Re: Restarting gpg-agent

2010-03-15 Thread Peter Pentchev 
On Sun, Mar 14, 2010 at 10:16:00PM +0100, Michel Messerschmidt wrote:
 On Sun, Mar 14, 2010 at 12:24:14PM -0700, James Moe wrote:
  Hello,
opensuse v11.2, linux 2.6.31.12-0.1-desktop x86_64, gpg v2.0.12.
The docs at http://www.gnupg.org/ cover starting gpg-agent pretty
  well. What is missing is how to re-start it.
If gpg-agent is terminated for some reason, or the system is booted,
  the file .gpg-agent.info is left behind. Because the file exists, when
  .bashrc is run it detects the file and does not start gpg-agent.
Is there some way to:
  1. Detect if gpg-agent is running. If not, erase .gpg-agent.info, or
  2. Erase .gpg-agent.info at boot time.
 
 
 This works for me (in .bashrc):

A good idea, and well written :)  Just one minor thing...

 # start gpg-agent if no running instance is found
 if test -z ${GPG_AGENT_INFO} ||
! kill -0 `grep GPG_AGENT_INFO ${GA_INFO_FILE} | cut -d: -f 2 -` 
 2/dev/null; then

In this way, you risk a false positive if gpg-agent has died (or not
been started at all, but a .gpg-agent.info file has been left over)
and there is another process with the same process ID.  This *can*
happen, whether by random chance at system startup, or by random
chance on a long-running system with PID's wrapping around.
A slightly better (if somewhat more convoluted) way could be
something like:

gpg_agent_pid=''
gpg_agent_running=''
if [ -n ${GPG_AGENT_INFO} ]  [ -r $GA_INFO_FILE ]; then
gpg_agent_pid=`grep GPG_AGENT_INFO ${GA_INFO_FILE} | cut -d: -f 2 -`
fi
if [ -n $gpg_agent_pid ] 
   expr x$gpg_agent_pid : 'x[0-9]*$'  /dev/null; then
if pgrep gpg-agent | fgrep -qw $gpg_agent_pid  /dev/null; then
gpg_agent_running='1'
fi
fi

if [ -n $gpg_agent_running ]; then

...

fi

Please don't take this as criticism, just an idea :)  And, of course,
it assumes that the OS has pgrep(1).

G'luck,
Peter

-- 
Peter Pentchev  r...@ringlet.netr...@space.bgr...@freebsd.org
PGP key:http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint 2EE7 A7A5 17FC 124C F115  C354 651E EFB0 2527 DF13
What would this sentence be like if pi were 3?


pgpTFvqo00XDR.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Restarting gpg-agent

2010-03-15 Thread Werner Koch 
On Mon, 15 Mar 2010 11:58, r...@ringlet.net said:

 # start gpg-agent if no running instance is found
 if test -z ${GPG_AGENT_INFO} ||
! kill -0 `grep GPG_AGENT_INFO ${GA_INFO_FILE} | cut -d: -f 2 -` 
 2/dev/null; then

 In this way, you risk a false positive if gpg-agent has died (or not
 been started at all, but a .gpg-agent.info file has been left over)

I have not follewed this thread.  However the code above is far too
complex.  For years gpg-agent is able to test whether it is already
running, just call gpg-agent and don't pass the --daemon option:

  $ gpg-agent
  gpg-agent: gpg-agent running and available
  $ echo $?
  0
  $ GPG_AGENT_INFO= gpg-agent
  gpg-agent: no gpg-agent running in this session
  $ echo $?
  2



Shalom-Salam,

   Werner


-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Restarting gpg-agent

2010-03-15 Thread Benjamin Donnachie 
On 15 March 2010 16:54, Werner Koch w...@gnupg.org wrote:
 For years gpg-agent is able to test whether it is already
 running, just call gpg-agent and don't pass the --daemon option:

This is what I use the fall back as part of MacGPG2:

(* start-gpg-agent
   Part of the MacGPG2 project - http://macgpg2.sourceforge.net

