eeva/home-manager
1
0
Fork 0
mirror of https://github.com/nix-community/home-manager synced 2024-11-30 06:59:45 +01:00
Code Issues Releases Wiki Activity

gpg-agent: use the canonical path for sockets on macOS

Browse source 
GnuPG on macOS uses the canonical path for sockets
This commit is contained in:
Ayman Bagabas 2024-09-27 14:43:17 +02:00
parent fe9ef570fe
commit cbaeb4e1e1
No known key found for this signature in database
GPG key ID: C8D51D2157C919AC
2 changed files with 7 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
modules/services/gpg-agent.nix
View file

@ -43,7 +43,9 @@ let
else else
"d.${hash}/${dir}"; "d.${hash}/${dir}";
in if pkgs.stdenv.isDarwin then in if pkgs.stdenv.isDarwin then
"/private/var/run/org.nix-community.home.gpg-agent/${subdir}" # macOS GnuPG sockets always use the canonical path.
# See #3864
"${homedir}/${subdir}"
else else
"%t/gnupg/${subdir}"; "%t/gnupg/${subdir}";
@ -355,8 +357,9 @@ in {
launchd.agents.gpg-agent = { launchd.agents.gpg-agent = {
enable = true; enable = true;
config = { config = {
ProgramArguments = [ "${gpgPkg}/bin/gpg-agent" "--supervised" ] # macOS doesn't like the "--supervised" option
++ optional cfg.verbose "--verbose"; ProgramArguments = [ "${gpgPkg}/bin/gpgconf" "--launch" "gpg-agent" ]
++ optionals cfg.verbose [ "--verbose" ];
EnvironmentVariables = { GNUPGHOME = homedir; }; EnvironmentVariables = { GNUPGHOME = homedir; };
KeepAlive = { KeepAlive = {
Crashed = true; Crashed = true;

2
tests/modules/services/gpg-agent/expected-agent.plist
View file

@ -32,7 +32,7 @@
<key>SockPathMode</key> <key>SockPathMode</key>
<integer>384</integer> <integer>384</integer>
<key>SockPathName</key> <key>SockPathName</key>
<string>/private/var/run/org.nix-community.home.gpg-agent/d.wp4h7ks5zxy4dodqadgpbbpz/S.gpg-agent</string> <string>/path/to/hash/d.wp4h7ks5zxy4dodqadgpbbpz/S.gpg-agent</string>
<key>SockType</key> <key>SockType</key>
<string>stream</string> <string>stream</string>
</dict> </dict>