Hi there! On Sun, 18 Sep 2011 17:05:37 +0200, Julien Cristau wrote: > On Sun, Sep 18, 2011 at 16:53:13 +0200, Luca Capello wrote: > >> --8<---------------cut here---------------start------------->8--- [patch] >> --8<---------------cut here---------------end--------------->8--- >> > NAK, as far as I'm concerned this script has no business looking around > in gpg.conf.
This leaves the bug opened: I would be glad to explore other solutions, but AFAIK without checking gpg.conf and gpg-agent.conf there is no way to know *beforehand* 1) if gpg-agent will run and 2) if the latter will provide SSH support. Please note that until now ssh-agent is *never* started if gpg-agent has been started at least once with SSH support, for the following reasons (and this is another bug, no matter what): 1) 90gpg-agent is sourced before 90x11-common_ssh-agent 2) gpg-agent does not remove its "PID" file when exiting, see #642021 3) 90gpg-agent sources the "PID" file above, which means that SSH_AUTH_SOCK is defined *before* any gpg-agent is started at all 4) 90x11-common_ssh-agent starts ssh-agent only if SSH_AUTH_SOCK is empty, which is not the case as per point 3 Here is the patch to test the behavior above: --8<---------------cut here---------------start------------->8--- --- 90x11-common_ssh-agent.ORG +++ 90x11-common_ssh-agent @@ -14,6 +14,11 @@ # use ssh-agent2's ssh-agent1 compatibility mode SSHAGENTARGS=-1 fi + else + cat <<EOF >>"$HOME"/.xsession-errors +/etc/X11/Xsession.d/90x11-common_ssh-agent: SSH_AUTH_SOCK='$SSH_AUTH_SOCK' +/etc/X11/Xsession.d/90x11-common_ssh-agent: not starting ssh-agent +EOF fi fi --8<---------------cut here---------------end--------------->8--- IMHO the real bug is to try to start ssh-agent in a system-wide fashion via /etc/X11/Xsession.options, while this is (clearly) a user option. This is also why I fear the new Xsession "use-gpg-agent" option at <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=412993#20>. The fact that ssh_config does not have any way to define that we want the agent is probably the original cause of this bug. Finally, may I ask why this file is not provided by openssh-client? I could not find any reference in the x11-common changelog.Debian nor x11-common Recommends:/Suggests:/Enhances: openssh-client. Thx, bye, Gismo / Luca
pgpYqM8CnyFUq.pgp
Description: PGP signature