Supervised gpg-agent on FreeBSD
artur.brzozowski
artur.brzozowski at protonmail.com
Fri Jun 17 14:23:48 CEST 2022
Hello.
I've been trying to get gpg-agent running under supervision using
FreeBSD's native daemon(8) [1]
The description for the utility states the following: The daemon
utility detaches itself from the controlling terminal and executes the
program specified by its arguments. Privileges may be lowered to the
specified user. The output of the daemonized process may be redirected
to syslog and to a log file.
This requires that the program executed by daemon(8) stays attached to
the parent process - the daemon(8) supervisor.
Looking at gpg-agent(1) [2] options, I see a choice between:
--server - but it uses stdin instead of a socket for communication
(not sure if desirable)
--daemon - but it detaches itself from the spawning process
(undesirable)
--supervised - seemingly fitting, but may require some utilities
specific to GNU/Linux
I usually run my services using the following template:
/usr/sbin/daemon -f -P "${pidfile_supervisor}" -p "${pidfile_daemon}"
-r -- gpg-agent --server|--supervised|--daemon
"-f" redirects standard input, standard output and standard error to
/dev/null
"-P" sets the path to the supervisor/daemon(8) pidfile
"-p" likewise, but for the child/gpg-agent
"-r" instructs the supervisor to restart the child process if it
terminates
This brings me to my question:
Is there a way to run gpg-agent in the foreground (like for --server
or --supervisor), but keep it listening to the standard socket (unlike
--server)? Or, in other words, like gpg-agent --daemon, but without
the detachment, so that it can stay glued to the daemon(8) process.
As a reference, I run Emacs in such way without any trouble - a simple
"daemon [options...] -- emacs --fg-daemon" suffices in that case.
~Artur
[1] https://www.freebsd.org/cgi/man.cgi?daemon(8)
[2] https://www.freebsd.org/cgi/man.cgi?gpg-agent(1)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20220617/217f4a8f/attachment.html>
More information about the Gnupg-users
mailing list