Re: Restarting gnupg-agent inside X session
On Tue, 1 Mar 2011 02:41, da...@systemoverlord.com said: Other than on systems where $HOME is on a filesystem that does not support sockets (e.g., NFS/CIFS/etc.), is anyone aware of an issue with the use of --use-standard-socket? Seems like it would make restarting GnuPG 2.1 will use --use-standard-socket by default. The windows port does this for years. If you want to run a second gpg-agent, you need to use a different homedir, though. I use unset GPG_AGENT_INFO unset SSH_AGENT_PID export SSH_AUTH_SOCK=${HOME}/.gnupg/S.gpg-agent.ssh in the startup script for interactive shells. The only software which does not work correctly is Easypg because it uses GPG_AGENT_INFO to decide whether it shall ask for a passphrase; given that this is Emacs, I can easily fix it. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Restarting gnupg-agent inside X session
Daniel Kahn Gillmor wrote: On 02/28/2011 06:49 PM, David Tomaschik wrote: Each process has its own copy of the environment inherited from its parent, so it's not possible to change the GPG_AGENT_INFO variable for all processes. You could start gpg-agent with --use-standard-socket, and programs should fall back to that. Alternately, since you probably already know the current setting of GPG_AGENT_INFO, you could just start the agent and link its new socket to the place where the old one used to be. Something like (untested): old_socket=$(printf %s $GPG_AGENT_INFO | sed 's/:.*$//') mkdir -m 0700 -p $(dirname $old_socket) eval $(gpg-agent --daemon) new_socket=$(printf $s $GPG_AGENT_INFO | sed 's/:.*$//') ln $new_socket $old_socket David and Daniel, many thanks for your suggestions! I was not aware of the --use-standard-socket option. I think this will do it for me. Linking the new socket to the old one is also a nice way I didn't think of and maybe it will be useful someday. Marco -- OpenPGP Key ID: 0x62937F7F signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Restarting gnupg-agent inside X session
Hi, I use a OpenPGP smartcard with gnupg 2.0.14 and Ubuntu for different tasks. From time to time I face the following problem: The gpg-agent crashes for some reason after entering the PIN, 'ps' reports the daemon process as a zombie STAT START TIME COMMAND Zs Feb26 0:01 [gpg-agent] defunct and 'gpgconf --reload scdaemon' gives the following error: gpgconf: error running `/usr/bin/gpg-connect-agent': exit status 1 gpgconf: error running `/usr/bin/gpg-connect-agent scd killscd': General error One problem is the fact that the agent crashes but I'm more after a solution how to recover after it crashed for any reason. I can restart the gpg-agent inside a terminal but then it is not available for applications such as Thunderbird with Enigmail. So far, the only solution that I know of is restarting the X session, i.e. log out and log in again. But to do this I have to close all running applications which sometimes is not an option. Therefore I wonder if anybody knows of a solution to restart gpg-agent on the level of the gnome-session without restarting the session itself. Perhaps one way would be to somehow change the GPG_AGENT_INFO environment variable for the running session, but I don't know if that's possible. Any ideas? Many thanks, Marco ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Restarting gnupg-agent inside X session
On 02/28/2011 06:17 PM, Marco Steinacher wrote: Hi, I use a OpenPGP smartcard with gnupg 2.0.14 and Ubuntu for different tasks. From time to time I face the following problem: The gpg-agent crashes for some reason after entering the PIN, 'ps' reports the daemon process as a zombie STAT START TIME COMMAND Zs Feb26 0:01 [gpg-agent] defunct and 'gpgconf --reload scdaemon' gives the following error: gpgconf: error running `/usr/bin/gpg-connect-agent': exit status 1 gpgconf: error running `/usr/bin/gpg-connect-agent scd killscd': General error One problem is the fact that the agent crashes but I'm more after a solution how to recover after it crashed for any reason. I can restart the gpg-agent inside a terminal but then it is not available for applications such as Thunderbird with Enigmail. So far, the only solution that I know of is restarting the X session, i.e. log out and log in again. But to do this I have to close all running applications which sometimes is not an option. Therefore I wonder if anybody knows of a solution to restart gpg-agent on the level of the gnome-session without restarting the session itself. Perhaps one way would be to somehow change the GPG_AGENT_INFO environment variable for the running session, but I don't know if that's possible. Any ideas? Many thanks, Marco Each process has its own copy of the environment inherited from its parent, so it's not possible to change the GPG_AGENT_INFO variable for all processes. You could start gpg-agent with --use-standard-socket, and programs should fall back to that. --use-standard-socket --no-use-standard-socket By enabling this option gpg-agent will listen on the socket named ‘S.gpg-agent’, located in the home directory, and not cre‐ ate a random socket below a temporary directory. Tools connect‐ ing to gpg-agent should first try to connect to the socket given in environment variable GPG_AGENT_INFO and then fall back to this socket. This option may not be used if the home directory is mounted as a remote file system. Note, that --use-standard- socket is the default on Windows systems. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Restarting gnupg-agent inside X session
On 02/28/2011 06:49 PM, David Tomaschik wrote: Each process has its own copy of the environment inherited from its parent, so it's not possible to change the GPG_AGENT_INFO variable for all processes. You could start gpg-agent with --use-standard-socket, and programs should fall back to that. Alternately, since you probably already know the current setting of GPG_AGENT_INFO, you could just start the agent and link its new socket to the place where the old one used to be. Something like (untested): old_socket=$(printf %s $GPG_AGENT_INFO | sed 's/:.*$//') mkdir -m 0700 -p $(dirname $old_socket) eval $(gpg-agent --daemon) new_socket=$(printf $s $GPG_AGENT_INFO | sed 's/:.*$//') ln $new_socket $old_socket hth, --dkg signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Restarting gnupg-agent inside X session
On 02/28/2011 08:20 PM, Daniel Kahn Gillmor wrote: On 02/28/2011 06:49 PM, David Tomaschik wrote: Each process has its own copy of the environment inherited from its parent, so it's not possible to change the GPG_AGENT_INFO variable for all processes. You could start gpg-agent with --use-standard-socket, and programs should fall back to that. Alternately, since you probably already know the current setting of GPG_AGENT_INFO, you could just start the agent and link its new socket to the place where the old one used to be. Something like (untested): old_socket=$(printf %s $GPG_AGENT_INFO | sed 's/:.*$//') mkdir -m 0700 -p $(dirname $old_socket) eval $(gpg-agent --daemon) new_socket=$(printf $s $GPG_AGENT_INFO | sed 's/:.*$//') ln $new_socket $old_socket hth, --dkg Other than on systems where $HOME is on a filesystem that does not support sockets (e.g., NFS/CIFS/etc.), is anyone aware of an issue with the use of --use-standard-socket? Seems like it would make restarting GPG an easier task. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Restarting gnupg-agent inside X session
On 02/28/2011 08:41 PM, David Tomaschik wrote: Other than on systems where $HOME is on a filesystem that does not support sockets (e.g., NFS/CIFS/etc.), is anyone aware of an issue with the use of --use-standard-socket? Seems like it would make restarting GPG an easier task. I occasionally like to have multiple agents running, each with different keys loaded, talking to different processes. standard-socket wouldn't let me do that. i currently play this sort of game more often with ssh-agent than i do with gpg-agent, but the principle is the same. It'd be a shame to lose the flexibility to do this. --dkg signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users