   Released under v3 of the GPL
 *)

-- Sleep for two seconds.

delay 2

-- Try to contact gpg-agent

set gpgAgentRunning to do shell script /usr/local/bin/gpg-agent 
/dev/null; echo $?; exit 0

-- If that fails, look for env file.

if gpgAgentRunning  0 then
set gpgAgentRunning to do shell script [ -f $HOME/.gpg-agent-info ]
 (source $HOME/.gpg-agent-info  export GPG_AGENT_INFO 
/usr/local/bin/gpg-agent  /dev/null) ; echo $?; exit 0
end if

-- If that also fails, start a new copy of gpg-agent

if gpgAgentRunning  0 then
do shell script /usr/local/bin/gpg-agent --daemon
--use-standard-socket --write-env  /dev/null
end if


Should be easy to understand and implement in another scripting language.

Ben

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Restarting gpg-agent

2010-03-14 Thread Doug Barton 
On 03/14/10 12:24, James Moe wrote:
 Hello,
   opensuse v11.2, linux 2.6.31.12-0.1-desktop x86_64, gpg v2.0.12.
   The docs at http://www.gnupg.org/ cover starting gpg-agent pretty
 well. What is missing is how to re-start it.
   If gpg-agent is terminated for some reason, or the system is booted,
 the file .gpg-agent.info is left behind. Because the file exists, when
 .bashrc is run it detects the file and does not start gpg-agent.
   Is there some way to:
 1. Detect if gpg-agent is running. If not, erase .gpg-agent.info, or
 2. Erase .gpg-agent.info at boot time.

http://dougbarton.us/PGP/index.html, click on the link for the gpg-agent
script.


hth,

Doug

-- 

... and that's just a little bit of history repeating.
-- Propellerheads

Improve the effectiveness of your Internet presence with
a domain name makeover!http://SupersetSolutions.com/


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Restarting gpg-agent

2010-03-14 Thread Michel Messerschmidt 
On Sun, Mar 14, 2010 at 12:24:14PM -0700, James Moe wrote:
 Hello,
   opensuse v11.2, linux 2.6.31.12-0.1-desktop x86_64, gpg v2.0.12.
   The docs at http://www.gnupg.org/ cover starting gpg-agent pretty
 well. What is missing is how to re-start it.
   If gpg-agent is terminated for some reason, or the system is booted,
 the file .gpg-agent.info is left behind. Because the file exists, when
 .bashrc is run it detects the file and does not start gpg-agent.
   Is there some way to:
 1. Detect if gpg-agent is running. If not, erase .gpg-agent.info, or
 2. Erase .gpg-agent.info at boot time.


This works for me (in .bashrc):

export GNUPGHOME=${HOME}/.gnupg
GPGAGENT=/usr/bin/gpg-agent
GA_INFO_FILE=${GNUPGHOME}/gpg-agent-info-$(hostname)
# check that gpg-agent is executable and enabled in the gpg config
if grep -qs '^[[:space:]]*use-agent' ${GNUPGHOME}/gpg.conf 
   test -x ${GPGAGENT}; then
# always re-read the gpg-agent info file to find the running instance
if [ -r ${GA_INFO_FILE} ]; then
. ${GA_INFO_FILE}
fi
# start gpg-agent if no running instance is found
if test -z ${GPG_AGENT_INFO} ||
   ! kill -0 `grep GPG_AGENT_INFO ${GA_INFO_FILE} | cut -d: -f 2 -` 
2/dev/null; then
# enable ssh support by default if set in global Xsession options
if grep -qs '^[[:space:]]*use-ssh-agent' /etc/X11/Xsession.options; then
GA_SSH=--enable-ssh-support
fi
# execute gpg-agent and export environment variables
eval $(${GPGAGENT} --daemon ${GA_SSH} --sh 
--write-env-file=${GA_INFO_FILE})
fi
export GPG_AGENT_INFO
export SSH_AUTH_SOCK
export SSH_AGENT_PID
fi


HTH,
Michel

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users