what is the proper way to load gpg-agent with systemd
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Mar 18 02:28:36 CET 2015
On Tue 2015-03-17 14:43:02 -0400, Paulo Lopes wrote:
> So what I did was to create a user unit file like this on ~/.local/:
>
> [Unit]
> Description=gpg-agent
> ConditionFileIsExecutable=/usr/bin/gpg-agent
>
> [Service]
> ExecStart=/usr/bin/gpg-agent --daemon --enable-ssh-support
> --scdaemon-program /usr/libexec/scdaemon --use-standard-socket --log-file
> ~/.gnupg/gpg-agent.log --write-env-file %h/$
> ExecStop=/usr/bin/pkill gpg-agent
> Type=forking
> Restart=always
>
> [Install]
> WantedBy=default.target
>
>
> Now what happens is that i start a java application "IntelliJ" and when i
> try to get git to fetch some code it complains that the it cannot sign the
> key. However if i use "pass" then the pinentry popup shows i enter my pin
> and from there the git stuff works from intellij.
I don't know what "pass" is, but i guess it's how you trigger pinentry
to talk to your agent?
it sounds to me like you're saying that the agent started by systemd
doesn't know how to find your X11 session properly, so it doesn't know
how to launch pinentry on its own.
Does that sounds like an accurate characterization?
have you tried adding the following line to the [Service] stanza in your
.service file?
Environment=DISPLAY=:0
Try that, and then a full machine shutdown, restart, and login. It's a
workaround at best (your $DISPLAY won't always be :0) but if it works
for you, you'll know that this is at least the right diagnosis.
hth,
--dkg
More information about the Gnupg-users
mailing list