supervision - discussion about system services, daemon supervision, init, runlevel management, and tools such as s6 and runit
 help / color / mirror / Atom feed
From: "João Pedro Malhado" <phlogiston@sapo.pt>
To: Guillermo <gdiazhartusch@gmail.com>
Cc: Supervision <supervision@list.skarnet.org>
Subject: Re: gpg-agent runit run script
Date: Thu, 29 Sep 2022 11:37:06 +0200	[thread overview]
Message-ID: <YzVnQlLhN8aBl3SM@pagode> (raw)
In-Reply-To: <CADQ2Nw837FVz7JcBxS29RkYTDdK3rHzCbR+QfD+X_ocqg-g1QQ@mail.gmail.com>

Hello Guillermo,

On Wed, Sep 28, 2022 at 03:46:01PM -0300, Guillermo wrote:
> El mar, 20 sept 2022 a las 18:51, João escribió:
> >
> > I would like to have gpg-agent running under runit supervision on a user
> > runsvdir, but I have been unable to write a run script that works.
> > Would anyone have an example run script for gpg-agent, or be able to offer any
> > pointers?
> 
> As already suggested, gpg-agent's --supervised command is probably the
> closest thing that would do what you want, but in that case, gpg-agent
> will:
> 
> * expect to have a properly set up environment, which runit's 'chpst
> -e' could do. This includes variable GPG_TTY, which should contain the
> name of a valid terminal that the supervision tree would have to make
> available.
> * expect to receive a bound and listening UNIX domain socket as file
> descriptor 3, which runit tools alone can't do (but
> s6-ipcserver-socketbinder from s6 can).

Thank you for this. It is this latter aspect of setting up the sockets which I'm
struggling with. You mention that s6 tools can do this. Would I be right to
presume this could be setup in the runit run script in some other way without
s6?
The Void linux manual shows gpg-agent running as an example, but they don't show
the run script, so I don't know how they set it up.
https://docs.voidlinux.org/config/services/user-services.html

Any examples or pointers would be appreciated.


> Then, also as already mentioned, this command has been deprecated
> since GnuPG 2.3.6, so, in my opinion, it's better to just have
> gpg-agent started by other GnuPG programs, as the manual says.
> 

This is a pity as gpg-agent is a long running process which is the sort of thing
you would want to run under supervision.
I guess it is not possible to supervise a process if the rebel thing does not
want to be supervised?

Best regards,
João

  reply	other threads:[~2022-09-29  9:37 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-09-20 21:51 João
2022-09-26 17:04 ` Alyssa Ross
2022-09-29  9:20   ` João
2022-09-29  9:23     ` Ellenor Bjornsdottir
2022-09-28 18:46 ` Guillermo
2022-09-29  9:37   ` João Pedro Malhado [this message]
2022-09-29 12:12     ` Alexis
2022-09-29 21:56       ` Guillermo
2022-09-30  2:00         ` Alexis
2022-09-30  9:06       ` João

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=YzVnQlLhN8aBl3SM@pagode \
    --to=phlogiston@sapo.pt \
    --cc=gdiazhartusch@gmail.com \
    --cc=supervision@list.skarnet.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).