[gpg-agent] Empty OPTION xauthority=

Werner Koch wk at gnupg.org
Mon Mar 4 16:24:57 CET 2024


On Mon,  4 Mar 2024 14:19, Matěj Cepl said:

> Do I understand it correctly that gnupg contains smaller version
> of systemd (dependency activation) inside of itself and that

No. It is not required.  Just don't let systemd start gpg-agent or
dirmngr with option --supervised.  If you use ssh just make sure that
gpg-agent has been started - this is the same as with ssh-agent.

> MicroOS by openSUSE (and Fedora Atomic and many others,
> every Linux distro has its own variant of this, I guess) are
> container-oriented systems, where only minimal host system
> is used to run multiple isolated containers (Docker/Podman,
> distrobox, or Flatpak). SELinux and other methods are used to

I see.  We once looked into running a gpg-agent under a different
account and with the right glue it should work.  Definitely needs some
more work but given that remote use works, it should not be a major
hassle.  The gpgconf.ctl hack might come handy to force the use of a
different socket directory - see the latest gpgconf man page.  Depends
on how things are actually done.  There is even a --chuid option to
gpgconf to handle things for a user during session startup.


Shalom-Salam,

   Werner


-- 
The pioneers of a warless world are the youth that
refuse military service.             - A. Einstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openpgp-digital-signature.asc
Type: application/pgp-signature
Size: 247 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20240304/f8abaa5f/attachment.sig>


More information about the Gnupg-users mailing list