Merge remote-tracking branch 'origin/staging/jeschli'

jeschli/1systems/brauerei/config.nix

@@ -6,6 +6,8 @@
     ./hardware-configuration.nix
     <stockholm/jeschli/2configs/urxvt.nix>
     <stockholm/jeschli/2configs/emacs.nix>
+    <stockholm/jeschli/2configs/xdg.nix>
+    <stockholm/jeschli/2configs/xserver>
   ];
 
   krebs.build.host = config.krebs.hosts.brauerei;
@@ -57,7 +59,6 @@
     terminator
     tmux
     wget
-  #  rxvt_unicode
   # editors
     emacs
   # internet
@@ -65,6 +66,7 @@
     chromium
     google-chrome
   # programming languages
+    exercism
     go
     gcc
     ghc
@@ -73,6 +75,9 @@
   # go tools
     golint
     gotools
+  # rust
+    cargo
+    rustc
   # dev tools
     gnumake
     jetbrains.pycharm-professional
@@ -105,8 +110,8 @@
   # services.printing.enable = true;
 
   # Enable the X11 windowing system.
-  services.xserver.enable = true;
-  services.xserver.layout = "us";
+  # services.xserver.enable = true;
+  # services.xserver.layout = "us";
   # services.xserver.xkbOptions = "eurosign:e";
 
   # Enable touchpad support.
@@ -115,18 +120,18 @@
   # Enable the KDE Desktop Environment.
   # services.xserver.displayManager.sddm.enable = true;
   # services.xserver.desktopManager.plasma5.enable = true;
-  services.xserver.displayManager.sddm.enable = true;
-  services.xserver.windowManager.xmonad.enable = true;
-  services.xserver.windowManager.xmonad.enableContribAndExtras = true;
-#
+  #  services.xserver.displayManager.sddm.enable = true;
+  #  services.xserver.windowManager.xmonad.enable = true;
+  #  services.xserver.windowManager.xmonad.enableContribAndExtras = true;
+  #
   # Define a user account. Don't forget to set a password with ‘passwd’.
-  users.extraUsers.jeschli = {
+  users.extraUsers.jeschli = { # TODO: define as krebs.users
     isNormalUser = true;
     uid = 1000;
   };
   users.extraUsers.jamie = {
     isNormalUser = true;
-    uid = 1001;
+    uid = 1001; # TODO genid
   };
 
   users.users.root.openssh.authorizedKeys.keys = [
@@ -139,4 +144,11 @@
   # should.
   system.stateVersion = "17.09"; # Did you read the comment?
 
+  hardware.trackpoint = {
+    enable = true;
+    sensitivity = 220;
+    speed = 0;
+    emulateWheel = true;
+  };
+
 }

jeschli/2configs/emacs.nix

@@ -53,9 +53,9 @@ let
   '';
   dotEmacs = pkgs.writeText "dot-emacs" ''
     ${packageRepos}
-    ${windowCosmetics}
     ${orgMode}
     ${recentFiles}
+    ${windowCosmetics}
   '';
   emacsWithCustomPackages = (pkgs.emacsPackagesNgGen pkgs.emacs).emacsWithPackages (epkgs: [
     epkgs.melpaStablePackages.magit

jeschli/2configs/xdg.nix

@@ -0,0 +1,14 @@
+{ config, lib, pkgs, ... }:
+
+with import <stockholm/lib>;
+
+{
+  environment.variables.XDG_RUNTIME_DIR = "/run/xdg/$LOGNAME";
+
+  systemd.tmpfiles.rules = let
+    forUsers = flip map users;
+    isUser = { name, group, ... }:
+      name == "root" || hasSuffix "users" group;
+    users = filter isUser (mapAttrsToList (_: id) config.users.users);
+  in forUsers (u: "d /run/xdg/${u.name} 0700 ${u.name} ${u.group} -");
+}

