Re: Restarting gnupg-agent inside X session

2011-03-01 Thread Werner Koch 
On Tue,  1 Mar 2011 02:41, da...@systemoverlord.com said:

 Other than on systems where $HOME is on a filesystem that does not
 support sockets (e.g., NFS/CIFS/etc.), is anyone aware of an issue with
 the use of --use-standard-socket?  Seems like it would make restarting

GnuPG 2.1 will use --use-standard-socket by default.  The windows port
does this for years.  If you want to run a second gpg-agent, you need to
use a different homedir, though.  I use

unset GPG_AGENT_INFO
unset SSH_AGENT_PID
export SSH_AUTH_SOCK=${HOME}/.gnupg/S.gpg-agent.ssh

in the startup script for interactive shells.  The only software which
does not work correctly is Easypg because it uses GPG_AGENT_INFO to
decide whether it shall ask for a passphrase; given that this is Emacs,
I can easily fix it.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Restarting gnupg-agent inside X session

2011-03-01 Thread Marco Steinacher 
Daniel Kahn Gillmor wrote:
 On 02/28/2011 06:49 PM, David Tomaschik wrote:
 Each process has its own copy of the environment inherited from its
 parent, so it's not possible to change the GPG_AGENT_INFO variable for
 all processes.  You could start gpg-agent with --use-standard-socket,
 and programs should fall back to that.
 
 Alternately, since you probably already know the current setting of
 GPG_AGENT_INFO, you could just start the agent and link its new socket
 to the place where the old one used to be.  Something like (untested):
 
  old_socket=$(printf %s $GPG_AGENT_INFO | sed 's/:.*$//')
  mkdir -m 0700 -p $(dirname $old_socket)
  eval $(gpg-agent --daemon)
  new_socket=$(printf $s $GPG_AGENT_INFO | sed 's/:.*$//')
  ln $new_socket $old_socket

David and Daniel, many thanks for your suggestions! I was not aware of
the --use-standard-socket option. I think this will do it for me.
Linking the new socket to the old one is also a nice way I didn't think
of and maybe it will be useful someday.

Marco
-- 
OpenPGP Key ID: 0x62937F7F



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Restarting gnupg-agent inside X session

2011-02-28 Thread Marco Steinacher 
Hi,

I use a OpenPGP smartcard with gnupg 2.0.14 and Ubuntu for different
tasks. From time to time I face the following problem: The gpg-agent
crashes for some reason after entering the PIN, 'ps' reports the daemon
process as a zombie

STAT START   TIME COMMAND
Zs   Feb26   0:01 [gpg-agent] defunct

and 'gpgconf --reload scdaemon' gives the following error:

gpgconf: error running `/usr/bin/gpg-connect-agent': exit status 1
gpgconf: error running `/usr/bin/gpg-connect-agent scd killscd': General
error

One problem is the fact that the agent crashes but I'm more after a
solution how to recover after it crashed for any reason. I can restart
the gpg-agent inside a terminal but then it is not available for
applications such as Thunderbird with Enigmail. So far, the only
solution that I know of is restarting the X session, i.e. log out and
log in again. But to do this I have to close all running applications
which sometimes is not an option.

Therefore I wonder if anybody knows of a solution to restart gpg-agent
on the level of the gnome-session without restarting the session itself.
Perhaps one way would be to somehow change the GPG_AGENT_INFO
environment variable for the running session, but I don't know if that's
possible. Any ideas?

Many thanks,
Marco

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Restarting gnupg-agent inside X session

2011-02-28 Thread David Tomaschik 
On 02/28/2011 06:17 PM, Marco Steinacher wrote:
 Hi,
 
 I use a OpenPGP smartcard with gnupg 2.0.14 and Ubuntu for different
 tasks. From time to time I face the following problem: The gpg-agent
 crashes for some reason after entering the PIN, 'ps' reports the daemon
 process as a zombie
 
 STAT START   TIME COMMAND
 Zs   Feb26   0:01 [gpg-agent] defunct
 
 and 'gpgconf --reload scdaemon' gives the following error:
 
 gpgconf: error running `/usr/bin/gpg-connect-agent': exit status 1
 gpgconf: error running `/usr/bin/gpg-connect-agent scd killscd': General
 error
 
 One problem is the fact that the agent crashes but I'm more after a
 solution how to recover after it crashed for any reason. I can restart
 the gpg-agent inside a terminal but then it is not available for
 applications such as Thunderbird with Enigmail. So far, the only
 solution that I know of is restarting the X session, i.e. log out and
 log in again. But to do this I have to close all running applications
 which sometimes is not an option.
 
