# NOTE:
# our .zprofile can be expensive, so we keep track of what has been run
-# already, and only set up what is necessary. additionally, we want to ensure
-# that our environment is set up as early as possible, so we also source
-# .zprofile in .zshenv for new non-login shells.
+# already, and only set up what is necessary. this also allows us to re-source
+# the file to reinitialize specific parts when desired.
#
-# these issues are handled by using these methods:
-# * the parent shell that starts the user's session after logging in to some
-# graphical environments may not be a login shell—due to misconfiguration
-# or otherwise—which means .zprofile is not ran and the environment is not
-# properly configured for any child processes.
-# * some desktop environments/graphical terminal emulators will start new
-# terminal windows with login shells, which runs .zprofile every time and
-# leads to noticably slow startup times if we have not already ran it.
-
-### cleanup
-# XXX: only call after relevant vars have been set up, defined early so that
-# below code can utilize it after they do so
-function _sev_zcleanup {
- ## gpg forwarding
- if [[ -d $_sev_gpg_forward_dir && ( -z $1 || $1 == 'gpg-forward' ) ]] {
- # clean up forward dirs if its session is dead or we ask for it
- find $_sev_gpg_forward_dir -mindepth 1 -maxdepth 1 -type d |
- while {read -r x} {
- # NOTE: the only way we can get here is if we have not been
- # forwarded before, if the user asks for it, or during
- # logout. if our own pid already has a dir, it is most likely
- # stale, the user wants it removed, or something is very
- # broken—in all 3 of these cases the best choice is remove it.
- p=$(basename $x)
- if {[[ -v _sev_gpg_forward_clean || $$ == $p ]] ||
- ! kill -0 $p 2>/dev/null} {
- find $x -mindepth 1 -maxdepth 1 | while {read -r y} {
- # XXX: real dirs will stop unlink, consider it a feature
- unlink $y
- }
- # don't force in case something important is still there
- rmdir $x
- }
- }
- # reset GNUPGHOME if we removed our own dir
- if [[ $GNUPGHOME =~ '/.ssh_forward/\d+/*$' && ! -e $GNUPGHOME ]]
- GNUPGHOME=${GNUPGHOME%$MATCH}
- }
-
- ## tmp
- # NOTE: _sev_tmp is not unset so session dirs will not be recreated
- # NOTE: XDG dirs that use our tmp are not unset here, they are in zlogout
- if [[ -d $_sev_tmp && ( -z $1 || $1 == 'tmp' ) ]] {
- # clean up tmp dirs if its session is dead or we ask for it
- find $_sev_tmp -mindepth 1 -maxdepth 1 -name '.session.*' -type d |
- while {read -r x} {
- # NOTE: same rationale as above
- p=${$(basename $x)#.session.}
- if {[[ -v _sev_tmp_clean || $$ == $p ]] ||
- ! kill -0 $p 2>/dev/null} {
- rm -rf $x
- }
- }
- }
-
- unset x p y
-}
-
-### lang
-export CHARSET=${CHARSET:-UTF-8}
-export LANG=${LANG:-en_US.UTF-8}
+# in order to ensure future interactive environments are set up as early as
+# possible, we source this file from .zshenv for non-login shells, under some
+# specific conditions outlined there.
+#
+# this file respects non-interactive sessions and will not intentionally emit
+# output.
