Forward gpg-agent to container
Benjamin Kircher
benjamin.kircher at gmail.com
Tue Jun 5 18:02:53 CEST 2018
> On 5. Jun 2018, at 10:54, Benjamin Kircher <benjamin.kircher at gmail.com> wrote:
>
>
>
>> On 5. Jun 2018, at 08:56, Andrew Gallagher <andrewg at andrewg.com> wrote:
>>
>>>
>>> On 4 Jun 2018, at 19:44, Benjamin Kircher <benjamin.kircher at gmail.com> wrote:
>>>
>>> Now inside the container I can see my socket
>>>
>>> # ls -l /gpg-agent
>>> srwx------ 1 root root 0 Jun 4 17:45 /gpg-agent
>>>
>>> From here on, I am kind of stuck. I fail to somehow make gpg-agent inside the container “use” the extra-socket. Here is what I am doing:
>>
>> This sounds overly complicated. Once you have the extra socket visible inside the container, it should be sufficient to set the environment variable GPG_AGENT_SOCK. You don’t need to start an extra agent inside the container.
>
> Andrew, thanks for looking into this.
>
> Is this documented somewhere? I can’t find this environment variable in the man-pages and a quick code search over gnupg, libassuan, gpgme, and friends shows no such environment variable.
Sorry, but GPG_AGENT_SOCK doesn’t work at all.
$ docker run --volume $(gpgconf --list-dirs agent-extra-socket):/gpg-agent --env GPG_AGENT_SOCK=/gpg-agent --entrypoint=sh -ti fedora:latest
# env
HOSTNAME=26e366f60fc8
PWD=/
HOME=/root
FBR=f28
DISTTAG=f28container
FGC=f28
GPG_AGENT_SOCK=/gpg-agent
TERM=xterm
SHLVL=1
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
_=/usr/bin/env
# gpg2 --keyserver pgp.uni-mainz.de --recv 325F3B76
# gpg2 --list-secret-keys
BK
More information about the Gnupg-users
mailing list