Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 486025 - [PATCH] Use gpg-agent --write-env-file
Summary: [PATCH] Use gpg-agent --write-env-file
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: kde-settings
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Rex Dieter
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2009-02-17 22:12 UTC by Ville Skyttä
Modified: 2009-03-02 18:08 UTC (History)
6 users (show)

Fixed In Version: 4.2-4.20090225svn
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2009-03-02 18:08:41 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)
Make gpg-agent startup use --write-env-file (1.11 KB, patch)
2009-02-17 22:12 UTC, Ville Skyttä 		no flags Details | Diff
View All

Description Ville Skyttä 2009-02-17 22:12:44 UTC 
Created attachment 332308 [details]
Make gpg-agent startup use --write-env-file

I'm tweaking KDE and keychain to play better together wrt. starting up gpg-agent.  Currently when both are installed and enabled, a bunch of gpg-agents may end up running (and also left running after a KDE logout [0]) without a way to easliy access them, so they're there for no benefit.

The first part of this is that kde-settings and keychain should agree on the format of ~/.gpg-agent-info.  The best choice seems to me to be the format that gpg-agent --write-env-file writes, i.e. "GPG_AGENT_INFO=/tmp/..." instead of just "/tmp/...".  The benefits of this format are ease of writing with gpg-agent --write-env-file, ease of sourcing in most shells, automatic support for cases where someone wants to use gpg-agent for SSH keys in addition to GPG ones, and a better match with upstream gpg-agent docs.

The gpg-agent man page contains a bunch of examples regarding ~/.gpg-agent-info, most of which assume the GPG_AGENT_INFO=... format, except one which I think is bug/outdated and I've reported it upstream: https://bugs.g10code.com/gnupg/issue1002

The attached patch changes /etc/kde/env/gpg-agent-startup.sh to write and read ~/.gpg-agent-info in the GPG_AGENT_INFO=... format, using --write-env-file (available since gnupg2 1.9.17).  When this is in, keychain can be trivially patched so that the end result is the expected: only one gpg-agent running, and environment properly set up to point to it.

[0] Leaving the agent running after logout from KDE is actually sometimes desired, but that's a separate issue.
Comment 1 Rex Dieter 2009-02-18 15:12:20 UTC 
Thanks, I've been meaning to just this for quite awhile, but never quite got round-tuit.
Comment 2 Rex Dieter 2009-02-18 15:50:50 UTC 
fix included in kde-settings-4.2-3
Comment 3 Ville Skyttä 2009-02-19 15:06:38 UTC 
Thanks.

One question though: looks like "export GPG_TTY=$(tty)" was removed without a comment when applying the change, was that intentional?

https://fedorahosted.org/kde-settings/changeset/29

That change was not in the patch I attached, reopening for clarification.

And FWIW, --write-env-file ${GPG_AGENT_INFO_FILE} works for me (F-9) but I suppose there's no real harm in just using the default as was done in svn r30.
Comment 4 Rex Dieter 2009-02-19 15:50:24 UTC 
oops, not intentional.
Comment 5 Ville Skyttä 2009-03-02 18:08:41 UTC 
GPG_TTY seems to be back in 4.2-4.20090225svn
Note You need to log in before you can comment on or make changes to this bug.