-### path
-# NOTE: we utilize the fact that unique arrays keep the first occurrence and
-# remove any further occurences to capture elements from the old PATH
-# that we did not anticipate and shift them to the front, since they are
-# probably important to the system
+### fix path after system profile scripts have possibly mangled it
if [[ ! -v _sev_setup_path || -o login ]] {
- typeset -U path fpath
- # add as many generic paths as possible to keep the order we want
- # NOTE: /usr/{local,pkg,games} are unix/bsdisms
- # XXX: PREFIX not validated, non-posix but Termux uses it, maybe others
- # XXX: XDG specifies ~/.local/bin as the only user-writable dir for
- # executables, but we specify more; technically this is against spec
- syspath=("$path[@]")
- path=(~/{.local/,}{s,}bin
- {~/.local,{$PREFIX,}{,/opt,/usr{,/local,pkg}}}/sbin
- {~/.local,{$PREFIX,}{,/opt,/usr{,/local,pkg}}}/bin
- /usr/{X11R{7,6}/bin,games})
- ((len=$#path))
- path=("$path[@]" "$syspath[@]")
- # remove nonexistent and duplicate paths
- for (( i = 1; i <= $#path; i++ )) {
- if [[ ! -e $path[$i] ]] {
- path[$i]=()
- ((i <= len)) && ((len--))
- ((i--))
- continue
- }
- }
- # shift valid system paths to the front if there are any left
- ((len > 0 && len < $#path)) && path=("${(@)path[len + 1, -1]}" "${(@)path[1, len]}")
- unset syspath len i
- # include our zsh dir in fpath. unlike above, we always prefer our paths
- fpath=(${ZDOTDIR:-~/.zsh}/functions/{*,Completions/*}(N) "$fpath[@]")
- # FPATH is not exported by default
- export FPATH
- typeset +U path fpath
+ _sev_setpath
export _sev_setup_path=
}
-### xdg local dir
-# NOTE: need this for tmp, so confirm it exists.
-# XXX: perms are not specified for XDG dirs except runtime, but I think 760
-# makes the most sense. shouldn't break anything since no one else should
-# be poking around in our dir.
-[[ -e ${_sev_home:-~}/.local ]] || mkdir -m760 ${_sev_home:-~}/.local
-
-### tmp
-# NOTE: specs say that POSIX tmp and XDG runtime directories should exist
-# until the last session is logged out (POSIX can exist for longer).
-# since we can't reliably keep track of sessions in a cross-platform
-# manner, the current implementation should use a separate directory per
-# toplevel session (i.e. SHLVL=1). this should placate most applications,
-# though it is not expressly spec compliant.
-if [[ ! -v _sev_tmp ]] {
- _sev_tmp=${_sev_home:-~}/.local/tmp
- # NOTE: race condition/remove in use files
- [[ -h $_sev_tmp ]] && unlink $_sev_tmp 2>/dev/null
- t=${TMPDIR:-${TEMP:-${TMP:-/tmp}}}/.home-$LOGNAME
- # create personal tmp dir under system tmp
- [[ -e $t ]] || mkdir -m700 $t 2>/dev/null
- if [[ ! -d $t ]] {
- [[ -o interactive ]] &&
- print -P "%F{orange}*** Can't create TMPDIR $t, using $_sev_tmp%f"
- # fallback bare directory
- [[ -e $_sev_tmp ]] || mkdir -m700 $_sev_tmp 2>/dev/null
- if [[ ! -d $_sev_tmp ]] {
- [[ -o interactive ]] &&
- print -P "%F{red}!!! No usable TMPDIR%f"
- unset _sev_tmp
- } else {
- t=$_sev_tmp
- }
- } elif [[ -e $_sev_tmp ]] {
- [[ -o interactive ]] &&
- print -P "%F{orange}*** $_sev_tmp occluded, can't link to TMPDIR $t%f"
- _sev_tmp=$t
- } else {
- ln -s $t $_sev_tmp 2>/dev/null
- }
- if [[ -v _sev_tmp ]] {
- # ensure dir is clean
- _sev_zcleanup tmp
- # finally create our subdir for this session
- t=$_sev_tmp/.session.$$
- if ! mkdir -m700 $t 2>/dev/null; then
- [[ -o interactive ]] &&
- print -P "%F{red}!!! Can't create session subdir $t, using $_sev_tmp%f"
- t=$_sev_tmp
- fi
- export _sev_tmp TMPDIR=$t TEMP=$t TMP=$t
- unset t
- }
-}
-
-### xdg
-if [[ ! -v _sev_setup_xdg ]] {
- ## merge with any existing dirs and remove duplicates using unique arrays
- # NOTE: we are accepting whatever value might be set for CONFIG and DATA;
- # if it wasn't set, we just use default and leave it unset
- # NOTE: include and then remove CONFIG_HOME and DATA_HOME to ensure they
- # are not present in the array if it was added before we got to it
- typeset -UT XDG_DATA_DIRS xdg_data_dirs
- if [[ -v XDG_DATA_HOME ]] {
- export XDG_DATA_HOME
- } elif [[ ! -e ~/.local/share ]] {
- mkdir -m760 ~/.local/share
- }
- xdg_data_dirs=($XDG_DATA_HOME /{opt,usr/local,usr/pkg,usr}/share
- "${XDG_DATA_DIRS:+${xdg_data_dirs[@]}}")
- # XXX: if colons are not escaped, could remove unintended part of string
- export XDG_DATA_DIRS=${XDG_DATA_DIRS#$XDG_DATA_HOME:}
-
- typeset -UT XDG_CONFIG_DIRS xdg_config_dirs
- if [[ -v XDG_CONFIG_HOME ]] {
- export XDG_CONFIG_HOME
- } elif [[ ! -e ~/.config ]] {
- mkdir -m760 ~/.config
- }
- # I am of the belief .local should follow FHS /usr/local...
