From 8c087e41fdda5d9508b9c95ea57fbd079142633d Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Sat, 20 Feb 2016 22:10:13 +0200 Subject: imported mails --- .../cur/.this-dir-not-empty/.empty/empty-file | 0 .../new/.this-dir-not-empty/.empty/empty-file | 0 .../new/1455998994.M932945P17339Q13.exolobe1 | 90 +++++++ .../new/1455998994.M955550P17339Q14.exolobe1 | 90 +++++++ .../new/1455998995.M179764P17339Q28.exolobe1 | 141 +++++++++++ .../new/1455998995.M237397P17339Q30.exolobe1 | 149 ++++++++++++ .../new/1455998996.M251074P17339Q46.exolobe1 | 127 ++++++++++ .../new/1455998996.M410783P17339Q49.exolobe1 | 123 ++++++++++ .../new/1455998996.M451811P17339Q51.exolobe1 | 262 ++++++++++++++++++++ .../new/1455998996.M920926P17339Q60.exolobe1 | 129 ++++++++++ .../new/1455998997.M885478P17339Q75.exolobe1 | 122 ++++++++++ .../new/1455998999.M235630P17339Q93.exolobe1 | 107 +++++++++ .../new/1455998999.M50540P17339Q87.exolobe1 | 142 +++++++++++ .../new/1455998999.M586821P17339Q97.exolobe1 | 169 +++++++++++++ .../new/1455999000.M301296P17339Q104.exolobe1 | 142 +++++++++++ .../new/1455999003.M588228P17339Q136.exolobe1 | 247 +++++++++++++++++++ .../new/1455999004.M795209P17339Q148.exolobe1 | 265 +++++++++++++++++++++ .../new/1455999004.M855444P17339Q149.exolobe1 | 110 +++++++++ .../new/1455999005.M814956P17339Q159.exolobe1 | 105 ++++++++ .../new/1455999007.M820687P17339Q179.exolobe1 | 177 ++++++++++++++ .../new/1455999011.M423676P17339Q233.exolobe1 | 249 +++++++++++++++++++ .../new/1455999011.M51373P17339Q223.exolobe1 | 124 ++++++++++ .../new/1455999013.M340924P17339Q253.exolobe1 | 104 ++++++++ .../new/1455999013.M483858P17339Q255.exolobe1 | 129 ++++++++++ .../tmp/.this-dir-not-empty/.empty/empty-file | 0 .../b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/ticket.yaml | 4 + 26 files changed, 3307 insertions(+) create mode 100644 tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/cur/.this-dir-not-empty/.empty/empty-file create mode 100644 tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/.this-dir-not-empty/.empty/empty-file create mode 100644 tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998994.M932945P17339Q13.exolobe1 create mode 100644 tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998994.M955550P17339Q14.exolobe1 create mode 100644 tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998995.M179764P17339Q28.exolobe1 create mode 100644 tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998995.M237397P17339Q30.exolobe1 create mode 100644 tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998996.M251074P17339Q46.exolobe1 create mode 100644 tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998996.M410783P17339Q49.exolobe1 create mode 100644 tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998996.M451811P17339Q51.exolobe1 create mode 100644 tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998996.M920926P17339Q60.exolobe1 create mode 100644 tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998997.M885478P17339Q75.exolobe1 create mode 100644 tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998999.M235630P17339Q93.exolobe1 create mode 100644 tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998999.M50540P17339Q87.exolobe1 create mode 100644 tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998999.M586821P17339Q97.exolobe1 create mode 100644 tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999000.M301296P17339Q104.exolobe1 create mode 100644 tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999003.M588228P17339Q136.exolobe1 create mode 100644 tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999004.M795209P17339Q148.exolobe1 create mode 100644 tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999004.M855444P17339Q149.exolobe1 create mode 100644 tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999005.M814956P17339Q159.exolobe1 create mode 100644 tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999007.M820687P17339Q179.exolobe1 create mode 100644 tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999011.M423676P17339Q233.exolobe1 create mode 100644 tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999011.M51373P17339Q223.exolobe1 create mode 100644 tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999013.M340924P17339Q253.exolobe1 create mode 100644 tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999013.M483858P17339Q255.exolobe1 create mode 100644 tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/tmp/.this-dir-not-empty/.empty/empty-file create mode 100644 tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/ticket.yaml (limited to 'tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d') diff --git a/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/cur/.this-dir-not-empty/.empty/empty-file b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/cur/.this-dir-not-empty/.empty/empty-file new file mode 100644 index 0000000..e69de29 diff --git a/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/.this-dir-not-empty/.empty/empty-file b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/.this-dir-not-empty/.empty/empty-file new file mode 100644 index 0000000..e69de29 diff --git a/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998994.M932945P17339Q13.exolobe1 b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998994.M932945P17339Q13.exolobe1 new file mode 100644 index 0000000..d04add6 --- /dev/null +++ b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998994.M932945P17339Q13.exolobe1 @@ -0,0 +1,90 @@ +Return-Path: +X-Original-To: distix@pieni.net +Delivered-To: distix@pieni.net +Received: from bagpuss.pepperfish.net (bagpuss.pepperfish.net [148.251.8.16]) + (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) + (No client certificate requested) + by pieni.net (Postfix) with ESMTPS id EBF4A2E6D8 + for ; Sun, 13 Sep 2015 16:26:13 +0200 (CEST) +Received: from platypus.pepperfish.net (unknown [10.112.100.20]) + by bagpuss.pepperfish.net (Postfix) with ESMTP id 1D67BDE; + Sun, 13 Sep 2015 15:26:13 +0100 (BST) +Received: from ip6-localhost ([::1] helo=platypus.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1Zb8EO-0007cI-V5; Sun, 13 Sep 2015 15:26:12 +0100 +Received: from inmail0 ([10.112.100.10] helo=mx0.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1Zb8EN-0007c7-Cr + for ; Sun, 13 Sep 2015 15:26:11 +0100 +Received: from pieni.net ([95.142.166.37] ident=postfix) + by mx0.pepperfish.net with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) + (Exim 4.80) (envelope-from ) id 1Zb8EL-0003EN-GN + for obnam-dev@obnam.org; Sun, 13 Sep 2015 15:26:11 +0100 +Received: from exolobe1.liw.fi (82-181-8-107.bb.dnainternet.fi [82.181.8.107]) + (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) + (No client certificate requested) + by pieni.net (Postfix) with ESMTPSA id 07D1E2E361; + Sun, 13 Sep 2015 16:26:02 +0200 (CEST) +Received: from exolobe1.liw.fi (localhost [127.0.0.1]) + by exolobe1.liw.fi (Postfix) with ESMTPS id 3E6F540240; + Sun, 13 Sep 2015 17:26:00 +0300 (EEST) +Date: Sun, 13 Sep 2015 17:25:59 +0300 +From: Lars Wirzenius +To: Ben Boeckel +Message-ID: <20150913142559.GA2425@exolobe1.liw.fi> +References: <1441948936-12526-1-git-send-email-mathstuf@gmail.com> + <1441948936-12526-2-git-send-email-mathstuf@gmail.com> + <20150912190247.GA11279@exolobe1.liw.fi> + <20150913140523.GA21436@bronto-burt.dev.benboeckel.net> +MIME-Version: 1.0 +Content-Type: text/plain; charset=iso-8859-1 +Content-Disposition: inline +Content-Transfer-Encoding: 8bit +In-Reply-To: <20150913140523.GA21436@bronto-burt.dev.benboeckel.net> +User-Agent: Mutt/1.5.23 (2014-03-12) +X-Spam-Score: -3.4 +X-Spam-Score-int: -33 +X-Spam-Bar: --- +X-Scanned-By: pepperfish.net, Sun, 13 Sep 2015 15:26:11 +0100 +X-Spam-Report: Content analysis details: (-3.4 points) + pts rule name description + ---- ---------------------- -------------------------------------------------- + -1.0 PPF_USER_AGENT_MUTT User-Agent: contains Mutt (Mutt isn't a spam + tool) -0.5 PPF_USER_AGENT User-Agent: exists + -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% + [score: 0.0000] +X-ACL-Warn: message may be spam +X-Scan-Signature: 11e4c38c8ca4deb9e992fad241274745 +Cc: obnam-dev@obnam.org +Subject: Re: [PATCH 1/3] encryption_plugin: add a gpg-homedir configuration + option +X-BeenThere: obnam-dev@obnam.org +X-Mailman-Version: 2.1.5 +Precedence: list +List-Id: Obnam development discussions +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +Sender: obnam-dev-bounces@obnam.org +Errors-To: obnam-dev-bounces@obnam.org + +On Sun, Sep 13, 2015 at 10:05:23AM -0400, Ben Boeckel wrote: +> I started to look at how to add a test. The mechanisms are already +> "tested" (in that they are used, but they are not the thing being +> directly tested) used are already in place (gpghome=...) in +> encryption_tests.py. How are plugins tested? + +Plugins are tested by the integration tests in yarns/*.yarn. + +-- +Schrödinger's backup hypothesis: the condition of any backup is +undefined until a restore is attempted. -- andrewsh + +_______________________________________________ +obnam-dev mailing list +obnam-dev@obnam.org +http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org diff --git a/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998994.M955550P17339Q14.exolobe1 b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998994.M955550P17339Q14.exolobe1 new file mode 100644 index 0000000..d04add6 --- /dev/null +++ b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998994.M955550P17339Q14.exolobe1 @@ -0,0 +1,90 @@ +Return-Path: +X-Original-To: distix@pieni.net +Delivered-To: distix@pieni.net +Received: from bagpuss.pepperfish.net (bagpuss.pepperfish.net [148.251.8.16]) + (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) + (No client certificate requested) + by pieni.net (Postfix) with ESMTPS id EBF4A2E6D8 + for ; Sun, 13 Sep 2015 16:26:13 +0200 (CEST) +Received: from platypus.pepperfish.net (unknown [10.112.100.20]) + by bagpuss.pepperfish.net (Postfix) with ESMTP id 1D67BDE; + Sun, 13 Sep 2015 15:26:13 +0100 (BST) +Received: from ip6-localhost ([::1] helo=platypus.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1Zb8EO-0007cI-V5; Sun, 13 Sep 2015 15:26:12 +0100 +Received: from inmail0 ([10.112.100.10] helo=mx0.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1Zb8EN-0007c7-Cr + for ; Sun, 13 Sep 2015 15:26:11 +0100 +Received: from pieni.net ([95.142.166.37] ident=postfix) + by mx0.pepperfish.net with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) + (Exim 4.80) (envelope-from ) id 1Zb8EL-0003EN-GN + for obnam-dev@obnam.org; Sun, 13 Sep 2015 15:26:11 +0100 +Received: from exolobe1.liw.fi (82-181-8-107.bb.dnainternet.fi [82.181.8.107]) + (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) + (No client certificate requested) + by pieni.net (Postfix) with ESMTPSA id 07D1E2E361; + Sun, 13 Sep 2015 16:26:02 +0200 (CEST) +Received: from exolobe1.liw.fi (localhost [127.0.0.1]) + by exolobe1.liw.fi (Postfix) with ESMTPS id 3E6F540240; + Sun, 13 Sep 2015 17:26:00 +0300 (EEST) +Date: Sun, 13 Sep 2015 17:25:59 +0300 +From: Lars Wirzenius +To: Ben Boeckel +Message-ID: <20150913142559.GA2425@exolobe1.liw.fi> +References: <1441948936-12526-1-git-send-email-mathstuf@gmail.com> + <1441948936-12526-2-git-send-email-mathstuf@gmail.com> + <20150912190247.GA11279@exolobe1.liw.fi> + <20150913140523.GA21436@bronto-burt.dev.benboeckel.net> +MIME-Version: 1.0 +Content-Type: text/plain; charset=iso-8859-1 +Content-Disposition: inline +Content-Transfer-Encoding: 8bit +In-Reply-To: <20150913140523.GA21436@bronto-burt.dev.benboeckel.net> +User-Agent: Mutt/1.5.23 (2014-03-12) +X-Spam-Score: -3.4 +X-Spam-Score-int: -33 +X-Spam-Bar: --- +X-Scanned-By: pepperfish.net, Sun, 13 Sep 2015 15:26:11 +0100 +X-Spam-Report: Content analysis details: (-3.4 points) + pts rule name description + ---- ---------------------- -------------------------------------------------- + -1.0 PPF_USER_AGENT_MUTT User-Agent: contains Mutt (Mutt isn't a spam + tool) -0.5 PPF_USER_AGENT User-Agent: exists + -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% + [score: 0.0000] +X-ACL-Warn: message may be spam +X-Scan-Signature: 11e4c38c8ca4deb9e992fad241274745 +Cc: obnam-dev@obnam.org +Subject: Re: [PATCH 1/3] encryption_plugin: add a gpg-homedir configuration + option +X-BeenThere: obnam-dev@obnam.org +X-Mailman-Version: 2.1.5 +Precedence: list +List-Id: Obnam development discussions +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +Sender: obnam-dev-bounces@obnam.org +Errors-To: obnam-dev-bounces@obnam.org + +On Sun, Sep 13, 2015 at 10:05:23AM -0400, Ben Boeckel wrote: +> I started to look at how to add a test. The mechanisms are already +> "tested" (in that they are used, but they are not the thing being +> directly tested) used are already in place (gpghome=...) in +> encryption_tests.py. How are plugins tested? + +Plugins are tested by the integration tests in yarns/*.yarn. + +-- +Schrödinger's backup hypothesis: the condition of any backup is +undefined until a restore is attempted. -- andrewsh + +_______________________________________________ +obnam-dev mailing list +obnam-dev@obnam.org +http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org diff --git a/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998995.M179764P17339Q28.exolobe1 b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998995.M179764P17339Q28.exolobe1 new file mode 100644 index 0000000..f66b451 --- /dev/null +++ b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998995.M179764P17339Q28.exolobe1 @@ -0,0 +1,141 @@ +Return-Path: +X-Original-To: distix@pieni.net +Delivered-To: distix@pieni.net +Received: from bagpuss.pepperfish.net (bagpuss.pepperfish.net [148.251.8.16]) + (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) + (No client certificate requested) + by pieni.net (Postfix) with ESMTPS id CBDA02B256 + for ; Fri, 25 Sep 2015 07:38:22 +0200 (CEST) +Received: from platypus.pepperfish.net (unknown [10.112.100.20]) + by bagpuss.pepperfish.net (Postfix) with ESMTP id 7DD20BA5; + Fri, 25 Sep 2015 06:38:22 +0100 (BST) +Received: from ip6-localhost ([::1] helo=platypus.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1ZfLiA-0006wu-BT; Fri, 25 Sep 2015 06:38:22 +0100 +Received: from inmail0 ([10.112.100.10] helo=mx0.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1ZfLi8-0006wm-Ht + for ; Fri, 25 Sep 2015 06:38:20 +0100 +Received: from mail-ig0-f170.google.com ([209.85.213.170]) + by mx0.pepperfish.net with esmtps (TLS1.2:RSA_ARCFOUR_SHA1:128) + (Exim 4.80) (envelope-from ) id 1ZfLi6-0005Qw-Rf + for obnam-dev@obnam.org; Fri, 25 Sep 2015 06:38:20 +0100 +Received: by igbkq10 with SMTP id kq10so4584899igb.0 + for ; Thu, 24 Sep 2015 22:38:06 -0700 (PDT) +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; + h=from:to:cc:subject:date:message-id:in-reply-to:references; + bh=Oyvo68dvp0hPQFMuJiv3Ln+MyNaOa5ds+ACUQaFtda4=; + b=P1SKsrSYSkBxLhHYvKLw8m+fIXGqgmF2822yJi21Naw8cIuJUsdOdjj+i9/OcyPNiA + VKVCPV+YHMp5+HXef8zhvNh7pp5fCmK7xcRxsBO4frMvv2d/4zVRJQLT5uHQUP8sv6eO + MUHyCRqDrmhynE3ja5ey1ocNm+fwF0dPC4lavfgu12npMdaJjzv5c0SVxJprzsdsQ0Wq + w4Jt+qpltCChghwGCOSRWKEibqj5Uo/Mq4su3acsa5wrKNQavP+HS0NWbAr/4te/xqm0 + B+gz5mqIyRLEHqSeVj/mH7Z2S7tHUtSH8fdnT95mp1SWqUNkCHP2cVEKAOs+yNLUtlNx + t0vw== +X-Received: by 10.50.30.226 with SMTP id v2mr783605igh.11.1443159486600; + Thu, 24 Sep 2015 22:38:06 -0700 (PDT) +Received: from localhost (26.sub-70-209-128.myvzw.com. [70.209.128.26]) + by smtp.gmail.com with ESMTPSA id ht6sm758051igb.11.2015.09.24.22.38.04 + (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); + Thu, 24 Sep 2015 22:38:05 -0700 (PDT) +From: Ben Boeckel +To: obnam-dev@obnam.org +Date: Fri, 25 Sep 2015 01:37:52 -0400 +Message-Id: <1443159474-27126-3-git-send-email-mathstuf@gmail.com> +X-Mailer: git-send-email 2.5.3 +In-Reply-To: <1443159474-27126-1-git-send-email-mathstuf@gmail.com> +References: <1441948936-12526-1-git-send-email-mathstuf@gmail.com> + <1443159474-27126-1-git-send-email-mathstuf@gmail.com> +X-Spam-Score: -0.5 +X-Spam-Score-int: -4 +X-Spam-Bar: / +X-Scanned-By: pepperfish.net, Fri, 25 Sep 2015 06:38:20 +0100 +X-Spam-Report: Content analysis details: (-0.5 points) + pts rule name description + ---- ---------------------- -------------------------------------------------- + 1.0 PPF_FROM_CONTAINS_MAIL The From header contains 'mail' + 1.2 FREEMAIL_FROM Sender email is commonly abused enduser mail provider + (mathstuf[at]gmail.com) + -0.0 SPF_PASS SPF: sender matches SPF record + -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% + [score: 0.0000] + -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's + domain + 0.1 DKIM_SIGNED Message has a DKIM or DK signature, + not necessarily valid + -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature + -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low + trust [209.85.213.170 listed in list.dnswl.org] +X-ACL-Warn: message may be spam +X-Scan-Signature: 37750eb53cbbcd37f0cf4d6178be310e +Cc: Ben Boeckel +Subject: [PATCH v4 2/4] encryption: support custom gpghome in symmetric key + functions +X-BeenThere: obnam-dev@obnam.org +X-Mailman-Version: 2.1.5 +Precedence: list +List-Id: Obnam development discussions +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +Sender: obnam-dev-bounces@obnam.org +Errors-To: obnam-dev-bounces@obnam.org + +Signed-off-by: Ben Boeckel +--- + obnamlib/encryption.py | 13 +++++++------ + 1 file changed, 7 insertions(+), 6 deletions(-) + +diff --git a/obnamlib/encryption.py b/obnamlib/encryption.py +index d76193c..bed4e66 100644 +--- a/obnamlib/encryption.py ++++ b/obnamlib/encryption.py +@@ -67,7 +67,7 @@ class SymmetricKeyCache(object): + self.repos = {} + + +-def _gpg_pipe(args, data, passphrase): ++def _gpg_pipe(args, data, passphrase, gpghome=None): + '''Pipe things through gpg. + + With the right args, this can be either an encryption or a decryption +@@ -91,7 +91,8 @@ def _gpg_pipe(args, data, passphrase): + os.close(keypipe[1]) + + try: +- out = _gpg(args + ['--passphrase-fd', str(keypipe[0])], stdin=data) ++ out = _gpg(args + ['--passphrase-fd', str(keypipe[0])], stdin=data, ++ gpghome=gpghome) + except: # pragma: no cover + os.close(keypipe[0]) + raise +@@ -101,14 +102,14 @@ def _gpg_pipe(args, data, passphrase): + return out + + +-def encrypt_symmetric(cleartext, key): ++def encrypt_symmetric(cleartext, key, gpghome=None): + '''Encrypt data with symmetric encryption.''' +- return _gpg_pipe(['-c'], cleartext, key) ++ return _gpg_pipe(['-c'], cleartext, key, gpghome=gpghome) + + +-def decrypt_symmetric(encrypted, key): ++def decrypt_symmetric(encrypted, key, gpghome=None): + '''Decrypt encrypted data with symmetric encryption.''' +- return _gpg_pipe(['-d'], encrypted, key) ++ return _gpg_pipe(['-d'], encrypted, key, gpghome=gpghome) + + + def _gpg(args, stdin='', gpghome=None): +-- +2.5.3 + + +_______________________________________________ +obnam-dev mailing list +obnam-dev@obnam.org +http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org diff --git a/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998995.M237397P17339Q30.exolobe1 b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998995.M237397P17339Q30.exolobe1 new file mode 100644 index 0000000..95f3cec --- /dev/null +++ b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998995.M237397P17339Q30.exolobe1 @@ -0,0 +1,149 @@ +Return-Path: +X-Original-To: distix@pieni.net +Delivered-To: distix@pieni.net +Received: from bagpuss.pepperfish.net (bagpuss.pepperfish.net [148.251.8.16]) + (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) + (No client certificate requested) + by pieni.net (Postfix) with ESMTPS id 2303533BC5 + for ; Fri, 25 Sep 2015 13:12:36 +0200 (CEST) +Received: from platypus.pepperfish.net (unknown [10.112.100.20]) + by bagpuss.pepperfish.net (Postfix) with ESMTP id 7D9D8BCD; + Fri, 25 Sep 2015 12:12:35 +0100 (BST) +Received: from ip6-localhost ([::1] helo=platypus.