Received: (at 77826) by debbugs.gnu.org; 16 Apr 2025 16:26:49 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Apr 16 12:26:49 2025
Received: from localhost ([127.0.0.1]:40834 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1u55b3-0007Uw-3e
for submit <at> debbugs.gnu.org; Wed, 16 Apr 2025 12:26:48 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:35024)
by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.84_2) (envelope-from <ludo@HIDDEN>) id 1u55a7-0007NN-W3
for 77826 <at> debbugs.gnu.org; Wed, 16 Apr 2025 12:25:48 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e])
by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.90_1) (envelope-from <ludo@HIDDEN>)
id 1u55a2-0004QP-4A; Wed, 16 Apr 2025 12:25:42 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org;
s=fencepost-gnu-org; h=MIME-Version:Date:References:In-Reply-To:Subject:To:
From; bh=Pv47fTSO93247K67gvmfK5sMbaFHqw/ZR1ooBBqkg/8=; b=IayGrirNApeu5O/FjD47
huStaSaYurot9oF+td+pWxs7aCHeW0IVv7soMDkFLwZitw2liqXPbGEz3gPL/YQ/Wpd/OfJO2teit
PqiKTmX+vJGiuiTpJMopoqlRLaInJscnN8vF3AJ3rD5w94IeoAm1VmqfriMCHRBCrDbyXeRYYZMKy
0NY9Z8ysDwoiw0X1QGhUGwLyrJbumDICYnZN6kpKK2tq0qbt8qPkOd9hg+ylO+2FPh1DM34RFPjfh
ljwH6afffsiOxnJkn6j1vVj5pnIy+D2dr4Bu0jVS7t/4rVygQDkXo4+zW4J7UxAIjjAvoiW8JL/+k
+gnWbUdwLEoCFA==;
From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN>
To: =?utf-8?Q?S=C3=A9bastien?= Farge <sebastien-farge@HIDDEN>
Subject: Re: [bug#77826] [PATCH] home: home-gpg-agent-service: add new
parameter 'use-keyboxd?'.
In-Reply-To: <20250415141428.3407-1-sebastien-farge@HIDDEN>
(=?utf-8?Q?=22S=C3=A9bastien?=
Farge"'s message of "Tue, 15 Apr 2025 16:13:40 +0200")
References: <20250415141428.3407-1-sebastien-farge@HIDDEN>
Date: Wed, 16 Apr 2025 17:45:29 +0200
Message-ID: <87mscg9kkm.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 77826
Cc: 77826 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -3.3 (---)
Hi S=C3=A9bastien,
S=C3=A9bastien Farge <sebastien-farge@HIDDEN> writes:
> * gnu/home/services/gnupg.scm: New parameter.
> * doc/guix.texi (GNU Privacy Guard): New description.
> * gnu/tests/gnupg.scm: Alice use keyboxd, Bob normal keyring, test if bot=
h works
>
> Change-Id: I27b4f686086b9740943dbb5347a14ada245cc9fb
Nice!
Overall LGTM. Some comments below.
Please add the new file to =E2=80=98gnu/local.mk=E2=80=99 next to its frien=
ds.
> +@item @code{use-keyboxd?} (default: @code{#f}) (type: boolean)
> +Whether to enable keyboxd and its keybox database instead of usual keyri=
ng. When true,
> +@command{gpg-agent} call @command{keyboxd} who take care of keys managem=
ent process and database.=20
=E2=80=9C@command{gpg-agent} spawns a separate @command{keyboxd} process, w=
hich
is responsible for managing the key database.=E2=80=9D
Nitpick: Please leave two spaces after end-of-sentence periods.
It=E2=80=99s the first time I hear about keyboxd and the gnupg manual doesn=
=E2=80=99t
say much about it. When would you set it to #true?
> +(define (home-gpg-common-configuration-file config)
> + "Return the @file{common.conf} file for @var{config}."
> + (match-record config <home-gpg-agent-configuration>
> + (use-keyboxd?)
