GNU bug report logs -
#64838
[PATCH] home: Add parcimonie service.
Previous Next
Reported by: Efraim Flashner <efraim <at> flashner.co.il>
Date: Mon, 24 Jul 2023 19:04:01 UTC
Severity: normal
Tags: patch
Done: Efraim Flashner <efraim <at> flashner.co.il>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 64838 in the body.
You can then email your comments to 64838 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
, guix-patches <at> gnu.org:
bug#64838; Package
guix-patches.
(Mon, 24 Jul 2023 19:04:02 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Efraim Flashner <efraim <at> flashner.co.il>:
New bug report received and forwarded. Copy sent to
, guix-patches <at> gnu.org.
(Mon, 24 Jul 2023 19:04:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
* gnu/home/services/gnupg.scm (home-parcimonie-service-type,
home-parcimonie-configuration): New variables.
* doc/guix.texi (GNU Privacy Guard): Document it.
---
doc/guix.texi | 55 ++++++++++++++++++++++++
gnu/home/services/gnupg.scm | 86 ++++++++++++++++++++++++++++++++++++-
2 files changed, 139 insertions(+), 2 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index 585baf358f..bc86c58cdb 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -43679,6 +43679,61 @@ GNU Privacy Guard
@end deftp
+@cindex Parcimonie, Home service
+The @code{parcimonie} service runs a daemon that slowly refreshes a GnuPG
+public key from a keyserver. Its refreshes one key at a time; between every
+key update parcimonie sleeps a random amount of time, long enough for the
+previously used Tor circuit to expire. This process is meant to make it hard
+for an attacker to correlate the multiple performed key update operations.
+
+As an example, here is how you would configure @code{parcimonie} to refresh the
+keys in your GnuPG keyring, as well as those keyrings created by Guix, such as
+when running @code{guix import}:
+
+@lisp
+(service home-parcimonie-service-type
+ (home-parcimonie-configuration
+ (refresh-guix-keyrings? #t)))
+@end lisp
+
+The service reference is given below.
+
+@defvar parcimonie-service-type
+This is the service type for @command{parcimonie}
+(@uref{https://salsa.debian.org/intrigeri/parcimonie, Parcimonie's web site}).
+Its value must be a @code{home-parcimonie-configuration}, as shown below.
+@end defvar
+
+@c %start of fragment
+
+@deftp {Data Table} home-parcimonie-configuration
+Available @code{home-parcimonie-configuration} fields are:
+
+@table @asis
+@item @code{parcimonie} (default: @code{parcimonie}) (type: file-like)
+The parcimonie package to use.
+
+@item @code{verbose?} (default: @code{#f}) (type: boolean)
+Whether to have more verbose logging from the service.
+
+@item @code{gnupg-already-torified?} (default: @code{#f}) (type: boolean)
+Whether GnuPG is already configured to pass all traffic through
+@uref{https://torproject.org, Tor}.
+
+@item @code{dbus?} (default: @code{#f}) (type: boolean)
+Whether to send activity updates through D-Bus.
+
+@item @code{refresh-guix-keyrings?} (default: @code{#f}) (type: boolean)
+Guix creates a few keyrings in the @var{$XDG_CONFIG_DIR}, such as when running
+@code{guix import} (@pxref{Invoking guix import}). Setting this to @code{#t}
+will also refresh any keyrings which Guix has created.
+
+@item @code{extra-content} (default: @code{#f}) (type: raw-configuration-string)
+Raw content to add to the parcimonie command.
+
+@end table
+
+@end deftp
@c %end of fragment
diff --git a/gnu/home/services/gnupg.scm b/gnu/home/services/gnupg.scm
index 7e9e02a3cc..9b66f7b1cf 100644
--- a/gnu/home/services/gnupg.scm
+++ b/gnu/home/services/gnupg.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2023 Ludovic Courtès <ludo <at> gnu.org>
+;;; Copyright © 2023 Efraim Flashner <efraim <at> flashner.co.il>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -23,7 +24,7 @@ (define-module (gnu home services gnupg)
#:use-module (gnu services configuration)
#:use-module (gnu home services)
#:use-module (gnu home services shepherd)
- #:autoload (gnu packages gnupg) (gnupg pinentry)
+ #:autoload (gnu packages gnupg) (gnupg pinentry parcimonie)
#:export (home-gpg-agent-configuration
home-gpg-agent-configuration?
home-gpg-agent-configuration-gnupg
@@ -34,7 +35,17 @@ (define-module (gnu home services gnupg)
home-gpg-agent-configuration-max-cache-ttl-ssh
home-gpg-agent-configuration-extra-content
- home-gpg-agent-service-type))
+ home-gpg-agent-service-type
+
+ home-parcimonie-configuration
+ home-parcimonie-configuration?
+ home-parcimonie-configuration-parcimonie
+ home-parcimonie-configuration-gnupg-already-torified?
