GPG homedir path length limit
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Feb 15 18:12:23 CET 2017
Hi all--
sorry for the late followup on this thread:
On Mon 2017-01-16 14:16:28 -0500, Werner Koch wrote:
> On Sun, 15 Jan 2017 00:39, gnupg at jelmail.com said:
>> Just experimenting in a sandbox homedir, I noticed that the homedir path
>> needs to be below a certain size.
>
> That is because on most Unix systems the file name for local socket is
> limited in size. Local sockets are used for communication between the
> components (e.g. gpg and gpg-agent).
>
>
> The suggested solution is to create the socket in the /var/run
> directory: Make sure that
>
> /var/run/user/$(id -u)
>
> exists before starting gpg or gpg-agent the socket will be created
> there. Only is you use a non-default home directory (GNUPGHOME) you
> need to manually create a sub-directory by using
>
> export GNUPGHOME=/foo/bar
> gpgconf --create-socketdir
Why does this need to be created manually? Why not try to create it if
possible the first time there's a chance to use it, no matter what?
or, if "no matter what" is too aggressive, why not at least try to
create the ephemeral it if it's clear that the non-ephemeral location is
longer than the max socket length?
I personally like the simplicity and uniformity of "if /run/user/$(id
-u)/ exists and is writable, then we will use it for the socketdir."
What does GnuPG gain from having a known failure mode that requires a
manual fix?
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: </pipermail/attachments/20170215/10c75769/attachment.sig>
More information about the Gnupg-users
mailing list