> + (mixed-text-file "common.conf" "use-keyboxd\n")))
You can remove =E2=80=98match-record=E2=80=99 altogether.
> +++ b/gnu/tests/gnupg.scm
> @@ -0,0 +1,246 @@
> +;;; GNU Guix --- Functional package management for GNU
> +;;; Copyright =C2=A9 2016-2022, 2024 Ludovic Court=C3=A8s <ludo@HIDDEN>
> +;;; Copyright =C2=A9 2017, 2018 Cl=C3=A9ment Lassieur <clement@lassieur.=
org>
> +;;; Copyright =C2=A9 2017 Marius Bakke <mbakke@HIDDEN>
I think this is inaccurate. :-)
Very nice that you wrote tests for this!
> + (service home-gpg-agent-service-type
> + (home-gpg-agent-configuration
> + (default-cache-ttl 820))))
> + %base-home-services))
> + ))
No lonely parens please (throughout this file.)
> +(define %gnupg-os
> + (operating-system
> + (inherit (simple-operating-system (service guix-home-service-type `(=
("alice" ,%keyboxd-home)
> + =
("bob" ,%keyring-home)))))
> +
Please insert a newline after =E2=80=98simple-operating-system=E2=80=99.
> + (define (file-get-all-strings fname)
s/file-get-all-strings/file-contents/ maybe?
And s/fname/file/ (this is what=E2=80=99s usually done).
> + (define (vm-type cmd-or-list)
> + (let ((cmd-list (if (list? cmd-or-list) cmd-or-list (list cm=
d-or-list))))
Avoid polymorphic procedures; have it take either a list of a string.
> +(define %test-gnupg-keyboxd
> + (system-test
> + (name "gnupg-keyboxd")
> + (description "Test gnupg using keyboxd or keyring.")
s/gnupg/GnuPG/
=E2=80=9Cusing both keyboxd and a local keyring=E2=80=9D maybe?
Could you send an updated patch?
Thanks!
Ludo=E2=80=99.
guix-patches@HIDDEN:bug#77826; Package guix-patches.
Full text available.
Received: (at submit) by debbugs.gnu.org; 15 Apr 2025 14:15:17 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Apr 15 10:15:17 2025
Received: from localhost ([127.0.0.1]:52918 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1u4h4G-0005fX-IV
for submit <at> debbugs.gnu.org; Tue, 15 Apr 2025 10:15:17 -0400
Received: from lists.gnu.org ([2001:470:142::17]:55518)
by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.84_2) (envelope-from <sebastien-farge@HIDDEN>)
id 1u4h4D-0005ao-69
for submit <at> debbugs.gnu.org; Tue, 15 Apr 2025 10:15:14 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.90_1) (envelope-from <sebastien-farge@HIDDEN>)
id 1u4h44-0004aA-Pb
for guix-patches@HIDDEN; Tue, 15 Apr 2025 10:15:05 -0400
Received: from smtp-outgoing-1901.laposte.net ([160.92.124.105])
by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.90_1) (envelope-from <sebastien-farge@HIDDEN>)
id 1u4h41-0004UV-AT
for guix-patches@HIDDEN; Tue, 15 Apr 2025 10:15:04 -0400
X-mail-filterd: {"version":"1.9.1","queueID":"4ZcR4R6tCtz10MQS","contextId":
"cc77c4a7-3825-441b-8f1a-834bce888b77"}
Received: from outgoing-mail.laposte.net (localhost.localdomain [127.0.0.1])
by mlpnf0120.laposte.net (SMTP Server) with ESMTP id 4ZcR4R6tCtz10MQS;
Tue, 15 Apr 2025 16:14:47 +0200 (CEST)
X-mail-filterd: {"version":"1.9.1","queueID":"4ZcR4R3pnMz10MQQ","contextId":
"d5861a15-366d-4b90-ad7b-0c65d89dda42"}
X-lpn-mailing: LEGIT
X-lpn-spamrating: 40
X-lpn-spamlevel: not-spam
Received: from localhost (91-173-200-211.subs.proxad.net [91.173.200.211])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest
SHA256) (No client certificate requested)
by mlpnf0120.laposte.net (SMTP Server) with ESMTPSA id 4ZcR4R3pnMz10MQQ;
Tue, 15 Apr 2025 16:14:47 +0200 (CEST)
From: =?UTF-8?q?S=C3=A9bastien=20Farge?= <sebastien-farge@HIDDEN>
To: guix-patches@HIDDEN
Subject: [PATCH] home: home-gpg-agent-service: add new parameter
'use-keyboxd?'.