- [[ -e ~/.local/etc ]] || ln -s ~/.config ~/.local/etc
- xdg_config_dirs=($XDG_CONFIG_HOME ${XDG_CONFIG_DIRS:+"$xdg_config_dirs[@]"}
- {/opt,/usr/local,/usr/pkg,}/etc/xdg)
- # XXX: if colons are not escaped, could remove unintended part of string
- export XDG_CONFIG_DIRS=${XDG_CONFIG_DIRS#$XDG_CONFIG_HOME:}
-
- if [[ -v XDG_STATE_HOME ]] {
- export XDG_STATE_HOME
- } elif [[ ! -e ~/.local/state ]] {
- mkdir -m760 ~/.local/state
- }
-
- if [[ ! -v XDG_CACHE_HOME ]] {
- if [[ -v _sev_tmp ]] {
- export XDG_CACHE_HOME=$_sev_tmp/.xdg.cache
- [[ -e $XDG_CACHE_HOME ]] || mkdir -m700 $XDG_CACHE_HOME
- } elif [[ ! -e ~/.cache ]] {
- mkdir -m700 ~/.cache
- }
- }
-
- if [[ -v XDG_RUNTIME_DIR ]] {
- export XDG_RUNTIME_DIR
- } else {
- # make runtime dir in our session-specific tmpdir
- export XDG_RUNTIME_DIR=$TMPDIR/.xdg.runtime
- # same as in tmpdir creation, ensure dir doesn't exist
- if [[ -h $XDG_RUNTIME_DIR ]] {
- unlink $XDG_RUNTIME_DIR 2>/dev/null
- } elif [[ -e $XDG_RUNTIME_DIR ]] {
- rm -rf $XDG_RUNTIME_DIR 2>/dev/null
- }
- mkdir -m700 $XDG_RUNTIME_DIR 2>/dev/null
- }
-
- # source user dirs after other vars
- [[ -e $XDG_CONFIG_HOME/user-dirs.dirs ]] &&
- emulate sh -c "source $XDG_CONFIG_HOME/user-dirs.dirs"
- export _sev_setup_xdg=
-}
-
### dbus
if [[ ! -v DBUS_SESSION_BUS_ADDRESS && -v commands[dbus-launch] ]] {
eval $(dbus-launch)
export DBUS_SESSION_BUS_ADDRESS DBUS_SESSION_BUS_PID
}
-### gpg home
-if [[ ! -v GNUPGHOME ]] {
- export GNUPGHOME=${XDG_CONFIG_HOME:-~/.config}/gnupg
- if [[ -d ~/.gnupg ]] {
- mv ~/.gnupg ${XDG_CONFIG_HOME:-~/.config}/gnupg
- }
-}
-
### gpg agent + forwarding
-# NOTE: while ssh manages its auth sock in its protocol when ForwardSsh is
-# enabled, GPG must be forwarded manually over Unix socket. to support
-# this, we forward the restricted gpg-agent extra socket to the remote
-# host with a RemoteForward rule in ~/.ssh/config that uses the
-# _GNUPG_SOCK_* env vars. to avoid conflicts with other ssh sessions
-# where the same user is connecting to the same host from different
-# machines, gpg in each environment should utilize its own forwarded
-# socket, rather than replace the sockets in GNUPGHOME which will be
-# overridden on the next connection. previously, you could provide a path
-# to the agent socket in GPG_AGENT_INFO, but that was deprecated in GPG
-# v2.1. instead, we must clone GNUPGHOME with links and replace the agent
-# sockets there with the forwarded one.