jeschli/2configs/xserver/Xmodmap.nix

@@ -0,0 +1,27 @@
+{ config, pkgs, ... }:
+
+with import <stockholm/lib>;
+
+pkgs.writeText "Xmodmap" ''
+  !keycode 66 = Caps_Lock
+  !remove Lock = Caps_Lock
+  clear Lock
+
+  ! caps lock
+  keycode  66 = Mode_switch
+
+  keycode  13 = 4 dollar EuroSign cent
+  keycode  30 = u U udiaeresis Udiaeresis
+  keycode  32 = o O odiaeresis Odiaeresis
+  keycode  38 = a A adiaeresis Adiaeresis
+  keycode  39 = s S ssharp
+
+  keycode  33 = p P Greek_pi Greek_PI
+  keycode  46 = l L Greek_lambda Greek_LAMBDA
+
+  keycode  54 = c C cacute Cacute
+
+  !                       BULLET OPERATOR
+  keycode 17 = 8 asterisk U2219
+  keycode 27 = r R r U211D
+''

jeschli/2configs/xserver/Xresources.nix

@@ -0,0 +1,52 @@
+{ config, lib, pkgs, ... }:
+
+with import <stockholm/lib>;
+
+pkgs.writeText "Xresources" /* xdefaults */ ''
+  URxvt*cutchars: "\\`\"'&()*,;<=>?@[]^{|}‘’"
+  URxvt*eightBitInput: false
+  URxvt*font: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1
+  URxvt*boldFont: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1
+  URxvt*scrollBar: false
+  URxvt*background: #050505
+  URxvt*foreground: #d0d7d0
+  URxvt*cursorColor: #f042b0
+  URxvt*cursorColor2: #f0b000
+  URxvt*cursorBlink: off
+  URxvt*jumpScroll: true
+  URxvt*allowSendEvents: false
+  URxvt*charClass: 33:48,37:48,45-47:48,64:48,38:48,61:48,63:48
+  URxvt*cutNewline: False
+  URxvt*cutToBeginningOfLine: False
+
+  URxvt*color0: #232342
+  URxvt*color3: #c07000
+  URxvt*color4: #4040c0
+  URxvt*color7: #c0c0c0
+  URxvt*color8: #707070
+  URxvt*color9: #ff6060
+  URxvt*color10: #70ff70
+  URxvt*color11: #ffff70
+  URxvt*color12: #7070ff
+  URxvt*color13: #ff50ff
+  URxvt*color14: #70ffff
+  URxvt*color15: #ffffff
+
+  URxvt*iso14755: False
+
+  URxvt*urgentOnBell: True
+  URxvt*visualBell: True
+
+  ! ref https://github.com/muennich/urxvt-perls
+  URxvt*perl-ext: default,url-select
+  URxvt*keysym.M-u: perl:url-select:select_next
+  URxvt*url-select.underline: true
+  URxvt*colorUL: #4682B4
+  URxvt.perl-lib: ${pkgs.urxvt_perls}/lib/urxvt/perl
+  URxvt*saveLines: 10000
+
+  root-urxvt*background: #230000
+  root-urxvt*foreground: #e0c0c0
+  root-urxvt*BorderColor: #400000
+  root-urxvt*color0: #800000
+''