Date: Tue, 15 Apr 2025 16:13:40 +0200
Message-ID: <20250415141428.3407-1-sebastien-farge@HIDDEN>
X-Mailer: git-send-email 2.48.1
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=laposte.net; s=lpn-wlmd;
t=1744726490; bh=KFGJnLZQ850+53AAqJksma23ghy3e42vaqdSqVWYn+M=;
h=From:To:Cc:Subject:Date:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding;
b=n7fL0Mp72iydL4r6MzdtW1dCqLLEtL+PXMpt5yoAGyls2u/mbe1Nf6459Hz2IeJCP/DdbR+XeXoUfKexKEe10VurGX0D4QktPBSnRjy2HVGuuTEuoiE3+DcTdS3sNsZ/tZkGa717YdgkuauJHIvQlxyuqIJkBuvpo8CZRRILbHNgG2CMY1eZGxWr2E7sth62gVevF1d514PGlLycUy/0CIpoej/bb/MJ/HpjKTNxxT1eDzZAiF0Gn0HeiZdb52Jmk+O0UYyMZS98KKhxVJYUgRx5/ZJlZO1xM9PnhBDnTbxyHbd36G32nAI94GwMnLDsFmAqtXQYPJDUlT8ExMO54g==;
Received-SPF: pass client-ip=160.92.124.105;
envelope-from=sebastien-farge@HIDDEN; helo=smtp-outgoing-1901.laposte.net
X-Spam_score_int: -27
X-Spam_score: -2.8
X-Spam_bar: --
X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001,
RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001,
RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_NONE=0.001,
SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Spam-Score: 0.9 (/)
X-Debbugs-Envelope-To: submit
Cc: =?UTF-8?q?S=C3=A9bastien=20Farge?= <sebastien-farge@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -0.1 (/)
* gnu/home/services/gnupg.scm: New parameter.
* doc/guix.texi (GNU Privacy Guard): New description.
* gnu/tests/gnupg.scm: Alice use keyboxd, Bob normal keyring, test if bot=
h works
Change-Id: I27b4f686086b9740943dbb5347a14ada245cc9fb
---
doc/guix.texi | 5 +
gnu/home/services/gnupg.scm | 18 ++-
gnu/tests/gnupg.scm | 246 ++++++++++++++++++++++++++++++++++++
3 files changed, 268 insertions(+), 1 deletion(-)
create mode 100644 gnu/tests/gnupg.scm
diff --git a/doc/guix.texi b/doc/guix.texi
index d109877a32..46b2115aad 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -49076,6 +49076,11 @@ Whether to enable @acronym{SSH,secure shell} sup=
port. When true,
@command{ssh-agent} program, taking care of OpenSSH secret keys and
directing passphrase requests to the chosen Pinentry program.
=20
+@item @code{use-keyboxd?} (default: @code{#f}) (type: boolean)
+Whether to enable keyboxd and its keybox database instead of usual keyri=
ng. When true,
+@command{gpg-agent} call @command{keyboxd} who take care of keys managem=
ent process and database.=20
+The @file{~/.gnupg/common.conf} is created with parameter @code{use-keyb=
oxd} for the switch to happen.
+
@item @code{default-cache-ttl} (default: @code{600}) (type: integer)
Time a cache entry is valid, in seconds.