+ home-parcimonie-configuration-with-dbus?
+ home-parcimonie-configuration-refresh-guix-keyrings?
+ home-parcimonie-configuration-extra-content
+
+ home-parcimonie-service-type))
(define raw-configuration-string? string?)
@@ -148,3 +159,74 @@ (define home-gpg-agent-service-type
managing OpenPGP and optionally SSH private keys. When SSH support is
enabled, @command{gpg-agent} acts as a drop-in replacement for OpenSSH's
@command{ssh-agent}.")))
+
+(define-configuration/no-serialization home-parcimonie-configuration
+ (parcimonie
+ (file-like parcimonie)
+ "The parcimonie package to use.")
+ (verbose?
+ (boolean #f)
+ "Provide extra output to the log file.")
+ (gnupg-aleady-torified?
+ (boolean #f)
+ "GnuPG is already configured to use tor and parcimonie won't attempt to use
+tor directly.")
+ (dbus?
+ (boolean #f)
+ "Send activity updates on the org.parcimonie.daemon D-Bus service.")
+ (refresh-guix-keyrings?
+ (boolean #f)
+ "Also refresh any Guix keyrings found in the XDG_CONFIG_DIR.")
+ (extra-content
+ (raw-configuration-string "")
+ "Raw content to add to the parcimonie service."))
+
+(define (home-parcimonie-shepherd-service config)
+ "Return a user service to run parcimonie."
+ (match-record config <home-parcimonie-configuration>
+ (parcimonie verbose? gnupg-aleady-torified? dbus?
+ refresh-guix-keyrings? extra-content)
+ (let ((log-file #~(string-append %user-log-dir "/parcimonie.log")))
+ (list (shepherd-service
+ (provision '(parcimonie))
+ (modules '((shepherd support) ;for '%user-log-dir'
+ (guix build utils)
+ (srfi srfi-1)))
+ (start #~(make-forkexec-constructor
+ (cons*
+ #$(file-append parcimonie "/bin/parcimonie")
+ #$@(if verbose?
+ '("--verbose")
+ '())
+ #$@(if gnupg-aleady-torified?
+ '("--gnupg_already_torified")
+ '())
+ #$@(if dbus?
+ '("--with_dbus")
+ '())
+ #$@(if (not (string=? extra-content ""))
+ (list extra-content)
+ '())
+ #$@(if refresh-guix-keyrings?
+ '((append-map
+ (lambda (item)
+ (list (string-append "--gnupg_extra_options="
+ "--keyring=" item)))
+ (find-files
+ (string-append (getenv "XDG_CONFIG_HOME") "/guix")
+ "^trustedkeys\\.kbx$")))
+ '((list))))
+ #:log-file #$log-file))
+ (stop #~(make-kill-destructor))
+ (respawn? #t)
+ (documentation "Incrementally refresh gnupg keyring over Tor"))))))
+
+(define home-parcimonie-service-type
+ (service-type
+ (name 'home-parcimonie)
+ (extensions
+ (list (service-extension home-shepherd-service-type
+ home-parcimonie-shepherd-service)))
+ (default-value (home-parcimonie-configuration))
+ (description
+ "Incrementally refresh GnuPG keyrings over Tor.")))
base-commit: 3adde30af52d4be347d610c0bdd543e0fdd6d64d
--
Efraim Flashner <efraim <at> flashner.co.il> רנשלפ םירפא
GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted
Information forwarded
to
guix-patches <at> gnu.org:
bug#64838; Package
guix-patches.
(Wed, 16 Aug 2023 20:33:01 GMT)
Full text and
rfc822 format available.
Message #8 received at 64838 <at> debbugs.gnu.org (full text, mbox):
Hello,
Efraim Flashner <efraim <at> flashner.co.il> skribis:
> * gnu/home/services/gnupg.scm (home-parcimonie-service-type,
> home-parcimonie-configuration): New variables.
> * doc/guix.texi (GNU Privacy Guard): Document it.
Very nice!
> +The @code{parcimonie} service runs a daemon that slowly refreshes a GnuPG
> +public key from a keyserver. Its refreshes one key at a time; between every
^
“It”
> +key update parcimonie sleeps a random amount of time, long enough for the
> +previously used Tor circuit to expire. This process is meant to make it hard
> +for an attacker to correlate the multiple performed key update operations.
Maybe: “to correlate the multiple key updates.”
> +As an example, here is how you would configure @code{parcimonie} to refresh the
> +keys in your GnuPG keyring, as well as those keyrings created by Guix, such as
> +when running @code{guix import}:
> +
> +@lisp
> +(service home-parcimonie-service-type
> + (home-parcimonie-configuration
> + (refresh-guix-keyrings? #t)))
> +@end lisp
Maybe add: “This assumes that the Tor anonymous routing daemon is
already running on your system. On Guix System, this can be achieved by
setting up @code{tor-service-type} (@pxref{Networking Services,
@code{tor-service-type}}).”