jeschli/2configs/xserver/default.nix

@@ -0,0 +1,141 @@
+{ config, pkgs, ... }@args:
+with import <stockholm/lib>;
+let
+  cfg = {
+    cacheDir = cfg.dataDir;
+    configDir = "/var/empty";
+    dataDir = "/run/xdg/${cfg.user.name}/xmonad";
+    user = config.krebs.users.jeschli;
+  };
+in {
+
+  environment.systemPackages = [
+    pkgs.font-size
+    pkgs.gitAndTools.qgit
+    pkgs.mpv
+    pkgs.sxiv
+    pkgs.xdotool
+    pkgs.xsel
+    pkgs.zathura
+  ];
+
+  fonts.fonts = [
+    pkgs.xlibs.fontschumachermisc
+  ];
+
+  # TODO dedicated group, i.e. with a single user [per-user-setuid]
+  # TODO krebs.setuid.slock.path vs /run/wrappers/bin
+  krebs.setuid.slock = {
+    filename = "${pkgs.slock}/bin/slock";
+    group = "wheel";
+    envp = {
+      DISPLAY = ":${toString config.services.xserver.display}";
+      USER = cfg.user.name;
+    };
+  };
+
+  services.xserver = {
+  
+    # Don't install feh into systemPackages
+    # refs <nixpkgs/nixos/modules/services/x11/desktop-managers>
+    desktopManager.session = mkForce [];
+  
+    enable = true;
+    display = 11;
+    tty = 11;
+  
+    synaptics = {
+      enable = true;
+      twoFingerScroll = true;
+      accelFactor = "0.035";
+    };
+  };
+
+  systemd.services.display-manager.enable = false;
+
+  systemd.services.xmonad = {
+    wantedBy = [ "multi-user.target" ];
+    requires = [ "xserver.service" ];
+    environment = {
+      DISPLAY = ":${toString config.services.xserver.display}";
+
+      XMONAD_CACHE_DIR = cfg.cacheDir;
+      XMONAD_CONFIG_DIR = cfg.configDir;
+      XMONAD_DATA_DIR = cfg.dataDir;
+
+      XMONAD_STARTUP_HOOK = pkgs.writeDash "xmonad-startup-hook" ''
+        ${pkgs.xorg.xhost}/bin/xhost +LOCAL: &
+        ${pkgs.xorg.xmodmap}/bin/xmodmap ${import ./Xmodmap.nix args} &
+        ${pkgs.xorg.xrdb}/bin/xrdb ${import ./Xresources.nix args} &
+        ${pkgs.xorg.xsetroot}/bin/xsetroot -solid '#1c1c1c' &
+        wait
+      '';
+
+      # XXX JSON is close enough :)
+      XMONAD_WORKSPACES0_FILE = pkgs.writeText "xmonad.workspaces0" (toJSON [
+        "dashboard" # we start here
+        "stockholm"
+        "pycharm"
+        "chromium"
+        "iRC"
+        "git"
+        "hipbird"
+      ]);
+    };
+    serviceConfig = {
+      SyslogIdentifier = "xmonad";
+      ExecStartPre = "${pkgs.coreutils}/bin/mkdir -p ${toString [
+        "\${XMONAD_CACHE_DIR}"
+        "\${XMONAD_CONFIG_DIR}"
+        "\${XMONAD_DATA_DIR}"
+      ]}";
+      ExecStart = "${pkgs.xmonad-jeschli}/bin/xmonad";
+      ExecStop = "${pkgs.xmonad-jeschli}/bin/xmonad --shutdown";
+      User = cfg.user.name;
+      WorkingDirectory = cfg.user.home;
+    };
+  };
+
+  systemd.services.xserver = {
+    after = [
+      "systemd-udev-settle.service"
+      "local-fs.target"
+      "acpid.service"
+    ];
+    reloadIfChanged = true;
+    environment = {
+      XKB_BINDIR = "${pkgs.xorg.xkbcomp}/bin"; # Needed for the Xkb extension.
+      XORG_DRI_DRIVER_PATH = "/run/opengl-driver/lib/dri"; # !!! Depends on the driver selected at runtime.
+      LD_LIBRARY_PATH = concatStringsSep ":" (
+        [ "${pkgs.xorg.libX11}/lib" "${pkgs.xorg.libXext}/lib" ]
+        ++ concatLists (catAttrs "libPath" config.services.xserver.drivers));
+    };
+    serviceConfig = {
+      SyslogIdentifier = "xserver";
+      ExecReload = "${pkgs.coreutils}/bin/echo NOP";
+      ExecStart = toString [
+        "${pkgs.xorg.xorgserver}/bin/X"
+        ":${toString config.services.xserver.display}"
+        "vt${toString config.services.xserver.tty}"
+        "-config ${import ./xserver.conf.nix args}"
+        "-logfile /dev/null -logverbose 0 -verbose 3"
+        "-nolisten tcp"
+        "-xkbdir ${pkgs.xkeyboard_config}/etc/X11/xkb"
+      ];
+    };
+  };
+
+  systemd.services.urxvtd = {
+    wantedBy = [ "multi-user.target" ];
+    reloadIfChanged = true;
+    serviceConfig = {
+      SyslogIdentifier = "urxvtd";
+      ExecReload = "${pkgs.coreutils}/bin/echo NOP";
+      ExecStart = "${pkgs.rxvt_unicode}/bin/urxvtd";
+      Restart = "always";
+      RestartSec = "2s";
+      StartLimitBurst = 0;
+      User = cfg.user.name;
+    };
+  };
+}

