averello/gopass-mirror
1
0
Fork 0
mirror of https://github.com/gopasspw/gopass.git synced 2026-05-30 11:18:48 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
master
gopass-mirror/docs/backends
T
History
Dominik Schulz fddf2d124f bug: reload identities on unlock command (#3430) 
* fix(age): detach agent subprocess from parent file descriptors

When the age agent is started via startAgent(), it inherits the parent
process's stderr (explicitly via cmd.Stderr = os.Stderr) and stdin/stdout
(implicitly by not setting them). This causes the parent process to hang
when it captures its own output via exec.Cmd.CombinedOutput() or similar
pipe-based methods, because the agent subprocess keeps the pipe file
descriptors open indefinitely as a daemon.

This affects:
- Integration tests that use exec.Command + CombinedOutput()
- Any external tool that wraps gopass as a subprocess and captures its
  output

The fix sets cmd.Stdin, cmd.Stdout, and cmd.Stderr to nil for the agent
process, ensuring it is fully detached from the parent's file descriptors.
The agent already uses a Unix domain socket for communication, so it does
not need inherited pipes. The cmd.Env = os.Environ() is preserved so the
agent inherits the necessary environment variables (GOPASS_HOMEDIR,
GOPASS_AGE_PASSWORD, etc.).

* Add GOPASS_AGE_STDIN_PASSPHRASE env variable to bypass pinentry for age

* fix(age): reload identities on unlock command (#3363)

Fix the 'gopass age agent unlock' command to reload identities after
unlocking, instead of just setting locked=false.

Before this fix, unlock would only set locked=false but leave identities
as nil, causing decrypt operations to fail with 'no identity matched any
recipient' error instead of triggering auto-reload.

After this fix:
- unlock command reloads identities via getAllIds (prompts for PIN)
- identities are sent to the agent via SendIdentities
- agent timeout is set if configured
- message updated to 'Age agent unlocked and identities reloaded'

Also adds test infrastructure for age backend testing with embedded
test identity.

This commit was developed with OpenCode (GLM-5 and Kimi K2.5).

Fixes #3363

Signed-off-by: Stéphane Klein <contact@stephane-klein.info>
Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org>

* docs(age): document stdin passphrase override

Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org>

---------

Signed-off-by: Stéphane Klein <contact@stephane-klein.info>
Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org>
Co-authored-by: Stéphane Klein <contact@stephane-klein.info>
2026-05-17 10:28:14 +02:00
..
age.md
bug: reload identities on unlock command (#3430)
2026-05-17 10:28:14 +02:00
cryptfs.md
feat: Add cryptfs storage backend for filename encryption (#3249)
2025-09-24 08:47:09 +02:00
fossilfs.md
feat: Add cryptfs storage backend for filename encryption (#3249)
2025-09-24 08:47:09 +02:00
fs.md
Add command documentation for clone, config, convert, generate and init (#1523)
2020-08-14 20:46:12 +02:00
gitfs.md
Use persistent SSH connections for git operations (#1755)
2021-01-26 09:22:06 +01:00
gpg.md
Add documentation (#2036)
2021-11-13 21:24:32 +01:00
jjfs.md
feat: Add cryptfs storage backend for filename encryption (#3249)
2025-09-24 08:47:09 +02:00