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1ZfQvb-0007et-CW; Fri, 25 Sep 2015 12:12:35 +0100 +Received: from inmail0 ([10.112.100.10] helo=mx0.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1ZfQvZ-0007em-5t + for ; Fri, 25 Sep 2015 12:12:33 +0100 +Received: from mout.kundenserver.de ([212.227.126.131]) + by mx0.pepperfish.net with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) + (Exim 4.80) (envelope-from ) id 1ZfQvX-00078B-DV + for obnam-dev@obnam.org; Fri, 25 Sep 2015 12:12:33 +0100 +Received: from erker.lan ([62.141.37.125]) by mrelayeu.kundenserver.de + (mreue004) with ESMTPSA (Nemesis) id 0MYaIg-1aApqj3Kc6-00VPlQ for + ; Fri, 25 Sep 2015 13:12:19 +0200 +Date: Fri, 25 Sep 2015 13:12:18 +0200 +From: Lars Kruse +To: obnam-dev@obnam.org +Message-ID: <20150925131218.50af1dcd@erker.lan> +In-Reply-To: <1443159474-27126-2-git-send-email-mathstuf@gmail.com> +References: <1441948936-12526-1-git-send-email-mathstuf@gmail.com> + <1443159474-27126-1-git-send-email-mathstuf@gmail.com> + <1443159474-27126-2-git-send-email-mathstuf@gmail.com> +X-Mailer: Claws Mail 3.12.0 (GTK+ 2.24.28; i586-pc-linux-gnu) +MIME-Version: 1.0 +Content-Type: text/plain; charset=US-ASCII +Content-Transfer-Encoding: 7bit +X-Provags-ID: V03:K0:tPSLYy4hEl2QtPA/cQsX9LQjzlq2saDfd4BbY+F1wy9ccecD0OD + e3cs5wn8zViugYW27Vaprnek7AQ+yll+HmiTzMI6gfpvrkLwMV6akxyeXgdpQcQVbsTWuZb + 3zeXUNe59TD1hozVtk+MH4aYKUc0u2QnHgvjZar4NoS+GPJ/89gJubE13Bxv57+XQFGJTq6 + oXA+mXcqo3EwzI4fPXBcg== +X-UI-Out-Filterresults: notjunk:1;V01:K0:Bg0/0JJmThA=:NV/PRnDJi54fFAUXlr4vTm + e6ts+IzNsHYSYOgm4HPTgM2gxNCgYm6a4eItjxs773Kk+NLQyxchkUp0l6wydGI5zuw/Qs0hR + svUyjm3ikB7Pp5Rivdc1P5m1b8pTtSxY3OEWKZhgbZLGDSib3bRkDvt7CAoDjDgEAUBOLzZV/ + 42FMOb51VIzEcjtscGF/+7CsWGYPg6q8X1xXXcmAhcXKHsm186dA9VI/BPcOGY5kDp1EEfBiT + TK9Eh0smyfwhjag95A/D8tLgXue2htwH67hAXi55PfcKwQBnPIVpT5BbVZt48nCh7m4wj0YHH + cr4nNMX3jOaL0jL1O3uiE1m1H9hJV+GZz3Jafg1ns95m6XpdZV3loI8xzXcAbvcNixSPFum6j + Z/Fw7x7b1aWUhBV5zAoS2AkNCSxh9MRsW1/VS2hDErkXwB5G6rVvsY0ChD4z2Yz9Kag4WoNka + 8tDDl9NJD7yuISVBp0Ufep7aSvbYK/GzKNbyS/k22PYCe+or+Qz9jkTZzt4dsVQBkSu/Vc1wy + 1fWaheUOkgGNchkGlKovYqWKeHkb7tGWrqQazR5fM4sZXmt9odpuzrSZ5HPo6c7Tz4wldz2RI + MwHOyusjoJVN9PSeyv1sJaCOqHX6JaEg/cuvSorxOcdlaUZuUQVuOV7Y36clanRq4pSwaByq5 + T4o4vEfsyuojEmaTnkSmlLvpvmkgLhTB/UyqRrLP2CviTr4Dbr8nXI8W1FufAGmD7bReYkmVc + qw22TFo50aXoYpte +X-Spam-Score: -2.6 +X-Spam-Score-int: -25 +X-Spam-Bar: -- +X-Scanned-By: pepperfish.net, Fri, 25 Sep 2015 12:12:33 +0100 +X-Spam-Report: Content analysis details: (-2.6 points) + pts rule name description + ---- ---------------------- -------------------------------------------------- + -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low + trust [212.227.126.131 listed in list.dnswl.org] + -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% + [score: 0.0000] +X-ACL-Warn: message may be spam +X-Scan-Signature: 0a5be85a632e689ed6d6910513b654a6 +Subject: Re: [PATCH v4 1/4] encryption: refactor _gpg_pipe to use _gpg +X-BeenThere: obnam-dev@obnam.org +X-Mailman-Version: 2.1.5 +Precedence: list +List-Id: Obnam development discussions +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +Sender: obnam-dev-bounces@obnam.org +Errors-To: obnam-dev-bounces@obnam.org + +Hi Ben, + +I appreciate the configurable gpg keyring directory without using GNUPGHOME as +introduced by your patch! + +Even though I do not really feel entitled to comment on your patch, I feel the +urge to ask a question. + +The following lines contain a catch-all except expression: + ++ try: ++ out = _gpg(args + ['--passphrase-fd', str(keypipe[0])], stdin=data) ++ except: # pragma: no cover ++ ... + +As far as I understand the code of "_gpg", I would expect only OSError +exceptions. Wouldn't it be sufficient to catch only this one? +(catching things like NameError can be very confusing) + +cheers, +Lars K. + + + +Am Fri, 25 Sep 2015 01:37:51 -0400 +schrieb Ben Boeckel : + +> Signed-off-by: Ben Boeckel +> --- +> obnamlib/encryption.py | 17 +++++------------ +> 1 file changed, 5 insertions(+), 12 deletions(-) +> +> diff --git a/obnamlib/encryption.py b/obnamlib/encryption.py +> index 7030359..d76193c 100644 +> --- a/obnamlib/encryption.py +> +++ b/obnamlib/encryption.py +> @@ -90,21 +90,14 @@ def _gpg_pipe(args, data, passphrase): +> os.write(keypipe[1], passphrase + '\n') +> os.close(keypipe[1]) +> +> - # Actually run gpg. +> - +> - argv = ['gpg', '--passphrase-fd', str(keypipe[0]), '-q', '--batch', +> - '--no-textmode'] + args +> - tracing.trace('argv=%s', repr(argv)) +> - p = subprocess.Popen(argv, stdin=subprocess.PIPE, stdout=subprocess.PIPE, +> - stderr=subprocess.PIPE) +> - out, err = p.communicate(data) +> + try: +> + out = _gpg(args + ['--passphrase-fd', str(keypipe[0])], stdin=data) +> + except: # pragma: no cover +> + os.close(keypipe[0]) +> + raise +> +> os.close(keypipe[0]) +> +> - # Return output data, or deal with errors. +> - if p.returncode: # pragma: no cover +> - raise GpgError(returncode=p.returncode, stderr=err) +> - +> return out +> +> + +_______________________________________________ +obnam-dev mailing list +obnam-dev@obnam.org +http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org diff --git a/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998996.M251074P17339Q46.exolobe1 b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998996.M251074P17339Q46.exolobe1 new file mode 100644 index 0000000..9ca0189 --- /dev/null +++ b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998996.M251074P17339Q46.exolobe1 @@ -0,0 +1,127 @@ +Return-Path: +X-Original-To: distix@pieni.net +Delivered-To: distix@pieni.net +Received: from bagpuss.pepperfish.net (bagpuss.pepperfish.net [148.251.8.16]) + (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) + (No client certificate requested) + by pieni.net (Postfix) with ESMTPS id 6FA7C2D9F1 + for ; Sun, 11 Oct 2015 11:04:12 +0200 (CEST) +Received: from platypus.pepperfish.net (unknown [10.112.100.20]) + by bagpuss.pepperfish.net (Postfix) with ESMTP id F20BE320; + Sun, 11 Oct 2015 10:04:11 +0100 (BST) +Received: from ip6-localhost ([::1] helo=platypus.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1ZlCY7-0002ct-Qr; Sun, 11 Oct 2015 10:04:11 +0100 +Received: from inmail0 ([10.112.100.10] helo=mx0.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1ZlCY6-0002cl-28 + for ; Sun, 11 Oct 2015 10:04:10 +0100 +Received: from pieni.net ([95.142.166.37] ident=postfix) + by mx0.pepperfish.net with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) + (Exim 4.80) (envelope-from ) id 1ZlCY3-0006an-Q5 + for obnam-dev@obnam.org; Sun, 11 Oct 2015 10:04:09 +0100 +Received: from exolobe1.liw.fi (82-181-8-107.bb.dnainternet.fi [82.181.8.107]) + (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) + (No client certificate requested) + by pieni.net (Postfix) with ESMTPSA id 3AB072D9F1; + Sun, 11 Oct 2015 11:04:01 +0200 (CEST) +Received: from exolobe1.liw.fi (localhost [127.0.0.1]) + by exolobe1.liw.fi (Postfix) with ESMTPS id 899B14084E; + Sun, 11 Oct 2015 12:04:00 +0300 (EEST) +Date: Sun, 11 Oct 2015 12:03:59 +0300 +From: Lars Wirzenius +To: Ben Boeckel +Message-ID: <20151011090359.GA11145@exolobe1.liw.fi> +References: <1441948936-12526-1-git-send-email-mathstuf@gmail.com> + <1443159474-27126-1-git-send-email-mathstuf@gmail.com> +MIME-Version: 1.0 +Content-Type: text/plain; charset=iso-8859-1 +Content-Disposition: inline +Content-Transfer-Encoding: 8bit +In-Reply-To: <1443159474-27126-1-git-send-email-mathstuf@gmail.com> +User-Agent: Mutt/1.5.23 (2014-03-12) +X-Spam-Score: -3.4 +X-Spam-Score-int: -33 +X-Spam-Bar: --- +X-Scanned-By: pepperfish.net, Sun, 11 Oct 2015 10:04:09 +0100 +X-Spam-Report: Content analysis details: (-3.4 points) + pts rule name description + ---- ---------------------- -------------------------------------------------- + -1.0 PPF_USER_AGENT_MUTT User-Agent: contains Mutt (Mutt isn't a spam + tool) -0.5 PPF_USER_AGENT User-Agent: exists + -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% + [score: 0.0000] +X-ACL-Warn: message may be spam +X-Scan-Signature: 95307e19e51ef85356cdc588a20b2845 +Cc: obnam-dev@obnam.org +Subject: Re: [PATCH v4 0/4] GPGHOMEDIR improvements +X-BeenThere: obnam-dev@obnam.org +X-Mailman-Version: 2.1.5 +Precedence: list +List-Id: Obnam development discussions +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +Sender: obnam-dev-bounces@obnam.org +Errors-To: obnam-dev-bounces@obnam.org + +Thank you, I've reviewed the code, ran the test suite, fixed the +nitpick problem (the version of pep8 on my computer wants at least two +spaces before an inline comment), merged to master, and pushed to +git.liw.fi. + +On Fri, Sep 25, 2015 at 01:37:50AM -0400, Ben Boeckel wrote: +> These seem related enough to warrant bundling it all together. I've place the +> refactoring and fix commits at the base to make cherry-picking a subset easier. +> +> First, I refactored _gpg_pipe to use _gpg since all it does is set up +> --passphrase-fd and the base flags are the same. +> +> Second, I added support for gpghome to the symmetric functions and fixed the +> tests because if my USB key is not plugged in, the symlinks in the default gpg +> keyring are broken and gpg needs to read *something*, but this fails. +> +> The third patch fixes the test suite for symmetric keys to use a +> guaranteed-to-not-be-broken keyring by creating a temporary directory for it. +> +> The last commit implements the gnupghome configuration with tests, now also +> passing it to the symmetric key functions. +> +> Thanks, +> +> Ben Boeckel (4): +> encryption: refactor _gpg_pipe to use _gpg +> encryption: support custom gpghome in symmetric key functions +> encryption_tests: make robust against bad default keyrings +> encryption_plugin: add a gnupghome configuration option +> +> obnam.1.in | 5 +++++ +> obnamlib/encryption.py | 28 +++++++++++----------------- +> obnamlib/encryption_tests.py | 15 ++++++++++++--- +> obnamlib/plugins/encryption_plugin.py | 27 +++++++++++++++++++++------ +> yarns/0060-encryption.yarn | 16 ++++++++++++++++ +> yarns/9000-implements.yarn | 26 ++++++++++++++++++++++++++ +> 6 files changed, 91 insertions(+), 26 deletions(-) +> +> -- +> 2.5.3 +> +> +> _______________________________________________ +> obnam-dev mailing list +> obnam-dev@obnam.org +> http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org +> + +-- +Schrödinger's backup hypothesis: the condition of any backup is +undefined until a restore is attempted. -- andrewsh + +_______________________________________________ +obnam-dev mailing list +obnam-dev@obnam.org +http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org diff --git a/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998996.M410783P17339Q49.exolobe1 b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998996.M410783P17339Q49.exolobe1 new file mode 100644 index 0000000..35ca8b0 --- /dev/null +++ b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998996.M410783P17339Q49.exolobe1 @@ -0,0 +1,123 @@ +Return-Path: +X-Original-To: distix@pieni.net +Delivered-To: distix@pieni.net +Received: from bagpuss.pepperfish.net (bagpuss.pepperfish.net [148.251.8.16]) + (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) + (No client certificate requested) + by pieni.net (Postfix) with ESMTPS id B2A082E361 + for ; Sun, 13 Sep 2015 16:05:44 +0200 (CEST) +Received: from platypus.pepperfish.net (unknown [10.112.100.20]) + by bagpuss.pepperfish.net (Postfix) with ESMTP id 31BFADE; + Sun, 13 Sep 2015 15:05:44 +0100 (BST) +Received: from ip6-localhost ([::1] helo=platypus.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1Zb7ua-0006Gk-18; Sun, 13 Sep 2015 15:05:44 +0100 +Received: from inmail0 ([10.112.100.10] helo=mx0.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1Zb7uY-0006Ge-9C + for ; Sun, 13 Sep 2015 15:05:42 +0100 +Received: from mail-ig0-f175.google.com ([209.85.213.175]) + by mx0.pepperfish.net with esmtps (TLS1.2:RSA_ARCFOUR_SHA1:128) + (Exim 4.80) (envelope-from ) id 1Zb7uV-0002fJ-Rp + for obnam-dev@obnam.org; Sun, 13 Sep 2015 15:05:42 +0100 +Received: by igcpb10 with SMTP id pb10so73943049igc.1 + for ; Sun, 13 Sep 2015 07:05:27 -0700 (PDT) +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; + h=date:from:to:cc:subject:message-id:reply-to:references:mime-version + :content-type:content-disposition:content-transfer-encoding + :in-reply-to:user-agent; + bh=gHOs5ag4nqjqKtPFaAv4ywC21jbza6csv9pPTEtY4DA=; + b=xGL6czuToepOY3NdiOzv8AmQiwMuLWt0IYbITOC6LmgsXknGfujrI4JoMnETH5qeCg + gtTLOJ0jRD/DoHqvFtt1LNqnx4EmVZtCC3V3R3jD1DwCT2EG5Ly9MjdS+yKgTQUENBDw + OGRgJBtstumylGtVkM/SXh72uUFfuIVQErVPhiBmUH68ks1PqnjPeZdkLP/EJz5yEBIT + r1mmQjVf7GnhKpouo+Hub/KcjPoj7jX7HwwGOzvE+yGl0jpaNG/6RJXIbU5HE1ryVxEW + /++O1K7JglTIdWlbI4gHgY+m71riba9bE0y6VpD7v56sWiT0VW9tmd4zNErHJ2Dzfdft + U2aQ== +X-Received: by 10.50.124.4 with SMTP id me4mr11286982igb.34.1442153127101; + Sun, 13 Sep 2015 07:05:27 -0700 (PDT) +Received: from localhost (157.sub-70-209-142.myvzw.com. [70.209.142.157]) + by smtp.gmail.com with ESMTPSA id 92sm4238256ioq.3.2015.09.13.07.05.25 + (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); + Sun, 13 Sep 2015 07:05:26 -0700 (PDT) +Date: Sun, 13 Sep 2015 10:05:23 -0400 +From: Ben Boeckel +To: Lars Wirzenius +Message-ID: <20150913140523.GA21436@bronto-burt.dev.benboeckel.net> +References: <1441948936-12526-1-git-send-email-mathstuf@gmail.com> + <1441948936-12526-2-git-send-email-mathstuf@gmail.com> + <20150912190247.GA11279@exolobe1.liw.fi> +MIME-Version: 1.0 +Content-Type: text/plain; charset=utf-8 +Content-Disposition: inline +Content-Transfer-Encoding: 8bit +In-Reply-To: <20150912190247.GA11279@exolobe1.liw.fi> +User-Agent: Mutt/1.5.24 (2015-08-30) +X-Spam-Score: -2.0 +X-Spam-Score-int: -19 +X-Spam-Bar: -- +X-Scanned-By: pepperfish.net, Sun, 13 Sep 2015 15:05:42 +0100 +X-Spam-Report: Content analysis details: (-2.0 points) + pts rule name description + ---- ---------------------- -------------------------------------------------- + -1.0 PPF_USER_AGENT_MUTT User-Agent: contains Mutt (Mutt isn't a spam + tool) -0.5 PPF_USER_AGENT User-Agent: exists + 1.0 PPF_FROM_CONTAINS_MAIL The From header contains 'mail' + 1.2 FREEMAIL_FROM Sender email is commonly abused enduser mail provider + (mathstuf[at]gmail.com) + -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low + trust [209.85.213.175 listed in list.dnswl.org] + -0.0 SPF_PASS SPF: sender matches SPF record + -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% + [score: 0.0000] + -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's + domain + 0.1 DKIM_SIGNED Message has a DKIM or DK signature, + not necessarily valid + -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature +X-ACL-Warn: message may be spam +X-Scan-Signature: e606bea56426b7460dd1a96e279d41e5 +Cc: obnam-dev@obnam.org +Subject: Re: [PATCH 1/3] encryption_plugin: add a gpg-homedir configuration + option +X-BeenThere: obnam-dev@obnam.org +X-Mailman-Version: 2.1.5 +Precedence: list +Reply-To: mathstuf@gmail.com +List-Id: Obnam development discussions +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +Sender: obnam-dev-bounces@obnam.org +Errors-To: obnam-dev-bounces@obnam.org + +On Sat, Sep 12, 2015 at 22:02:47 +0300, Lars Wirzenius wrote: +> I've applied the other two patches, thank you. I am not sure about +> this patch, to add --gpg-homedir. Is it not enough to just set +> GNUPGHOME in the environment? I guess it might be easier to set it in +> a config file and not have to set the environment variable on each +> obnam invocation. + +That's exactly the case I had :) . The unit file set it…but I had to +manually do so for things like `obnam generations`. + +> If the setting is added, I'd rather it was called --gnupghome, to +> mirror the environment variable. It'd also be nice to have a test that +> it works correctly. Could you update the patch to rename the setting? + +Yeah, that makes sense. + +I started to look at how to add a test. The mechanisms are already +"tested" (in that they are used, but they are not the thing being +directly tested) used are already in place (gpghome=...) in +encryption_tests.py. How are plugins tested? + +--Ben + +_______________________________________________ +obnam-dev mailing list +obnam-dev@obnam.org +http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org diff --git a/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998996.M451811P17339Q51.exolobe1 b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998996.M451811P17339Q51.exolobe1 new file mode 100644 index 0000000..ec952f4 --- /dev/null +++ b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998996.M451811P17339Q51.exolobe1 @@ -0,0 +1,262 @@ +Return-Path: +X-Original-To: distix@pieni.net +Delivered-To: distix@pieni.net +Received: from bagpuss.pepperfish.net (bagpuss.pepperfish.net [148.251.8.16]) + (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) + (No client certificate requested) + by pieni.net (Postfix) with ESMTPS id 008702EAD1 + for ; Tue, 15 Sep 2015 05:08:49 +0200 (CEST) +Received: from platypus.pepperfish.net (unknown [10.112.100.20]) + by bagpuss.pepperfish.net (Postfix) with ESMTP id 5AA7B10B; + Tue, 15 Sep 2015 04:08:48 +0100 (BST) +Received: from ip6-localhost ([::1] helo=platypus.