jeschli/2configs/xserver/xserver.conf.nix

@@ -0,0 +1,40 @@
+{ config, lib, pkgs, ... }:
+
+with import <stockholm/lib>;
+
+let
+  cfg = config.services.xserver;
+in
+
+pkgs.stdenv.mkDerivation {
+  name = "xserver.conf";
+
+  xfs = optionalString (cfg.useXFS != false)
+    ''FontPath "${toString cfg.useXFS}"'';
+
+  inherit (cfg) config;
+
+  buildCommand =
+    ''
+      echo 'Section "Files"' >> $out
+      echo $xfs >> $out
+
+      for i in ${toString config.fonts.fonts}; do
+        if test "''${i:0:''${#NIX_STORE}}" == "$NIX_STORE"; then
+          for j in $(find $i -name fonts.dir); do
+            echo "  FontPath \"$(dirname $j)\"" >> $out
+          done
+        fi
+      done
+
+      for i in $(find ${toString cfg.modules} -type d); do
+        if test $(echo $i/*.so* | wc -w) -ne 0; then
+          echo "  ModulePath \"$i\"" >> $out
+        fi
+      done
+
+      echo 'EndSection' >> $out
+
+      echo "$config" >> $out
+    '';
+}

jeschli/default.nix

@@ -1,9 +1,9 @@
-_:
+{ pkgs, ... }:
 {
   imports = [
     ../krebs
     ./2configs
-#    ./3modules
-#    ./5pkgs
   ];
+
+  nixpkgs.config.packageOverrides = import ./5pkgs pkgs;
 }

krebs/5pkgs/simple/pass-otp/default.nix

@@ -0,0 +1,30 @@
+{ stdenv, fetchFromGitHub, oathToolkit }:
+stdenv.mkDerivation rec {
+  name = "pass-otp-${version}";
+  version = "1.1.0";
+
+  src = fetchFromGitHub {
+    owner = "tadfisher";
+    repo = "pass-otp";
+    rev = "v${version}";
+    sha256 = "1cgj4zc8fq88n3h6c0vkv9i5al785mdprpgpbv5m22dz9p1wqvbb";
+  };
+
+  buildInputs = [ oathToolkit ];
+
+  patchPhase = ''
+    sed -i -e 's|OATH=\$(which oathtool)|OATH=${oathToolkit}/bin/oathtool|' otp.bash
+  '';
+
+  installPhase = ''
+    make PREFIX=$out install
+  '';
+
+  meta = with stdenv.lib; {
+    description = "A pass extension for managing one-time-password (OTP) tokens";
+    homepage = https://github.com/tadfisher/pass-otp;
+    license = licenses.gpl3;
+    maintainers = with maintainers; [ jwiegley tadfisher ];
+    platforms = platforms.unix;
+  };
+}

