Use shorter SSH control path (gopasspw#1899)

Fixes gopasspw#1896 RELEASE_NOTES=[BUGFIX] Fix SSH control path Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org>
kpitt · Apr 5, 2021 · 51e369d · 51e369d
1 parent 2469822
commit 51e369d
Show file tree

Hide file tree

Showing 4 changed files with 15 additions and 2 deletions.
diff --git a/docs/faq.md b/docs/faq.md
@@ -11,6 +11,7 @@
 * *gopass fails with 'gpg failed to sign the data fatal: failed to write commit object'* - If git is not able to interface with GPG, commits will fail because gopass configures git to sign commits by default. Have a look a [this question](https://stackoverflow.com/questions/39494631/gpg-failed-to-sign-the-data-fatal-failed-to-write-commit-object-git-2-10-0) for more information.
 * *Can gopass be used with Terraform?* - Yes, there is a gopass-based [Terraform provider](https://github.com/camptocamp/terraform-provider-pass) available.
 * *How can I fix ´"gpg: decryption failed: No secret key"` errors?* - Set the ´auto-expand-secmem` option in your gpg-agent.conf, if your version of GnuPG supports it.
+* *I'm getting `Path too long for Unix domain socket` errors, usually on MacOS*. This can be fixed by setting `export TMPDIR=/tmp` (or any other suiteable location with a path shorter than 80 characters).
 
 ## API Stability
 

diff --git a/internal/backend/storage/fs/fsck.go b/internal/backend/storage/fs/fsck.go
@@ -12,6 +12,7 @@ import (
 	"github.com/gopasspw/gopass/pkg/ctxutil"
 	"github.com/gopasspw/gopass/pkg/debug"
 	"github.com/gopasspw/gopass/pkg/fsutil"
+	"github.com/gopasspw/gopass/pkg/termio"
 )
 
 // Fsck checks the storage integrity
@@ -47,7 +48,12 @@ func (s *Store) Fsck(ctx context.Context) error {
 	}
 
 	debug.Log("checking root dir %q", s.path)
-	return s.fsckCheckDir(ctx, s.path)
+	if err := s.fsckCheckDir(ctx, s.path); err != nil {
+		return err
+	}
+
+	debug.Log("checking git config")
+	return s.InitConfig(ctx, termio.DetectName(ctx, nil), termio.DetectEmail(ctx, nil))
 }
 
 func (s *Store) fsckCheckFile(ctx context.Context, filename string) error {

diff --git a/internal/backend/storage/gitfs/ssh_others.go b/internal/backend/storage/gitfs/ssh_others.go
@@ -11,6 +11,9 @@ import "os"
 //
 // Note: Setting GIT_SSH_COMMAND, possibly to an empty string, will take
 // precedence over this setting.
+//
+// %C is a hash of %l%h%p%r and should avoid "path too long for unix domain socket"
+// errors. If you still encounter this error set TMPDIR to a short path, e.g. /tmp.
 func gitSSHCommand() string {
-	return "ssh -oControlMaster=auto -oControlPersist=600 -oControlPath=" + os.TempDir() + "/.gopass-ssh-${USER}-%r@%h:%p"
+	return "ssh -oControlMaster=auto -oControlPersist=600 -oControlPath=" + os.TempDir() + "/.ssh-%C"
 }
diff --git a/internal/store/leaf/fsck.go b/internal/store/leaf/fsck.go
@@ -101,6 +101,9 @@ func (s *Store) fsckCheckEntry(ctx context.Context, name string) error {
 	}
 
 	// check itemRecps matches storeRecps
+	// TODO we need to noramlize both slices before we can compare them,
+	// otherwise one might contain a short key id or a name while the other has
+	// the full key id
 	missing, extra := compareStringSlices(perItemStoreRecps, itemRecps)
 	if len(missing) > 0 {
 		out.Errorf(ctx, "Missing recipients on %s: %+v\nRun fsck with the --decrypt flag to re-encrypt it automatically, or edit this secret yourself.", name, missing)