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1Zbgbw-0003O0-8d; Tue, 15 Sep 2015 04:08:48 +0100 +Received: from inmail0 ([10.112.100.10] helo=mx0.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1Zbgbu-0003Nt-OO + for ; Tue, 15 Sep 2015 04:08:46 +0100 +Received: from pieni.net ([95.142.166.37] ident=postfix) + by mx0.pepperfish.net with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) + (Exim 4.80) (envelope-from ) id 1Zbgbs-0000KK-LO + for obnam-dev@obnam.org; Tue, 15 Sep 2015 04:08:46 +0100 +Received: from exolobe1.liw.fi (unknown [82.203.205.227]) + (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) + (No client certificate requested) + by pieni.net (Postfix) with ESMTPSA id B01CD2E99A + for ; Tue, 15 Sep 2015 05:08:36 +0200 (CEST) +Received: from exolobe1.liw.fi (localhost [127.0.0.1]) + by exolobe1.liw.fi (Postfix) with ESMTPS id 146CF40331 + for ; Tue, 15 Sep 2015 06:08:36 +0300 (EEST) +Date: Tue, 15 Sep 2015 06:08:34 +0300 +From: Lars Wirzenius +To: obnam-dev@obnam.org +Message-ID: <20150915030834.GA31821@exolobe1.liw.fi> +References: <1441948936-12526-1-git-send-email-mathstuf@gmail.com> + <1442278857-352-1-git-send-email-mathstuf@gmail.com> +MIME-Version: 1.0 +Content-Type: text/plain; charset=iso-8859-1 +Content-Disposition: inline +Content-Transfer-Encoding: 8bit +In-Reply-To: <1442278857-352-1-git-send-email-mathstuf@gmail.com> +User-Agent: Mutt/1.5.23 (2014-03-12) +X-Spam-Score: -3.4 +X-Spam-Score-int: -33 +X-Spam-Bar: --- +X-Scanned-By: pepperfish.net, Tue, 15 Sep 2015 04:08:46 +0100 +X-Spam-Report: Content analysis details: (-3.4 points) + pts rule name description + ---- ---------------------- -------------------------------------------------- + -1.0 PPF_USER_AGENT_MUTT User-Agent: contains Mutt (Mutt isn't a spam + tool) -0.5 PPF_USER_AGENT User-Agent: exists + -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% + [score: 0.0000] +X-ACL-Warn: message may be spam +X-Scan-Signature: e4e431e682df92a0961cb181d6069e33 +Subject: Re: [PATCH v2] Support obnam-specific GPGHOMEDIR +X-BeenThere: obnam-dev@obnam.org +X-Mailman-Version: 2.1.5 +Precedence: list +List-Id: Obnam development discussions +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +Sender: obnam-dev-bounces@obnam.org +Errors-To: obnam-dev-bounces@obnam.org + +On Mon, Sep 14, 2015 at 09:00:56PM -0400, Ben Boeckel wrote: +> Now with a yarn test :) . + +Excellent, thank you. + +Unfortunately, the yarn tests fail for me, and it wasn immediately +clear why. I'll have a look when I'm back home. The output I get is +below, if you want to have a try before that. + + - - - - + +run yarn for repository format 6 +WARNING: No scenario code blocks in yarns/0010-introduction.yarn +WARNING: No scenario code blocks in yarns/0020-test-environment.yarn +ERROR: In scenario "use repository format 6" +step "WHEN user havelock restores generation 1 in T/repo to R1" failed, +with exit code 1: +Standard output from shell command: + gnupghome None + gnupghome None +Standard error from shell command: + + export HOME=/tmp/tmp6yZskT/use_repository_format_6/datadir/home + + mkdir -p /tmp/tmp6yZskT/use_repository_format_6/datadir/home + + cp -a /home/liw/obnam/obnam/test-gpghome /tmp/tmp6yZskT/use_repository_format_6/datadir/.gnupg + + export GNUPGHOME=/tmp/tmp6yZskT/use_repository_format_6/datadir/.gnupg + + run_obnam havelock -r /tmp/tmp6yZskT/use_repository_format_6/datadir/T/repo --encrypt-with=3B1802F81B321347+ genids + + localsed name=havelock -n + 1p + + shift + + local conf=/tmp/tmp6yZskT/use_repository_format_6/datadir/havelock.conf + + [ ! -e /tmp/tmp6yZskT/use_repository_format_6/datadir/havelock.conf ] + + add_to_config havelock client-name havelock + + local client=havelock + + local filename=/tmp/tmp6yZskT/use_repository_format_6/datadir/havelock.conf + + local key=client-name + + local value=havelock + + [ ! -e /tmp/tmp6yZskT/use_repository_format_6/datadir/havelock.conf ] + + printf [config]\n + + printf client-name = %s\n havelock + + printf %s = %s\n client-name havelock + + add_to_config havelock weak-random yes + + local client=havelock + + local filename=/tmp/tmp6yZskT/use_repository_format_6/datadir/havelock.conf + + local key=weak-random + + local value=yes + + [ ! -e /tmp/tmp6yZskT/use_repository_format_6/datadir/havelock.conf ] + + printf %s = %s\n weak-random yes + + add_to_config havelock lock-timeout 0 + + local client=havelock + + local filename=/tmp/tmp6yZskT/use_repository_format_6/datadir/havelock.conf + + local key=lock-timeout + + local value=0 + + [ ! -e /tmp/tmp6yZskT/use_repository_format_6/datadir/havelock.conf ] + + printf %s = %s\n lock-timeout 0 + + [ -n 6 ] + + add_to_config havelock repository-format 6 + + local client=havelock + + local filename=/tmp/tmp6yZskT/use_repository_format_6/datadir/havelock.conf + + local key=repository-format + + local value=6 + + [ ! -e /tmp/tmp6yZskT/use_repository_format_6/datadir/havelock.conf ] + + printf %s = %s\n repository-format 6 + + [ -e /tmp/tmp6yZskT/use_repository_format_6/datadir/havelock.env ] + + /home/liw/obnam/obnam/obnam --no-default-config --config /tmp/tmp6yZskT/use_repository_format_6/datadir/havelock.conf --quiet --log-level debug --log /tmp/tmp6yZskT/use_repository_format_6/datadir/obnam.log --trace obnamlib --trace larch -r /tmp/tmp6yZskT/use_repository_format_6/datadir/T/repo --encrypt-with=3B1802F81B321347 genids + + genid=gnupghome None + + run_obnam havelock -r /tmp/tmp6yZskT/use_repository_format_6/datadir/T/repo --encrypt-with=3B1802F81B321347 restore --to /tmp/tmp6yZskT/use_repository_format_6/datadir/R1 --generation gnupghome None --always-restore-setuid + + local name=havelock + + shift + + local conf=/tmp/tmp6yZskT/use_repository_format_6/datadir/havelock.conf + + [ ! -e /tmp/tmp6yZskT/use_repository_format_6/datadir/havelock.conf ] + + add_to_config havelock weak-random yes + + local client=havelock + + local filename=/tmp/tmp6yZskT/use_repository_format_6/datadir/havelock.conf + + local key=weak-random + + local value=yes + + [ ! -e /tmp/tmp6yZskT/use_repository_format_6/datadir/havelock.conf ] + + printf %s = %s\n weak-random yes + + add_to_config havelock lock-timeout 0 + + local client=havelock + + local filename=/tmp/tmp6yZskT/use_repository_format_6/datadir/havelock.conf + + local key=lock-timeout + + local value=0 + + [ ! -e /tmp/tmp6yZskT/use_repository_format_6/datadir/havelock.conf ] + + printf %s = %s\n lock-timeout 0 + + [ -n 6 ] + + add_to_config havelock repository-format 6 + + local client=havelock + + local filename=/tmp/tmp6yZskT/use_repository_format_6/datadir/havelock.conf + + local key=repository-format + + local value=6 + + [ ! -e /tmp/tmp6yZskT/use_repository_format_6/datadir/havelock.conf ] + + printf %s = %s\n repository-format 6 + + [ -e /tmp/tmp6yZskT/use_repository_format_6/datadir/havelock.env ] + + /home/liw/obnam/obnam/obnam --no-default-config --config /tmp/tmp6yZskT/use_repository_format_6/datadir/havelock.conf --quiet --log-level debug --log /tmp/tmp6yZskT/use_repository_format_6/datadir/obnam.log --trace obnamlib --trace larch -r /tmp/tmp6yZskT/use_repository_format_6/datadir/T/repo --encrypt-with=3B1802F81B321347 restore --to /tmp/tmp6yZskT/use_repository_format_6/datadir/R1 --generation gnupghome None --always-restore-setuid + ERROR: R0B15DX: Cannot find requested generation 'gnupghome None' for client havelock + +ERROR: In scenario "use repository format 6 with in-tree data" +step "WHEN user havelock restores generation 1 in T/repo to R1" failed, +with exit code 1: +Standard output from shell command: + gnupghome None + gnupghome None +Standard error from shell command: + + export HOME=/tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/home + + mkdir -p /tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/home + + cp -a /home/liw/obnam/obnam/test-gpghome /tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/.gnupg + + export GNUPGHOME=/tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/.gnupg + + run_obnam havelock -r /tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/T/repo --encrypt-with=3B1802F81B321347 genids + + + local name=havelock + + shift + + local conf=/tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/havelock.confsed + -n 1p + + [ ! -e /tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/havelock.conf ] + + add_to_config havelock client-name havelock + + local client=havelock + + local filename=/tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/havelock.conf + + local key=client-name + + local value=havelock + + [ ! -e /tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/havelock.conf ] + + printf [config]\n + + printf client-name = %s\n havelock + + printf %s = %s\n client-name havelock + + add_to_config havelock weak-random yes + + local client=havelock + + local filename=/tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/havelock.conf + + local key=weak-random + + local value=yes + + [ ! -e /tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/havelock.conf ] + + printf %s = %s\n weak-random yes + + add_to_config havelock lock-timeout 0 + + local client=havelock + + local filename=/tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/havelock.conf + + local key=lock-timeout + + local value=0 + + [ ! -e /tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/havelock.conf ] + + printf %s = %s\n lock-timeout 0 + + [ -n 6 ] + + add_to_config havelock repository-format 6 + + local client=havelock + + local filename=/tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/havelock.conf + + local key=repository-format + + local value=6 + + [ ! -e /tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/havelock.conf ] + + printf %s = %s\n repository-format 6 + + [ -e /tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/havelock.env ] + + /home/liw/obnam/obnam/obnam --no-default-config --config /tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/havelock.conf --quiet --log-level debug --log /tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/obnam.log --trace obnamlib --trace larch -r /tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/T/repo --encrypt-with=3B1802F81B321347 genids + + genid=gnupghome None + + run_obnam havelock -r /tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/T/repo --encrypt-with=3B1802F81B321347 restore --to /tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/R1 --generation gnupghome None --always-restore-setuid + + local name=havelock + + shift + + local conf=/tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/havelock.conf + + [ ! -e /tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/havelock.conf ] + + add_to_config havelock weak-random yes + + local client=havelock + + local filename=/tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/havelock.conf + + local key=weak-random + + local value=yes + + [ ! -e /tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/havelock.conf ] + + printf %s = %s\n weak-random yes + + add_to_config havelock lock-timeout 0 + + local client=havelock + + local filename=/tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/havelock.conf + + local key=lock-timeout + + local value=0 + + [ ! -e /tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/havelock.conf ] + + printf %s = %s\n lock-timeout 0 + + [ -n 6 ] + + add_to_config havelock repository-format 6 + + local client=havelock + + local filename=/tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/havelock.conf + + local key=repository-format + + local value=6 + + [ ! -e /tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/havelock.conf ] + + printf %s = %s\n repository-format 6 + + [ -e /tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/havelock.env ] + + /home/liw/obnam/obnam/obnam --no-default-config --config /tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/havelock.conf --quiet --log-level debug --log /tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/obnam.log --trace obnamlib --trace larch -r /tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/T/repo --encrypt-with=3B1802F81B321347 restore --to /tmp/tmp0_9SKZ/use_repository_format_6_with_in-tree_data/datadir/R1 --generation gnupghome None --always-restore-setuid + ERROR: R0B15DX: Cannot find requested generation 'gnupghome None' for client havelock + +Failed scenarios: + - use repository format 6 + - use repository format 6 with in-tree data +ERROR: Test suite FAILED in 2 scenarios + + +-- +Schrödinger's backup hypothesis: the condition of any backup is +undefined until a restore is attempted. -- andrewsh + +_______________________________________________ +obnam-dev mailing list +obnam-dev@obnam.org +http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org diff --git a/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998996.M920926P17339Q60.exolobe1 b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998996.M920926P17339Q60.exolobe1 new file mode 100644 index 0000000..ae7a063 --- /dev/null +++ b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998996.M920926P17339Q60.exolobe1 @@ -0,0 +1,129 @@ +Return-Path: +X-Original-To: distix@pieni.net +Delivered-To: distix@pieni.net +Received: from bagpuss.pepperfish.net (bagpuss.pepperfish.net [148.251.8.16]) + (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) + (No client certificate requested) + by pieni.net (Postfix) with ESMTPS id 4C1122B256 + for ; Fri, 25 Sep 2015 07:38:19 +0200 (CEST) +Received: from platypus.pepperfish.net (unknown [10.112.100.20]) + by bagpuss.pepperfish.net (Postfix) with ESMTP id EC46EBD7; + Fri, 25 Sep 2015 06:38:18 +0100 (BST) +Received: from ip6-localhost ([::1] helo=platypus.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1ZfLi6-0006wV-RV; Fri, 25 Sep 2015 06:38:18 +0100 +Received: from inmail0 ([10.112.100.10] helo=mx0.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1ZfLi5-0006wM-5i + for ; Fri, 25 Sep 2015 06:38:17 +0100 +Received: from mail-io0-f178.google.com ([209.85.223.178]) + by mx0.pepperfish.net with esmtps (TLS1.2:RSA_ARCFOUR_SHA1:128) + (Exim 4.80) (envelope-from ) id 1ZfLi3-0005Qv-EW + for obnam-dev@obnam.org; Fri, 25 Sep 2015 06:38:17 +0100 +Received: by iofb144 with SMTP id b144so100673132iof.1 + for ; Thu, 24 Sep 2015 22:38:03 -0700 (PDT) +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; + h=from:to:cc:subject:date:message-id:in-reply-to:references; + bh=fRAc5sfGe0QxSZTtfPDwPDfLRoGy+aZN5h1N63E45zc=; + b=YqilPFJfWgxU8dLhVIJs85ob1iXtS4KskjQ7I5/777Csys19hyz3qk1unWGC1FLBYZ + gsSFGB+4esiA7WZd6ZIai9Y/FAbuXdb3KbCmUF/eNGrJ1A2Zvs8huOH2APZiRLdWw9z4 + NwfJN9N7bYdKVXB0mRPxV8Xw+5Pnu6ooEgzDJ7veH5DPaZnZtqFJl4YJLg4HveQsMs9/ + uYAl7acTGx6ThfC3l+MKwFO2LOsIRfvZkl63af2uznNmWirGfqNhgK4e6WWQjItGEy+Q + xlhpzduilC/Et6NboDikM4dj6ivq6YJ5kWQzInzIOR/z+NxwqDAo7fi7uPZb8MjUx0FI + AjPg== +X-Received: by 10.107.170.32 with SMTP id t32mr4531020ioe.173.1443159483060; + Thu, 24 Sep 2015 22:38:03 -0700 (PDT) +Received: from localhost (26.sub-70-209-128.myvzw.com. [70.209.128.26]) + by smtp.gmail.com with ESMTPSA id a193sm1035451ioe.37.2015.09.24.22.38.01 + (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); + Thu, 24 Sep 2015 22:38:01 -0700 (PDT) +From: Ben Boeckel +To: obnam-dev@obnam.org +Date: Fri, 25 Sep 2015 01:37:51 -0400 +Message-Id: <1443159474-27126-2-git-send-email-mathstuf@gmail.com> +X-Mailer: git-send-email 2.5.3 +In-Reply-To: <1443159474-27126-1-git-send-email-mathstuf@gmail.com> +References: <1441948936-12526-1-git-send-email-mathstuf@gmail.com> + <1443159474-27126-1-git-send-email-mathstuf@gmail.com> +X-Spam-Score: -0.5 +X-Spam-Score-int: -4 +X-Spam-Bar: / +X-Scanned-By: pepperfish.net, Fri, 25 Sep 2015 06:38:17 +0100 +X-Spam-Report: Content analysis details: (-0.5 points) + pts rule name description + ---- ---------------------- -------------------------------------------------- + 1.0 PPF_FROM_CONTAINS_MAIL The From header contains 'mail' + 1.2 FREEMAIL_FROM Sender email is commonly abused enduser mail provider + (mathstuf[at]gmail.com) + -0.0 SPF_PASS SPF: sender matches SPF record + -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% + [score: 0.0000] + -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's + domain + 0.1 DKIM_SIGNED Message has a DKIM or DK signature, + not necessarily valid + -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature + -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low + trust [209.85.223.178 listed in list.dnswl.org] +X-ACL-Warn: message may be spam +X-Scan-Signature: 7f2245552c28d1e693ee8fc7a1f06879 +Cc: Ben Boeckel +Subject: [PATCH v4 1/4] encryption: refactor _gpg_pipe to use _gpg +X-BeenThere: obnam-dev@obnam.org +X-Mailman-Version: 2.1.5 +Precedence: list +List-Id: Obnam development discussions +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +Sender: obnam-dev-bounces@obnam.org +Errors-To: obnam-dev-bounces@obnam.org + +Signed-off-by: Ben Boeckel +--- + obnamlib/encryption.py | 17 +++++------------ + 1 file changed, 5 insertions(+), 12 deletions(-) + +diff --git a/obnamlib/encryption.py b/obnamlib/encryption.py +index 7030359..d76193c 100644 +--- a/obnamlib/encryption.py ++++ b/obnamlib/encryption.py +@@ -90,21 +90,14 @@ def _gpg_pipe(args, data, passphrase): + os.write(keypipe[1], passphrase + '\n') + os.close(keypipe[1]) + +- # Actually run gpg. +- +- argv = ['gpg', '--passphrase-fd', str(keypipe[0]), '-q', '--batch', +- '--no-textmode'] + args +- tracing.trace('argv=%s', repr(argv)) +- p = subprocess.Popen(argv, stdin=subprocess.PIPE, stdout=subprocess.PIPE, +- stderr=subprocess.PIPE) +- out, err = p.communicate(data) ++ try: ++ out = _gpg(args + ['--passphrase-fd', str(keypipe[0])], stdin=data) ++ except: # pragma: no cover ++ os.close(keypipe[0]) ++ raise + + os.close(keypipe[0]) + +- # Return output data, or deal with errors. +- if p.returncode: # pragma: no cover +- raise GpgError(returncode=p.returncode, stderr=err) +- + return out + + +-- +2.5.3 + + +_______________________________________________ +obnam-dev mailing list +obnam-dev@obnam.org +http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org diff --git a/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998997.M885478P17339Q75.exolobe1 b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998997.M885478P17339Q75.exolobe1 new file mode 100644 index 0000000..037c6e9 --- /dev/null +++ b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998997.M885478P17339Q75.exolobe1 @@ -0,0 +1,122 @@ +Return-Path: +X-Original-To: distix@pieni.net +Delivered-To: distix@pieni.net +Received: from bagpuss.pepperfish.net (bagpuss.pepperfish.net [148.251.8.16]) + (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) + (No client certificate requested) + by pieni.net (Postfix) with ESMTPS id D65342E0ED + for ; Fri, 11 Sep 2015 07:22:40 +0200 (CEST) +Received: from platypus.pepperfish.net (unknown [10.112.100.20]) + by bagpuss.pepperfish.net (Postfix) with ESMTP id 1196ECBA; + Fri, 11 Sep 2015 06:22:40 +0100 (BST) +Received: from ip6-localhost ([::1] helo=platypus.