* Update trousers to latest, use regular openssl (#68338)
trousers: cleanup
* some CFLAGS and LDFLAGS are not needed anymore
* libtool file fixup was a no-op
* license is now BSD-3 since:
0160d229f8/
all: update from 4.6.0 to 4.7.2
keybase:
- added gnupg as a dependency and patch fix-patch-keybase.patch
kbfs:
- added fuse as a dependency and patch fix-patch-kbfs.patch
https://www.sudo.ws/stable.html#1.8.29
Build tweak: fix build failure when attempting to check that
the "existing" sudoers file on $out/etc/sudoers parses clean--
this update changed precondition for this test to check if
DESTDIR is non-empty instead of previous behavior
"does the file exist".
This solves the dependency cycle in gcr alternatively so there won't be
two gnupg store paths in a standard NixOS system which has udisks2 enabled
by default.
NixOS users are expected to use the gpg-agent user service to pull in the
appropriate pinentry flavour or install it on their systemPackages and set
it in their local gnupg agent config instead.
Co-authored-by: Florian Klink <flokli@flokli.de>
This solves the dependency cycle in gcr alternatively so there won't be
two gnupg store paths in a standard NixOS system which has udisks2 enabled
by default.
NixOS users are expected to use the gpg-agent user service to pull in the
appropriate pinentry flavour or install it on their systemPackages and set
it in their local gnupg agent config instead.
Co-authored-by: Florian Klink <flokli@flokli.de>
This adds gnupg-pkcs11-scd, a smart card daemon for GnuPG that supports
PKCS#11 smartcards (such as the Yubikey PIV module).
You can use it by adding something like this to your
~/.gnupg/gpg-agent.conf:
scdaemon-program /home/<user>/.nix-profile/bin/gnupg-pkcs11-scd
You will also need to install `opensc` and have a
~/.gnupg/gnupg-pkcs11-scd.conf with something like the following:
providers opensc
provider-opensc-library /home/philandstuff/.nix-profile/lib/pkcs11/opensc-pkcs11.so
Then `gpg` smartcard operations will access your PKCS#11-capable
smartcard.
