this message.
> I would like to put in a bug report / feature request for
> auth-source-pass to stop using the local file directory and just rely on
> the output of the pass command (or provide an option to do that
> instead).
What's the "pass" command?
larsi <at> elva:~/src/emacs/trunk$ type pass
bash: type: pass: not found
> For context, I would like to be able to use the pass command (or rather,
> an alias) to fetch files from a different host on every request, but
> not store the gpg files on my local machine.
Can't you just set the gpg file location to "/ssh:other-host:.authinfo.gpg"?
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
Added tag(s) moreinfo.
Request was from
Lars Ingebrigtsen <larsi <at> gnus.org>
to
control <at> debbugs.gnu.org.
(Sat, 02 Oct 2021 09:11:02 GMT)
Full text and
rfc822 format available.
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#50953; Package
emacs.
(Mon, 04 Oct 2021 20:54:01 GMT)
Full text and
rfc822 format available.
Message #13 received at 50953 <at> debbugs.gnu.org (full text, mbox):
The pass command is the command to invoke password-store, "the
UNIX
password manager" (passwordstore.org), which is what
auth-source-pass
purports to use.
On my system, this is an alias for a process that fetches
passwords from another host in a compatible way to password store.
The
vault host is not accessible through ssh, so I
can't just change the gpg file location as suggested.
Lars Ingebrigtsen <larsi <at> gnus.org> writes:
> Lorenzo Martinico <lorenzo <at> martinico.me> writes:
>
>> Apologies if this is not the appropriate mailing list for this
>> message.
>> I would like to put in a bug report / feature request for
>> auth-source-pass to stop using the local file directory and
>> just rely on
>> the output of the pass command (or provide an option to do that
>> instead).
>
> What's the "pass" command?
>
> larsi <at> elva:~/src/emacs/trunk$ type pass
> bash: type: pass: not found
>
>> For context, I would like to be able to use the pass command
>> (or rather,
>> an alias) to fetch files from a different host on every
>> request, but
>> not store the gpg files on my local machine.
>
> Can't you just set the gpg file location to
> "/ssh:other-host:.authinfo.gpg"?
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#50953; Package
emacs.
(Tue, 05 Oct 2021 07:09:01 GMT)
Full text and
rfc822 format available.
Message #16 received at 50953 <at> debbugs.gnu.org (full text, mbox):
Lorenzo Martinico <lorenzo <at> martinico.me> writes:
> The pass command is the command to invoke password-store, "the UNIX
> password manager" (passwordstore.org), which is what auth-source-pass
> purports to use.
Is does? Where does it purport to do that? As far as I can tell, it
says that it support the Secrets API and ~/.authinfo files, but perhaps
I'm looking at the wrong place.
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#50953; Package
emacs.
(Tue, 05 Oct 2021 08:03:02 GMT)
Full text and
rfc822 format available.
Message #19 received at 50953 <at> debbugs.gnu.org (full text, mbox):
lisp/auth-source-pass.el "Integrate auth-source with
password-store"?
As far as I can tell this used to be a third-party project which
has now
been merged into Emacs.
Lars Ingebrigtsen <larsi <at> gnus.org> writes:
> Lorenzo Martinico <lorenzo <at> martinico.me> writes:
>
>> The pass command is the command to invoke password-store, "the
>> UNIX
>> password manager" (passwordstore.org), which is what
>> auth-source-pass
>> purports to use.
>
> Is does? Where does it purport to do that? As far as I can
> tell, it
> says that it support the Secrets API and ~/.authinfo files, but
> perhaps
> I'm looking at the wrong place.
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#50953; Package
emacs.
(Tue, 05 Oct 2021 08:08:02 GMT)
Full text and
rfc822 format available.
Message #22 received at 50953 <at> debbugs.gnu.org (full text, mbox):
Lorenzo Martinico <lorenzo <at> martinico.me> writes:
> lisp/auth-source-pass.el "Integrate auth-source with password-store"?
> As far as I can tell this used to be a third-party project which has
> now
> been merged into Emacs.
Oh! auth-source-pass! Sorry, I wasn't aware that there was such a
thing -- I assumed it was a misspelling of "auth-source".
Sorry for the noise.
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
Removed tag(s) moreinfo.
Request was from
Lars Ingebrigtsen <larsi <at> gnus.org>
to
control <at> debbugs.gnu.org.
(Tue, 19 Oct 2021 18:57:02 GMT)
Full text and
rfc822 format available.
This bug report was last modified 3 years and 242 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.