Moving the agent's socket to /var/run ?

Eric Dorland eric at debian.org
Wed Feb 24 04:07:22 CET 2016


* Andreas Metzler (ametzler at bebt.de) wrote:
> Werner Koch <wk at gnupg.org> wrote:
> [...]
> > GnuPG 2.x makes extensive use of Unix domain sockets for interprocess
> > communication.  For example gpg-agent is listenening for requests from
> > gpg or gpgsm on the socket ~/.gnupg/S.gpg-agent .  We have received a
> > couple of reports from folks who have to install GnuPG in GnuPG home
> > directory with a long file name.  This does not work well with sockets
> > which usually have a limit on the length of their name.  The workaround
> [...]
> > What about changing the _default_ name for the sockets from, say,
> > ~/.gnupg/S.gpg-agent to /var/run/user/<uid>/S.gpg-agent ?  This is
> > similar to what system daemons use for their socket names and has the
> > further advantage that /var/run is always locally mounted and would thus
> > avoid the re-direction file hack used for NFS etc.  This would only be
> > done if GNUPGHOME/--homedir is not set so that it is still possible to
> > run a second instance of gnupg.
> [...]
> 
> Hello,
> 
> /var/run typically is a symlink to /run. Are per-user
> subdirectories of /run common practise on other ditributions nowadays?
> (I only know that Debian does not have them.) Having a default that
> would not work for most of the users is probably not desirable.
> 
> You could use (a subdirectory of) /tmp.

As far as I know, they're only create by pam_systemd
(http://man7.org/linux/man-pages/man8/pam_systemd.8.html). So Debian
does have them, if you're using systemd.

-- 
Eric Dorland <eric at kuroneko.ca>
43CF 1228 F726 FD5B 474C  E962 C256 FBD5 0022 1E93
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: </pipermail/attachments/20160223/d9f57b93/attachment-0001.sig>


More information about the Gnupg-devel mailing list