"1Password can't save or fill in sudolikeaboss."

[fivesixzero]

After doing a round of updating on my dev system recently I'm seeing this when trying to invoke sudolikeaboss:

I've done cleanup around slab by removing, reinstalling 0.21 from brew, and also dropping in the binary from sudolikeaboss_0.3.0-beta1_darwin_amd64.zip in issue #29.

No dice. Same behavior every time I trigger slab via hotkey.

OS version: 10.12.6 Chrome version: 59.0.3071.115 iTerm2 version: 3.1.beta.5 1Password version: 6.8 (680015) from AgileBits store 1Password Chrome extension version: 4.6.7.90

The environment's pretty clean and I've got sudo to change things if needed. The only real contender for active interference would be the presence of Sophos Central Endpoint (v9.6.3, engine 3.68.0, threat data 5.41) antivirus but its logs are clean of any indications of interference. Normally the real-time monitoring gets quite verbose when it decides to get all up in my grill.

[fivesixzero]

Ahh, did another remove/reinstall cycle and this time sudolikeboss register did what it should do. Everything's working again. :)

~~It looks like https://github.com/ravenac95/sudolikeaboss/issues/29#issuecomment-278988719 from @squarecandy has like the most concise rundown on how to get it done quickly.~~

~~Hope this helps anyone else who runs into this in the future.~~ edit: Still a problem. See below. :(

I wish I had more time to dive into the items brought up in #41 and elsewhere. But like Ravenac95, I've been busy. life is hard. 🤷‍♂️

Speaking of @ravenac95 - thanks immensely for this little utility. Its at the core of most of my workflows, fun and otherwise, and its saved me innumerable hassles over the last few years.

[fivesixzero]

FYI: The problem popped back up again but I don't think it was slab's fault. Looks like something with Chrome's native messaging and a directory lacking parents. Or something.

https://support.1password.com/kb/201707/

[lrosenstein]

My experience has been that the dialog pops up if 1P is locked at the time sudolikeaboss is run.

[cmbuckley]

@ravenac95 I would suggest that this issue be reopened, or I can create a similar one if preferred. The issue is still present in 0.2.1 and 0.3.0-beta1, but only when 1Password is locked. Prior to 1Password 6.8, the 1Password Mini unlock screen was correctly presented in this case.

[fivesixzero]

Reopening since this does look like a regression of sorts, per @cmbuckley's comments.

I've been able to replicate identical behavior.

Expected:

When 1Password is locked and slab is invoked, the 1Password Mini unlock screen appears and allows unlocking.

Current Behavior:

When 1Password is locked and slab is invoked, the error message mentioned in the original report appears. This can be worked around by opening 1Password and unlocking it directly.

[DanFreed]

I can confirm this behavior as well. slab works fine as long as the main 1Password app is unlocked. Once the lock times out, slab shows the error instead of 1Password mini unlock screen.

I've already run the registration process.

I think this started with 1Password 6.8.

$ sudolikeaboss -v sudolikeaboss version 0.3.0-beta1

[Ralnoc]

This is definitely tied to 1Password 6.8 and relates to the work they are doing for the new messaging system. They have an eventual plan to remove websocket support, at which point this will stop working.

In my spare time I've started looking at the code to migrate it over to the chrome messaging system as was suggested in issue #29 . However I have extremely limited time between family and work so I have no idea when anything will come of it. The best case scenario is that @ravenac95 will be able to get into working on migrating this over.

[meastes]

Looks like an update was released today to the 1Password app (6.8.1) that completely breaks slab. The checkbox for code signing has been completely removed.

[Lingnik]

:point_up: Ditto. Instructions here https://github.com/ravenac95/sudolikeaboss/issues/29#issuecomment-278988719 also do not resolve this on 6.8.1 with iTerm 3.0.15 and sudolikeaboss 0.3.0-beta1.

[guiagaing]

Got the same issues . I am so dependent on sudolikeaboss now for my day2day. Is there any solution around ?

[thorhs]

Same here, thankfully I haven't updated to 6.8.1 yet, but when that happens my life will become harder.

Is there anything I can do to help implement this? I have intermediate experience with Go, if that helps.

[m4rkw]

NOPASSWD: ALL is probably the sensible workaround for now, since if someone has access to your local account getting root is never going to be difficult.

[eugene-chow]

If you unwittingly upgraded to 6.8.1 (like me), downgrading to 6.8 can be done by installing the pkg at this link. The download path is intuitive. Just get the download URL from the official page and change the pkg version to the one you desire.

[GitHubGreg]

Thanks for the link, good temporary solution.

