* Gour <[email protected]> [2015-03-24 10:57]: > Guido Berhoerster <[email protected]> writes: > > > no working PolicyKit agent means you won't be able to do much with you > > GUI any more. > > OK, that's clear now. Thank you. > > > /usr/bin/ssh-agent and /usr/bin/gpg-agent are from openssh and > > gnupg and they are launched by /etc/X11/xdm/sys.xsession when you > > log in because no other GPG and SSH agents (like the ones > > provided by gnome-keyring) are running. See the comments on top > > of that file for and explanation and a way to disable/replace > > them. > > Ahh, that was the missing link. :-) > > After I disabled them, iow. > > #usessh=yes > > #usegpg=yes > > as well as commented the following: > > #if test -s "$HOME/.myagents" ; then > # eval $(grep -E '^use.*=.*' "$HOME/.myagents") > #else > # grep -Eq '^enable-ssh-support' "$HOME/.gnupg/gpg-agent.conf" && > usessh=gpg > #fi > > everythihng works very nicely. > > Now I get: > > $ps ax | grep agent > 2160 ? Ss 0:00 ssh-agent > 2186 ? Ss 0:00 gpg-agent --daemon > 2414 ? Sl 0:00 /usr/lib/polkit-gnome-authentication-agent-1
Well that will not work, the next update to xdm will overwrite your changes to /etc/X11/xdm/sys.xsession. Please read the comments there, you should instead create ~/.myagents with the lines usessh=no usegpg=no if you want to override the defaults. > > Your display manager does via PAM, that is needed so that it can > > be unlocked at login time. If you've disabled "Launch GNOME > > services on startup" in the Xfce settings it will not start it's > > own GPG and SSH agents and interfere with other GPG and SSH > > agents in any way. > > Another useful piece of info! > > > Sorry, I'm not familiar with keychain and how it works. From the > > above it is also not clear how you invoke it and why you want to > > enter a password while logging in. > > I'm humbly asking you to take a look at: > > http://www.funtoo.org/Keychain > > https://github.com/funtoo/keychain > > It's mature software working for years and it has support for gpg-2.1. > > Now, I'm invoking it from my ~/.config/fish/config.fish with: > > # Keychain > if status --is-login > keychain --eval --quiet -Q id_rsa | source > keychain --eval --quiet -Q mygpgid | source > end > > and during login it invokes dialog to enter passwords for my ssh and gpg > key and then I can forget about re-entering them again. > > Please, condider to deploy keychain instead of the present trickery in > sys.xsession. I'm the wrong person for that, sys.xsession and the other scripts from the xdm package contain distribution-wide defaults and affect all other desktops as well, so any changes to that should be discussed on the opensuse-factory list and with the xdm package maintainers. -- Guido Berhoerster -- To unsubscribe, e-mail: [email protected] To contact the owner, e-mail: [email protected]
