Package: pass
Version: 1.6.5-6
Severity: important

Dear Maintainer,

I have a pass key repository shared with co-workers. A co-worker's key
expired today, and this happened:

$ tar -C gpg -cf - . | base64 | pass insert -m infra/ci-gnupg.tar.base64
tar: ./S.gpg-agent.extra: socket ignored
tar: ./S.gpg-agent: socket ignored
tar: ./S.gpg-agent.ssh: socket ignored
tar: ./S.gpg-agent.browser: socket ignored
Enter contents of infra/ci-gnupg.tar.base64 and press Ctrl+D when finished:

gpg: removing stale lockfile (created by 12012)
gpg: E8C1BC59AB5040EC08413CC161726E19C6D5BA72: skipped: Unusable public key
gpg: [stdin]: encryption failed: Unusable public key

The pass exit code was 0. However, because gpg refused to encrypt to
the expired key, the inserted secret wasn't actually inserted. A
non-zero exit code would make this situation be much easier to notice.
A zero exit code makes pass fail its primary job for me.

Suggestion for fix: If gpg fails, pass should exit with a non-zero
exit code.

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing'), (1, 'experimental')
Architecture: amd64
 (x86_64)

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages pass depends on:
ii  gnupg   2.1.18-6
ii  gnupg2  2.1.18-6
ii  pwgen   2.07-1.1+b1
ii  tree    1.7.0-5

Versions of packages pass recommends:
ii  git     1:2.11.0-3
ii  gnupg2  2.1.18-6
ii  xclip   0.12+svn84-4+b1

Versions of packages pass suggests:
ii  libxml-simple-perl  2.22-1
ii  perl                5.24.1-2
ii  ruby                1:2.3.3

-- no debconf information

Reply via email to