gpg-agent self-termination when private-keys-v1.d goes away
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue Jun 13 06:47:12 CEST 2017
hey folks--
gpg-agent currently knows to terminate itself when its socket is
unlinked from the filesystem.
to work around the sun_path length constraint, though, we're often
putting the sockets in the /run/user/$(id -u) directory.
This means that the workflow of:
export GNUPGHOME=$(mktemp -d)
# do some experiments
rm -rf $GNUPGHOME
Actually leaves any associated gpg-agents running in the background.
Do this as a part of an automated test suite, and you could easily end
up with hundreds of agents or more that are still active.
I propose to add private-keys-v1.d/ to the gpg-agent's inotify
watchlist, and to have the agent terminate if it notices that directory
being deleted as well. I think that will fix the concern described
above on GNU/Linux at least.
any objections or concerns about this approach?
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: </pipermail/attachments/20170613/27dab447/attachment.sig>
More information about the Gnupg-devel
mailing list