krebs/5pkgs/simple/pass/default.nix

@@ -0,0 +1,121 @@
+{ stdenv, lib, fetchurl, fetchFromGitHub
+, coreutils, gnused, getopt, git, tree, gnupg, which, procps, qrencode
+, makeWrapper
+
+, pass-otp
+
+, xclip ? null, xdotool ? null, dmenu ? null
+, x11Support ? !stdenv.isDarwin
+, tombPluginSupport ? false, tomb
+}:
+
+with lib;
+
+assert x11Support -> xclip != null
+                  && xdotool != null
+                  && dmenu != null;
+
+let
+  plugins = map (p: (fetchFromGitHub {
+    owner  = "roddhjav";
+    repo   = "pass-${p.name}";
+    inherit (p) rev sha256;
+  }))
+  ([
+    { name = "import";
+      rev = "491935bd275f29ceac2b876b3a288011d1ce31e7";
+      sha256 = "02mbh05ab8h7kc30hz718d1d1vkjz43b96c7p0xnd92610d2q66q"; }
+    { name = "update";
+      rev = "cf576c9036fd18efb9ed29e0e9f811207b556fde";
+      sha256 = "1hhbrg6a2walrvla6q4cd3pgrqbcrf9brzjkb748735shxfn52hd"; }
+    ] ++ stdenv.lib.optional tombPluginSupport {
+      name = "tomb";
+      rev = "3368134898a42c1b758fabac625ec240e125c6be";
+      sha256 = "0qqmxfg4w3r088qhlkhs44036mya82vjflsjjhw2hk8y0wd2i6ds"; }
+  );
+
+in stdenv.mkDerivation rec {
+  version = "1.7.1";
+  name    = "pass-${version}";
+
+  src = fetchurl {
+    url    = "http://git.zx2c4.com/password-store/snapshot/${name}.tar.xz";
+    sha256 = "0scqkpll2q8jhzcgcsh9kqz0gwdpvynivqjmmbzax2irjfaiklpn";
+  };
+
+  patches = [ ./set-correct-program-name-for-sleep.patch
+            ] ++ stdenv.lib.optional stdenv.isDarwin ./no-darwin-getopt.patch;
+
+  nativeBuildInputs = [ makeWrapper ];
+
+  installFlags = [ "PREFIX=$(out)" "WITH_ALLCOMP=yes" ];
+
+  postInstall = ''
+    # plugins
+    ${stdenv.lib.concatStringsSep "\n" (map (plugin: ''
+      pushd ${plugin}
+      PREFIX=$out make install
+      popd
+    '') plugins)}
+
+    ln -s \
+        ${pass-otp}/lib/password-store/extensions/otp.bash \
+        $out/lib/password-store/extensions/
+
+    ln -s \
+        ${pass-otp}/share/man/man1/pass-otp.1.gz \
+        $out/share/man/man1/
+
+    # Install Emacs Mode. NOTE: We can't install the necessary
+    # dependencies (s.el and f.el) here. The user has to do this
+    # himself.
+    mkdir -p "$out/share/emacs/site-lisp"
+    cp "contrib/emacs/password-store.el" "$out/share/emacs/site-lisp/"
+  '' + optionalString x11Support ''
+    cp "contrib/dmenu/passmenu" "$out/bin/"
+  '';
+
+  wrapperPath = with stdenv.lib; makeBinPath ([
+    coreutils
+    getopt
+    git
+    gnupg
+    gnused
+    tree
+    which
+    qrencode
+  ] ++ optional tombPluginSupport tomb
+    ++ optional stdenv.isLinux procps
+    ++ ifEnable x11Support [ dmenu xclip xdotool ]);
+
+  postFixup = ''
+    # Fix program name in --help
+    substituteInPlace $out/bin/pass \
+      --replace 'PROGRAM="''${0##*/}"' "PROGRAM=pass"
+
+    # Ensure all dependencies are in PATH
+    wrapProgram $out/bin/pass \
+      --prefix PATH : "${wrapperPath}"
+  '' + stdenv.lib.optionalString x11Support ''
+    # We just wrap passmenu with the same PATH as pass. It doesn't
+    # need all the tools in there but it doesn't hurt either.
+    wrapProgram $out/bin/passmenu \
+      --prefix PATH : "$out/bin:${wrapperPath}"
+  '';
+
+  meta = with stdenv.lib; {
+    description = "Stores, retrieves, generates, and synchronizes passwords securely";
+    homepage    = https://www.passwordstore.org/;
+    license     = licenses.gpl2Plus;
+    maintainers = with maintainers; [ lovek323 the-kenny fpletz ];
+    platforms   = platforms.unix;
+
+    longDescription = ''
+      pass is a very simple password store that keeps passwords inside gpg2
+      encrypted files inside a simple directory tree residing at
+      ~/.password-store. The pass utility provides a series of commands for
+      manipulating the password store, allowing the user to add, remove, edit,
+      synchronize, generate, and manipulate passwords.
+    '';
+  };
+}