=20
diff --git a/gnu/home/services/gnupg.scm b/gnu/home/services/gnupg.scm
index 7fc99f793a..f7691f38e0 100644
--- a/gnu/home/services/gnupg.scm
+++ b/gnu/home/services/gnupg.scm
@@ -31,6 +31,7 @@ (define-module (gnu home services gnupg)
home-gpg-agent-configuration-gnupg
home-gpg-agent-configuration-pinentry-program
home-gpg-agent-configuration-ssh-support?
+ home-gpg-agent-configuration-use-keyboxd?
home-gpg-agent-configuration-default-cache-ttl
home-gpg-agent-configuration-max-cache-ttl
home-gpg-agent-configuration-max-cache-ttl-ssh
@@ -66,6 +67,11 @@ (define-configuration/no-serialization home-gpg-agent-=
configuration
@command{gpg-agent} acts as a drop-in replacement for OpenSSH's
@command{ssh-agent} program, taking care of OpenSSH secret keys and dire=
cting
passphrase requests to the chosen Pinentry program.")
+ (use-keyboxd?
+ (boolean #f)
+ "Whether to enable keyboxd and its keybox database instead of usual k=
eyring. When true,
+@command{gpg-agent} call @command{keyboxd} who take care of keys managem=
ent process and database.=20
+The @file{~/.gnupg/common.conf} is created with parameter @code{use-keyb=
oxd} for the switch to happen.")
(default-cache-ttl
(integer 600)
"Time a cache entry is valid, in seconds.")
@@ -101,6 +107,13 @@ (define (home-gpg-agent-configuration-file config)
(number->string max-cache-ttl-ssh) "\n"
extra-content)))
=20
+(define (home-gpg-common-configuration-file config)
+ "Return the @file{common.conf} file for @var{config}."
+ (match-record config <home-gpg-agent-configuration>
+ (use-keyboxd?)
+ (mixed-text-file "common.conf" "use-keyboxd\n")))
+
+
(define (home-gpg-agent-shepherd-services config)
"Return the possibly-empty list of Shepherd services for @var{config}.=
"
(match-record config <home-gpg-agent-configuration>
@@ -134,7 +147,10 @@ (define (home-gpg-agent-shepherd-services config)
'())))
=20
(define (home-gpg-agent-files config)
- `((".gnupg/gpg-agent.conf" ,(home-gpg-agent-configuration-file config)=
)))
+ (let ((files (cons `(".gnupg/gpg-agent.conf" ,(home-gpg-agent-configur=
ation-file config)) '())))
+ (if (home-gpg-agent-configuration-use-keyboxd? config)=20
+ (cons `(".gnupg/common.conf" ,(home-gpg-common-configuration-fil=
e config)) files)
+ files)))
=20
(define (home-gpg-agent-environment-variables config)
"Return GnuPG environment variables needed for @var{config}."
diff --git a/gnu/tests/gnupg.scm b/gnu/tests/gnupg.scm
new file mode 100644
index 0000000000..6be26b0073
--- /dev/null
+++ b/gnu/tests/gnupg.scm
@@ -0,0 +1,246 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright =C2=A9 2016-2022, 2024 Ludovic Court=C3=A8s <ludo@HIDDEN>
+;;; Copyright =C2=A9 2017, 2018 Cl=C3=A9ment Lassieur <clement@lassieur.=
org>
+;;; Copyright =C2=A9 2017 Marius Bakke <mbakke@HIDDEN>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (a=
t
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu tests gnupg)
+ #:use-module (gnu tests)
+ #:use-module (gnu system)
+ #:use-module (gnu system vm)
+ #:use-module (gnu services)
+ #:use-module (gnu services guix)
+ #:use-module (gnu system shadow)=20
+ #:use-module (gnu services base)
