launching GnuPG daemons from the system session manager

Neal H. Walfield neal at
Wed Jul 13 15:41:12 CEST 2016


On Wed, 13 Jul 2016 15:30:35 +0200,
Daniel Kahn Gillmor wrote:
> On Wed 2016-07-13 14:41:58 +0200, Neal H. Walfield wrote:
> > I find it strange that gpg-agent is managed as part of the user's
> > session when it is independent of the session.  Concretely, if I have
> > multiple sessions open, e.g., desktop & multiple ssh instances, then I
> > expect them all to share the same gpg-agent.  Also, I wonder if this
> > doesn't negatively impact the use of --extra-socket.
> You'll be happy to learn that this is exactly what systemd's --user
> handling does, actually :) I think i was using the term "session"
> loosely above, so let me try to be more specific.

Great!  This is (was?) a serious problem with D-Bus: there is a
session bus and a system bus, but no user bus.

> In systemd, there is a "slice" allocated to each user, which contains
> their user-specific systemd service process manager.  This slice
> operates concurrently with every existing login session.  If there are
> no login sessions, then the user's service management is terminated.  As
> soon as the user's first session begins, the slice starts up the
> services.
> I end up with clean automated startup and safe automated teardown that
> coincides with the times that i'm actually authenticated to the machine,
> regardless of how many sessions i have running concurrently.

This is quite nice, but I wonder if gpg-agent shouldn't persist or at
least persist for a little while and only be shutdown if there is no
new login within, say, 10 minutes.  Is that possible?  Do you agree
this makes sense?


:) neal

More information about the Gnupg-devel mailing list