On Sun 2017-11-26 12:00:31 +0100, Ansgar Burchardt wrote: > gpg(-agent) uses a different socketdir when a non-default homedir is > specified depending on the environment: > > If /run/user/<id> exists, it will use /run/user/<id>/gnupg/d.<hash>; > otherwise it will fall back to <homedir>. XDG_RUNTIME_DIR is > intentionally ignored...
this is a deliberate choice by upstream. > This does cause multiple instances of gpg-agent to be launched when > first invoking `gpg` with no open login session (/run/user/<id> does > not exist) and then again with an open login session open (which > created /run/user/<id>). how are you launching gpg without a login session? that's not a common workflow from what i can tell. > Only one gpg-agent will be able to access smartcards, the other will > just give an error. yes, smartcard access is limited to one running scdaemon per machine. > If both `gpg` invocations happened outside a login session, usually > XDG_RUNTIME_DIR wouldn't be set and gpg would always use the same > socket location (unless also invoked from within a session with > XDG_RUNTIME_DIR set). Or one could set XDG_RUNTIME_DIR to a fixed > location before invoking gpg (or unset it), but gpg ignores that > variable. If you're concerned about XDG_RUNTIME_DIR, you should try to re-open discussion with upstream about it: https://dev.gnupg.org/T1330 If upstream can't be convinced, and you've got a patch that you think debian should carry to be more distro-compatible, feel free to propose it on this bug report. > In addition it would be nice if there was an option to explicitly > configure a socket directory to allow using supervision for > gpg-agent's with a non-default homedir (and not having to rely on > implementation details like d.${hash} which might change). I don't understand what you're asking for here. The socket path used by the clients of the agent should be stable if you discover the agent's socket path like so: gpgconf --homedir=/wherever --list-dirs agent-socket So you should be able to supervise that location, right? or are you looking for something else? --dkg