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1ZaGnH-0007V9-Uv; Fri, 11 Sep 2015 06:22:39 +0100 +Received: from inmail0 ([10.112.100.10] helo=mx0.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1ZaGnG-0007V2-84 + for ; Fri, 11 Sep 2015 06:22:38 +0100 +Received: from mail-io0-f172.google.com ([209.85.223.172]) + by mx0.pepperfish.net with esmtps (TLS1.2:RSA_ARCFOUR_SHA1:128) + (Exim 4.80) (envelope-from ) id 1ZaGnE-0004Il-6y + for obnam-dev@obnam.org; Fri, 11 Sep 2015 06:22:38 +0100 +Received: by ioiz6 with SMTP id z6so85993506ioi.2 + for ; Thu, 10 Sep 2015 22:22:23 -0700 (PDT) +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; + h=from:to:cc:subject:date:message-id; + bh=c03BoVGUZuMZN/NKdaknz/mrT3AyOH7w9VfGSrfmDUc=; + b=BYYFn+YxHka83+Yhfhz80lKlw2OLBOXEsvzaJEfGnul1EbNrzOkIr+dIM9luYPOal8 + Bn5xXT9sLAZwfl1fnwqfX7U7WNKvsXr8VL9HGbouYftV+4/heQrkq9Rkiba1a52wHBmC + W2XQkq4LD4rs4hyKZJuDXhs8eBFDRhFixB1i5dqvKnB/P44FKBFxkG+nGyX3cLujKFQk + UJOblu0gRYh+J/sWfeUGm13jdBHCEPRUpKyIGbmST9Tst7N79Y5H891gQgoYRAbC5Ee1 + +fY7ppJFFFC1PCnsRNEwTKNmKbMw85F9lnVKq2wv9SiwuXfXpugKLdXKwmScBqc//Ynr + 9UXQ== +X-Received: by 10.107.8.164 with SMTP id h36mr499182ioi.35.1441948943581; + Thu, 10 Sep 2015 22:22:23 -0700 (PDT) +Received: from localhost (45.sub-70-209-135.myvzw.com. [70.209.135.45]) + by smtp.gmail.com with ESMTPSA id 67sm149756iog.34.2015.09.10.22.22.21 + (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); + Thu, 10 Sep 2015 22:22:21 -0700 (PDT) +From: Ben Boeckel +To: obnam-dev@obnam.org +Date: Fri, 11 Sep 2015 01:22:13 -0400 +Message-Id: <1441948936-12526-1-git-send-email-mathstuf@gmail.com> +X-Mailer: git-send-email 2.5.1 +X-Spam-Score: -0.5 +X-Spam-Score-int: -4 +X-Spam-Bar: / +X-Scanned-By: pepperfish.net, Fri, 11 Sep 2015 06:22:38 +0100 +X-Spam-Report: Content analysis details: (-0.5 points) + pts rule name description + ---- ---------------------- -------------------------------------------------- + 1.0 PPF_FROM_CONTAINS_MAIL The From header contains 'mail' + 1.2 FREEMAIL_FROM Sender email is commonly abused enduser mail provider + (mathstuf[at]gmail.com) + -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low + trust [209.85.223.172 listed in list.dnswl.org] + -0.0 SPF_PASS SPF: sender matches SPF record + -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% + [score: 0.0000] + -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's + domain + 0.1 DKIM_SIGNED Message has a DKIM or DK signature, + not necessarily valid + -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature +X-ACL-Warn: message may be spam +X-Scan-Signature: 8887c701ef4198506b295ef73f0e38b1 +Cc: Ben Boeckel +Subject: [PATCH 0/3] Support obnam-specific GPGHOMEDIR +X-BeenThere: obnam-dev@obnam.org +X-Mailman-Version: 2.1.5 +Precedence: list +List-Id: Obnam development discussions +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +Sender: obnam-dev-bounces@obnam.org +Errors-To: obnam-dev-bounces@obnam.org + +Having recently finally started to back up my working machines (versus +my servers), I've hit a new use (corner?) case :) . + +I use an obscure setup where my GPG keyring files are actually symlinks +to an automounted USB key (similar symlinks are used with SSL client +certs, SSH private keys, etc.). This means that when the systemd timer +job comes around and starts obnam, it may not be available (currently +working around it with Environment=GNUPGHOME=...). Instead, allow obnam +to be configured with a machine-local GPG keyring which is stable. + +The tests pass up to running the actual backup tests. Unfortunately, +they do not output any logs (or don't mention them). + +I can add a test for the gpg-homedir option if wanted (would like code +review first since it is late :) ). + +Also contains two other minor fixups, one whitespace, and another to +support the build directory being a symlink. + +--Ben + +Ben Boeckel (3): + encryption_plugin: add a gpg-homedir configuration option + manpage: remove rogue trailing whitespace + build: support build/ being a symlink + + check | 2 +- + obnam.1.in | 7 ++++++- + obnamlib/plugins/encryption_plugin.py | 15 ++++++++++++--- + setup.py | 6 +++++- + 4 files changed, 24 insertions(+), 6 deletions(-) + +-- +2.5.1 + + +_______________________________________________ +obnam-dev mailing list +obnam-dev@obnam.org +http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org diff --git a/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998999.M235630P17339Q93.exolobe1 b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998999.M235630P17339Q93.exolobe1 new file mode 100644 index 0000000..5a38149 --- /dev/null +++ b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998999.M235630P17339Q93.exolobe1 @@ -0,0 +1,107 @@ +Return-Path: +X-Original-To: distix@pieni.net +Delivered-To: distix@pieni.net +Received: from bagpuss.pepperfish.net (bagpuss.pepperfish.net [148.251.8.16]) + (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) + (No client certificate requested) + by pieni.net (Postfix) with ESMTPS id AC4752BBD8 + for ; Sun, 11 Oct 2015 17:22:23 +0200 (CEST) +Received: from platypus.pepperfish.net (unknown [10.112.100.20]) + by bagpuss.pepperfish.net (Postfix) with ESMTP id 305D25BE; + Sun, 11 Oct 2015 16:22:23 +0100 (BST) +Received: from ip6-localhost ([::1] helo=platypus.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1ZlIS7-0000cB-1T; Sun, 11 Oct 2015 16:22:23 +0100 +Received: from inmail0 ([10.112.100.10] helo=mx0.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1ZlIS6-0000c5-Jg + for ; Sun, 11 Oct 2015 16:22:22 +0100 +Received: from mail-yk0-f182.google.com ([209.85.160.182]) + by mx0.pepperfish.net with esmtps (TLS1.2:RSA_ARCFOUR_SHA1:128) + (Exim 4.80) (envelope-from ) id 1ZlIS4-0000aG-FV + for obnam-dev@obnam.org; Sun, 11 Oct 2015 16:22:22 +0100 +Received: by ykoo7 with SMTP id o7so2725267yko.0 + for ; Sun, 11 Oct 2015 08:22:08 -0700 (PDT) +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; + h=date:from:to:cc:subject:message-id:reply-to:references:mime-version + :content-type:content-disposition:in-reply-to:user-agent; + bh=JwycBM90Tdk8p4ajswAKGy5av5wzjhIySsbRA/v6Sb4=; + b=j+gr8lbIAbF3pd8wvRjf0EnLdf7h9sHoKBYQoyaCw7kfqiMyu9D6cc9sGkyabfSAsZ + Pp4mSzRoLamWq9oM3Y2fCd+N0R6snu6UexVPFpcv6SkudIWDVmUgdqVi7zsI/Rt7WMPG + EChw5UfscsjGeNXwi7rwjbjID0vZwF7sJh3ZTM2EkcsgLZ3reQn3IyGOIC9SLuken21p + 1XtGm40WelMIkXWez5PyZ7Q1/6vhLhrs4CfDcxBJ7ve374FBBHZgxn4XY/3wWMVrcwXb + SL+7AEIMKj1RhE28mQVVoMIdbC4ExN3Sl9kgQ06s8fBAZtE+/P+OPJeElqWYnTNdY4UL + nvLQ== +X-Received: by 10.129.104.198 with SMTP id d189mr16825514ywc.219.1444576928790; + Sun, 11 Oct 2015 08:22:08 -0700 (PDT) +Received: from localhost (147.sub-70-209-136.myvzw.com. [70.209.136.147]) + by smtp.gmail.com with ESMTPSA id d207sm723921ywb.51.2015.10.11.08.22.07 + (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); + Sun, 11 Oct 2015 08:22:08 -0700 (PDT) +Date: Sun, 11 Oct 2015 11:22:06 -0400 +From: Ben Boeckel +To: Lars Wirzenius +Message-ID: <20151011152206.GC29799@bronto-burt.dev.benboeckel.net> +References: <1441948936-12526-1-git-send-email-mathstuf@gmail.com> + <1443159474-27126-1-git-send-email-mathstuf@gmail.com> + <20151011090359.GA11145@exolobe1.liw.fi> +MIME-Version: 1.0 +Content-Type: text/plain; charset=utf-8 +Content-Disposition: inline +In-Reply-To: <20151011090359.GA11145@exolobe1.liw.fi> +User-Agent: Mutt/1.5.24 (2015-08-30) +X-Spam-Score: -2.0 +X-Spam-Score-int: -19 +X-Spam-Bar: -- +X-Scanned-By: pepperfish.net, Sun, 11 Oct 2015 16:22:22 +0100 +X-Spam-Report: Content analysis details: (-2.0 points) + pts rule name description + ---- ---------------------- -------------------------------------------------- + -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low + trust [209.85.160.182 listed in list.dnswl.org] + -1.0 PPF_USER_AGENT_MUTT User-Agent: contains Mutt (Mutt isn't a spam + tool) -0.5 PPF_USER_AGENT User-Agent: exists + 1.0 PPF_FROM_CONTAINS_MAIL The From header contains 'mail' + 1.2 FREEMAIL_FROM Sender email is commonly abused enduser mail provider + (mathstuf[at]gmail.com) + -0.0 SPF_PASS SPF: sender matches SPF record + -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% + [score: 0.0000] + -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's + domain + 0.1 DKIM_SIGNED Message has a DKIM or DK signature, + not necessarily valid + -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature +X-ACL-Warn: message may be spam +X-Scan-Signature: c6a04e95ab64e848eeb19dd7849321d4 +Cc: obnam-dev@obnam.org +Subject: Re: [PATCH v4 0/4] GPGHOMEDIR improvements +X-BeenThere: obnam-dev@obnam.org +X-Mailman-Version: 2.1.5 +Precedence: list +Reply-To: mathstuf@gmail.com +List-Id: Obnam development discussions +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +Sender: obnam-dev-bounces@obnam.org +Errors-To: obnam-dev-bounces@obnam.org + +On Sun, Oct 11, 2015 at 12:03:59 +0300, Lars Wirzenius wrote: +> Thank you, I've reviewed the code, ran the test suite, fixed the +> nitpick problem (the version of pep8 on my computer wants at least two +> spaces before an inline comment), merged to master, and pushed to +> git.liw.fi. + +Thank you! + +--Ben + +_______________________________________________ +obnam-dev mailing list +obnam-dev@obnam.org +http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org diff --git a/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998999.M50540P17339Q87.exolobe1 b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998999.M50540P17339Q87.exolobe1 new file mode 100644 index 0000000..6e5a991 --- /dev/null +++ b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998999.M50540P17339Q87.exolobe1 @@ -0,0 +1,142 @@ +Return-Path: +X-Original-To: distix@pieni.net +Delivered-To: distix@pieni.net +Received: from bagpuss.pepperfish.net (bagpuss.pepperfish.net [148.251.8.16]) + (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) + (No client certificate requested) + by pieni.net (Postfix) with ESMTPS id 32BB52B256 + for ; Fri, 25 Sep 2015 07:38:25 +0200 (CEST) +Received: from platypus.pepperfish.net (unknown [10.112.100.20]) + by bagpuss.pepperfish.net (Postfix) with ESMTP id DF556B9A; + Fri, 25 Sep 2015 06:38:24 +0100 (BST) +Received: from ip6-localhost ([::1] helo=platypus.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1ZfLiC-0006xJ-Pv; Fri, 25 Sep 2015 06:38:24 +0100 +Received: from inmail0 ([10.112.100.10] helo=mx0.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1ZfLiB-0006xC-In + for ; Fri, 25 Sep 2015 06:38:23 +0100 +Received: from mail-io0-f180.google.com ([209.85.223.180]) + by mx0.pepperfish.net with esmtps (TLS1.2:RSA_ARCFOUR_SHA1:128) + (Exim 4.80) (envelope-from ) id 1ZfLi9-0005Qx-TO + for obnam-dev@obnam.org; Fri, 25 Sep 2015 06:38:23 +0100 +Received: by iofb144 with SMTP id b144so100674941iof.1 + for ; Thu, 24 Sep 2015 22:38:10 -0700 (PDT) +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; + h=from:to:cc:subject:date:message-id:in-reply-to:references; + bh=dZVK294yAIt7+5nhEGuP++/zJW5rtpF0WqYUKuZ4t3I=; + b=QunLDCd18Pn+y2CKJTz2yyVzsrZjXSyJqBDQklFJcxoNAAS57sYKijVxjqhccIzowP + cP4v9AJSuCYHSygdoJwmY2Qdn7PkSkJWj3i70Hf0WZbkJcIHFBKASm6Ba9RNAe426PwE + s5/W3YO3dsi7dyxM5TAsiLy0wFLPNxBWLYJUT93Z6bqIT/thgXm8D4Hw6ptsbXfvi+sk + NxIsxT7LL4nrN3yrZ+oQvN01ry0fn+TNiyZcoLtO/DVk1nWJaJcWV1E7u17Mo9cMSLEL + 3gNLIGECYOxtw8D+E4HH1W20Z8IcFrWRiqQ41+GBUzs/GtkSXeRHQyrHYQPf8jdLewaK + dSdg== +X-Received: by 10.107.167.204 with SMTP id q195mr5208681ioe.119.1443159490379; + Thu, 24 Sep 2015 22:38:10 -0700 (PDT) +Received: from localhost (26.sub-70-209-128.myvzw.com. [70.209.128.26]) + by smtp.gmail.com with ESMTPSA id k21sm1050799ioi.10.2015.09.24.22.38.08 + (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); + Thu, 24 Sep 2015 22:38:09 -0700 (PDT) +From: Ben Boeckel +To: obnam-dev@obnam.org +Date: Fri, 25 Sep 2015 01:37:53 -0400 +Message-Id: <1443159474-27126-4-git-send-email-mathstuf@gmail.com> +X-Mailer: git-send-email 2.5.3 +In-Reply-To: <1443159474-27126-1-git-send-email-mathstuf@gmail.com> +References: <1441948936-12526-1-git-send-email-mathstuf@gmail.com> + <1443159474-27126-1-git-send-email-mathstuf@gmail.com> +X-Spam-Score: -0.5 +X-Spam-Score-int: -4 +X-Spam-Bar: / +X-Scanned-By: pepperfish.net, Fri, 25 Sep 2015 06:38:23 +0100 +X-Spam-Report: Content analysis details: (-0.5 points) + pts rule name description + ---- ---------------------- -------------------------------------------------- + 1.0 PPF_FROM_CONTAINS_MAIL The From header contains 'mail' + 1.2 FREEMAIL_FROM Sender email is commonly abused enduser mail provider + (mathstuf[at]gmail.com) + -0.0 SPF_PASS SPF: sender matches SPF record + -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% + [score: 0.0000] + -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's + domain + 0.1 DKIM_SIGNED Message has a DKIM or DK signature, + not necessarily valid + -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature + -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low + trust [209.85.223.180 listed in list.dnswl.org] +X-ACL-Warn: message may be spam +X-Scan-Signature: 95307e19e51ef85356cdc588a20b2845 +Cc: Ben Boeckel +Subject: [PATCH v4 3/4] encryption_tests: make robust against bad default + keyrings +X-BeenThere: obnam-dev@obnam.org +X-Mailman-Version: 2.1.5 +Precedence: list +List-Id: Obnam development discussions +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +Sender: obnam-dev-bounces@obnam.org +Errors-To: obnam-dev-bounces@obnam.org + +If the default keyring is not pristine, the test suite fails with errors +related to gpg not being able to read the keyring. Since the symmetric +encryption tests can use an empty keyring, make an empty directory for +it. + +Signed-off-by: Ben Boeckel +--- + obnamlib/encryption_tests.py | 15 ++++++++++++--- + 1 file changed, 12 insertions(+), 3 deletions(-) + +diff --git a/obnamlib/encryption_tests.py b/obnamlib/encryption_tests.py +index c695b73..86fd2fa 100644 +--- a/obnamlib/encryption_tests.py ++++ b/obnamlib/encryption_tests.py +@@ -37,6 +37,12 @@ class SymmetricEncryptionTests(unittest.TestCase): + # In these tests, we care about making sure we use the tools right, + # not that the tools themselves work right. + ++ def setUp(self): ++ self.gpghome = tempfile.mkdtemp() ++ ++ def tearDown(self): ++ shutil.rmtree(self.gpghome) ++ + def test_generates_key_of_correct_length(self): + numbits = 16 + key = obnamlib.generate_symmetric_key(numbits, filename='/dev/zero') +@@ -50,14 +56,17 @@ class SymmetricEncryptionTests(unittest.TestCase): + def test_encrypts_into_different_string_than_cleartext(self): + cleartext = 'hello world' + key = 'sekr1t' +- encrypted = obnamlib.encrypt_symmetric(cleartext, key) ++ encrypted = obnamlib.encrypt_symmetric(cleartext, key, ++ gpghome=self.gpghome) + self.assertNotEqual(cleartext, encrypted) + + def test_encrypt_decrypt_round_trip(self): + cleartext = 'hello, world' + key = 'sekr1t' +- encrypted = obnamlib.encrypt_symmetric(cleartext, key) +- decrypted = obnamlib.decrypt_symmetric(encrypted, key) ++ encrypted = obnamlib.encrypt_symmetric(cleartext, key, ++ gpghome=self.gpghome) ++ decrypted = obnamlib.decrypt_symmetric(encrypted, key, ++ gpghome=self.gpghome) + self.assertEqual(decrypted, cleartext) + + +-- +2.5.3 + + +_______________________________________________ +obnam-dev mailing list +obnam-dev@obnam.org +http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org diff --git a/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998999.M586821P17339Q97.exolobe1 b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998999.M586821P17339Q97.exolobe1 new file mode 100644 index 0000000..3ea0ae1 --- /dev/null +++ b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455998999.M586821P17339Q97.exolobe1 @@ -0,0 +1,169 @@ +Return-Path: +X-Original-To: distix@pieni.net +Delivered-To: distix@pieni.net +Received: from bagpuss.pepperfish.net (bagpuss.pepperfish.net [148.251.8.16]) + (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) + (No client certificate requested) + by pieni.net (Postfix) with ESMTPS id D96D42E096 + for ; Fri, 11 Sep 2015 07:22:46 +0200 (CEST) +Received: from platypus.pepperfish.net (unknown [10.112.100.20]) + by bagpuss.pepperfish.net (Postfix) with ESMTP id 7C285CC1; + Fri, 11 Sep 2015 06:22:46 +0100 (BST) +Received: from ip6-localhost ([::1] helo=platypus.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1ZaGnO-0007VW-CH; Fri, 11 Sep 2015 06:22:46 +0100 +Received: from inmail0 ([10.112.100.10] helo=mx0.