+# NOTE: while ssh manages its auth sock in-protocol when ForwardSsh is enabled,
+# GPG must be forwarded manually over Unix socket. to support this, we
+# forward the restricted gpg-agent extra socket to the remote host with a
+# RemoteForward rule in ~/.ssh/config that uses the _GNUPG_SOCK_* vars.
+#
+# to avoid conflicts with other ssh sessions where the same user is
+# connecting to the same host from different machines, gpg should utilize
+# its own forwarded socket for each session. previously, you could
+# provide a path to the agent socket in GPG_AGENT_INFO, but that was
+# deprecated in GPG v2.1; instead, we must replace the socket in gpg's
+# socket dir.
+#
+# gnupg commits fb88f37–aab8a0b moved sockets from GNUPGHOME by default
+# to directories under /run. aab8a0b in particular solidifies the
+# functionality shift to utilize systemd-logind's user runtime
+# directories. if the dir isn't found, gpg will fall back to the homedir.
+# since previous functionality allowed multiple homedirs with multiple
+# sockets, a provision was added where changing GNUPGHOME will also
+# change the socket dir to a hashed dir under the usual runtime dir.
+#
+# utilizing this information, we can conclude:
+# - on systems with user runtime dirs, changing GNUPGHOME will also
+# give us a unique socket dir under the user runtime dir;
+# - on other systems, the socket dir follows GNUPGHOME.
+# therefore, the safest way to ensure unique sockets while not having to
+# write specific logic for both scenarios is to simply change GNUPGHOME.
+# the easiest way to do this is to create a new dir and link the contents
+# of GNUPGHOME to the new home. we can then replace all of the agent
+# sockets wherever they now are with the forwarded one. in either case we
+# will be overwriting the session-specific sockets.
+#
# NOTE: since Unix sockets are not supported under Windows, this will not work
# under msys, cygwin, mingw, etc., but may work under wsl2.
+#
# HACK: without SendEnv, which is disabled by default in most sshd configs,
-# there is no foolproof way to prevent race conditions via filename
-# collisions or to pass the desired forward path to the remote host
-# environment. we just have to guess the path we choose is good on the
-# desination, and assume the newest matching socket is the correct one
-# after connecting. in theory, we could occlude the ssh binary on PATH
-# with an alias or script that would allow us to communicate with the
-# remote host before opening a shell, so that we can have the host
+# there is no foolproof way to prevent race conditions via socket
+# filename collisions or to pass the desired forward path to the remote
+# host environment. we just have to guess the path we choose is good on
+# the desination, and assume the newest matching socket is the correct
+# one after connecting. in theory, we could occlude the ssh binary on
+# PATH with an alias or script that would allow us to communicate with
+# the remote host before opening a shell, so that we can have the host
# communicate back to the client where it wants a socket created or ask
# the host if the path the client wants to use is writable. however, this
# would open up too many edge cases where it wouldn't work or be too
# clunky (e.g. asking for password twice) to make it worth it.
function _gpg_socketpath {
# dirs are percent-encoded: https://stackoverflow.com/a/64312099
- echo ${1//(#b)%([[:xdigit:]](#c2))/${(#):-0x$match[1]}}
+ echo -E - ${1//(#b)%([[:xdigit:]](#c2))/${(#):-0x$match[1]}}
}
if [[ ! -v _sev_setup_gpg_forward && -v commands[gpg] ]] {
- # XXX: assuming /tmo exists and is writable on destination
+ # XXX: assuming /tmp exists and is writable on destination
export _GNUPG_SOCK_DEST_BASE=/tmp/.gpg-agent-forward
export _GNUPG_SOCK_DEST_EXT=$(date +%s).$RANDOM
export _GNUPG_SOCK_DEST=$_GNUPG_SOCK_DEST_BASE.$_GNUPG_SOCK_DEST_EXT
- export _sev_gpg_forward_dir=${GNUPGHOME:-~/.gnupg}/.ssh_forward
+ export _sev_gpg_forward_dir=$XDG_RUNTIME_DIR/gnupg/.ssh_forward
_sev_zcleanup gpg-forward
# find our forwarded socket
export _sev_setup_gpg_forward=
h=$_sev_gpg_forward_dir/$$
mkdir -pm700 $h
- # XXX: is it safe to link scdaemon socket? can its name be changed?