+ #:use-module (gnu home)
+ #:use-module (gnu home services gnupg)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages gnupg)
+ #:use-module (gnu packages base)
+ #:use-module (guix gexp)
+ #:export (%test-gnupg-keyboxd))
+
+(define %keyboxd-home
+ (home-environment
+ (packages (list gnupg procps))
+ (services
+ (append (list
+ (service home-gpg-agent-service-type
+ (home-gpg-agent-configuration
+ (default-cache-ttl 820)
+ (use-keyboxd? #t))))
+ %base-home-services))
+ ))
+
+(define %keyring-home
+ (home-environment
+ (packages (list gnupg procps))
+ (services
+ (append (list
+ (service home-gpg-agent-service-type
+ (home-gpg-agent-configuration
+ (default-cache-ttl 820))))
+ %base-home-services))
+ ))
+
+(define %gnupg-os
+ (operating-system
+ (inherit (simple-operating-system (service guix-home-service-type `(=
("alice" ,%keyboxd-home)
+ =
("bob" ,%keyring-home)))))
+
+ (users (cons*
+ (user-account
+ (name "alice") =20
+ (comment "Bob's sister")
+ (password (crypt "alice" "$6$abc"))
+ (group "users")
+ (supplementary-groups '("wheel" "audio" "video")))
+ (user-account
+ (name "bob") =20
+ (comment "Alice's brother")
+ (password (crypt "bob" "$6$abc"))
+ (group "users")
+ (supplementary-groups '("wheel" "audio" "video")))
+ %base-user-accounts))
+ ))
+ =20
+(define* (run-gnupg-keyboxd-test)
+ "Run an OS using gnupg with and without keyboxd using 'use-keyboxd'? c=
onfiguration option."
+ (define os
+ (marionette-operating-system
+ %gnupg-os
+ #:imported-modules '((gnu services herd))))
+
+ (define vm
+ (virtual-machine
+ (operating-system os)))
+
+ (define test
+ (with-imported-modules '((gnu build marionette)
+ (guix build syscalls))
+ #~(begin
+ (use-modules (gnu build marionette)
+ (guix build syscalls)
+ (srfi srfi-1)
+ (srfi srfi-64))
+
+ (define marionette
+ (make-marionette (list #$vm)))
+
+ (define (file-get-all-strings fname)
+ (marionette-eval '(use-modules (rnrs io ports)) marionette)
+ (wait-for-file fname marionette #:read 'get-string-all))
+
+ (define (vm-type cmd-or-list)
+ (let ((cmd-list (if (list? cmd-or-list) cmd-or-list (list cm=
d-or-list))))
+ (for-each
+ (lambda (cmd) (marionette-type cmd marionette) (sleep 1))
+ cmd-list)))
+
+ (test-runner-current (system-test-runner #$output))
+ (test-begin "gnupg-keyboxd")
+ =20
+ (test-equal "Alice is logged on tty1"
+ "alice\n"
+ (begin
+ (marionette-eval
+ '(begin
+ (use-modules (gnu services herd))
+ (start-service 'term-tty1))
+ marionette)
+ (vm-type (list
+ "alice\n"
+ "alice\n"
+ "id -un > alice.log\n"))
+ (file-get-all-strings "/home/alice/alice.log")))
+
+ (test-assert "Alice .gnupg dir is created"
+ (marionette-eval
+ `(file-exists? "/home/alice/.gnupg")
+ marionette))
+ =20
+ (test-equal "Alice gpg-agent.conf exists and is a symlink"
+ 'symlink
+ (marionette-eval
+ `(and (file-exists? "/home/alice/.gnupg/gpg-agent.conf")
+ (stat:type (lstat "/home/alice/.gnupg/gpg-agent.conf"=
)))
+ marionette))
+
+ (test-equal "Alice common.conf exists and is a symlink"
+ 'symlink
+ (marionette-eval
+ `(and (file-exists? "/home/alice/.gnupg/common.conf")
