`splitString "" "some string"` would throw exception `error: invalid
regular expression` on Darwin (or accurately, on Nix built against
libc++). Refer to https://github.com/NixOS/nix/issues/7208 for
details.
Before Nix handles that issue correctly, we should refrain from using
`splitString ""`, and luckliy `lib.stringAsChars` can do the same thing.
These (and the `*MD` functions apart from `literalMD`) are now no-ops
in nixpkgs and serve no purpose other than to add additional noise and
potentially mislead people into thinking unmarked DocBook documentation
will still be accepted.
Note that if backporting changes including documentation to 23.05,
the `mdDoc` calls will need to be re-added.
To reproduce this commit, run:
$ NIX_PATH=nixpkgs=flake:nixpkgs/e7e69199f0372364a6106a1e735f68604f4c5a25 \
nix shell nixpkgs#coreutils \
-c find . -name '*.nix' \
-exec nix run -- github:emilazy/nix-doc-munge/98dadf1f77351c2ba5dcb709a2a171d655f15099 \
--strip {} +
$ ./format
This process was automated by [my fork of `nix-doc-munge`]. All
conversions were automatically checked to produce the same DocBook
result when converted back, modulo minor typographical/formatting
differences on the acceptable-to-desirable spectrum.
To reproduce this commit, run:
$ NIX_PATH=nixpkgs=flake:nixpkgs/e7e69199f0372364a6106a1e735f68604f4c5a25 \
nix shell nixpkgs#coreutils \
-c find . -name '*.nix' \
-exec nix run -- github:emilazy/nix-doc-munge/98dadf1f77351c2ba5dcb709a2a171d655f15099 \
{} +
$ ./format
[my fork of `nix-doc-munge`]: https://github.com/emilazy/nix-doc-munge/tree/home-manager
The GNU Privacy Guard 2.3 man page for `gpg-agent` describes the
`--grab` and `--no-grab` options as follows:
> Tell the pinentry to grab the keyboard and mouse. This option should
> be used on X-Servers to avoid X-sniffing attacks. Any use of the
> option --grab overrides an used option --no-grab. The default is
> --no-grab.
Therefore Home Manager should explicitly output `grab` when
`cfg.grabKeyboardAndMouse` is true. Previously Home Manager emitted
`no-grab` when `cfg.grabKeyboardAndMouse` was false.
PR #3192
In esoteric setups, automatically setting GPG_TTY to current tty is not
desired on every shell startup. This change adds configuration options
to allow user to disable that if desired.
Make `gpgconf` only perform an import from derivation when the GPG
`homedir` is set to a non-default value, which probably isn't the case
for most users.
* gpg-agent: local agent acting as ssh-agent should yield
This happens commonly if someone using home manager with gpg-agent
acting as ssh-agent on both machines.
@rycee brought up how gpg-itself has some support for agents on both
ends, but in that case one is forwarding the gpg-agent socket rather
than forwardning the gpg-agent-as-ssh-agent socket. There is no need to
forward both.
So I think this is a good default:
- Forward just gpg-agent socket and this doesn't matter.
- Forward just the ssh-agent socket and this does the right thing.
- Forward both sockets and now the ssh one takes priority instead, but
forwarding both was always a silly thing to do.
Fix#667
* Update modules/services/gpg-agent.nix
Co-authored-by: Nicolas Berbiche <nic.berbiche@gmail.com>
Co-authored-by: Nicolas Berbiche <nic.berbiche@gmail.com>
This option enables a GPG Agent restricted socket (aka "extra-socket"), which
can be used to forward GPG Agent over SSH.
Additionally `verbose` option enables verbose output of an `gpg-agent.service`
unit for easier debugging.
See: https://wiki.gnupg.org/AgentForwarding