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1ZaGnM-0007VQ-OW + for ; Fri, 11 Sep 2015 06:22:44 +0100 +Received: from mail-ig0-f173.google.com ([209.85.213.173]) + by mx0.pepperfish.net with esmtps (TLS1.2:RSA_ARCFOUR_SHA1:128) + (Exim 4.80) (envelope-from ) id 1ZaGnL-0004Im-1F + for obnam-dev@obnam.org; Fri, 11 Sep 2015 06:22:44 +0100 +Received: by igcpb10 with SMTP id pb10so37115786igc.1 + for ; Thu, 10 Sep 2015 22:22:30 -0700 (PDT) +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; + h=from:to:cc:subject:date:message-id:in-reply-to:references; + bh=TKZkM02v+kOdX6WT1YlQa12frpe7tmVH5nWS+ibrVlY=; + b=H+nNRQpdaM5I6MSS2b/cRwRuiApxserz7ElAyuyraMIJrt01VX4XIEdg4DLR4mW5yQ + uZy3QkmJGWLINkeLVP+0jOgLpR9bmpb5FGBk8go9JS4PTEFsc4TRGHp2LKDKVvNoXf3m + wZs+tbBVNsprtctZKm0+f9v5xPq85S8iJb7FvYRWUn6EqTQkYdlwNeCIp9QB+Ow6wzWU + Ne8+2h2NaXky4AqhLD1euGsY2JGNkBpbNzRSYo9tTLVgCjVc3/ZA43NBRW2I5bncE7H5 + zxvnxaZDf/e2EhCWHFX+z/d6JZ8viYmlnTuR3/NaDA2r7Y986FusBoczTntgFtJVpZKd + 6TKQ== +X-Received: by 10.50.27.102 with SMTP id s6mr487510igg.23.1441948950490; + Thu, 10 Sep 2015 22:22:30 -0700 (PDT) +Received: from localhost (45.sub-70-209-135.myvzw.com. [70.209.135.45]) + by smtp.gmail.com with ESMTPSA id e18sm157391ioe.21.2015.09.10.22.22.29 + (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); + Thu, 10 Sep 2015 22:22:29 -0700 (PDT) +From: Ben Boeckel +To: obnam-dev@obnam.org +Date: Fri, 11 Sep 2015 01:22:14 -0400 +Message-Id: <1441948936-12526-2-git-send-email-mathstuf@gmail.com> +X-Mailer: git-send-email 2.5.1 +In-Reply-To: <1441948936-12526-1-git-send-email-mathstuf@gmail.com> +References: <1441948936-12526-1-git-send-email-mathstuf@gmail.com> +X-Spam-Score: -0.5 +X-Spam-Score-int: -4 +X-Spam-Bar: / +X-Scanned-By: pepperfish.net, Fri, 11 Sep 2015 06:22:44 +0100 +X-Spam-Report: Content analysis details: (-0.5 points) + pts rule name description + ---- ---------------------- -------------------------------------------------- + 1.0 PPF_FROM_CONTAINS_MAIL The From header contains 'mail' + 1.2 FREEMAIL_FROM Sender email is commonly abused enduser mail provider + (mathstuf[at]gmail.com) + -0.0 SPF_PASS SPF: sender matches SPF record + -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% + [score: 0.0000] + -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's + domain + 0.1 DKIM_SIGNED Message has a DKIM or DK signature, + not necessarily valid + -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature + -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low + trust [209.85.213.173 listed in list.dnswl.org] +X-ACL-Warn: message may be spam +X-Scan-Signature: 531f3386b8fdbaa107ddf70a0e4d95bf +Cc: Ben Boeckel +Subject: [PATCH 1/3] encryption_plugin: add a gpg-homedir configuration + option +X-BeenThere: obnam-dev@obnam.org +X-Mailman-Version: 2.1.5 +Precedence: list +List-Id: Obnam development discussions +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +Sender: obnam-dev-bounces@obnam.org +Errors-To: obnam-dev-bounces@obnam.org + +Signed-off-by: Ben Boeckel +--- + obnam.1.in | 5 +++++ + obnamlib/plugins/encryption_plugin.py | 15 ++++++++++++--- + 2 files changed, 17 insertions(+), 3 deletions(-) + +diff --git a/obnam.1.in b/obnam.1.in +index bb9bd0e..71772d5 100644 +--- a/obnam.1.in ++++ b/obnam.1.in +@@ -426,6 +426,11 @@ and then tell + about it using the + .B \-\-encrypt\-with + option. ++You may optionally use a separate home directory using the ++.B \-\-gpg-homedir ++option. By default, the default directory for ++.BR gpg(1) ++will be used. + .SS "Configuration files" + .B obnam + will look for configuration files in a number of locations. +diff --git a/obnamlib/plugins/encryption_plugin.py b/obnamlib/plugins/encryption_plugin.py +index ec3bcca..6e7c2b1 100644 +--- a/obnamlib/plugins/encryption_plugin.py ++++ b/obnamlib/plugins/encryption_plugin.py +@@ -49,6 +49,11 @@ class EncryptionPlugin(obnamlib.ObnamPlugin): + 'size of symmetric key, in bits', + metavar='BITS', + group=encryption_group) ++ self.app.settings.string( ++ ['gpg-homedir'], ++ 'home directory for GPG', ++ metavar='HOMEDIR', ++ group=encryption_group) + + self.tag = "encrypt1" + +@@ -87,7 +92,7 @@ class EncryptionPlugin(obnamlib.ObnamPlugin): + @property + def pubkey(self): + if self._pubkey is None: +- self._pubkey = obnamlib.get_public_key(self.keyid) ++ self._pubkey = obnamlib.get_public_key(self.keyid, gpghome=self.gpg_homedir) + return self._pubkey + + @property +@@ -98,6 +103,10 @@ class EncryptionPlugin(obnamlib.ObnamPlugin): + return '/dev/random' + + @property ++ def gpg_homedir(self): ++ return self.app.settings.get('gpg-homedir') ++ ++ @property + def symmetric_key_bits(self): + return int(self.app.settings['symmetric-key-bits'] or '256') + +@@ -139,7 +148,7 @@ class EncryptionPlugin(obnamlib.ObnamPlugin): + key = self._symkeys.get(repo, toplevel) + if key is None: + encoded = repo.get_fs().cat(os.path.join(toplevel, 'key')) +- key = obnamlib.decrypt_with_secret_keys(encoded) ++ key = obnamlib.decrypt_with_secret_keys(encoded, gpghome=self.gpg_homedir) + self._symkeys.put(repo, toplevel, key) + return key + +@@ -222,7 +231,7 @@ class EncryptionPlugin(obnamlib.ObnamPlugin): + def _get_key_string(self, keyid): + verbose = self.app.settings['key-details'] + if verbose: +- user_ids = obnamlib.get_public_key_user_ids(keyid) ++ user_ids = obnamlib.get_public_key_user_ids(keyid, gpghome=self.gpg_homedir) + if user_ids: + return "%s (%s)" % (keyid, ", ".join(user_ids)) + return str(keyid) +-- +2.5.1 + + +_______________________________________________ +obnam-dev mailing list +obnam-dev@obnam.org +http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org diff --git a/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999000.M301296P17339Q104.exolobe1 b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999000.M301296P17339Q104.exolobe1 new file mode 100644 index 0000000..a2ead32 --- /dev/null +++ b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999000.M301296P17339Q104.exolobe1 @@ -0,0 +1,142 @@ +Return-Path: +X-Original-To: distix@pieni.net +Delivered-To: distix@pieni.net +Received: from bagpuss.pepperfish.net (bagpuss.pepperfish.net [148.251.8.16]) + (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) + (No client certificate requested) + by pieni.net (Postfix) with ESMTPS id C58A02D9DB + for ; Sun, 11 Oct 2015 10:40:13 +0200 (CEST) +Received: from platypus.pepperfish.net (unknown [10.112.100.20]) + by bagpuss.pepperfish.net (Postfix) with ESMTP id 4C787256; + Sun, 11 Oct 2015 09:40:13 +0100 (BST) +Received: from ip6-localhost ([::1] helo=platypus.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1ZlCAv-0005VY-6u; Sun, 11 Oct 2015 09:40:13 +0100 +Received: from inmail0 ([10.112.100.10] helo=mx0.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1ZlCAt-0005VE-6f + for ; Sun, 11 Oct 2015 09:40:11 +0100 +Received: from pieni.net ([95.142.166.37] ident=postfix) + by mx0.pepperfish.net with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) + (Exim 4.80) (envelope-from ) id 1ZlCAr-0005tD-7J + for obnam-dev@obnam.org; Sun, 11 Oct 2015 09:40:11 +0100 +Received: from exolobe1.liw.fi (82-181-8-107.bb.dnainternet.fi [82.181.8.107]) + (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) + (No client certificate requested) + by pieni.net (Postfix) with ESMTPSA id 4C1642D9C1; + Sun, 11 Oct 2015 10:40:03 +0200 (CEST) +Received: from exolobe1.liw.fi (localhost [127.0.0.1]) + by exolobe1.liw.fi (Postfix) with ESMTPS id 95D314084D; + Sun, 11 Oct 2015 11:40:02 +0300 (EEST) +Date: Sun, 11 Oct 2015 11:40:01 +0300 +From: Lars Wirzenius +To: Lars Kruse +Message-ID: <20151011084001.GN2384@exolobe1.liw.fi> +References: <1441948936-12526-1-git-send-email-mathstuf@gmail.com> + <1443159474-27126-1-git-send-email-mathstuf@gmail.com> + <1443159474-27126-2-git-send-email-mathstuf@gmail.com> + <20150925131218.50af1dcd@erker.lan> +MIME-Version: 1.0 +Content-Type: text/plain; charset=iso-8859-1 +Content-Disposition: inline +Content-Transfer-Encoding: 8bit +In-Reply-To: <20150925131218.50af1dcd@erker.lan> +User-Agent: Mutt/1.5.23 (2014-03-12) +X-Spam-Score: -3.4 +X-Spam-Score-int: -33 +X-Spam-Bar: --- +X-Scanned-By: pepperfish.net, Sun, 11 Oct 2015 09:40:11 +0100 +X-Spam-Report: Content analysis details: (-3.4 points) + pts rule name description + ---- ---------------------- -------------------------------------------------- + -1.0 PPF_USER_AGENT_MUTT User-Agent: contains Mutt (Mutt isn't a spam + tool) -0.5 PPF_USER_AGENT User-Agent: exists + -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% + [score: 0.0000] +X-ACL-Warn: message may be spam +X-Scan-Signature: 78c34a7242bc3b0cdb4980a2406d4978 +Cc: obnam-dev@obnam.org +Subject: Re: [PATCH v4 1/4] encryption: refactor _gpg_pipe to use _gpg +X-BeenThere: obnam-dev@obnam.org +X-Mailman-Version: 2.1.5 +Precedence: list +List-Id: Obnam development discussions +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +Sender: obnam-dev-bounces@obnam.org +Errors-To: obnam-dev-bounces@obnam.org + +On Fri, Sep 25, 2015 at 01:12:18PM +0200, Lars Kruse wrote: +> Hi Ben, +> +> I appreciate the configurable gpg keyring directory without using +> GNUPGHOME as introduced by your patch! +> +> Even though I do not really feel entitled to comment on your patch, +> I feel the urge to ask a question. +> +> The following lines contain a catch-all except expression: +> +> + try: +> + out = _gpg(args + ['--passphrase-fd', str(keypipe[0])], stdin=data) +> + except: # pragma: no cover +> + ... +> +> As far as I understand the code of "_gpg", I would expect only OSError +> exceptions. Wouldn't it be sufficient to catch only this one? +> (catching things like NameError can be very confusing) + +Catching every type of exception with a bare "except:" is, in fact, +usually a mistake. It means that if there is a NameError or, in +extreme cases, a SyntaxError (in dynamically loaded code), it gets +caught. However, in a few special cases, it's still OK, and in this +case it's OK. The special case in this instance is this pattern: + + try: + do_something() + except: + do_cleanup_that_must_always_be_done() + raise + +The last line is important. It re-raises the original exception as if +there was ny try/except. The cleanup gets done anyway, and in Ben's +code it closes a file descriptior, and that needs to be done +regardless of what the error was. Otherwise, if upper layers of the +code catch the exception and continues running the program, the file +descriptor leaks and if this happens often enough, it results in the +process not being able to open new files. + +So I'm OK with this part of the code. (Haven't looked in detail the +rest, yet.) + +An example of a bare "except:" that I don't approve of: + + try: + do_some_input_output(foo) + except: + sys.stdout.write("Write error!!!!!!!\n" + sys.exit(1) + +In this case, the error message can be entirely wrong about the reason +of the error. If the variable foo doesn't exist, or has the wrong +type, or the function has the wrong number of arguments, or any other +such reason, the exception thrown is not because there was a write +error. The user will be confused. Worse, the programmer trying to +debug this will be confused. + +I now fully expect people to start pointing out places in my own code +where I've done that. That'd be good. + +-- +Schrödinger's backup hypothesis: the condition of any backup is +undefined until a restore is attempted. -- andrewsh + +_______________________________________________ +obnam-dev mailing list +obnam-dev@obnam.org +http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org diff --git a/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999003.M588228P17339Q136.exolobe1 b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999003.M588228P17339Q136.exolobe1 new file mode 100644 index 0000000..52a07dc --- /dev/null +++ b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999003.M588228P17339Q136.exolobe1 @@ -0,0 +1,247 @@ +Return-Path: +X-Original-To: distix@pieni.net +Delivered-To: distix@pieni.net +Received: from bagpuss.pepperfish.net (bagpuss.pepperfish.net [148.251.8.16]) + (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) + (No client certificate requested) + by pieni.net (Postfix) with ESMTPS id E8E0C2B875 + for ; Fri, 18 Sep 2015 06:04:52 +0200 (CEST) +Received: from platypus.pepperfish.net (unknown [10.112.100.20]) + by bagpuss.pepperfish.net (Postfix) with ESMTP id A652C5E6; + Fri, 18 Sep 2015 05:04:52 +0100 (BST) +Received: from ip6-localhost ([::1] helo=platypus.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1Zcmuq-0003Yf-Gz; Fri, 18 Sep 2015 05:04:52 +0100 +Received: from inmail0 ([10.112.100.10] helo=mx0.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1Zcmuo-0003YY-QA + for ; Fri, 18 Sep 2015 05:04:50 +0100 +Received: from mail-ig0-f171.google.com ([209.85.213.171]) + by mx0.pepperfish.net with esmtps (TLS1.2:RSA_ARCFOUR_SHA1:128) + (Exim 4.80) (envelope-from ) id 1Zcmum-0003Qe-L7 + for obnam-dev@obnam.org; Fri, 18 Sep 2015 05:04:50 +0100 +Received: by igxx6 with SMTP id x6so9583131igx.1 + for ; Thu, 17 Sep 2015 21:04:37 -0700 (PDT) +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; + h=from:to:cc:subject:date:message-id:in-reply-to:references; + bh=SZPlbnFoz2WA1Y7aYBNRmUBHpoPalHx4dGrkIkZ2Xic=; + b=pZuoVX9uqWU4Hgx6TYHWSH1/gN/lmxM09JxbK+ozItYp1w9WDUj0THw4mGHFuzvBrK + nBhM3sRBwLQNwP3/YLvmFFTgJW5hi2Jdx5WH48V7mQBfPBB/OPRpQnpZgQtfxwAapLYc + 21ED9ItgwobDsx7OWmzaJnGfKOaKTDwFGY/PqB4/JW8FcMCXcNa+OEax0xVR+ZW4jUJU + RjvDHiTRv+J83XPl/VQl4Ike9p0iCKfUAqCsccdSw2ENllIQC2GLI8a5ouJhXUpHEbTf + t19mobI9n1jck4MdbQdQtVhZtd9zW+0C2Gnz2SgSBczxBHWmcpdXfvwb7XEjwqidqPeB + fK4g== +X-Received: by 10.50.147.100 with SMTP id tj4mr12187146igb.65.1442549077079; + Thu, 17 Sep 2015 21:04:37 -0700 (PDT) +Received: from localhost (142.sub-70-209-132.myvzw.com. [70.209.132.142]) + by smtp.gmail.com with ESMTPSA id 10sm2869684ios.28.2015.09.17.21.04.34 + (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); + Thu, 17 Sep 2015 21:04:35 -0700 (PDT) +From: Ben Boeckel +To: obnam-dev@obnam.org +Date: Fri, 18 Sep 2015 00:04:31 -0400 +Message-Id: <1442549071-18185-1-git-send-email-mathstuf@gmail.com> +X-Mailer: git-send-email 2.5.2 +In-Reply-To: <1441948936-12526-1-git-send-email-mathstuf@gmail.com> +References: <1441948936-12526-1-git-send-email-mathstuf@gmail.com> +X-Spam-Score: -0.5 +X-Spam-Score-int: -4 +X-Spam-Bar: / +X-Scanned-By: pepperfish.net, Fri, 18 Sep 2015 05:04:50 +0100 +X-Spam-Report: Content analysis details: (-0.5 points) + pts rule name description + ---- ---------------------- -------------------------------------------------- + 1.0 PPF_FROM_CONTAINS_MAIL The From header contains 'mail' + 1.2 FREEMAIL_FROM Sender email is commonly abused enduser mail provider + (mathstuf[at]gmail.com) + -0.0 SPF_PASS SPF: sender matches SPF record + -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low + trust [209.85.213.171 listed in list.dnswl.org] + -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% + [score: 0.0000] + -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's + domain + 0.1 DKIM_SIGNED Message has a DKIM or DK signature, + not necessarily valid + -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature +X-ACL-Warn: message may be spam +X-Scan-Signature: 3a65bd579f2b3171584e0b992ac633f6 +Cc: Ben Boeckel +Subject: [PATCH v3] encryption_plugin: add a gnupghome configuration option +X-BeenThere: obnam-dev@obnam.org +X-Mailman-Version: 2.1.5 +Precedence: list +List-Id: Obnam development discussions +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +Sender: obnam-dev-bounces@obnam.org +Errors-To: obnam-dev-bounces@obnam.org + +Signed-off-by: Ben Boeckel +--- + obnam.1.in | 5 +++++ + obnamlib/plugins/encryption_plugin.py | 21 +++++++++++++++++---- + yarns/0060-encryption.yarn | 16 ++++++++++++++++ + yarns/9000-implements.yarn | 26 ++++++++++++++++++++++++++ + 4 files changed, 64 insertions(+), 4 deletions(-) + +diff --git a/obnam.1.in b/obnam.1.in +index bb9bd0e..65567ba 100644 +--- a/obnam.1.in ++++ b/obnam.1.in +@@ -426,6 +426,11 @@ and then tell + about it using the + .B \-\-encrypt\-with + option. ++You may optionally use a separate home directory using the ++.B \-\-gnupghome ++option. By default, the default directory for ++.BR gpg(1) ++will be used. + .SS "Configuration files" + .B obnam + will look for configuration files in a number of locations. +diff --git a/obnamlib/plugins/encryption_plugin.py b/obnamlib/plugins/encryption_plugin.py +index ec3bcca..9565b7e 100644 +--- a/obnamlib/plugins/encryption_plugin.py ++++ b/obnamlib/plugins/encryption_plugin.py +@@ -49,6 +49,12 @@ class EncryptionPlugin(obnamlib.ObnamPlugin): + 'size of symmetric key, in bits', + metavar='BITS', + group=encryption_group) ++ self.app.settings.string( ++ ['gnupghome'], ++ 'home directory for GPG', ++ metavar='HOMEDIR', ++ group=encryption_group, ++ default=None) + + self.tag = "encrypt1" + +@@ -87,7 +93,8 @@ class EncryptionPlugin(obnamlib.ObnamPlugin): + @property + def pubkey(self): + if self._pubkey is None: +- self._pubkey = obnamlib.get_public_key(self.keyid) ++ self._pubkey = obnamlib.get_public_key(self.keyid, ++ gpghome=self.gnupghome) + return self._pubkey + + @property +@@ -98,6 +105,10 @@ class EncryptionPlugin(obnamlib.ObnamPlugin): + return '/dev/random' + + @property ++ def gnupghome(self): ++ return self.app.settings['gnupghome'] ++ ++ @property + def symmetric_key_bits(self): + return int(self.app.settings['symmetric-key-bits'] or '256') + +@@ -139,7 +150,8 @@ class EncryptionPlugin(obnamlib.ObnamPlugin): + key = self._symkeys.get(repo, toplevel) + if key is None: + encoded = repo.get_fs().cat(os.path.join(toplevel, 'key')) +- key = obnamlib.decrypt_with_secret_keys(encoded) ++ key = obnamlib.decrypt_with_secret_keys(encoded, ++ gpghome=self.gnupghome) + self._symkeys.put(repo, toplevel, key) + return key + +@@ -222,7 +234,8 @@ class EncryptionPlugin(obnamlib.ObnamPlugin): + def _get_key_string(self, keyid): + verbose = self.app.settings['key-details'] + if verbose: +- user_ids = obnamlib.get_public_key_user_ids(keyid) ++ user_ids = obnamlib.get_public_key_user_ids(keyid, ++ gpghome=self.gnupghome) + if user_ids: + return "%s (%s)" % (keyid, ", ".join(user_ids)) + return str(keyid) +@@ -260,7 +273,7 @@ class EncryptionPlugin(obnamlib.ObnamPlugin): + self.app.settings.require('keyid') + repo = self.app.get_repository_object() + keyid = self.app.settings['keyid'] +- key = obnamlib.get_public_key(keyid) ++ key = obnamlib.get_public_key(keyid, gpghome=self.gnupghome) + clients = self._find_clientdirs(repo, args) + for toplevel in repo.get_shared_directories() + clients: + self.add_to_userkeys(repo, toplevel, key) +diff --git a/yarns/0060-encryption.yarn b/yarns/0060-encryption.yarn +index acbade8..6985f1f 100644 +--- a/yarns/0060-encryption.yarn ++++ b/yarns/0060-encryption.yarn +@@ -46,6 +46,22 @@ that encryption is done at the I/O abstraction level. + AND user U restores their latest generation in repository R into X + THEN L, restored to X, matches manifest M + ++Keys provided by a custom directory ++----------------------------------- ++ ++We'll make a simple backup and restore using encryption. If this ++works, we can probably assume that any other normal repository ++operations (those not part of encryption management) also work, given ++that encryption is done at the I/O abstraction level. ++ ++ SCENARIO encrypted backup and restore with a separate keyring ++ GIVEN user U separately uses encryption key "Test Key One" from test-data/keyring-1 ++ AND 128kB of new data in directory L ++ AND a manifest of L in M ++ WHEN user U backs up directory L to repository R ++ AND user U restores their latest generation in repository R into X ++ THEN L, restored to X, matches manifest M ++ + Adding and removing keys to clients + ----------------------------------- + +diff --git a/yarns/9000-implements.yarn b/yarns/9000-implements.yarn +index 204611c..4a03f3d 100644 +--- a/yarns/9000-implements.yarn ++++ b/yarns/9000-implements.yarn +@@ -231,6 +231,32 @@ use. We store that. + + add_to_config "$MATCH_1" encrypt-with "$MATCH_2" + ++Scenarios involving encryption may also use a private keyring directory. ++ ++ IMPLEMENTS GIVEN user (\S+) separately uses encryption key "(.