krebs/5pkgs/simple/pass/no-darwin-getopt.patch

@@ -0,0 +1,9 @@
+diff -Naur password-store-1.6.5-orig/src/platform/darwin.sh password-store-1.6.5/src/platform/darwin.sh
+--- password-store-1.6.5-orig/src/platform/darwin.sh	2015-01-28 16:43:02.000000000 +0000
++++ password-store-1.6.5/src/platform/darwin.sh	2015-02-15 16:09:02.000000000 +0000
+@@ -31,5 +31,4 @@
+ 	mount -t hfs -o noatime -o nobrowse "$DARWIN_RAMDISK_DEV" "$SECURE_TMPDIR" || die "Error: could not mount filesystem on ramdisk."
+ }
+ 
+-GETOPT="$(brew --prefix gnu-getopt 2>/dev/null || { which port &>/dev/null && echo /opt/local; } || echo /usr/local)/bin/getopt"
+ SHRED="srm -f -z"

krebs/5pkgs/simple/pass/rofi-pass.nix

@@ -0,0 +1,57 @@
+{ stdenv, fetchFromGitHub, pass, rofi, coreutils, utillinux, xdotool, gnugrep
+, libnotify, pwgen, findutils, gawk, gnused, xclip, makeWrapper
+}:
+
+stdenv.mkDerivation rec {
+  name = "rofi-pass-${version}";
+  version = "1.5.3";
+
+  src = fetchFromGitHub {
+    owner = "carnager";
+    repo = "rofi-pass";
+    rev = version;
+    sha256 = "1fn1j2rf3abc5qb44zfc8z8ffw6rva4xfp7597hwr1g3szacazpq";
+  };
+
+  buildInputs = [ makeWrapper ];
+
+  dontBuild = true;
+
+  installPhase = ''
+    mkdir -p $out/bin
+    cp -a rofi-pass $out/bin/rofi-pass
+
+    mkdir -p $out/share/doc/rofi-pass/
+    cp -a config.example $out/share/doc/rofi-pass/config.example
+  '';
+
+  wrapperPath = with stdenv.lib; makeBinPath [
+    coreutils
+    findutils
+    gawk
+    gnugrep
+    gnused
+    libnotify
+    pass
+    pwgen
+    rofi
+    utillinux
+    xclip
+    xdotool
+  ];
+
+  fixupPhase = ''
+    patchShebangs $out/bin
+
+    wrapProgram $out/bin/rofi-pass \
+      --prefix PATH : "${wrapperPath}"
+  '';
+
+  meta = {
+    description = "A script to make rofi work with password-store";
+    homepage = https://github.com/carnager/rofi-pass;
+    maintainers = with stdenv.lib.maintainers; [ the-kenny garbas ];
+    license = stdenv.lib.licenses.gpl3;
+    platforms = with stdenv.lib.platforms; linux;
+  };
+}

