Make GnuPG automatically find a pinentry installed by Guix. Try using $HOME or, if that variable is not set, use the system password database, or fall back to looking in "/". More information: https://bugs.gnu.org/24076 diff --git a/common/homedir.c b/common/homedir.c index 4b6e46e88..f7ae68ba5 100644 --- a/common/homedir.c +++ b/common/homedir.c @@ -33,6 +33,7 @@ #include #include #include +#include #ifdef HAVE_W32_SYSTEM #include /* Due to the stupid mingw64 requirement to @@ -67,6 +68,10 @@ * gnupg_homedir and gnupg_set_homedir. Malloced. */ static char *the_gnupg_homedir; +/* The user's home directory. Used in Guix to help GnuPG find the + * pinentry. */ +static char *the_user_homedir; + /* Flag indicating that home directory is not the default one. */ static byte non_default_homedir; @@ -509,6 +514,25 @@ gnupg_homedir (void) return the_gnupg_homedir; } +/* Return the user's home directory */ +const char * +user_homedir (void) +{ + const char *dir; + dir = getenv("HOME"); + if (dir == NULL) + { + struct passwd *pw = NULL; + pw = getpwuid (getuid ()); + if (pw != NULL) + dir = pw->pw_dir; + else + dir = "/"; + } + if (!the_user_homedir) + the_user_homedir = make_absfilename (dir, NULL); + return the_user_homedir; +} /* Return whether the home dir is the default one. */ int @@ -971,6 +995,7 @@ get_default_pinentry_name (int reset) } names[] = { /* The first entry is what we return in case we found no other pinentry. */ + { user_homedir, "/.guix-profile/bin/pinentry" }, { gnupg_bindir, DIRSEP_S "pinentry" EXEEXT_S }, #ifdef HAVE_W32_SYSTEM /* Try Gpg4win directory (with bin and without.) */ mmitter
path: root/gnu/bootloader.scm
AgeCommit message (Expand)Author
2024-10-23gnu: bootloader: Use symbol as efi-bootloader-chain name....* gnu/bootloader.scm (efi-bootloader-chain): Use symbol as efi-bootloader-chain name, to allow systems using it to roll-back and switch-generations again. Change-Id: I7f7663e125f5b25830399f04aa2f5ce6ad9e7354 Roman Scherer
2024-01-14bootloader: grub: Add support for loading an additional initrd....In order to be able to provide decryption keys for the LUKS device, they need to be available in the initial ram disk. However they cannot be stored inside the usual initrd, since it is stored in the store and being a world-readable (as files in the store are) is not a desired property for a initrd containing decryption keys. This commit adds an option to load additional initrd during the boot, one that is not stored inside the store and therefore can contain secrets. Since only grub supports encrypted /boot, only grub is modified to use the extra-initrd. There is no use case for the other bootloaders. * doc/guix.texi (Bootloader Configuration): Describe the new extra-initrd field. * gnu/bootloader.scm (<bootloader-configuration>): Add extra-initrd field. * gnu/bootloader/grub.scm (make-grub-configuration): Use the extra-initrd field. Signed-off-by: Ludovic Courtès <ludo@gnu.org> Change-Id: I995989bb623bb594ccdafbf4a1a6de941bd4189f Tomas Volf
2023-10-28profiles: Hooks honor the #:system parameter of ‘profile-derivation’....Fixes <https://issues.guix.gnu.org/65225>. * guix/profiles.scm (info-dir-file, package-cache-file) (info-dir-file, ghc-package-cache-file, ca-certificate-bundle) (emacs-subdirs, gdk-pixbuf-loaders-cache-file, glib-schemas) (gtk-icon-themes, gtk-im-modules, linux-module-database) (xdg-desktop-database, xdg-mime-database, fonts-dir-file) (manual-database, manual-database/optional): Add optional #:system parameter and pass it to ‘gexp->derivation’. (profile-derivation): Pass HOOK a second parameter, SYSTEM. * gnu/bootloader.scm (efi-bootloader-profile)[efi-bootloader-profile-hook]: Add optional #:system parameter and pass it to ‘gexp->derivation’. * guix/channels.scm (package-cache-file): Likewise. * tests/profiles.scm ("profile-derivation, #:system, and hooks"): New test. Reported-by: Tobias Geerinckx-Rice <me@tobias.gr> Ludovic Courtès