 Therefore I wonder if anybody knows of a solution to restart gpg-agent
 on the level of the gnome-session without restarting the session itself.
 Perhaps one way would be to somehow change the GPG_AGENT_INFO
 environment variable for the running session, but I don't know if that's
 possible. Any ideas?
 
 Many thanks,
 Marco

Each process has its own copy of the environment inherited from its
parent, so it's not possible to change the GPG_AGENT_INFO variable for
all processes.  You could start gpg-agent with --use-standard-socket,
and programs should fall back to that.

   --use-standard-socket
   --no-use-standard-socket
  By enabling this option gpg-agent  will  listen  on  the  socket
  named ‘S.gpg-agent’, located in the home directory, and not cre‐
  ate a random socket below a temporary directory.  Tools connect‐
  ing to gpg-agent should first try to connect to the socket given
  in environment variable GPG_AGENT_INFO and  then  fall  back  to
  this  socket.  This option may not be used if the home directory
  is mounted as a remote file system.  Note, that  --use-standard-
  socket is the default on Windows systems.

David

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Restarting gnupg-agent inside X session

2011-02-28 Thread Daniel Kahn Gillmor 
On 02/28/2011 06:49 PM, David Tomaschik wrote:
 Each process has its own copy of the environment inherited from its
 parent, so it's not possible to change the GPG_AGENT_INFO variable for
 all processes.  You could start gpg-agent with --use-standard-socket,
 and programs should fall back to that.

Alternately, since you probably already know the current setting of
GPG_AGENT_INFO, you could just start the agent and link its new socket
to the place where the old one used to be.  Something like (untested):

 old_socket=$(printf %s $GPG_AGENT_INFO | sed 's/:.*$//')
 mkdir -m 0700 -p $(dirname $old_socket)
 eval $(gpg-agent --daemon)
 new_socket=$(printf $s $GPG_AGENT_INFO | sed 's/:.*$//')
 ln $new_socket $old_socket


hth,

--dkg



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Restarting gnupg-agent inside X session

2011-02-28 Thread David Tomaschik 
On 02/28/2011 08:20 PM, Daniel Kahn Gillmor wrote:
 On 02/28/2011 06:49 PM, David Tomaschik wrote:
 Each process has its own copy of the environment inherited from its
 parent, so it's not possible to change the GPG_AGENT_INFO variable for
 all processes.  You could start gpg-agent with --use-standard-socket,
 and programs should fall back to that.
 
 Alternately, since you probably already know the current setting of
 GPG_AGENT_INFO, you could just start the agent and link its new socket
 to the place where the old one used to be.  Something like (untested):
 
  old_socket=$(printf %s $GPG_AGENT_INFO | sed 's/:.*$//')
  mkdir -m 0700 -p $(dirname $old_socket)
  eval $(gpg-agent --daemon)
  new_socket=$(printf $s $GPG_AGENT_INFO | sed 's/:.*$//')
  ln $new_socket $old_socket
 
 
 hth,
 
   --dkg

Other than on systems where $HOME is on a filesystem that does not
support sockets (e.g., NFS/CIFS/etc.), is anyone aware of an issue with
the use of --use-standard-socket?  Seems like it would make restarting
GPG an easier task.

David

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Restarting gnupg-agent inside X session

2011-02-28 Thread Daniel Kahn Gillmor 
On 02/28/2011 08:41 PM, David Tomaschik wrote:
 Other than on systems where $HOME is on a filesystem that does not
 support sockets (e.g., NFS/CIFS/etc.), is anyone aware of an issue with
 the use of --use-standard-socket?  Seems like it would make restarting
 GPG an easier task.

I occasionally like to have multiple agents running, each with different
keys loaded, talking to different processes.  standard-socket wouldn't
let me do that.

i currently play this sort of game more often with ssh-agent than i do
with gpg-agent, but the principle is the same.  It'd be a shame to lose
the flexibility to do this.

--dkg



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users