X-Git-Url: https://git.sev.monster/~sev/dotfiles.git/blobdiff_plain/54a85d6c6744df54af2c092234ba84baacdc5ebc..4851c2318e2d5ae7274589bac10162214cb11c2a:/etc/zsh/.zprofile diff --git a/etc/zsh/.zprofile b/etc/zsh/.zprofile index 9b93f41..a55b7e6 100644 --- a/etc/zsh/.zprofile +++ b/etc/zsh/.zprofile @@ -1,268 +1,69 @@ # NOTE: # our .zprofile can be expensive, so we keep track of what has been run -# already, and only set up what is necessary. additionally, we want to ensure -# that our environment is set up as early as possible, so we also source -# .zprofile in .zshenv for new non-login shells. +# already, and only set up what is necessary. this also allows us to re-source +# the file to reinitialize specific parts when desired. # -# these issues are handled by using these methods: -# * the parent shell that starts the user's session after logging in to some -# graphical environments may not be a login shell—due to misconfiguration -# or otherwise—which means .zprofile is not ran and the environment is not -# properly configured for any child processes. -# * some desktop environments/graphical terminal emulators will start new -# terminal windows with login shells, which runs .zprofile every time and -# leads to noticably slow startup times if we have not already ran it. - -### cleanup -# XXX: only call after relevant vars have been set up, defined early so that -# below code can utilize it after they do so -function _sev_zcleanup { - ## gpg forwarding - if [[ -d $_sev_gpg_forward_dir && ( -z $1 || $1 == 'gpg-forward' ) ]] { - # clean up forward dirs if its session is dead or we ask for it - find $_sev_gpg_forward_dir -mindepth 1 -maxdepth 1 -type d | - while {read -r x} { - # NOTE: the only way we can get here is if we have not been - # forwarded before, if the user asks for it, or during - # logout. if our own pid already has a dir, it is most likely - # stale, the user wants it removed, or something is very - # broken—in all 3 of these cases the best choice is remove it. - p=$(basename $x) - if {[[ -v _sev_gpg_forward_clean || $$ == $p ]] || - ! kill -0 $p 2>/dev/null} { - find $x -mindepth 1 -maxdepth 1 | while {read -r y} { - # XXX: real dirs will stop unlink, consider it a feature - unlink $y - } - # don't force in case something important is still there - rmdir $x - } - } - # reset GNUPGHOME if we removed our own dir - if [[ $GNUPGHOME =~ '/.ssh_forward/\d+/*$' && ! -e $GNUPGHOME ]] - GNUPGHOME=${GNUPGHOME%$MATCH} - } - - ## tmp - # NOTE: _sev_tmp is not unset so session dirs will not be recreated - # NOTE: XDG dirs that use our tmp are not unset here, they are in zlogout - if [[ -d $_sev_tmp && ( -z $1 || $1 == 'tmp' ) ]] { - # clean up tmp dirs if its session is dead or we ask for it - find $_sev_tmp -mindepth 1 -maxdepth 1 -name '.session.*' -type d | - while {read -r x} { - # NOTE: same rationale as above - p=${$(basename $x)#.session.} - if {[[ -v _sev_tmp_clean || $$ == $p ]] || - ! kill -0 $p 2>/dev/null} { - rm -rf $x - } - } - } - - unset x p y -} - -### lang -export CHARSET=${CHARSET:-UTF-8} -export LANG=${LANG:-en_US.UTF-8} +# in order to ensure future interactive environments are set up as early as +# possible, we source this file from .zshenv for non-login shells, under some +# specific conditions outlined there. +# +# this file respects non-interactive sessions and will not intentionally emit +# output. -### path -# NOTE: we utilize the fact that unique arrays keep the first occurrence and -# remove any further occurences to capture elements from the old PATH -# that we did not anticipate and shift them to the front, since they are -# probably important to the system +### fix path after system profile scripts have possibly mangled it if [[ ! -v _sev_setup_path || -o login ]] { - typeset -U path fpath - # add as many generic paths as possible to keep the order we want - # NOTE: /usr/{local,pkg,games} are unix/bsdisms - # XXX: PREFIX not validated, non-posix but Termux uses it, maybe others - # XXX: XDG specifies ~/.local/bin as the only user-writable dir