krebs/5pkgs/simple/pass/set-correct-program-name-for-sleep.patch

@@ -0,0 +1,69 @@
+From 25b44e00ed5df8ffe2782d38ad5cd9f514379599 Mon Sep 17 00:00:00 2001
+From: "Andrew R. M" <andrewmiller237@gmail.com>
+Date: Sat, 8 Apr 2017 13:50:01 -0400
+Subject: [PATCH] Patch the clip() function to work even when using
+ single-binary coreutils
+
+---
+ src/password-store.sh  | 4 ++--
+ src/platform/cygwin.sh | 4 ++--
+ src/platform/darwin.sh | 4 ++--
+ 3 files changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/src/password-store.sh b/src/password-store.sh
+index 6a4172d..4dbd6b8 100755
+--- a/src/password-store.sh
++++ b/src/password-store.sh
+@@ -155,11 +155,11 @@ clip() {
+ 	# variable. Specifically, it cannot store nulls nor (non-trivally) store
+ 	# trailing new lines.
+ 	local sleep_argv0="password store sleep on display $DISPLAY"
+-	pkill -f "^$sleep_argv0" 2>/dev/null && sleep 0.5
++	pkill -P $(pgrep -f "^$sleep_argv0") 2>/dev/null && sleep 0.5
+ 	local before="$(xclip -o -selection "$X_SELECTION" 2>/dev/null | base64)"
+ 	echo -n "$1" | xclip -selection "$X_SELECTION" || die "Error: Could not copy data to the clipboard"
+ 	(
+-		( exec -a "$sleep_argv0" bash <<<"trap 'kill %1' TERM; sleep '$CLIP_TIME' & wait" )
++		( exec -a "$sleep_argv0" bash <(echo trap 'kill %1' TERM\; sleep "$CLIP_TIME & wait") )
+ 		local now="$(xclip -o -selection "$X_SELECTION" | base64)"
+ 		[[ $now != $(echo -n "$1" | base64) ]] && before="$now"
+ 
+diff --git a/src/platform/cygwin.sh b/src/platform/cygwin.sh
+index 6e5dd86..f3574c4 100644
+--- a/src/platform/cygwin.sh
++++ b/src/platform/cygwin.sh
+@@ -3,11 +3,11 @@
+ 
+ clip() {
+ 	local sleep_argv0="password store sleep on display $DISPLAY"
+-	pkill -f "^$sleep_argv0" 2>/dev/null && sleep 0.5
++	pkill -P $(pgrep -f "^$sleep_argv0") 2>/dev/null && sleep 0.5
+ 	local before="$(base64 < /dev/clipboard)"
+ 	echo -n "$1" > /dev/clipboard
+ 	(
+-		( exec -a "$sleep_argv0" sleep "$CLIP_TIME" )
++		( exec -a "$sleep_argv0" bash <(echo sleep "$CLIP_TIME") )
+ 		local now="$(base64 < /dev/clipboard)"
+ 		[[ $now != $(echo -n "$1" | base64) ]] && before="$now"
+ 		echo "$before" | base64 -d > /dev/clipboard
+diff --git a/src/platform/darwin.sh b/src/platform/darwin.sh
+index 86eb325..deb04c4 100644
+--- a/src/platform/darwin.sh
++++ b/src/platform/darwin.sh
+@@ -3,11 +3,11 @@
+ 
+ clip() {
+ 	local sleep_argv0="password store sleep for user $(id -u)"
+-	pkill -f "^$sleep_argv0" 2>/dev/null && sleep 0.5
++	pkill -P $(pgrep -f "^$sleep_argv0") 2>/dev/null && sleep 0.5
+ 	local before="$(pbpaste | openssl base64)"
+ 	echo -n "$1" | pbcopy
+ 	(
+-		( exec -a "$sleep_argv0" sleep "$CLIP_TIME" )
++		( exec -a "$sleep_argv0" bash <(echo sleep "$CLIP_TIME") )
+ 		local now="$(pbpaste | openssl base64)"
+ 		[[ $now != $(echo -n "$1" | openssl base64) ]] && before="$now"
+ 		echo "$before" | openssl base64 -d | pbcopy
+-- 
+2.12.2
+