On 2018-06-10 at 18:05 +0200, Benjamin Kircher wrote:
> This gives me
>
> gpg: can't connect to the agent: IPC connect call failed
>
> from within the container.
>
> Command lines that led to this output are:
>
> $ docker run --volume $(gpgconf --list-dirs
>
> On 10. Jun 2018, at 18:05, Benjamin Kircher
> wrote:
>
>
>
>> On 6. Jun 2018, at 02:27, Phil Pennock wrote:
>>
>> On 2018-06-05 at 17:17 -0400, Phil Pennock wrote:
>>> Shell 2:
>>> $ docker run -it --rm -v /var/run/pdp.gnupg:/root/.gnupg/S.gpg-agent.ssh
>>> alpine
>>> / # chmod 0700
> On 6. Jun 2018, at 02:27, Phil Pennock wrote:
>
> On 2018-06-05 at 17:17 -0400, Phil Pennock wrote:
>> Shell 2:
>> $ docker run -it --rm -v /var/run/pdp.gnupg:/root/.gnupg/S.gpg-agent.ssh
>> alpine
>> / # chmod 0700 /root/.gnupg && chown root:root /root/.gnupg/S.gpg-agent
>> / # apk update
On Tue, Jun 05, 2018 at 05:17:10PM -0400, Phil Pennock wrote:
>
> Shell 1:
> $ docker-machine ssh default -R
> /var/run/pdp.gnupg:$HOME/.gnupg/S.gpg-agent.extra
> [ leave this window open, this is your login on the VM; when this
> closes, you stop forwarding GnuPG's socket ]
A suggestion: for
On 2018-06-05 at 17:17 -0400, Phil Pennock wrote:
> Shell 2:
> $ docker run -it --rm -v /var/run/pdp.gnupg:/root/.gnupg/S.gpg-agent.ssh
> alpine
> / # chmod 0700 /root/.gnupg && chown root:root /root/.gnupg/S.gpg-agent
> / # apk update && apk add --no-cache gnupg
I apologise, I missed fixing one
On 2018-06-05 at 20:18 +0200, Peter Lebbing wrote:
> Have you tried by hand whether the concept of communicating over a
> socket to a container works at all? You could use socat to create a
> socket and communicate, one socat on your host system and one inside the
> container.
>
> I have no
Hi.
On 05/06/2018 18:02, Benjamin Kircher wrote:
On 5. Jun 2018, at 10:54, Benjamin Kircher wrote:
On 5. Jun 2018, at 08:56, Andrew Gallagher wrote:
On 4 Jun 2018, at 19:44, Benjamin Kircher wrote:
Now inside the container I can see my socket
# ls -l /gpg-agent
srwx-- 1 root
On 04/06/18 20:44, Benjamin Kircher wrote:
> For this I create a bind mount of agent-extra-socket to /gpg-agent inside the
> container
Have you tried by hand whether the concept of communicating over a
socket to a container works at all? You could use socat to create a
socket and communicate,
Hello Werner,
> On 5. Jun 2018, at 16:50, Werner Koch wrote:
>
> The envvar GPG_AGENT_INFO is not more supported since 2.1.
I saw that, too. Andrew was mentioning GPG_AGENT_SOCK, not GPG_AGENT_INFO
however.
> I don't know how to best convey and share the socket using the file
> system. I
> On 5. Jun 2018, at 10:54, Benjamin Kircher wrote:
>
>
>
>> On 5. Jun 2018, at 08:56, Andrew Gallagher wrote:
>>
>>>
>>> On 4 Jun 2018, at 19:44, Benjamin Kircher
>>> wrote:
>>>
>>> Now inside the container I can see my socket
>>>
>>> # ls -l /gpg-agent
>>> srwx-- 1 root root 0
On Tue, 5 Jun 2018 08:56, andr...@andrewg.com said:
> This sounds overly complicated. Once you have the extra socket visible
> inside the container, it should be sufficient to set the environment
> variable GPG_AGENT_SOCK. You don’t need to start an extra agent inside
The envvar GPG_AGENT_INFO
> On 5. Jun 2018, at 08:56, Andrew Gallagher wrote:
>
>>
>> On 4 Jun 2018, at 19:44, Benjamin Kircher wrote:
>>
>> Now inside the container I can see my socket
>>
>> # ls -l /gpg-agent
>> srwx-- 1 root root 0 Jun 4 17:45 /gpg-agent
>>
>> From here on, I am kind of stuck. I fail to
> On 4 Jun 2018, at 19:44, Benjamin Kircher wrote:
>
> Now inside the container I can see my socket
>
> # ls -l /gpg-agent
> srwx-- 1 root root 0 Jun 4 17:45 /gpg-agent
>
> From here on, I am kind of stuck. I fail to somehow make gpg-agent inside the
> container “use” the
Hello,
I want to forward my host gpg-agent to an OCI container so that I can use a
secret key that is available on the host to sign some packages inside the
container. For this I create a bind mount of agent-extra-socket to /gpg-agent
inside the container and start the container with
$
14 matches
Mail list logo