for - # executables, but we specify more; technically this is against spec - syspath=("$path[@]") - path=(~/{.local/,}{s,}bin - {~/.local,{$PREFIX,}{,/opt,/usr{,/local,pkg}}}/sbin - {~/.local,{$PREFIX,}{,/opt,/usr{,/local,pkg}}}/bin - /usr/{X11R{7,6}/bin,games}) - ((len=$#path)) - path=("$path[@]" "$syspath[@]") - # remove nonexistent and duplicate paths - for (( i = 1; i <= $#path; i++ )) { - if [[ ! -e $path[$i] ]] { - path[$i]=() - ((i <= len)) && ((len--)) - ((i--)) - continue - } - } - # shift valid system paths to the front if there are any left - ((len > 0 && len < $#path)) && path=("${(@)path[len + 1, -1]}" "${(@)path[1, len]}") - unset syspath len i - # include our zsh dir in fpath. unlike above, we always prefer our paths - fpath=(${ZDOTDIR:-~/.zsh}/functions/{*,Completions/*}(N) "$fpath[@]") - # FPATH is not exported by default - export FPATH - typeset +U path fpath + _sev_setpath export _sev_setup_path= } -### xdg local dir -# NOTE: need this for tmp, so confirm it exists. -# XXX: perms are not specified for XDG dirs except runtime, but I think 760 -# makes the most sense. shouldn't break anything since no one else should -# be poking around in our dir. -[[ -e ${_sev_home:-~}/.local ]] || mkdir -m760 ${_sev_home:-~}/.local - -### tmp -# NOTE: specs say that POSIX tmp and XDG runtime directories should exist -# until the last session is logged out (POSIX can exist for longer). -# since we can't reliably keep track of sessions in a cross-platform -# manner, the current implementation should use a separate directory per -# toplevel session (i.e. SHLVL=1). this should placate most applications, -# though it is not expressly spec compliant. -if [[ ! -v _sev_tmp ]] { - _sev_tmp=${_sev_home:-~}/.local/tmp - # NOTE: race condition/remove in use files - [[ -h $_sev_tmp ]] && unlink $_sev_tmp 2>/dev/null - t=${TMPDIR:-${TEMP:-${TMP:-/tmp}}}/.home-$LOGNAME - # create personal tmp dir under system tmp - [[ -e $t ]] || mkdir -m700 $t 2>/dev/null - if [[ ! -d $t ]] { - [[ -o interactive ]] && - print -P "%F{orange}*** Can't create TMPDIR $t, using $_sev_tmp%f" - # fallback bare directory - [[ -e $_sev_tmp ]] || mkdir -m700 $_sev_tmp 2>/dev/null - if [[ ! -d $_sev_tmp ]] { - [[ -o interactive ]] && - print -P "%F{red}!!! No usable TMPDIR%f" - unset _sev_tmp - } else { - t=$_sev_tmp - } - } elif [[ -e $_sev_tmp ]] { - [[ -o interactive ]] && - print -P "%F{orange}*** $_sev_tmp occluded, can't link to TMPDIR $t%f" - _sev_tmp=$t - } else { - ln -s $t $_sev_tmp 2>/dev/null - } - if [[ -v _sev_tmp ]] { - # ensure dir is clean - _sev_zcleanup tmp - # finally create our subdir for this session - t=$_sev_tmp/.session.$$ - if ! mkdir -m700 $t 2>/dev/null; then - [[ -o interactive ]] && - print -P "%F{red}!!! Can't create session subdir $t, using $_sev_tmp%f" - t=$_sev_tmp - fi - export _sev_tmp TMPDIR=$t TEMP=$t TMP=$t - unset t - } -} - -### xdg -if [[ ! -v _sev_setup_xdg ]] { - ## merge with any existing dirs and remove duplicates using unique arrays - # NOTE: we are accepting whatever value might be set for CONFIG and DATA; - # if it wasn't set, we just use default and leave it unset - # NOTE: include and then remove CONFIG_HOME and DATA_HOME to ensure they - # are not present in the array if it was added before we got to it - typeset -UT XDG_DATA_DIRS xdg_data_dirs - if [[ -v XDG_DATA_HOME ]] { - export XDG_DATA_HOME - } elif [[ ! -e ~/.local/share ]] { - mkdir -m760 ~/.local/share - } - xdg_data_dirs=($XDG_DATA_HOME /{opt,usr/local,usr/pkg,usr}/share - "${XDG_DATA_DIRS:+${xdg_data_dirs[@]}}") - # XXX: if colons are not escaped, could remove unintended part of string - export XDG_DATA_DIRS=${XDG_DATA_DIRS#$XDG_DATA_HOME:} - - typeset -UT XDG_CONFIG_DIRS xdg_config_dirs - if [[ -v XDG_CONFIG_HOME ]] { - export XDG_CONFIG_HOME - } elif [[ ! -e ~/.config ]] { - mkdir -m760 ~/.config - } - # I am of the belief .local should follow FHS /usr/local... - [[ -e ~/.local/etc ]] || ln -s ~/.config ~/.local/etc - xdg_config_dirs=($XDG_CONFIG_HOME ${XDG_CONFIG_DIRS:+"$xdg_config_dirs[@]"} - {/opt,/usr/local,/usr/pkg,}/etc/xdg) - # XXX: if colons are not escaped, could remove unintended part of string - export XDG_CONFIG_DIRS=${XDG_CONFIG_DIRS#$XDG_CONFIG_HOME:} - - if [[ -v XDG_STATE_HOME ]] { - export XDG_STATE_HOME - } elif [[ ! -e ~/.local/state ]] { - mkdir -m760 ~/.local/state - } - - if [[ ! -v XDG_CACHE_HOME ]] { - if [[ -v _sev_tmp ]] { - export XDG_CACHE_HOME=$_sev_tmp/.xdg.cache - [[ -e $XDG_CACHE_HOME ]] || mkdir -m700 $XDG_CACHE_HOME - } elif [[ ! -e ~/.cache ]] { - mkdir -m700 ~/.cache - } - } - - if [[ -v XDG_RUNTIME_DIR ]] { - export XDG_RUNTIME_DIR - } else { - # make runtime dir in our session-specific tmpdir - export XDG_RUNTIME_DIR=$TMPDIR/.xdg.runtime - # same as in tmpdir creation, ensure dir doesn't exist - if [[ -h $XDG_RUNTIME_DIR ]] { - unlink $XDG_RUNTIME_DIR 2>/dev/null - } elif [[ -e $XDG_RUNTIME_DIR ]] { - rm -rf $XDG_RUNTIME_DIR 2>/dev/null - } - mkdir -m700 $XDG_RUNTIME_DIR 2>/dev/null - } - - # source user dirs after other vars - [[ -e $XDG_CONFIG_HOME/user-dirs.dirs ]] && - emulate sh -c "source $XDG_CONFIG_HOME/user-dirs.dirs" - export _sev_setup_xdg= -} - ### dbus if [[ ! -v DBUS_SESSION_BUS_ADDRESS && -v commands[dbus-launch] ]] { eval $(dbus-launch) export DBUS_SESSION_BUS_ADDRESS DBUS_SESSION_BUS_PID } -### gpg home -if [[ ! -v GNUPGHOME ]] { - export GNUPGHOME=${XDG_CONFIG_HOME:-~/.config}/gnupg - if [[ -d ~/.gnupg ]] { - mv ~/.gnupg ${XDG_CONFIG_HOME:-~/.config}/gnupg - } -} - ### gpg agent + forwarding -# NOTE: while ssh manages its auth sock in its protocol when ForwardSsh is -# enabled, GPG must be forwarded manually over Unix socket. to support -# this, we forward the restricted gpg-agent extra socket to the remote -# host with a RemoteForward rule in ~/.ssh/config that uses the -# _GNUPG_SOCK_* env vars. to avoid conflicts with other ssh sessions -# where the same user is connecting to the same host from different -# machines, gpg in each environment should utilize its own forwarded -# socket, rather than replace the sockets in GNUPGHOME which will be -# overridden on the next connection. previously, you could provide a path -# to the agent socket in GPG_AGENT_INFO, but that was deprecated in GPG -# v2.1. instead, we must clone GNUPGHOME with links and replace the agent -# sockets there with the forwarded one. +# NOTE: while ssh manages its auth sock in-protocol when ForwardSsh is enabled, +# GPG must be forwarded manually over Unix socket. to support this, we +# forward the restricted gpg-agent extra socket to the remote host with a +# RemoteForward rule in ~/.ssh/config that uses the _GNUPG_SOCK_* vars. +# +# to avoid conflicts with other ssh sessions where the same user is +# connecting to the same host from different machines, gpg should utilize +# its own forwarded socket for each session. previously, you could +# provide a path to the agent socket in GPG_AGENT_INFO, but that was +# deprecated in GPG v2.1; instead, we must replace the socket in gpg's +# socket dir. +# +# gnupg commits fb88f37–aab8a0b moved sockets from GNUPGHOME by default +# to directories under /run. aab8a0b in particular solidifies the +# functionality shift to utilize systemd-logind's user runtime +# directories. if the dir isn't found, gpg will fall back to the homedir. +# since previous functionality allowed multiple homedirs with multiple +# sockets, a provision was added where changing GNUPGHOME will also +# change the socket dir to a hashed dir under the usual runtime dir. +# +# utilizing this information, we can conclude: +# - on systems with user runtime dirs, changing GNUPGHOME will also +# give us a unique socket dir under the user runtime dir; +# - on other systems, the socket dir follows GNUPGHOME. +# therefore, the safest way to ensure unique sockets while not having to +# write specific logic for both scenarios is to simply change GNUPGHOME. +# the easiest way to do this is to create a new dir and link the contents +# of GNUPGHOME to the new home. we can then replace the agent sockets +# there with the forwarded one. +# # NOTE: since Unix sockets are not supported under Windows, this will not work # under msys, cygwin, mingw, etc., but may work under wsl2. +# # HACK: without SendEnv, which is disabled by default in most sshd configs, -# there is no foolproof way to prevent race conditions via filename -# collisions or to pass the desired forward path to the remote host -# environment. we just have to guess the path we choose is good on the -# desination, and assume the newest matching socket is the correct one -# after connecting. in theory, we could occlude the ssh binary on PATH -# with an alias or script that would allow us to communicate with the -# remote host before opening a shell, so that we can have the host +# there is no foolproof way to prevent race conditions via socket +# filename collisions or to pass the desired forward path to the remote +# host environment. we just have to guess the path we choose is good on +# the desination, and assume the newest matching socket is the correct +# one after connecting. in theory, we could occlude the ssh binary on +# PATH with an alias or script that would allow us to communicate with +# the remote host before opening a shell, so that we can have the host # communicate back to the client where it wants a socket created or ask # the host if the path the client wants to use is writable. however, this # would open up too many edge cases where it wouldn't work or be too @@ -272,11 +73,11 @@ function _gpg_socketpath { echo ${1//(#b)%([[:xdigit:]](#c2))/${(#):-0x$match[1]}} } if [[ ! -v _sev_setup_gpg_forward && -v commands[gpg] ]] { - # XXX: assuming /tmo exists and is writable on destination + # XXX: assuming /tmp exists and is writable on destination export _GNUPG_SOCK_DEST_BASE=/tmp/.gpg-agent-forward export _GNUPG_SOCK_DEST_EXT=$(date +%s).$RANDOM export _GNUPG_SOCK_DEST=$_GNUPG_SOCK_DEST_BASE.$_GNUPG_SOCK_DEST_EXT - export _sev_gpg_forward_dir=${GNUPGHOME:-~/.gnupg}/.ssh_forward + export _sev_gpg_forward_dir=$XDG_RUNTIME_DIR/gnupg/.ssh_forward _sev_zcleanup gpg-forward # find our forwarded socket @@ -286,8 +87,7 @@ if [[ ! -v _sev_setup_gpg_forward && -v commands[gpg] ]] { export _sev_setup_gpg_forward= h=$_sev_gpg_forward_dir/$$ mkdir -pm700 $h - # XXX: is it safe to link scdaemon socket? can its name be changed? - for x (S.scdaemon gpg.conf gpg-agent.conf sshcontrol random_seed + for x (gpg{,-agent}.conf sshcontrol random_seed pubring.kbx{,~} trustdb.gpg private-keys-v1.d crls.d) { ln -s ${GNUPGHOME:-~/.gnupg}/$x $h } @@ -295,17 +95,17 @@ if [[ ! -v _sev_setup_gpg_forward && -v commands[gpg] ]] { unset h for x in $(gpgconf --list-dirs | grep 'agent-.*-\?socket:'); do x=$(_gpg_socketpath ${x/#agent-*socket:}) - if [[ ! -v orig ]] { + if [[ ! -v primary ]] { # move forwarded socket to first valid agent socket path # XXX: if tmp is on different filesystem this may not work mv $s $x - orig=$x + primary=$x } else { # make links to forwarded socket for any others - ln -s $orig $x + ln -s $primary $x } done - unset x orig + unset x primary } unset s @@ -347,7 +147,7 @@ if [[ -v commands[gpg-connect-agent] && # XXX: don't know if gpg-agent supports comments after directives # XXX: path could have # # XXX: we are assuming this is our pinentry from .local/bin - sed -Ei 's#^([[:space:]]*pinentry-program[[:space:]]).*$#\1'${commands[pinentry]:-/dev/null}'#' \ + sed -Ei 's#^([[:space:]]*pinentry-program[[:space:]]).*$#\1'$HOME'/.local/bin/pinentry#' \ ${GNUPGHOME:-~/.gnupg}/gpg-agent.conf 2>/dev/null # XXX: could check for changes before doing this to save perf gpg-connect-agent RELOADAGENT UPDATESTARTUPTTY /bye >/dev/null 2>&1 @@ -422,12 +222,5 @@ if [[ ! -v _sev_setup_ssh ]] { } unfunction _gpg_socketpath -### perl local lib -[[ -v commands[perl] && -d $XDG_DATA_HOME/perl5/lib/perl5 && - ! -v PERL_LOCAL_LIB_ROOT ]] && - eval $(perl -I$XDG_DATA_HOME/perl5/lib/perl5 \ - -Mlocal::lib=$XDG_DATA_HOME/perl5 2>/dev/null) - - ### load site-specific -if [[ -f ${ZDOTDIR:-~}/.zprofile.local ]] { source ${ZDOTDIR:-~}/.zprofile.local } +load-site-dotfile zprofile