+ (stat:type (lstat "/home/alice/.gnupg/common.conf")))
+ marionette))
+
+ (test-equal "Alice common.conf has keyboxd option set"
+ "use-keyboxd\n"
+ (file-get-all-strings "/home/alice/.gnupg/common.conf"))
+
+ (test-equal "Alice create a key that is saved in keybox format=
"
+ '("[keyboxd]" "enjoyguix")
+ (begin
+ (vm-type (list "gpg --batch --passphrase '' --quick-gen-ke=
y '<enjoyguix>' ed25519\n"
+ "gpg --list-keys > keybox\n"))
+ (let* ((output (file-get-all-strings "/home/alice/keybox")=
)
+ (keyboxd-hdr (if (string-contains output "[keyboxd]=
") "[keyboxd]" "fail"))
+ (key-id (if (string-contains output "enjoyguix") "e=
njoyguix" "fail")))
+ (list keyboxd-hdr key-id))
+ )
+ )
+
+ (test-assert "Alice private keys are registered"
+ (marionette-eval
+ `(file-exists? "/home/alice/.gnupg/private-keys-v1.d")
+ marionette))
+
+ (test-equal "Alice has keyboxd running at home"
+ 0
+ (marionette-eval
+ `(system* #$(file-append procps "/bin/pgrep") "keyboxd")
+ marionette))
+
+ ;; bob use gpg-agent
+ (test-equal "Bob is logged now"
+ "bob\n"
+ (begin
+ (vm-type
+ (list
+ "exit\n"
+ "bob\n"
+ "bob\n"
+ "id -un > logged-in\n"))
+ (file-get-all-strings "/home/bob/logged-in")))
+
+ (test-equal "Bob is at home"
+ "/home/bob\n"
+ (begin
+ (vm-type (list "printenv \"HOME\" > home.bob\n"))
+ (file-get-all-strings "/home/bob/home.bob")
+ ))
+
+ (test-assert "Bob .gnupg dir is created"
+ (marionette-eval
+ `(file-exists? "/home/bob/.gnupg")
+ marionette))
+ =20
+ (test-equal "Bob gpg-agent.conf exists and is a symlink"
+ 'symlink
+ (marionette-eval
+ `(and (file-exists? "/home/bob/.gnupg/gpg-agent.conf")
+ (stat:type (lstat "/home/bob/.gnupg/gpg-agent.conf"))=
)
+ marionette))
+
+ (test-assert "Bob common.conf doesn't exists"
+ (marionette-eval
+ `(not (file-exists? "/home/bob/.gnupg/common.conf"))
+ marionette))
+
+ (test-equal "Bob create a key that is saved in a pubring"
+ '("pubring" "enjoyguix")
+ (begin
+ (vm-type (list "gpg --batch --passphrase '' --quick-gen-ke=
y '<enjoyguix>' ed25519\n"
+ "gpg --list-keys > keybox\n"))
+ (let* ((output (file-get-all-strings "/home/bob/keybox"))
+ (agent-hdr (if (string-contains output "/home/bob/.=
gnupg/pubring.kbx") "pubring" (format #f "fail with ~s" output)))
+ (key-id (if (string-contains output "enjoyguix") "e=
njoyguix" (format #f "fail with ~s" output))))
+ (list agent-hdr key-id))
+ )
+ )
+
+ (test-assert "Bob private keys are registered"
+ (marionette-eval
+ `(file-exists? "/home/bob/.gnupg/private-keys-v1.d")
+ marionette))
+
+ (test-equal "Bob has gpg-agent running at home"
+ 0
+ (marionette-eval
+ `(system* #$(file-append procps "/bin/pgrep") "gpg-agent")
+ marionette))
+
+ (test-end))))
+
+ (gexp->derivation "gnupg-keyboxd" test))
+
+(define %test-gnupg-keyboxd
+ (system-test
+ (name "gnupg-keyboxd")
+ (description "Test gnupg using keyboxd or keyring.")
+ (value (run-gnupg-keyboxd-test))))
+
+
--=20
2.48.1
Sébastien Farge <sebastien-farge@HIDDEN>:guix-patches@HIDDEN.
Full text available.guix-patches@HIDDEN:bug#77826; Package guix-patches.
Full text available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd,
1994-97 Ian Jackson.