[ChristinWhite]

So is this actually fixable or are we out of luck now?

[nigelm]

It is fixable, but it needs someone with the appropriate skillsets (golang, reasonable familiarity with protocol implementation, some crypto) and more importantly some available time to do the work.

What needs doing is a re-implementation of the communications channel back to 1Password, which has previously used Websockets (which 1Password has deprecated as of 6.8.1) to use Chrome Native Messaging.

The guys at 1Password - the contact appears to be @rudyrichter - have some documentation available for this - see comments within issue #29 .

It looks like @brycekahle has some work in place at https://github.com/brycekahle/sudolikeaboss but I do not think he has (started) integrating the Native Messaging support, so that code works with 1Password 6.8.0 as its latest release, and will fail with 6.8.1 onwards.

As ever the problem is that these things are done in people's spare time - and for example I am going to be very short of available time until the new year (and I am an absolutely newbie at golang).

[brycekahle]

It looks like @brycekahle has some work in place at brycekahle/sudolikeaboss but I do not think he has (started) integrating the Native Messaging support, so that code works with 1Password 6.8.0 as its latest release, and will fail with 6.8.1 onwards.

Correct. I'm awaiting contact from AgileBits on how to add Native Messaging support. They indicated that code signing may be necessary among other things.

[meastes]

Looks like the CLI they announced yesterday is another possible option for integrating with 1Password. This would allow us to bypass the need to codesign.

https://support.1password.com/command-line-getting-started/

[rudyrichter]

@meastes,

something to be aware of is that the CLI only works with 1Password.com accounts.

[ChristinWhite]

I briefly chatted with one of the AgileBits devs on FB and while it wasn't official, it sounds likely that code signing will continue to be required. He did recommend the CLI though for hosted accounts and said that they use it for some of their own tools.

[csawyerYumaed]

@rudyrichter can you connect @brycekahle with the documents he needs on how to add Native Messaging support? Bonus, just make them publicly available here!

[DanFreed]

I know that it isn't a fix for sudolikeaboss, but while we await that fix I posted a script that uses GPG and the pass utility to provide a similar experience as sudoliekaboss and 1Password.

Its not perfect, but it seems to work well enough for the moment. You can get it here: https://github.com/DanFreed/passprompt.

[brycekahle]

FYI I fixed this issue when you are using 1Password 6.8 (not 6.8.1 😭 ). The fix is available in my fork version 0.3.1.

[SanderAtom]

Any ETA on a fix for this? It's 6.8.2 by now, should I downgrade to 6.8 ?

[bwoodruff]

Ben from AgileBits here. We've posted a response for this request on our discussion forums:

https://discussions.agilebits.com/discussion/comment/394873/#Comment_394873

[fivesixzero]

@bwoodruff Thanks for sharing. I'm looking forward to seeing what you guys can come up with to help with non-traditional utilities like this. There are a lot of us that live in terminals and, for quite some time at least, 1Password worked great to store secrets with slab helping us get them out of 1PW with a quick hotkey in our terminal env.

That's the real problem I hope can be solved. I'm not tied to slab as the solution. But we all just want to slam a hotkey, auth with 1PW (if needed), then paste an item from 1PW that's tagged for that hotkey (or quickly type in a search in a popup for the one we really need).

[bwoodruff]

You're welcome. I totally get it. Our ops folks tend to live in terminals as well, so we definitely understand the utility that slab brings. We appreciate the efforts of 3rd party developers such as @brycekahle to offer additional functionality on top of the 1Password platform.

[Ralnoc]

@bwoodruff - If we wanted to work on a solution in another programming language (unfortunately I am not proficient in Go) where would we go to read up on the API to communicate with the local 1Password application using the chrome native messaging process? And the requirements it has for implementation? (Like the fact that the communication has to be signed)

As much as I would love to work towards a solution with slab, I also would like a solution that works sooner, rather than later.

[csawyerYumaed]

@Ralnoc It's a no go, because 1Password > 6.8 requires anything that talks to it to be signed (currently) and 1Password has just declared(see the forum https://discussions.agilebits.com/discussion/comment/394873/#Comment_394873 ) they refuse to sign anything 3rd-party, including slab. So they won't sign your stuff either.

[bwoodruff]

Right. This isn’t a slab problem. It isn’t as if slab is doing something wrong, and another developer could do it right. We just aren’t going to allow native messaging communications from additional apps. We are looking to build a solution that would allow utilities like slab to interface with 1Password, but it isn’t going to be an immediately available offering. The best I can offer for the immediate future would be to downgrade to 1Password 6.8.0.