On Sun Mar 3, 2024 at 10:05 AM CET, Werner Koch wrote: > > am running it on host with systemd --user services (configuration > > Take care, the use of systemd is racy and support will be removed in > 2.6.
1. Could you please explain why it is racy? Why from all services only gpg is unsuitable for systemd treatment? It is just one socket as any other, isn’t it? Could you point to some issue ticket, email thread, blog post explaining the problem? 2. When running on MicroOS system (or Fedora Atomic) how could you guarantee that there is only one gpg-agent and gpg doesn't try to run it inside of a container, thus making it inacessible to other containers on the system (Flatpak or podman) and to the host system? I don't see any other solution than running permanently one gpg-agent on the host system open to everybody, which systemd --user service seems to provide nicely. > gpg takes the value for xauthority from the envvar XAUTHORITY. In your > case it seems that this envvar is set to the empty string which results > in the above synax error. Using xauthority without a value and thus > without the '=' removes the value from gpg-agent's environment. Yes, thank you for kicking me in the right direction, I found a bug in distrobox (https://github.com/89luca89/distrobox/pull/1252). > In theory it would be possible to ignore the empty string but given that > we have the code this way for 20 year the risk of a regression is to > high. What? You know there is a vulnerability in gpg (actually, couldn't the particularly modified environment be abused for some DoD style attack?) and you don't want to fix it, because you had that bug there long enough? I probably do not understand what you were trying to say. > Please figure out why XAUTHORITY is set to the empty sting. > XAUTHORITY is only needed if you don't use ~/.Xauthority to store the > X11 magic cookies; see xauth(1). I have Wayland-only system (based on sway), so whole XAUTH* variables are nonsensical here. Best, Matěj -- http://matej.ceplovi.cz/blog/, @mcepl@floss.social GPG Finger: 3C76 A027 CA45 AD70 98B5 BC1D 7920 5802 880B C9D8 Monday, December 9th. We skip the bus tour of Stockholm to attend the economics lecture. Our guest status is again good for front row seats. We hear about the theory of auctions. There are integrals and derivatives. It’s like physics except physics works.
E09FEF25D96484AC.asc
Description: application/pgp-keys
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users