Proposal with patch: Make socket directory host dependent

Rainer Perske rainer.perske at
Sun Nov 19 14:59:27 CET 2017


> > Unfortunately I cannot use /run/user/(userid) because it is
> > maintained by systemd and in my webmailer situation it can be
> > deleted even if the agent is still running. (systemd does not know
> > anything about the sessions of a webmailer.)

> I'm not convinced this response makes much sense.  Why *wouldn't* the
> system's service manager (systemd, in your case) be unaware of
> webmailer sessions?

> What is your webmail configuration doing that it is switching to a
> new user session, but deliberately avoiding registering that user
> session with the local system service manager?

Because systemd manages processes on a *single* host. I have servers
clustered and distributed over two locations for fail safety and load
distribution and a webmailer session is valid on all cluster hosts.
systemd (more exactly: "systemd-logind") cannot be used to manage
cluster-wide sessions.

So I have to fight with the fact that my webmailer is running in a 
cluster, but GnuPG and its agent are not because they use 
localhost-only sockets for interprocess communication and never were 
designed to be used in a cluster environment.

I want to use GnuPG because it is the best software for this purpose so 
my webmailer gives GnuPG an environment it is happy with.

Some more background information:

I do not need GnuPG sessions at all. If I could call gpgsm in a way
that no gpg-agent or dirmngr process and no socket file would survive
this call, this would be slower but I could live with it.

But GnuPG is now built in a way that always socket files are created
and that always gpg-agent and dirmngr are started the first time they
are needed. (You definitely have very good reasons to do so, avoiding
long startup times is one of them.) So I have to live with these files
and processes, for nearly 100,000 possible users.

Because the processes are running on single hosts, the socket files
must be placed on host-local file systems. Otherwise processes on other
hosts see the socket files but do not see the agents. Fall-back
location of the socket file is the user's home directory. In my
situation, this is a cluster-wide file system. And so I got into
trouble. This is the main cause for my patch and proposal.

To solve the problems, I must make sure that GnuPG places the socket
files on host-only file systems. My patch and proposal have this single
aim: Place the socket on a host-only file system but do not allow
cluster-unaware managers like "systemd-logind" to bother with them. So
I cannot use /run/user/ or /var/run/user/ that are managed by

A general solution would be to make these directories configurable. I
do not dare to ask you to develop such a general solution.

A simple solution would be to prepend GnuPG-specific host-local
directories not managed by systemd-logind to the list of directories.
Hence my proposal. According to the Linux File System Standard,
/var/run/gnupg/ (or /run/gnupg/ on those systems using /run/ ) seems to
be the best place in my eyes.

So my proposal (prepend /run/gnupg and /var/run/gnupg to /run and
/var/run ) would solve my problem. (My webmailer can make sure that
/run/gnupg/user/<UID> exists and has the correct owner, group, and
permissions before calling gpgsm. And my cluster-aware session
management can clean these directories.)

(I know that my solution can cause multiple agents running for the same 
user on different hosts concurrently. But as far as I can see you are 
using proper file locking so this does not cause any problem. At least 
in the last 3 years my patch (see first mail of this thread) has not 
caused any problem.)

Best regards
Rainer Perske
Abteilung Systembetrieb und Leiter der Zertifizierungsstelle (WWUCA)
Zentrum für Informationsverarbeitung (Universitätsrechenzentrum)

Westfälische Wilhelms-Universität
Zentrum für Informationsverarbeitung
Rainer Perske
Röntgenstraße 7-13
48149 Münster

Tel.: +49 251 83-31582
Fax.: +49 251 83-31555
E-Mail: rainer.perske at
Büro: Raum 006, Röntgenstraße 11

Zertifizierungsstelle der Universität Münster (WWUCA):
Tel.: +49 251 83-31590
Fax.: +49 251 83-31555
E-Mail: ca at

Zentrum für Informationsverarbeitung (ZIV):
Tel.: +49 251 83-31600 (Mo-Fr 7:30-17:30 Uhr)
Fax.: +49 251 83-31555
E-Mail: ziv at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6807 bytes
Desc: S/MIME cryptographic signature
URL: <>

More information about the Gnupg-devel mailing list