- for x (S.scdaemon gpg.conf gpg-agent.conf sshcontrol random_seed
+ for x (gpg{,-agent}.conf sshcontrol random_seed
pubring.kbx{,~} trustdb.gpg private-keys-v1.d crls.d) {
ln -s ${GNUPGHOME:-~/.gnupg}/$x $h
}
unset h
for x in $(gpgconf --list-dirs | grep 'agent-.*-\?socket:'); do
x=$(_gpg_socketpath ${x/#agent-*socket:})
- if [[ ! -v orig ]] {
+ if [[ ! -v primary ]] {
# move forwarded socket to first valid agent socket path
# XXX: if tmp is on different filesystem this may not work
mv $s $x
- orig=$x
+ primary=$x
} else {
# make links to forwarded socket for any others
- ln -s $orig $x
+ ln -s $primary $x
}
done
- unset x orig
+ unset x primary
}
unset s
export GPG_TTY=$(tty)
if [[ ( -v DISPLAY || -v WAYLAND_DISPLAY ) &&
${PINENTRY_USER_DATA/USE_TTY=0} == $PINENTRY_USER_DATA ]]
- export PINENTRY_USER_DATA=USE_TTY=$((
- ${+DISPLAY} + ${+WAYLAND_DISPLAY} == 0))
- # XXX: don't know if gpg-agent supports comments after directives
- # XXX: path could have #
- sed -Ei 's#^([[:space:]]*pinentry-program[[:space:]]).*$#\1'${commands[pinentry]:-/dev/null}'#' \
- ${GNUPGHOME:-~/.gnupg}/gpg-agent.conf
+ export PINENTRY_USER_DATA=USE_TTY=0
+ # XXX: we are assuming this is our pinentry from .local/bin
+ sed -Ei 's\1f^([[:space:]]*pinentry-program[[:space:]]).*$\1f\1'$HOME'/.local/bin/pinentry\1f' \
+ ${GNUPGHOME:-~/.gnupg}/gpg-agent.conf 2>/dev/null
# XXX: could check for changes before doing this to save perf
gpg-connect-agent RELOADAGENT UPDATESTARTUPTTY /bye >/dev/null 2>&1
if {$p} {
gpg-connect-agent /subst /serverpid \
- "/echo pid \${get serverpid} on $GPG_TTY" /bye 2>/dev/null
+ "/echo pid \${get serverpid} on ${WAYLAND_DISPLAY:-${DISPLAY:-$GPG_TTY}}" /bye 2>/dev/null
print -nP '%f'
}
} elif {$p} {
if [[ -f $e ]] {
IFS=$'\0' read -r sock pid <$e
}
- if [[ -S $sock && $pid > 0 ]] && kill -0 $pid; then
+ if [[ -S $sock && $pid > 0 ]] && kill -0 $pid >/dev/null 2>&1; then
[[ -o interactive ]] && print -P "Reusing agent PID $pid%f"
export SSH_AUTH_SOCK=$sock
export SSH_AGENT_PID=$pid
# subshells can't be used to capture output and print.
c='TMPDIR=$_sev_tmp ${okc}ssh-agent'
if [[ -o interactive ]] {
+ [[ -n $okc ]] && echo -n 'OKC-'
eval $(eval $=c)
print -nP '%f'
} else {
eval $(eval $=c) >/dev/null 2>&1
}
- echo -n $SSH_AUTH_SOCK$'\0'$SSH_AGENT_PID >!$e
+ echo -En - $SSH_AUTH_SOCK$'\0'$SSH_AGENT_PID >!$e
unset c
fi
unset okc e sock pid
}
unfunction _gpg_socketpath
-### perl local lib
-[[ -v commands[perl] && -d $XDG_DATA_HOME/perl5/lib/perl5 &&
- ! -v PERL_LOCAL_LIB_ROOT ]] &&
- eval $(perl -I$XDG_DATA_HOME/perl5/lib/perl5 \
- -Mlocal::lib=$XDG_DATA_HOME/perl5 2>/dev/null)
-
-
### load site-specific
-if [[ -f ${ZDOTDIR:-~}/.zprofile.local ]] { source ${ZDOTDIR:-~}/.zprofile.local }
+load-site-dotfile zprofile