*)" from (\S+) ++ if [ ! -e "$DATADIR/$MATCH_1.gnupg" ] ++ then ++ mkdir "$DATADIR/$MATCH_1.gnupg" ++ cp -a "$SRCDIR/$MATCH_3/." "$DATADIR/$MATCH_1.gnupg/." ++ add_to_config "$MATCH_1" gnupghome "$DATADIR/$MATCH_1.gnupg" ++ else ++ # Export public and secret keys from new keyring. ++ export GNUPGHOME="$SRCDIR/$MATCH_3" ++ gpg --export "$MATCH_2" > "$DATADIR/public.key" ++ gpg --export-secret-keys "$MATCH_2" > "$DATADIR/secret.key" ++ ++ # Import into the keyring uses for tests. ++ export GNUPGHOME="$DATADIR/$MATCH_1.gnupg" ++ gpg --import "$DATADIR/public.key" ++ gpg --import "$DATADIR/secret.key" ++ ++ # Use the configuration rather than the environment. ++ add_to_config "$MATCH_1" gnupghome "$GNUPGHOME" ++ unset GNUPGHOME ++ fi ++ ++ add_to_config "$MATCH_1" encrypt-with "$MATCH_2" ++ + Encryption scenarions, at least, also need users that pretend to be + someone else. + +-- +2.5.2 + + +_______________________________________________ +obnam-dev mailing list +obnam-dev@obnam.org +http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org diff --git a/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999004.M795209P17339Q148.exolobe1 b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999004.M795209P17339Q148.exolobe1 new file mode 100644 index 0000000..d0e766e --- /dev/null +++ b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999004.M795209P17339Q148.exolobe1 @@ -0,0 +1,265 @@ +Return-Path: +X-Original-To: distix@pieni.net +Delivered-To: distix@pieni.net +Received: from bagpuss.pepperfish.net (bagpuss.pepperfish.net [148.251.8.16]) + (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) + (No client certificate requested) + by pieni.net (Postfix) with ESMTPS id ABACC2B256 + for ; Fri, 25 Sep 2015 07:38:29 +0200 (CEST) +Received: from platypus.pepperfish.net (unknown [10.112.100.20]) + by bagpuss.pepperfish.net (Postfix) with ESMTP id 676A5BC4; + Fri, 25 Sep 2015 06:38:29 +0100 (BST) +Received: from ip6-localhost ([::1] helo=platypus.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1ZfLiH-0006xo-9h; Fri, 25 Sep 2015 06:38:29 +0100 +Received: from inmail0 ([10.112.100.10] helo=mx0.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1ZfLiF-0006xf-KG + for ; Fri, 25 Sep 2015 06:38:27 +0100 +Received: from mail-ig0-f173.google.com ([209.85.213.173]) + by mx0.pepperfish.net with esmtps (TLS1.2:RSA_ARCFOUR_SHA1:128) + (Exim 4.80) (envelope-from ) id 1ZfLiD-0005R2-Kr + for obnam-dev@obnam.org; Fri, 25 Sep 2015 06:38:27 +0100 +Received: by igbkq10 with SMTP id kq10so4586157igb.0 + for ; Thu, 24 Sep 2015 22:38:14 -0700 (PDT) +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; + h=from:to:cc:subject:date:message-id:in-reply-to:references; + bh=K+bKOZGoJTfuoDWhxGeQ4roXuZFjyh0PNGNPoa/ArrA=; + b=VHwKJm77Wl+3aqu9kaRV4kKJZ6/igkveIfLRpPAtDnZCeFEBxq15KUej2phUcGii/w + lOQZRluDBjhH60fKxiLh59/4zpiOnk12SWJIqEp+DNGw4jC4w+4srEwMALyvnjJAAxpk + DDpjaCP9QU72NgLtEtbWqeaAhDQEffMCRF4C2QR0UB3C5uqxIRSbCgC5dW7+w0qkW9yl + 0GJRjr5R3P8jdqyG7ng9qF4VXN3jhQIh9OUAZdAicudQVde2tSdvISHQ9/PZUCO04NXu + prde0bF/KqkJAAbC1dm1wbtD3VaZSQboNJzq2ML7C8QE+isUWXYVl+s4oFSf0u4Zlvpp + To4A== +X-Received: by 10.50.43.166 with SMTP id x6mr750850igl.89.1443159494208; + Thu, 24 Sep 2015 22:38:14 -0700 (PDT) +Received: from localhost (26.sub-70-209-128.myvzw.com. [70.209.128.26]) + by smtp.gmail.com with ESMTPSA id r40sm1045015ioe.20.2015.09.24.22.38.12 + (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); + Thu, 24 Sep 2015 22:38:13 -0700 (PDT) +From: Ben Boeckel +To: obnam-dev@obnam.org +Date: Fri, 25 Sep 2015 01:37:54 -0400 +Message-Id: <1443159474-27126-5-git-send-email-mathstuf@gmail.com> +X-Mailer: git-send-email 2.5.3 +In-Reply-To: <1443159474-27126-1-git-send-email-mathstuf@gmail.com> +References: <1441948936-12526-1-git-send-email-mathstuf@gmail.com> + <1443159474-27126-1-git-send-email-mathstuf@gmail.com> +X-Spam-Score: -0.5 +X-Spam-Score-int: -4 +X-Spam-Bar: / +X-Scanned-By: pepperfish.net, Fri, 25 Sep 2015 06:38:27 +0100 +X-Spam-Report: Content analysis details: (-0.5 points) + pts rule name description + ---- ---------------------- -------------------------------------------------- + 1.0 PPF_FROM_CONTAINS_MAIL The From header contains 'mail' + 1.2 FREEMAIL_FROM Sender email is commonly abused enduser mail provider + (mathstuf[at]gmail.com) + -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low + trust [209.85.213.173 listed in list.dnswl.org] + -0.0 SPF_PASS SPF: sender matches SPF record + -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% + [score: 0.0000] + -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's + domain + 0.1 DKIM_SIGNED Message has a DKIM or DK signature, + not necessarily valid + -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature +X-ACL-Warn: message may be spam +X-Scan-Signature: 9b7708930aaa5da1198bf3074de4387e +Cc: Ben Boeckel +Subject: [PATCH v4 4/4] encryption_plugin: add a gnupghome configuration + option +X-BeenThere: obnam-dev@obnam.org +X-Mailman-Version: 2.1.5 +Precedence: list +List-Id: Obnam development discussions +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +Sender: obnam-dev-bounces@obnam.org +Errors-To: obnam-dev-bounces@obnam.org + +Signed-off-by: Ben Boeckel +--- + obnam.1.in | 5 +++++ + obnamlib/plugins/encryption_plugin.py | 27 +++++++++++++++++++++------ + yarns/0060-encryption.yarn | 16 ++++++++++++++++ + yarns/9000-implements.yarn | 26 ++++++++++++++++++++++++++ + 4 files changed, 68 insertions(+), 6 deletions(-) + +diff --git a/obnam.1.in b/obnam.1.in +index 08ca79a..8a2de45 100644 +--- a/obnam.1.in ++++ b/obnam.1.in +@@ -426,6 +426,11 @@ and then tell + about it using the + .B \-\-encrypt\-with + option. ++You may optionally use a separate home directory using the ++.B \-\-gnupghome ++option. By default, the default directory for ++.BR gpg(1) ++will be used. + .SS "Configuration files" + .B obnam + will look for configuration files in a number of locations. +diff --git a/obnamlib/plugins/encryption_plugin.py b/obnamlib/plugins/encryption_plugin.py +index ec3bcca..8c8eecf 100644 +--- a/obnamlib/plugins/encryption_plugin.py ++++ b/obnamlib/plugins/encryption_plugin.py +@@ -49,6 +49,12 @@ class EncryptionPlugin(obnamlib.ObnamPlugin): + 'size of symmetric key, in bits', + metavar='BITS', + group=encryption_group) ++ self.app.settings.string( ++ ['gnupghome'], ++ 'home directory for GPG', ++ metavar='HOMEDIR', ++ group=encryption_group, ++ default=None) + + self.tag = "encrypt1" + +@@ -87,7 +93,8 @@ class EncryptionPlugin(obnamlib.ObnamPlugin): + @property + def pubkey(self): + if self._pubkey is None: +- self._pubkey = obnamlib.get_public_key(self.keyid) ++ self._pubkey = obnamlib.get_public_key(self.keyid, ++ gpghome=self.gnupghome) + return self._pubkey + + @property +@@ -98,6 +105,10 @@ class EncryptionPlugin(obnamlib.ObnamPlugin): + return '/dev/random' + + @property ++ def gnupghome(self): ++ return self.app.settings['gnupghome'] ++ ++ @property + def symmetric_key_bits(self): + return int(self.app.settings['symmetric-key-bits'] or '256') + +@@ -127,19 +138,22 @@ class EncryptionPlugin(obnamlib.ObnamPlugin): + + def filter_read(self, encrypted, repo, toplevel): + symmetric_key = self.get_symmetric_key(repo, toplevel) +- return obnamlib.decrypt_symmetric(encrypted, symmetric_key) ++ return obnamlib.decrypt_symmetric(encrypted, symmetric_key, ++ gpghome=self.gnupghome) + + def filter_write(self, cleartext, repo, toplevel): + if not self.keyid: + return cleartext + symmetric_key = self.get_symmetric_key(repo, toplevel) +- return obnamlib.encrypt_symmetric(cleartext, symmetric_key) ++ return obnamlib.encrypt_symmetric(cleartext, symmetric_key, ++ gpghome=self.gnupghome) + + def get_symmetric_key(self, repo, toplevel): + key = self._symkeys.get(repo, toplevel) + if key is None: + encoded = repo.get_fs().cat(os.path.join(toplevel, 'key')) +- key = obnamlib.decrypt_with_secret_keys(encoded) ++ key = obnamlib.decrypt_with_secret_keys(encoded, ++ gpghome=self.gnupghome) + self._symkeys.put(repo, toplevel, key) + return key + +@@ -222,7 +236,8 @@ class EncryptionPlugin(obnamlib.ObnamPlugin): + def _get_key_string(self, keyid): + verbose = self.app.settings['key-details'] + if verbose: +- user_ids = obnamlib.get_public_key_user_ids(keyid) ++ user_ids = obnamlib.get_public_key_user_ids(keyid, ++ gpghome=self.gnupghome) + if user_ids: + return "%s (%s)" % (keyid, ", ".join(user_ids)) + return str(keyid) +@@ -260,7 +275,7 @@ class EncryptionPlugin(obnamlib.ObnamPlugin): + self.app.settings.require('keyid') + repo = self.app.get_repository_object() + keyid = self.app.settings['keyid'] +- key = obnamlib.get_public_key(keyid) ++ key = obnamlib.get_public_key(keyid, gpghome=self.gnupghome) + clients = self._find_clientdirs(repo, args) + for toplevel in repo.get_shared_directories() + clients: + self.add_to_userkeys(repo, toplevel, key) +diff --git a/yarns/0060-encryption.yarn b/yarns/0060-encryption.yarn +index acbade8..6985f1f 100644 +--- a/yarns/0060-encryption.yarn ++++ b/yarns/0060-encryption.yarn +@@ -46,6 +46,22 @@ that encryption is done at the I/O abstraction level. + AND user U restores their latest generation in repository R into X + THEN L, restored to X, matches manifest M + ++Keys provided by a custom directory ++----------------------------------- ++ ++We'll make a simple backup and restore using encryption. If this ++works, we can probably assume that any other normal repository ++operations (those not part of encryption management) also work, given ++that encryption is done at the I/O abstraction level. ++ ++ SCENARIO encrypted backup and restore with a separate keyring ++ GIVEN user U separately uses encryption key "Test Key One" from test-data/keyring-1 ++ AND 128kB of new data in directory L ++ AND a manifest of L in M ++ WHEN user U backs up directory L to repository R ++ AND user U restores their latest generation in repository R into X ++ THEN L, restored to X, matches manifest M ++ + Adding and removing keys to clients + ----------------------------------- + +diff --git a/yarns/9000-implements.yarn b/yarns/9000-implements.yarn +index 204611c..4a03f3d 100644 +--- a/yarns/9000-implements.yarn ++++ b/yarns/9000-implements.yarn +@@ -231,6 +231,32 @@ use. We store that. + + add_to_config "$MATCH_1" encrypt-with "$MATCH_2" + ++Scenarios involving encryption may also use a private keyring directory. ++ ++ IMPLEMENTS GIVEN user (\S+) separately uses encryption key "(.*)" from (\S+) ++ if [ ! -e "$DATADIR/$MATCH_1.gnupg" ] ++ then ++ mkdir "$DATADIR/$MATCH_1.gnupg" ++ cp -a "$SRCDIR/$MATCH_3/." "$DATADIR/$MATCH_1.gnupg/." ++ add_to_config "$MATCH_1" gnupghome "$DATADIR/$MATCH_1.gnupg" ++ else ++ # Export public and secret keys from new keyring. ++ export GNUPGHOME="$SRCDIR/$MATCH_3" ++ gpg --export "$MATCH_2" > "$DATADIR/public.key" ++ gpg --export-secret-keys "$MATCH_2" > "$DATADIR/secret.key" ++ ++ # Import into the keyring uses for tests. ++ export GNUPGHOME="$DATADIR/$MATCH_1.gnupg" ++ gpg --import "$DATADIR/public.key" ++ gpg --import "$DATADIR/secret.key" ++ ++ # Use the configuration rather than the environment. ++ add_to_config "$MATCH_1" gnupghome "$GNUPGHOME" ++ unset GNUPGHOME ++ fi ++ ++ add_to_config "$MATCH_1" encrypt-with "$MATCH_2" ++ + Encryption scenarions, at least, also need users that pretend to be + someone else. + +-- +2.5.3 + + +_______________________________________________ +obnam-dev mailing list +obnam-dev@obnam.org +http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org diff --git a/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999004.M855444P17339Q149.exolobe1 b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999004.M855444P17339Q149.exolobe1 new file mode 100644 index 0000000..5bf2e31 --- /dev/null +++ b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999004.M855444P17339Q149.exolobe1 @@ -0,0 +1,110 @@ +Return-Path: +X-Original-To: distix@pieni.net +Delivered-To: distix@pieni.net +Received: from bagpuss.pepperfish.net (bagpuss.pepperfish.net [148.251.8.16]) + (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) + (No client certificate requested) + by pieni.net (Postfix) with ESMTPS id 359352E0EF + for ; Fri, 11 Sep 2015 07:22:49 +0200 (CEST) +Received: from platypus.pepperfish.net (unknown [10.112.100.20]) + by bagpuss.pepperfish.net (Postfix) with ESMTP id E9313CC4; + Fri, 11 Sep 2015 06:22:48 +0100 (BST) +Received: from ip6-localhost ([::1] helo=platypus.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1ZaGnQ-0007Vt-R5; Fri, 11 Sep 2015 06:22:48 +0100 +Received: from inmail0 ([10.112.100.10] helo=mx0.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1ZaGnP-0007Vm-KN + for ; Fri, 11 Sep 2015 06:22:47 +0100 +Received: from mail-ig0-f177.google.com ([209.85.213.177]) + by mx0.pepperfish.net with esmtps (TLS1.2:RSA_ARCFOUR_SHA1:128) + (Exim 4.80) (envelope-from ) id 1ZaGnN-0004In-UQ + for obnam-dev@obnam.org; Fri, 11 Sep 2015 06:22:47 +0100 +Received: by igbni9 with SMTP id ni9so31749585igb.0 + for ; Thu, 10 Sep 2015 22:22:34 -0700 (PDT) +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; + h=from:to:cc:subject:date:message-id:in-reply-to:references; + bh=cAq7U358eL4gkwtdpXXXe4FL/Aku5cT37p8BhOF+8p8=; + b=THxlBsPMIpB4FNMXkBLBjqAW95HJtV8vWN+35Rhbok7PM/9bLknUlNqa95hBW0+Kwu + qNm6Do3shxt+J8S15WeYBKsBY3Ni/eWKAOptuhtL3+ByT2T2Sf6kyG1DnnjgaFLJGpxg + kaVRZVmX2cn4R5AwxIpyoExbFnM6fKfnRos678ErxOj0xpiStXzim+cC9mNtZFuzPgLU + SyEzwTjlL0trTh+3kbrr/N5lNIv/SHcvI8wV2rCcU03DPn3QT4+/apkUckXnlhWXd8GO + /itYXgknCV5PN2Kz30JUuAfeCiHFUlj1dL9bpTAc+CCVvAFoCoA0Zj154dDF+C0cOmyE + /3Xg== +X-Received: by 10.50.30.197 with SMTP id u5mr12925144igh.9.1441948953985; + Thu, 10 Sep 2015 22:22:33 -0700 (PDT) +Received: from localhost (45.sub-70-209-135.myvzw.com. [70.209.135.45]) + by smtp.gmail.com with ESMTPSA id qh9sm5894470igb.20.2015.09.10.22.22.32 + (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); + Thu, 10 Sep 2015 22:22:33 -0700 (PDT) +From: Ben Boeckel +To: obnam-dev@obnam.org +Date: Fri, 11 Sep 2015 01:22:15 -0400 +Message-Id: <1441948936-12526-3-git-send-email-mathstuf@gmail.com> +X-Mailer: git-send-email 2.5.1 +In-Reply-To: <1441948936-12526-1-git-send-email-mathstuf@gmail.com> +References: <1441948936-12526-1-git-send-email-mathstuf@gmail.com> +X-Spam-Score: -0.5 +X-Spam-Score-int: -4 +X-Spam-Bar: / +X-Scanned-By: pepperfish.net, Fri, 11 Sep 2015 06:22:47 +0100 +X-Spam-Report: Content analysis details: (-0.5 points) + pts rule name description + ---- ---------------------- -------------------------------------------------- + 1.0 PPF_FROM_CONTAINS_MAIL The From header contains 'mail' + 1.2 FREEMAIL_FROM Sender email is commonly abused enduser mail provider + (mathstuf[at]gmail.com) + -0.0 SPF_PASS SPF: sender matches SPF record + -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% + [score: 0.0000] + -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's + domain + 0.1 DKIM_SIGNED Message has a DKIM or DK signature, + not necessarily valid + -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature + -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low + trust [209.85.213.177 listed in list.dnswl.org] +X-ACL-Warn: message may be spam +X-Scan-Signature: b517e40c42efa162324c1c57390347c8 +Cc: Ben Boeckel +Subject: [PATCH 2/3] manpage: remove rogue trailing whitespace +X-BeenThere: obnam-dev@obnam.org +X-Mailman-Version: 2.1.5 +Precedence: list +List-Id: Obnam development discussions +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +Sender: obnam-dev-bounces@obnam.org +Errors-To: obnam-dev-bounces@obnam.org + +Signed-off-by: Ben Boeckel +--- + obnam.1.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/obnam.1.in b/obnam.1.in +index 71772d5..e2d0dde 100644 +--- a/obnam.1.in ++++ b/obnam.1.in +@@ -628,7 +628,7 @@ fusermount -u my-fuse + .SH "SEE ALSO" + .B obnam + comes with a manual in HTML and PDF forms. +-See ++See + .I /usr/share/doc/obnam + if you have Obnam installed system-wide, + or in the subdirectory +-- +2.5.1 + + +_______________________________________________ +obnam-dev mailing list +obnam-dev@obnam.org +http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org diff --git a/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999005.M814956P17339Q159.exolobe1 b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999005.M814956P17339Q159.exolobe1 new file mode 100644 index 0000000..01350e7 --- /dev/null +++ b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999005.M814956P17339Q159.exolobe1 @@ -0,0 +1,105 @@ +Return-Path: +X-Original-To: distix@pieni.net +Delivered-To: distix@pieni.net +Received: from bagpuss.pepperfish.net (bagpuss.pepperfish.net [148.251.8.16]) + (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) + (No client certificate requested) + by pieni.net (Postfix) with ESMTPS id 8B56D2EA3F + for ; Tue, 15 Sep 2015 03:01:24 +0200 (CEST) +Received: from platypus.pepperfish.net (unknown [10.112.100.20]) + by bagpuss.pepperfish.net (Postfix) with ESMTP id B2D6E10B; + Tue, 15 Sep 2015 02:01:23 +0100 (BST) +Received: from ip6-localhost ([::1] helo=platypus.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1Zbecd-00044K-JC; Tue, 15 Sep 2015 02:01:23 +0100 +Received: from inmail0 ([10.112.100.10] helo=mx0.