From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.0 required=5.0 tests=FREEMAIL_FROM,
	MAILING_LIST_MULTI autolearn=ham autolearn_force=no version=3.4.4
Received: (qmail 21854 invoked from network); 29 Sep 2022 09:37:12 -0000
Received: from alyss.skarnet.org (95.142.172.232)
  by inbox.vuxu.org with ESMTPUTF8; 29 Sep 2022 09:37:12 -0000
Received: (qmail 27895 invoked by uid 89); 29 Sep 2022 09:37:37 -0000
Mailing-List: contact supervision-help@list.skarnet.org; run by ezmlm
Sender: <supervision@list.skarnet.org>
Precedence: bulk
List-Post: <mailto:supervision@list.skarnet.org>
List-Help: <mailto:supervision-help@list.skarnet.org>
List-Unsubscribe: <mailto:supervision-unsubscribe@list.skarnet.org>
List-Subscribe: <mailto:supervision-subscribe@list.skarnet.org>
List-Id: <supervision.list.skarnet.org>
Received: (qmail 27888 invoked from network); 29 Sep 2022 09:37:37 -0000
X-PTMail-RemoteIP: 5.88.202.24
X-PTMail-AllowedSender-Action: 
X-PTMail-Service: default
Date: Thu, 29 Sep 2022 11:37:06 +0200
From: =?utf-8?B?Sm/Do28=?= Pedro Malhado <phlogiston@sapo.pt>
To: Guillermo <gdiazhartusch@gmail.com>
Cc: Supervision <supervision@list.skarnet.org>
Subject: Re: gpg-agent runit run script
Message-ID: <YzVnQlLhN8aBl3SM@pagode>
References: <Yyo14B66Tb4E6MqB@pagode>
 <CADQ2Nw837FVz7JcBxS29RkYTDdK3rHzCbR+QfD+X_ocqg-g1QQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <CADQ2Nw837FVz7JcBxS29RkYTDdK3rHzCbR+QfD+X_ocqg-g1QQ@mail.gmail.com>

Hello Guillermo,

On Wed, Sep 28, 2022 at 03:46:01PM -0300, Guillermo wrote:
> El mar, 20 sept 2022 a las 18:51, João escribió:
> >
> > I would like to have gpg-agent running under runit supervision on a user
> > runsvdir, but I have been unable to write a run script that works.
> > Would anyone have an example run script for gpg-agent, or be able to offer any
> > pointers?
> 
> As already suggested, gpg-agent's --supervised command is probably the
> closest thing that would do what you want, but in that case, gpg-agent
> will:
> 
> * expect to have a properly set up environment, which runit's 'chpst
> -e' could do. This includes variable GPG_TTY, which should contain the
> name of a valid terminal that the supervision tree would have to make
> available.
> * expect to receive a bound and listening UNIX domain socket as file
> descriptor 3, which runit tools alone can't do (but
> s6-ipcserver-socketbinder from s6 can).

Thank you for this. It is this latter aspect of setting up the sockets which I'm
struggling with. You mention that s6 tools can do this. Would I be right to
presume this could be setup in the runit run script in some other way without
s6?
The Void linux manual shows gpg-agent running as an example, but they don't show
the run script, so I don't know how they set it up.
https://docs.voidlinux.org/config/services/user-services.html

Any examples or pointers would be appreciated.


> Then, also as already mentioned, this command has been deprecated
> since GnuPG 2.3.6, so, in my opinion, it's better to just have
> gpg-agent started by other GnuPG programs, as the manual says.
> 

This is a pity as gpg-agent is a long running process which is the sort of thing
you would want to run under supervision.
I guess it is not possible to supervise a process if the rebel thing does not
want to be supervised?

Best regards,
João