[pkg-gnupg-maint] Bug#949761: gpgconf: make socketdir configurable to users
NIIBE Yutaka
gniibe at fsij.org
Tue Dec 21 06:17:16 GMT 2021
On Fri, 24 Jan 2020 17:21:43 +0100 Thorsten Glaser <tg at mirbsd.de> wrote:
> Package: gpgconf
> Version: 2.2.19-1
> Severity: important
>
> gpg2 and gpg-agent (used by gnupg (1.x) as well) now uses
> GPG_AGENT_INFO=/run/user/2339/gnupg/S.gpg-agent:0:1 but
> the directory /run/user/2339 is removed on logout by elogind
> even if processes are still running.
I happened to find a possible solution for this problem, if a user uses
systemd.
It seems that your use case is with elogind, so, this solution may not
work directly, but it would help seeking the way to solve.
In my system, I identified that:
The initial command creating /run/user/$UID/gnupg is this one (for
systemd users) by running gpgconf command:
/lib/systemd/user-environment-generators/90gpg-agent
And then, this script also invokes gpgconf command:
/etc/X11/Xsession.d/90gpg-agent
To introduce keeping old behavior of sockdir, I needed something
which runs before 90gpg-agent.
So, I created the file:
/etc/systemd/user-environment-generators/89-gpg-keep-old-behavior-of-sockdir-under-home
with the content of:
==========================
#!/bin/sh
D=/run/user/$(id -u)/
CONFIG_FILE=$HOME/.keep-old-behavior-of-gpg-sockdir
# Make a file to prevent use socketdir under /run by gnupg, but keep
# old behavior using $HOME/.gnupg
if [ -e $CONFIG_FILE ]; then
touch ${D}/gnupg
fi
==========================
That is, when a user specified by the file of
$HOME/.keep-old-behavior-of-gpg-sockdir, it creates a file
'/run/user/$UID/gnupg' before the creation of directory
/run/user/$UID/gnupg, so that the directory cannot be created and used.
Then, by the fallback mechanism of GnuPG, $HOME/.gnupg will be used.
--
More information about the pkg-gnupg-maint
mailing list