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1Zbecb-00044E-At + for ; Tue, 15 Sep 2015 02:01:21 +0100 +Received: from mail-ig0-f170.google.com ([209.85.213.170]) + by mx0.pepperfish.net with esmtps (TLS1.2:RSA_ARCFOUR_SHA1:128) + (Exim 4.80) (envelope-from ) id 1ZbecZ-0005BE-4q + for obnam-dev@obnam.org; Tue, 15 Sep 2015 02:01:21 +0100 +Received: by igcrk20 with SMTP id rk20so4558222igc.1 + for ; Mon, 14 Sep 2015 18:01:07 -0700 (PDT) +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; + h=from:to:cc:subject:date:message-id:in-reply-to:references; + bh=470fW0OB69D+0ZQiOceVsZH2zVFiQ9ATu4yOwUj+uJM=; + b=o1WzdRQwuJUboaONAEgmqPNBm1fJAhxgc3H2dWp2k/IWrZMHAE7Ayk/5LG5wJ0jLCn + A6eRN1yIXdaGCU3966MLtx7hIH1I2SDcjoxDeMuvXfimVcz5TCLaPzGwq3yKAmoyMDSF + t+mGd+70ZpOUAFqytaeILMDxGOusmdgVZnB2vzX4wk014mdGvn+oLiJN+aK9nN9NhdLb + a2EkcSJV3JQ0CD1caoyZFUjRhaW3Z2PtHyN3pu33832Xq4K1K5abvWjfRLsEIHAk4bnu + jJEMx+C3Wm06m6RxP2NPaxyR7RSsqr+N4u1b4pgrrVCuDOQ/LViI2i1gmdBRNPHomANd + QUaA== +X-Received: by 10.50.70.67 with SMTP id k3mr1165307igu.76.1442278866750; + Mon, 14 Sep 2015 18:01:06 -0700 (PDT) +Received: from localhost (179.sub-70-209-135.myvzw.com. [70.209.135.179]) + by smtp.gmail.com with ESMTPSA id a193sm5180229ioe.37.2015.09.14.18.01.04 + (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); + Mon, 14 Sep 2015 18:01:05 -0700 (PDT) +From: Ben Boeckel +To: obnam-dev@obnam.org +Date: Mon, 14 Sep 2015 21:00:56 -0400 +Message-Id: <1442278857-352-1-git-send-email-mathstuf@gmail.com> +X-Mailer: git-send-email 2.5.2 +In-Reply-To: <1441948936-12526-1-git-send-email-mathstuf@gmail.com> +References: <1441948936-12526-1-git-send-email-mathstuf@gmail.com> +X-Spam-Score: -0.5 +X-Spam-Score-int: -4 +X-Spam-Bar: / +X-Scanned-By: pepperfish.net, Tue, 15 Sep 2015 02:01:21 +0100 +X-Spam-Report: Content analysis details: (-0.5 points) + pts rule name description + ---- ---------------------- -------------------------------------------------- + 1.0 PPF_FROM_CONTAINS_MAIL The From header contains 'mail' + 1.2 FREEMAIL_FROM Sender email is commonly abused enduser mail provider + (mathstuf[at]gmail.com) + -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low + trust [209.85.213.170 listed in list.dnswl.org] + -0.0 SPF_PASS SPF: sender matches SPF record + -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% + [score: 0.0000] + -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's + domain + 0.1 DKIM_SIGNED Message has a DKIM or DK signature, + not necessarily valid + -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature +X-ACL-Warn: message may be spam +X-Scan-Signature: 7dc7a8a4720feec014ee0c5052b99ae1 +Cc: Ben Boeckel +Subject: [PATCH v2] Support obnam-specific GPGHOMEDIR +X-BeenThere: obnam-dev@obnam.org +X-Mailman-Version: 2.1.5 +Precedence: list +List-Id: Obnam development discussions +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +Sender: obnam-dev-bounces@obnam.org +Errors-To: obnam-dev-bounces@obnam.org + +Now with a yarn test :) . + +--Ben + +Ben Boeckel (1): + encryption_plugin: add a gnupghome configuration option + + obnam.1.in | 5 +++++ + obnamlib/plugins/encryption_plugin.py | 22 ++++++++++++++++++---- + yarns/0060-encryption.yarn | 16 ++++++++++++++++ + yarns/9000-implements.yarn | 26 ++++++++++++++++++++++++++ + 4 files changed, 65 insertions(+), 4 deletions(-) + +-- +2.5.2 + + +_______________________________________________ +obnam-dev mailing list +obnam-dev@obnam.org +http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org diff --git a/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999007.M820687P17339Q179.exolobe1 b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999007.M820687P17339Q179.exolobe1 new file mode 100644 index 0000000..d73caa4 --- /dev/null +++ b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999007.M820687P17339Q179.exolobe1 @@ -0,0 +1,177 @@ +Return-Path: +X-Original-To: distix@pieni.net +Delivered-To: distix@pieni.net +Received: from bagpuss.pepperfish.net (bagpuss.pepperfish.net [148.251.8.16]) + (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) + (No client certificate requested) + by pieni.net (Postfix) with ESMTPS id 8ECF12E37C + for ; Sat, 12 Sep 2015 21:03:01 +0200 (CEST) +Received: from platypus.pepperfish.net (unknown [10.112.100.20]) + by bagpuss.pepperfish.net (Postfix) with ESMTP id 01E5EA27; + Sat, 12 Sep 2015 20:03:01 +0100 (BST) +Received: from ip6-localhost ([::1] helo=platypus.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1Zaq4i-0000sk-T7; Sat, 12 Sep 2015 20:03:00 +0100 +Received: from inmail0 ([10.112.100.10] helo=mx0.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1Zaq4h-0000sV-B3 + for ; Sat, 12 Sep 2015 20:02:59 +0100 +Received: from pieni.net ([95.142.166.37] ident=postfix) + by mx0.pepperfish.net with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) + (Exim 4.80) (envelope-from ) id 1Zaq4e-0003PY-Ig + for obnam-dev@obnam.org; Sat, 12 Sep 2015 20:02:59 +0100 +Received: from exolobe1.liw.fi (82-181-8-107.bb.dnainternet.fi [82.181.8.107]) + (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) + (No client certificate requested) + by pieni.net (Postfix) with ESMTPSA id CCBE92E1C4; + Sat, 12 Sep 2015 21:02:48 +0200 (CEST) +Received: from exolobe1.liw.fi (localhost [127.0.0.1]) + by exolobe1.liw.fi (Postfix) with ESMTPS id 2A1EB402C2; + Sat, 12 Sep 2015 22:02:48 +0300 (EEST) +Date: Sat, 12 Sep 2015 22:02:47 +0300 +From: Lars Wirzenius +To: Ben Boeckel +Message-ID: <20150912190247.GA11279@exolobe1.liw.fi> +References: <1441948936-12526-1-git-send-email-mathstuf@gmail.com> + <1441948936-12526-2-git-send-email-mathstuf@gmail.com> +MIME-Version: 1.0 +Content-Type: text/plain; charset=iso-8859-1 +Content-Disposition: inline +Content-Transfer-Encoding: 8bit +In-Reply-To: <1441948936-12526-2-git-send-email-mathstuf@gmail.com> +User-Agent: Mutt/1.5.23 (2014-03-12) +X-Spam-Score: -3.4 +X-Spam-Score-int: -33 +X-Spam-Bar: --- +X-Scanned-By: pepperfish.net, Sat, 12 Sep 2015 20:02:59 +0100 +X-Spam-Report: Content analysis details: (-3.4 points) + pts rule name description + ---- ---------------------- -------------------------------------------------- + -1.0 PPF_USER_AGENT_MUTT User-Agent: contains Mutt (Mutt isn't a spam + tool) -0.5 PPF_USER_AGENT User-Agent: exists + -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% + [score: 0.0000] +X-ACL-Warn: message may be spam +X-Scan-Signature: 805eda458b26030fb35277d5bf2b304c +Cc: obnam-dev@obnam.org +Subject: Re: [PATCH 1/3] encryption_plugin: add a gpg-homedir configuration + option +X-BeenThere: obnam-dev@obnam.org +X-Mailman-Version: 2.1.5 +Precedence: list +List-Id: Obnam development discussions +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +Sender: obnam-dev-bounces@obnam.org +Errors-To: obnam-dev-bounces@obnam.org + +I've applied the other two patches, thank you. I am not sure about +this patch, to add --gpg-homedir. Is it not enough to just set +GNUPGHOME in the environment? I guess it might be easier to set it in +a config file and not have to set the environment variable on each +obnam invocation. + +If the setting is added, I'd rather it was called --gnupghome, to +mirror the environment variable. It'd also be nice to have a test that +it works correctly. Could you update the patch to rename the setting? + +On Fri, Sep 11, 2015 at 01:22:14AM -0400, Ben Boeckel wrote: +> Signed-off-by: Ben Boeckel +> --- +> obnam.1.in | 5 +++++ +> obnamlib/plugins/encryption_plugin.py | 15 ++++++++++++--- +> 2 files changed, 17 insertions(+), 3 deletions(-) +> +> diff --git a/obnam.1.in b/obnam.1.in +> index bb9bd0e..71772d5 100644 +> --- a/obnam.1.in +> +++ b/obnam.1.in +> @@ -426,6 +426,11 @@ and then tell +> about it using the +> .B \-\-encrypt\-with +> option. +> +You may optionally use a separate home directory using the +> +.B \-\-gpg-homedir +> +option. By default, the default directory for +> +.BR gpg(1) +> +will be used. +> .SS "Configuration files" +> .B obnam +> will look for configuration files in a number of locations. +> diff --git a/obnamlib/plugins/encryption_plugin.py b/obnamlib/plugins/encryption_plugin.py +> index ec3bcca..6e7c2b1 100644 +> --- a/obnamlib/plugins/encryption_plugin.py +> +++ b/obnamlib/plugins/encryption_plugin.py +> @@ -49,6 +49,11 @@ class EncryptionPlugin(obnamlib.ObnamPlugin): +> 'size of symmetric key, in bits', +> metavar='BITS', +> group=encryption_group) +> + self.app.settings.string( +> + ['gpg-homedir'], +> + 'home directory for GPG', +> + metavar='HOMEDIR', +> + group=encryption_group) +> +> self.tag = "encrypt1" +> +> @@ -87,7 +92,7 @@ class EncryptionPlugin(obnamlib.ObnamPlugin): +> @property +> def pubkey(self): +> if self._pubkey is None: +> - self._pubkey = obnamlib.get_public_key(self.keyid) +> + self._pubkey = obnamlib.get_public_key(self.keyid, gpghome=self.gpg_homedir) +> return self._pubkey +> +> @property +> @@ -98,6 +103,10 @@ class EncryptionPlugin(obnamlib.ObnamPlugin): +> return '/dev/random' +> +> @property +> + def gpg_homedir(self): +> + return self.app.settings.get('gpg-homedir') +> + +> + @property +> def symmetric_key_bits(self): +> return int(self.app.settings['symmetric-key-bits'] or '256') +> +> @@ -139,7 +148,7 @@ class EncryptionPlugin(obnamlib.ObnamPlugin): +> key = self._symkeys.get(repo, toplevel) +> if key is None: +> encoded = repo.get_fs().cat(os.path.join(toplevel, 'key')) +> - key = obnamlib.decrypt_with_secret_keys(encoded) +> + key = obnamlib.decrypt_with_secret_keys(encoded, gpghome=self.gpg_homedir) +> self._symkeys.put(repo, toplevel, key) +> return key +> +> @@ -222,7 +231,7 @@ class EncryptionPlugin(obnamlib.ObnamPlugin): +> def _get_key_string(self, keyid): +> verbose = self.app.settings['key-details'] +> if verbose: +> - user_ids = obnamlib.get_public_key_user_ids(keyid) +> + user_ids = obnamlib.get_public_key_user_ids(keyid, gpghome=self.gpg_homedir) +> if user_ids: +> return "%s (%s)" % (keyid, ", ".join(user_ids)) +> return str(keyid) +> -- +> 2.5.1 +> +> +> _______________________________________________ +> obnam-dev mailing list +> obnam-dev@obnam.org +> http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org +> + +-- +Schrödinger's backup hypothesis: the condition of any backup is +undefined until a restore is attempted. -- andrewsh + +_______________________________________________ +obnam-dev mailing list +obnam-dev@obnam.org +http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org diff --git a/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999011.M423676P17339Q233.exolobe1 b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999011.M423676P17339Q233.exolobe1 new file mode 100644 index 0000000..eb2c772 --- /dev/null +++ b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999011.M423676P17339Q233.exolobe1 @@ -0,0 +1,249 @@ +Return-Path: +X-Original-To: distix@pieni.net +Delivered-To: distix@pieni.net +Received: from bagpuss.pepperfish.net (bagpuss.pepperfish.net [148.251.8.16]) + (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) + (No client certificate requested) + by pieni.net (Postfix) with ESMTPS id A6F462389D + for ; Tue, 15 Sep 2015 03:01:28 +0200 (CEST) +Received: from platypus.pepperfish.net (unknown [10.112.100.20]) + by bagpuss.pepperfish.net (Postfix) with ESMTP id 521562BE; + Tue, 15 Sep 2015 02:01:28 +0100 (BST) +Received: from ip6-localhost ([::1] helo=platypus.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1Zbeci-00044i-6m; Tue, 15 Sep 2015 02:01:28 +0100 +Received: from inmail0 ([10.112.100.10] helo=mx0.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1Zbecg-00044c-LC + for ; Tue, 15 Sep 2015 02:01:26 +0100 +Received: from mail-io0-f181.google.com ([209.85.223.181]) + by mx0.pepperfish.net with esmtps (TLS1.2:RSA_ARCFOUR_SHA1:128) + (Exim 4.80) (envelope-from ) id 1Zbece-0005BF-Ki + for obnam-dev@obnam.org; Tue, 15 Sep 2015 02:01:26 +0100 +Received: by ioiz6 with SMTP id z6so185150411ioi.2 + for ; Mon, 14 Sep 2015 18:01:13 -0700 (PDT) +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; + h=from:to:cc:subject:date:message-id:in-reply-to:references; + bh=n5E0A1ogB7br/Mfoam/NDBDq8XJLXefyvgjY96z2AXY=; + b=Nm4fCggDaoC5VBgZ2neQ+sWpX+lqwIrf1ovyNlsT3tgpVddETGAE29iU3uXskScTup + cswrungZfve29ITa3uDh6RRiTE7bf/kbOBxIYCm6xC51+1SJd/n6jvzeeI+uNdgK87x6 + 5DOLEmtopfOwk4P7HXTWTCZjkPpB3RvG2qv7umiuzbbsMaTSSRCQV7FdoIeNMrU0D70q + UDb9VdgTD/LgY/aOlfGd2azbBYAP34xxRza7GFehwyqoqUBzC7MDnnECduhnN/9nrikZ + ggk8Vvv/d8FqwcUHDhy/BwW2cODaxz0cPITffJw99RUiQf92j9NhPM7nCMl12n7hMtsc + Q0ww== +X-Received: by 10.107.164.38 with SMTP id n38mr27283916ioe.45.1442278872846; + Mon, 14 Sep 2015 18:01:12 -0700 (PDT) +Received: from localhost (179.sub-70-209-135.myvzw.com. [70.209.135.179]) + by smtp.gmail.com with ESMTPSA id b16sm784313iob.39.2015.09.14.18.01.11 + (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); + Mon, 14 Sep 2015 18:01:11 -0700 (PDT) +From: Ben Boeckel +To: obnam-dev@obnam.org +Date: Mon, 14 Sep 2015 21:00:57 -0400 +Message-Id: <1442278857-352-2-git-send-email-mathstuf@gmail.com> +X-Mailer: git-send-email 2.5.2 +In-Reply-To: <1442278857-352-1-git-send-email-mathstuf@gmail.com> +References: <1441948936-12526-1-git-send-email-mathstuf@gmail.com> + <1442278857-352-1-git-send-email-mathstuf@gmail.com> +X-Spam-Score: -0.5 +X-Spam-Score-int: -4 +X-Spam-Bar: / +X-Scanned-By: pepperfish.net, Tue, 15 Sep 2015 02:01:26 +0100 +X-Spam-Report: Content analysis details: (-0.5 points) + pts rule name description + ---- ---------------------- -------------------------------------------------- + 1.0 PPF_FROM_CONTAINS_MAIL The From header contains 'mail' + 1.2 FREEMAIL_FROM Sender email is commonly abused enduser mail provider + (mathstuf[at]gmail.com) + -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low + trust [209.85.223.181 listed in list.dnswl.org] + -0.0 SPF_PASS SPF: sender matches SPF record + -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% + [score: 0.0000] + -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's + domain + 0.1 DKIM_SIGNED Message has a DKIM or DK signature, + not necessarily valid + -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature +X-ACL-Warn: message may be spam +X-Scan-Signature: de97edb17eef4c57d29e13fd2fad1a5b +Cc: Ben Boeckel +Subject: [PATCH v2] encryption_plugin: add a gnupghome configuration option +X-BeenThere: obnam-dev@obnam.org +X-Mailman-Version: 2.1.5 +Precedence: list +List-Id: Obnam development discussions +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +Sender: obnam-dev-bounces@obnam.org +Errors-To: obnam-dev-bounces@obnam.org + +Signed-off-by: Ben Boeckel +--- + obnam.1.in | 5 +++++ + obnamlib/plugins/encryption_plugin.py | 22 ++++++++++++++++++---- + yarns/0060-encryption.yarn | 16 ++++++++++++++++ + yarns/9000-implements.yarn | 26 ++++++++++++++++++++++++++ + 4 files changed, 65 insertions(+), 4 deletions(-) + +diff --git a/obnam.1.in b/obnam.1.in +index bb9bd0e..65567ba 100644 +--- a/obnam.1.in ++++ b/obnam.1.in +@@ -426,6 +426,11 @@ and then tell + about it using the + .B \-\-encrypt\-with + option. ++You may optionally use a separate home directory using the ++.B \-\-gnupghome ++option. By default, the default directory for ++.BR gpg(1) ++will be used. + .SS "Configuration files" + .B obnam + will look for configuration files in a number of locations. +diff --git a/obnamlib/plugins/encryption_plugin.py b/obnamlib/plugins/encryption_plugin.py +index ec3bcca..3c3ad94 100644 +--- a/obnamlib/plugins/encryption_plugin.py ++++ b/obnamlib/plugins/encryption_plugin.py +@@ -49,6 +49,12 @@ class EncryptionPlugin(obnamlib.ObnamPlugin): + 'size of symmetric key, in bits', + metavar='BITS', + group=encryption_group) ++ self.app.settings.string( ++ ['gnupghome'], ++ 'home directory for GPG', ++ metavar='HOMEDIR', ++ group=encryption_group, ++ default=None) + + self.tag = "encrypt1" + +@@ -87,7 +93,8 @@ class EncryptionPlugin(obnamlib.ObnamPlugin): + @property + def pubkey(self): + if self._pubkey is None: +- self._pubkey = obnamlib.get_public_key(self.keyid) ++ self._pubkey = obnamlib.get_public_key(self.keyid, ++ gpghome=self.gnupghome) + return self._pubkey + + @property +@@ -98,6 +105,11 @@ class EncryptionPlugin(obnamlib.ObnamPlugin): + return '/dev/random' + + @property ++ def gnupghome(self): ++ print 'gnupghome', self.app.settings['gnupghome'] ++ return self.app.settings['gnupghome'] ++ ++ @property + def symmetric_key_bits(self): + return int(self.app.settings['symmetric-key-bits'] or '256') + +@@ -139,7 +151,8 @@ class EncryptionPlugin(obnamlib.ObnamPlugin): + key = self._symkeys.get(repo, toplevel) + if key is None: + encoded = repo.get_fs().cat(os.path.join(toplevel, 'key')) +- key = obnamlib.decrypt_with_secret_keys(encoded) ++ key = obnamlib.decrypt_with_secret_keys(encoded, ++ gpghome=self.gnupghome) + self._symkeys.put(repo, toplevel, key) + return key + +@@ -222,7 +235,8 @@ class EncryptionPlugin(obnamlib.ObnamPlugin): + def _get_key_string(self, keyid): + verbose = self.app.settings['key-details'] + if verbose: +- user_ids = obnamlib.get_public_key_user_ids(keyid) ++ user_ids = obnamlib.get_public_key_user_ids(keyid, ++ gpghome=self.gnupghome) + if user_ids: + return "%s (%s)" % (keyid, ", ".join(user_ids)) + return str(keyid) +@@ -260,7 +274,7 @@ class EncryptionPlugin(obnamlib.ObnamPlugin): + self.app.settings.require('keyid') + repo = self.app.get_repository_object() + keyid = self.app.settings['keyid'] +- key = obnamlib.get_public_key(keyid) ++ key = obnamlib.get_public_key(keyid, gpghome=self.gnupghome) + clients = self._find_clientdirs(repo, args) + for toplevel in repo.get_shared_directories() + clients: + self.add_to_userkeys(repo, toplevel, key) +diff --git a/yarns/0060-encryption.yarn b/yarns/0060-encryption.yarn +index acbade8..6985f1f 100644 +--- a/yarns/0060-encryption.yarn ++++ b/yarns/0060-encryption.yarn +@@ -46,6 +46,22 @@ that encryption is done at the I/O abstraction level. + AND user U restores their latest generation in repository R into X + THEN L, restored to X, matches manifest M + ++Keys provided by a custom directory ++----------------------------------- ++ ++We'll make a simple backup and restore using encryption. If this ++works, we can probably assume that any other normal repository ++operations (those not part of encryption management) also work, given ++that encryption is done at the I/O abstraction level. ++ ++ SCENARIO encrypted backup and restore with a separate keyring ++ GIVEN user U separately uses encryption key "Test Key One" from test-data/keyring-1 ++ AND 128kB of new data in directory L ++ AND a manifest of L in M ++ WHEN user U backs up directory L to repository R ++ AND user U restores their latest generation in repository R into X ++ THEN L, restored to X, matches manifest M ++ + Adding and removing keys to clients + ----------------------------------- + +diff --git a/yarns/9000-implements.yarn b/yarns/9000-implements.yarn +index 204611c..4a03f3d 100644 +--- a/yarns/9000-implements.yarn ++++ b/yarns/9000-implements.yarn +@@ -231,6 +231,32 @@ use. We store that. + + add_to_config "$MATCH_1" encrypt-with "$MATCH_2" + ++Scenarios involving encryption may also use a private keyring directory. ++ ++ IMPLEMENTS GIVEN user (\S+) separately uses encryption key "(.