[PATCH] gnupg-2.0.1 - gpg-agent-info option fixup

Robin H. Johnson robbat2 at gentoo.org
Wed Jan 31 03:49:44 CET 2007

On Tue, Jan 30, 2007 at 09:49:38PM +0100, Werner Koch wrote:
> On Tue, 30 Jan 2007 16:52, alon.barlev at gmail.com said:
> > Please explain again how a program that is running at one X window,
> > can affect the environment of another window, not all users wish to
> > run the agent at xinit.
> The seahorse agent seems to be a reincarnation of the quintuple-agent.
> That is not a proper solution.  The gpg-agent solution is a far better
> one.  You may disagree here but so be it.  There is still 1.4
> available implementing this option.
> Anyway, the seahorse agent won't work with future versions of gpg2.
> gpg2 will eventually move all secret key operation to gpg-agent and
> require support for the full, gpg-agent API.  gpgsm already works this
> way and it is logical to do the same with gpg2.
I believe that the problem Alon is raising here is that how to get the
agent-info string out to the right level without hacks every time.

Consider this:
1. Your agent is running.
2. Your previous agent has crashed or is gone for some reason.
3. Open a terminal.
5. Start your agent (one that does not modify gpg.conf).
6. Agent prints out the socket location.
7. From your window manager, launch whatever GUI app that would use gpg
   via the agent.
The GUI app in #5 there is no way to export the GPG_AGENT_INFO env var
to the GUI app.

If the agent is started prior to X, or during the startup of your window
manager, and the GPG_AGENT_INFO env var is exported at that time, it
does correctly exist while the agent is running.

The only way to send that agent info string back is via a file.
Modifying gpg.conf is one way to accomplish this.
The other way is a wrapper for gpg that looks at a file for the socket,
and sets the GPG_AGENT_INFO env var per that file.

Robin Hugh Johnson
Gentoo Linux Developer
E-Mail     : robbat2 at gentoo.org
GnuPG FP   : 11AC BA4F 4778 E3F6 E4ED  F38E B27B 944E 3488 4E85
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 329 bytes
Desc: not available
Url : /pipermail/attachments/20070130/5a79752d/attachment-0001.pgp 

More information about the Gnupg-devel mailing list