Apart from these minor nits, LGTM!
Thanks,
Ludo’.
Information forwarded
to
guix-patches <at> gnu.org:
bug#64838; Package
guix-patches.
(Fri, 18 Aug 2023 13:26:02 GMT)
Full text and
rfc822 format available.
Message #11 received at 64838 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
On Wed, Aug 16, 2023 at 10:32:23PM +0200, Ludovic Courtès wrote:
> Hello,
>
> Efraim Flashner <efraim <at> flashner.co.il> skribis:
>
> > * gnu/home/services/gnupg.scm (home-parcimonie-service-type,
> > home-parcimonie-configuration): New variables.
> > * doc/guix.texi (GNU Privacy Guard): Document it.
>
> Very nice!
>
> > +The @code{parcimonie} service runs a daemon that slowly refreshes a GnuPG
> > +public key from a keyserver. Its refreshes one key at a time; between every
> ^
> “It”
>
> > +key update parcimonie sleeps a random amount of time, long enough for the
> > +previously used Tor circuit to expire. This process is meant to make it hard
> > +for an attacker to correlate the multiple performed key update operations.
>
> Maybe: “to correlate the multiple key updates.”
>
> > +As an example, here is how you would configure @code{parcimonie} to refresh the
> > +keys in your GnuPG keyring, as well as those keyrings created by Guix, such as
> > +when running @code{guix import}:
> > +
> > +@lisp
> > +(service home-parcimonie-service-type
> > + (home-parcimonie-configuration
> > + (refresh-guix-keyrings? #t)))
> > +@end lisp
>
> Maybe add: “This assumes that the Tor anonymous routing daemon is
> already running on your system. On Guix System, this can be achieved by
> setting up @code{tor-service-type} (@pxref{Networking Services,
> @code{tor-service-type}}).”
>
> Apart from these minor nits, LGTM!
Thanks.
Apparently the dbus integration was for the parcimonie applet, but
that's been deprecated so I'll remove that option. Also I think I need
to test the service once or twice more, I need to make sure the
append-map bits work as expected and it doesn't make an extra list. I'll
push it once I've taken care of those bits.
--
Efraim Flashner <efraim <at> flashner.co.il> רנשלפ םירפא
GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted
[signature.asc (application/pgp-signature, inline)]
Reply sent
to
Efraim Flashner <efraim <at> flashner.co.il>:
You have taken responsibility.
(Mon, 04 Sep 2023 08:23:01 GMT)
Full text and
rfc822 format available.
Notification sent
to
Efraim Flashner <efraim <at> flashner.co.il>:
bug acknowledged by developer.
(Mon, 04 Sep 2023 08:23:02 GMT)
Full text and
rfc822 format available.
Message #16 received at 64838-done <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
On Wed, Aug 16, 2023 at 10:32:23PM +0200, Ludovic Courtès wrote:
> Hello,
>
> Efraim Flashner <efraim <at> flashner.co.il> skribis:
>
> > * gnu/home/services/gnupg.scm (home-parcimonie-service-type,
> > home-parcimonie-configuration): New variables.
> > * doc/guix.texi (GNU Privacy Guard): Document it.
>
> Very nice!
>
> > +The @code{parcimonie} service runs a daemon that slowly refreshes a GnuPG
> > +public key from a keyserver. Its refreshes one key at a time; between every
> ^
> “It”
>
> > +key update parcimonie sleeps a random amount of time, long enough for the
> > +previously used Tor circuit to expire. This process is meant to make it hard
> > +for an attacker to correlate the multiple performed key update operations.
>
> Maybe: “to correlate the multiple key updates.”
>
> > +As an example, here is how you would configure @code{parcimonie} to refresh the
> > +keys in your GnuPG keyring, as well as those keyrings created by Guix, such as
> > +when running @code{guix import}:
> > +
> > +@lisp
> > +(service home-parcimonie-service-type
> > + (home-parcimonie-configuration
> > + (refresh-guix-keyrings? #t)))
> > +@end lisp
>
> Maybe add: “This assumes that the Tor anonymous routing daemon is
> already running on your system. On Guix System, this can be achieved by
> setting up @code{tor-service-type} (@pxref{Networking Services,
> @code{tor-service-type}}).”
>
> Apart from these minor nits, LGTM!
>
> Thanks,
> Ludo’.
Thanks. I was able to test it overnight and everything looks good. Patch
pushed finally!
--
Efraim Flashner <efraim <at> flashner.co.il> רנשלפ םירפא
GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted
[signature.asc (application/pgp-signature, inline)]
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org.
(Mon, 02 Oct 2023 11:24:07 GMT)
Full text and
rfc822 format available.
This bug report was last modified 1 year and 221 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.