*)" from (\S+) ++ if [ ! -e "$DATADIR/$MATCH_1.gnupg" ] ++ then ++ mkdir "$DATADIR/$MATCH_1.gnupg" ++ cp -a "$SRCDIR/$MATCH_3/." "$DATADIR/$MATCH_1.gnupg/." ++ add_to_config "$MATCH_1" gnupghome "$DATADIR/$MATCH_1.gnupg" ++ else ++ # Export public and secret keys from new keyring. ++ export GNUPGHOME="$SRCDIR/$MATCH_3" ++ gpg --export "$MATCH_2" > "$DATADIR/public.key" ++ gpg --export-secret-keys "$MATCH_2" > "$DATADIR/secret.key" ++ ++ # Import into the keyring uses for tests. ++ export GNUPGHOME="$DATADIR/$MATCH_1.gnupg" ++ gpg --import "$DATADIR/public.key" ++ gpg --import "$DATADIR/secret.key" ++ ++ # Use the configuration rather than the environment. ++ add_to_config "$MATCH_1" gnupghome "$GNUPGHOME" ++ unset GNUPGHOME ++ fi ++ ++ add_to_config "$MATCH_1" encrypt-with "$MATCH_2" ++ + Encryption scenarions, at least, also need users that pretend to be + someone else. + +-- +2.5.2 + + +_______________________________________________ +obnam-dev mailing list +obnam-dev@obnam.org +http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org diff --git a/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999011.M51373P17339Q223.exolobe1 b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999011.M51373P17339Q223.exolobe1 new file mode 100644 index 0000000..36fa366 --- /dev/null +++ b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999011.M51373P17339Q223.exolobe1 @@ -0,0 +1,124 @@ +Return-Path: +X-Original-To: distix@pieni.net +Delivered-To: distix@pieni.net +Received: from bagpuss.pepperfish.net (bagpuss.pepperfish.net [148.251.8.16]) + (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) + (No client certificate requested) + by pieni.net (Postfix) with ESMTPS id EE04F20BA7 + for ; Fri, 25 Sep 2015 07:38:15 +0200 (CEST) +Received: from platypus.pepperfish.net (unknown [10.112.100.20]) + by bagpuss.pepperfish.net (Postfix) with ESMTP id 607F9B9A; + Fri, 25 Sep 2015 06:38:15 +0100 (BST) +Received: from ip6-localhost ([::1] helo=platypus.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1ZfLi3-0006vo-8K; Fri, 25 Sep 2015 06:38:15 +0100 +Received: from inmail0 ([10.112.100.10] helo=mx0.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1ZfLi0-0006vf-UG + for ; Fri, 25 Sep 2015 06:38:13 +0100 +Received: from mail-io0-f181.google.com ([209.85.223.181]) + by mx0.pepperfish.net with esmtps (TLS1.2:RSA_ARCFOUR_SHA1:128) + (Exim 4.80) (envelope-from ) id 1ZfLhy-0005Qu-Vu + for obnam-dev@obnam.org; Fri, 25 Sep 2015 06:38:12 +0100 +Received: by ioiz6 with SMTP id z6so100001880ioi.2 + for ; Thu, 24 Sep 2015 22:37:59 -0700 (PDT) +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; + h=from:to:cc:subject:date:message-id:in-reply-to:references; + bh=bSFzbmgZf7xZmMfHt2qm1OFY/5vwwLFYXkdswzkK+3s=; + b=gQRMtVpDQWCt2ZhxNbCaLKBNvJAuq9HZZHKMqmGr7xYwHZnqjASBFaAneD+wZbl2eQ + 5LjaxKoB3zePznNxNlOfa03QVcVH/xgaEhWm6Mim/wgIAZfX5NhEabc5+bwotXtyLq// + hzeSRpeLxqD6CNLFnaagjHdb6t0HVEdKpN6sAR3tkqI8IfmAP/1yhe6zIGVcNUH0UqOO + cAmVki0EfzeONxW2sgeMKn23SXmZBb1zPRH2LAKe93VzQSU1mQMFHxrOvoHwiO2ty875 + Wvrl75xgnWH1sBE6xPIhS48Mpkbayi91SnuZOI340RYxqcnQura0MEYgXb6eS4Xq2763 + 9+jA== +X-Received: by 10.107.37.132 with SMTP id l126mr4298384iol.92.1443159478801; + Thu, 24 Sep 2015 22:37:58 -0700 (PDT) +Received: from localhost (26.sub-70-209-128.myvzw.com. [70.209.128.26]) + by smtp.gmail.com with ESMTPSA id y6sm751799igl.17.2015.09.24.22.37.56 + (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); + Thu, 24 Sep 2015 22:37:57 -0700 (PDT) +From: Ben Boeckel +To: obnam-dev@obnam.org +Date: Fri, 25 Sep 2015 01:37:50 -0400 +Message-Id: <1443159474-27126-1-git-send-email-mathstuf@gmail.com> +X-Mailer: git-send-email 2.5.3 +In-Reply-To: <1441948936-12526-1-git-send-email-mathstuf@gmail.com> +References: <1441948936-12526-1-git-send-email-mathstuf@gmail.com> +X-Spam-Score: -0.5 +X-Spam-Score-int: -4 +X-Spam-Bar: / +X-Scanned-By: pepperfish.net, Fri, 25 Sep 2015 06:38:12 +0100 +X-Spam-Report: Content analysis details: (-0.5 points) + pts rule name description + ---- ---------------------- -------------------------------------------------- + 1.0 PPF_FROM_CONTAINS_MAIL The From header contains 'mail' + 1.2 FREEMAIL_FROM Sender email is commonly abused enduser mail provider + (mathstuf[at]gmail.com) + -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low + trust [209.85.223.181 listed in list.dnswl.org] + -0.0 SPF_PASS SPF: sender matches SPF record + -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% + [score: 0.0000] + -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's + domain + 0.1 DKIM_SIGNED Message has a DKIM or DK signature, + not necessarily valid + -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature +X-ACL-Warn: message may be spam +X-Scan-Signature: 8887c701ef4198506b295ef73f0e38b1 +Cc: Ben Boeckel +Subject: [PATCH v4 0/4] GPGHOMEDIR improvements +X-BeenThere: obnam-dev@obnam.org +X-Mailman-Version: 2.1.5 +Precedence: list +List-Id: Obnam development discussions +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +Sender: obnam-dev-bounces@obnam.org +Errors-To: obnam-dev-bounces@obnam.org + +These seem related enough to warrant bundling it all together. I've place the +refactoring and fix commits at the base to make cherry-picking a subset easier. + +First, I refactored _gpg_pipe to use _gpg since all it does is set up +--passphrase-fd and the base flags are the same. + +Second, I added support for gpghome to the symmetric functions and fixed the +tests because if my USB key is not plugged in, the symlinks in the default gpg +keyring are broken and gpg needs to read *something*, but this fails. + +The third patch fixes the test suite for symmetric keys to use a +guaranteed-to-not-be-broken keyring by creating a temporary directory for it. + +The last commit implements the gnupghome configuration with tests, now also +passing it to the symmetric key functions. + +Thanks, + +Ben Boeckel (4): + encryption: refactor _gpg_pipe to use _gpg + encryption: support custom gpghome in symmetric key functions + encryption_tests: make robust against bad default keyrings + encryption_plugin: add a gnupghome configuration option + + obnam.1.in | 5 +++++ + obnamlib/encryption.py | 28 +++++++++++----------------- + obnamlib/encryption_tests.py | 15 ++++++++++++--- + obnamlib/plugins/encryption_plugin.py | 27 +++++++++++++++++++++------ + yarns/0060-encryption.yarn | 16 ++++++++++++++++ + yarns/9000-implements.yarn | 26 ++++++++++++++++++++++++++ + 6 files changed, 91 insertions(+), 26 deletions(-) + +-- +2.5.3 + + +_______________________________________________ +obnam-dev mailing list +obnam-dev@obnam.org +http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org diff --git a/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999013.M340924P17339Q253.exolobe1 b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999013.M340924P17339Q253.exolobe1 new file mode 100644 index 0000000..1f3fd83 --- /dev/null +++ b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999013.M340924P17339Q253.exolobe1 @@ -0,0 +1,104 @@ +Return-Path: +X-Original-To: distix@pieni.net +Delivered-To: distix@pieni.net +Received: from bagpuss.pepperfish.net (bagpuss.pepperfish.net [148.251.8.16]) + (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) + (No client certificate requested) + by pieni.net (Postfix) with ESMTPS id CD27031E16 + for ; Fri, 18 Sep 2015 06:04:29 +0200 (CEST) +Received: from platypus.pepperfish.net (unknown [10.112.100.20]) + by bagpuss.pepperfish.net (Postfix) with ESMTP id 456E55E6; + Fri, 18 Sep 2015 05:04:29 +0100 (BST) +Received: from ip6-localhost ([::1] helo=platypus.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1ZcmuT-0003Y0-2U; Fri, 18 Sep 2015 05:04:29 +0100 +Received: from inmail0 ([10.112.100.10] helo=mx0.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1ZcmuR-0003Xu-Rr + for ; Fri, 18 Sep 2015 05:04:27 +0100 +Received: from mail-ig0-f178.google.com ([209.85.213.178]) + by mx0.pepperfish.net with esmtps (TLS1.2:RSA_ARCFOUR_SHA1:128) + (Exim 4.80) (envelope-from ) id 1ZcmuO-0003QV-Ip + for obnam-dev@obnam.org; Fri, 18 Sep 2015 05:04:27 +0100 +Received: by igxx6 with SMTP id x6so9578232igx.1 + for ; Thu, 17 Sep 2015 21:04:10 -0700 (PDT) +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; + h=date:from:to:subject:message-id:reply-to:references:mime-version + :content-type:content-disposition:in-reply-to:user-agent; + bh=Alsu0cc56k2nH96FWPjbractLgnlZLXjlGcDScVwf9g=; + b=SjkN/YckYtY4vzv6xrtKB9O7A5eY3uUPKJ1ggn2M1DFD38OP919JQwSFQOzPKl2kpF + 64OvezpQ1V/K7tIWuU1vAEYLMBN1FrXLP9gnMZccvbcHhphiTuyQ5qiFKitr4EIL2Arh + rnkZC/Ue59HWTxsAKUoD76hSpV72zCST4NLuXL/c3W225DNZgFvy+vvxFew0LaFi9Dd+ + XHBM3rx7RFADJICJx6np3xsKJa6qXw1pGrj4GR591O5sTiHN4XYFBTEsD7dSUBeOmw8u + UYWbyEHIsEdrS27mBKaPCXsyv1RSYuKi+lrgBjLF3adQGigY7KfWuzaO4efL31Y7kh0y + qcJA== +X-Received: by 10.50.109.198 with SMTP id hu6mr31368185igb.3.1442549050203; + Thu, 17 Sep 2015 21:04:10 -0700 (PDT) +Received: from localhost (142.sub-70-209-132.myvzw.com. [70.209.132.142]) + by smtp.gmail.com with ESMTPSA id kb10sm5728524igb.4.2015.09.17.21.04.09 + for + (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); + Thu, 17 Sep 2015 21:04:09 -0700 (PDT) +Date: Fri, 18 Sep 2015 00:04:06 -0400 +From: Ben Boeckel +To: obnam-dev@obnam.org +Message-ID: <20150918040406.GA15714@bronto-burt.dev.benboeckel.net> +References: <1441948936-12526-1-git-send-email-mathstuf@gmail.com> + <1442278857-352-1-git-send-email-mathstuf@gmail.com> + <1442278857-352-2-git-send-email-mathstuf@gmail.com> +MIME-Version: 1.0 +Content-Type: text/plain; charset=utf-8 +Content-Disposition: inline +In-Reply-To: <1442278857-352-2-git-send-email-mathstuf@gmail.com> +User-Agent: Mutt/1.5.24 (2015-08-30) +X-Spam-Score: -2.0 +X-Spam-Score-int: -19 +X-Spam-Bar: -- +X-Scanned-By: pepperfish.net, Fri, 18 Sep 2015 05:04:27 +0100 +X-Spam-Report: Content analysis details: (-2.0 points) + pts rule name description + ---- ---------------------- -------------------------------------------------- + -1.0 PPF_USER_AGENT_MUTT User-Agent: contains Mutt (Mutt isn't a spam + tool) -0.5 PPF_USER_AGENT User-Agent: exists + 1.0 PPF_FROM_CONTAINS_MAIL The From header contains 'mail' + 1.2 FREEMAIL_FROM Sender email is commonly abused enduser mail provider + (mathstuf[at]gmail.com) + -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low + trust [209.85.213.178 listed in list.dnswl.org] + -0.0 SPF_PASS SPF: sender matches SPF record + -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% + [score: 0.0000] + -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's + domain + 0.1 DKIM_SIGNED Message has a DKIM or DK signature, + not necessarily valid + -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature +X-ACL-Warn: message may be spam +X-Scan-Signature: 9663cd0ffdd1df9e7a15fa0ae4b748a8 +Subject: Re: [PATCH v2] encryption_plugin: add a gnupghome configuration + option +X-BeenThere: obnam-dev@obnam.org +X-Mailman-Version: 2.1.5 +Precedence: list +Reply-To: mathstuf@gmail.com +List-Id: Obnam development discussions +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +Sender: obnam-dev-bounces@obnam.org +Errors-To: obnam-dev-bounces@obnam.org + +On Mon, Sep 14, 2015 at 21:00:57 -0400, Ben Boeckel wrote: +> + def gnupghome(self): +> + print 'gnupghome', self.app.settings['gnupghome'] + +Oops, stray debugging line. New patch incoming. + +_______________________________________________ +obnam-dev mailing list +obnam-dev@obnam.org +http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org diff --git a/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999013.M483858P17339Q255.exolobe1 b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999013.M483858P17339Q255.exolobe1 new file mode 100644 index 0000000..0afc4fb --- /dev/null +++ b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/new/1455999013.M483858P17339Q255.exolobe1 @@ -0,0 +1,129 @@ +Return-Path: +X-Original-To: distix@pieni.net +Delivered-To: distix@pieni.net +Received: from bagpuss.pepperfish.net (bagpuss.pepperfish.net [148.251.8.16]) + (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) + (No client certificate requested) + by pieni.net (Postfix) with ESMTPS id B79DA2E0EF + for ; Fri, 11 Sep 2015 07:22:52 +0200 (CEST) +Received: from platypus.pepperfish.net (unknown [10.112.100.20]) + by bagpuss.pepperfish.net (Postfix) with ESMTP id 6B551CBA; + Fri, 11 Sep 2015 06:22:52 +0100 (BST) +Received: from ip6-localhost ([::1] helo=platypus.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1ZaGnU-0007WD-9N; Fri, 11 Sep 2015 06:22:52 +0100 +Received: from inmail0 ([10.112.100.10] helo=mx0.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1ZaGnS-0007W7-QH + for ; Fri, 11 Sep 2015 06:22:50 +0100 +Received: from mail-io0-f171.google.com ([209.85.223.171]) + by mx0.pepperfish.net with esmtps (TLS1.2:RSA_ARCFOUR_SHA1:128) + (Exim 4.80) (envelope-from ) id 1ZaGnR-0004Io-3E + for obnam-dev@obnam.org; Fri, 11 Sep 2015 06:22:50 +0100 +Received: by iofh134 with SMTP id h134so86475068iof.0 + for ; Thu, 10 Sep 2015 22:22:37 -0700 (PDT) +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; + h=from:to:cc:subject:date:message-id:in-reply-to:references; + bh=8fQFQOlsQyGHqf2Nd6HTPZkNqMA4ZvwcQJ/jE2N2Ix8=; + b=v/BitBPnjBSCXTQ687DLa7IrtwED2VOMov5n1bn2H1Y0cZe8B6z1lU0xRQxxHaAcRj + S+/RGA5HaGIQn6AnAZxRjl2J31sa8YnW+WXVhmAtF/b8UJONGWVteeMAHP6rwqrvhyes + zGA5h8xnv7KYd5nKrNBxwcxtSiiE7W+e7UF1ktV3F471121eK+/nW1EGUGsLcVQNfc+6 + aODhLw3jv+hTiVfaf4dZA4KaSyxbCr4g1lTqmDrUKNVzlDp+WX5OAb8qdPjLpqNaBHJI + OLjjcYGRPcoT1mmwU74Q+R36MaZA8Pq2bTmzw7cXuNhHmxNRP6MuJNklj4aCMTeR+4Qp + QuNw== +X-Received: by 10.107.15.27 with SMTP id x27mr502192ioi.51.1441948957473; + Thu, 10 Sep 2015 22:22:37 -0700 (PDT) +Received: from localhost (45.sub-70-209-135.myvzw.com. [70.209.135.45]) + by smtp.gmail.com with ESMTPSA id 10sm153400ios.28.2015.09.10.22.22.35 + (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); + Thu, 10 Sep 2015 22:22:36 -0700 (PDT) +From: Ben Boeckel +To: obnam-dev@obnam.org +Date: Fri, 11 Sep 2015 01:22:16 -0400 +Message-Id: <1441948936-12526-4-git-send-email-mathstuf@gmail.com> +X-Mailer: git-send-email 2.5.1 +In-Reply-To: <1441948936-12526-1-git-send-email-mathstuf@gmail.com> +References: <1441948936-12526-1-git-send-email-mathstuf@gmail.com> +X-Spam-Score: -0.5 +X-Spam-Score-int: -4 +X-Spam-Bar: / +X-Scanned-By: pepperfish.net, Fri, 11 Sep 2015 06:22:50 +0100 +X-Spam-Report: Content analysis details: (-0.5 points) + pts rule name description + ---- ---------------------- -------------------------------------------------- + 1.0 PPF_FROM_CONTAINS_MAIL The From header contains 'mail' + 1.2 FREEMAIL_FROM Sender email is commonly abused enduser mail provider + (mathstuf[at]gmail.com) + -0.0 SPF_PASS SPF: sender matches SPF record + -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% + [score: 0.0000] + -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's + domain + 0.1 DKIM_SIGNED Message has a DKIM or DK signature, + not necessarily valid + -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature + -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low + trust [209.85.223.171 listed in list.dnswl.org] +X-ACL-Warn: message may be spam +X-Scan-Signature: 625f24d4d5a9233cab8b0380f6b09df7 +Cc: Ben Boeckel +Subject: [PATCH 3/3] build: support build/ being a symlink +X-BeenThere: obnam-dev@obnam.org +X-Mailman-Version: 2.1.5 +Precedence: list +List-Id: Obnam development discussions +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +Sender: obnam-dev-bounces@obnam.org +Errors-To: obnam-dev-bounces@obnam.org + +I use a symlink to keep build artifacts off of my main drive, so +preserve the link if it exists. + +Signed-off-by: Ben Boeckel +--- + check | 2 +- + setup.py | 6 +++++- + 2 files changed, 6 insertions(+), 2 deletions(-) + +diff --git a/check b/check +index 708ac0f..965d507 100755 +--- a/check ++++ b/check +@@ -20,5 +20,5 @@ set -e + + python setup.py --quiet clean + python setup.py --quiet build_ext -i +-rm -rf build ++rm -rf build/*/ + python setup.py --quiet check "$@" +diff --git a/setup.py b/setup.py +index 3832c61..0859db1 100755 +--- a/setup.py ++++ b/setup.py +@@ -115,7 +115,11 @@ class CleanMore(clean): + self.remove_pyc('obnamlib') + self.remove_pyc('test-plugins') + if os.path.isdir('build'): +- shutil.rmtree('build') ++ if os.path.islink('build'): ++ for path in os.listdir('build'): ++ shutil.rmtree('build/' + path) ++ else: ++ shutil.rmtree('build') + + def remove_pyc(self, rootdir): + for dirname, subdirs, basenames in os.walk(rootdir): +-- +2.5.1 + + +_______________________________________________ +obnam-dev mailing list +obnam-dev@obnam.org +http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org diff --git a/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/tmp/.this-dir-not-empty/.empty/empty-file b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/Maildir/tmp/.this-dir-not-empty/.empty/empty-file new file mode 100644 index 0000000..e69de29 diff --git a/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/ticket.yaml b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/ticket.yaml new file mode 100644 index 0000000..f70faec --- /dev/null +++ b/tickets/b6df8a5d7d3d4b7e8c2ddf8c95cfc33d/ticket.yaml @@ -0,0 +1,4 @@ +ticket-id: +- b6df8a5d7d3d4b7e8c2ddf8c95cfc33d +title: +- "Re: [PATCH 1/3] encryption_plugin: add a gpg-homedir configuration\n option" -- cgit v1.2.1