| Summary: | kde-plasma/ksshaskpass: Unable to extract keyFile from phrase "…" | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Navid Zamani <navid.zamani> |
| Component: | Current packages | Assignee: | Gentoo Linux bug wranglers <bug-wranglers> |
| Status: | RESOLVED UPSTREAM | ||
| Severity: | normal | ||
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
Oh, nevermind… this is only a problem when using ksshaskpass to for SUDO via a helper script. Because ksshaskpass in a horrible hackish way, assumes the string it is passed for prompt is precisely:
?/^Enter passphrase for (.*?)( \(will confirm each use\))?: $/
And "keyFile" seems to be taken from \1.
Which is silly, and breaks using ksshaskpass for other things that can use askpass, like $(sudo -A) with /etc/sudo.conf having the option:
Path askpass /usr/local/bin/ksudoaskpass
I will probably file another bug for this in KDE’s own bug tracker, and post the link here, when I do.
A workaround is to set (precisely!)
export SUDO_PROMPT="Enter passphrase for sudo: "
in your .bashrc or even better /etc/bash/bashrc.d/sudo-askpass.bash.
Of course with
Path askpass /usr/local/bin/ksudoaskpass
in your /etc/sudo.conf.
Just in case anyone with a similar problem finds this.
|
Basically, $(ksshaskpass --help) states that there is an option "--+[prompt]", that can be used to change what it prompts the user for. (The text above the input field.) But using $(ksshaskpass --+something) only results in Unknown option '+something'. , and so does $(ksshaskpass --something), $(ksshaskpass --prompt something) or even $(ksshaskpass --+prompt something). And when you randomly try $(ksshaskpass +something), you will get the expected dialog, but asking for the password for "+something", including the "+"! So what seems, at first, to work is $(ksskaskpass something)! BUT, in any "working" case of the above, you also get the output ksshaskpass: Unable to extract keyFile from phrase "+something" , and most importantly, ksshaskpass does not actually use the kwallet to store or retrieve the password. Despite asking one to open it, if it is closed. So it asks one for the password every time. Making it quite useless over just not using any askpass. What it should do, depends on how this was meant to be… which is somewhat beyond me. My guess, when reading the code, is that the option was meant to be "+[prompt]", but the option parser didn’t understand the "+", and got confused. And ksshaskpass also uses some kind of secret option hack to pass a "keyFile". But my C++ is not good enough to tell what for. It just seems those two purposes got mixed into one, making it fail in every case. Phew! I hope this was understandable. There also is a recent and confirmed (and less detailed) bug in Ubuntu’s bug tracker for this, currently: https://bugs.launchpad.net/ubuntu/+source/ksshaskpass/+bug/1728696