what is the proper way to load gpg-agent with systemd
Paulo Lopes
pmlopes at gmail.com
Tue Mar 17 19:43:02 CET 2015
On Tue, Mar 17, 2015 at 7:19 PM, Doug Barton <dougb at dougbarton.email> wrote:
> On 3/17/15 7:48 AM, Paulo Lopes wrote:
>
>> Hello,
>>
>> I've been using my gpg card with success in Ubuntu for a while but as
>> everyone knows the init system is switching from upstart to systemd as
>> it is happening on Debian and the vast majority of other distributions.
>>
>> In the "past" one could start gpg-agent from the script that boots Xorg
>>
>
> Are you using the ssh-agent capabilities? If not, you don't need to do
> anything special to start the agent, it will use the socket method by
> default.
>
So what I did was to create a user unit file like this on ~/.local/:
[Unit]
Description=gpg-agent
ConditionFileIsExecutable=/usr/bin/gpg-agent
[Service]
ExecStart=/usr/bin/gpg-agent --daemon --enable-ssh-support
--scdaemon-program /usr/libexec/scdaemon --use-standard-socket --log-file
~/.gnupg/gpg-agent.log --write-env-file %h/$
ExecStop=/usr/bin/pkill gpg-agent
Type=forking
Restart=always
[Install]
WantedBy=default.target
Now what happens is that i start a java application "IntelliJ" and when i
try to get git to fetch some code it complains that the it cannot sign the
key. However if i use "pass" then the pinentry popup shows i enter my pin
and from there the git stuff works from intellij.
So it feels quite strange that i need to do all this juggling to get it
working :/
But i read about socket activation in your message so i guess my unit file
is wrong, could you share how to use socket activation? And if does that
how do you set the SSH agent variables?
>
> Also, do you have any evidence that the method you are currently using
> won't work with systemd? X starts well after the low-level system stuff is
> up and running, I'm having a hard time imagining why you couldn't continue
> doing what you're doing.
>
> Doug
>
>
--
Paulo Lopes
www.jetdrone.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20150317/bac7b9d5/attachment.html>
More information about the Gnupg-users
mailing list