usertags 444103 + pca.it-authentication thanks Hi there!
On Sun, 18 Sep 2011 22:38:25 +0200, Luca Capello wrote: > On Wed, 26 Sep 2007 07:54:20 +0200, Tim Riker wrote: >> If /etc/X11/Xsession has "use-ssh-agent" disabled, and >> $GNUPGHOME/gpg.conf has use-agent, we might as well enable ssh-agent >> support in gpg-agent. > > Fully agree, but only if $GNUPGHOME/gpg-agent.conf has > "enable-ssh-support", see below for a full explanation. > > On Fri, 02 Oct 2009 11:09:45 +0200, Kees Meijs wrote: >> When someone does not want to run ssh-agent, I guess it's still not >> safe to assume the person _does_ want --enable-ssh-support for >> gpg-agent in all cases. > > This is why there is a way in gpg-agent to decide if it should act as an > SSH agent as well, i.e. "enable-ssh-support". The problem is that there > is no way to decide if one wants ssh-agent or not and there is a bug in > /etc/X11/Xsession.d/90gpg-agent that prevents ssh-agent to be correctly > started: > > <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642012#17> > > So, basically, to fix this bug: if "enable-ssh-support" is enabled in > $GNUPGHOME/gpg-agent.conf gpg-agent will act as ssh-agent as well, no > matter the value of "use-ssh-agent" in /etc/X11/Xsession.options. Thus > here an IMHO better patch for /etc/X11/Xsession.d/90gpg-agent: Git patch attached. Test packages fixing #444103, #642012 and #642021 are available at: <http://people.debian.org/~gismo/tmp/gnupg2_2.0.18-3~gismo444103.642012.642021.1.dsc> Thx, bye, Gismo / Luca
From bc8555e936256261f7be123dd012e6ec5a93ee62 Mon Sep 17 00:00:00 2001 From: Luca Capello <l...@pca.it> Date: Tue, 21 Feb 2012 12:53:22 +0100 Subject: [PATCH 1/3] debian/gnupg-agent.xsession: (#444103) enable the SSH support --- debian/changelog | 9 +++++++++ debian/gnupg-agent.xsession | 8 +++++++- 2 files changed, 16 insertions(+), 1 deletions(-) diff --git a/debian/changelog b/debian/changelog index 8594851..37379b0 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,12 @@ +gnupg2 (2.0.18-3) UNRELEASED; urgency=low + + [ Luca Capello ] + * debian/gnupg-agent.xsession: + + enable the SSH support according to $GNUPGHOME/gpg-agent.conf + (Closes: #444103). + + -- + gnupg2 (2.0.18-2) unstable; urgency=low * debian/control, debian/gpgsm.install, debian/scdaemon.install: Add a diff --git a/debian/gnupg-agent.xsession b/debian/gnupg-agent.xsession index eb8c584..d129884 100644 --- a/debian/gnupg-agent.xsession +++ b/debian/gnupg-agent.xsession @@ -14,6 +14,12 @@ if grep -qs '^[[:space:]]*use-agent' "$GNUPGHOME/gpg.conf" "$GNUPGHOME/options" # Invoking gpg-agent with no arguments exits successfully if the agent # is already running as pointed by $GPG_AGENT_INFO if ! $GPGAGENT 2>/dev/null; then - STARTUP="$GPGAGENT --daemon --sh --write-env-file=$PID_FILE $STARTUP" + ## <http://bugs.debian.org/444103> + # check if the SSH support should be enabled + if grep -qs '^[[:space:]]*enable-ssh-support' "$GNUPGHOME/gpg-agent.conf"; then + ENABLESSH='--enable-ssh-support' + fi + + STARTUP="$GPGAGENT --daemon $ENABLESSH --sh --write-env-file=$PID_FILE $STARTUP" fi fi -- 1.7.8.3
pgpaymgadiKDC.pgp
Description: PGP signature