launching GnuPG daemons from the system session manager
Neal H. Walfield
neal at walfield.org
Wed Jul 13 15:41:12 CEST 2016
Hi,
On Wed, 13 Jul 2016 15:30:35 +0200,
Daniel Kahn Gillmor wrote:
> On Wed 2016-07-13 14:41:58 +0200, Neal H. Walfield wrote:
> > I find it strange that gpg-agent is managed as part of the user's
> > session when it is independent of the session. Concretely, if I have
> > multiple sessions open, e.g., desktop & multiple ssh instances, then I
> > expect them all to share the same gpg-agent. Also, I wonder if this
> > doesn't negatively impact the use of --extra-socket.
>
> You'll be happy to learn that this is exactly what systemd's --user
> handling does, actually :) I think i was using the term "session"
> loosely above, so let me try to be more specific.
Great! This is (was?) a serious problem with D-Bus: there is a
session bus and a system bus, but no user bus.
> In systemd, there is a "slice" allocated to each user, which contains
> their user-specific systemd service process manager. This slice
> operates concurrently with every existing login session. If there are
> no login sessions, then the user's service management is terminated. As
> soon as the user's first session begins, the slice starts up the
> services.
...
> I end up with clean automated startup and safe automated teardown that
> coincides with the times that i'm actually authenticated to the machine,
> regardless of how many sessions i have running concurrently.
This is quite nice, but I wonder if gpg-agent shouldn't persist or at
least persist for a little while and only be shutdown if there is no
new login within, say, 10 minutes. Is that possible? Do you agree
this makes sense?
Thanks!
:) neal
More information about the Gnupg-devel
mailing list