#43584: gpg-agent: enable launchd integration (including LaunchAgent file) ------------------------+-------------------------------- Reporter: ionic@… | Owner: macports-tickets@… Type: defect | Status: new Priority: Normal | Milestone: Component: ports | Version: Resolution: | Keywords: haspatch Port: gpg-agent | ------------------------+-------------------------------- Comment (by ionic@…): Updated patchset. I have disabled the creation of a UNIX socket in the user's home directory and worked around the fact that one cannot control what the environment variable set via `SecureSocketWithKey` in the `launchd plist` is actually set to (as mentioned, dropping the PID and protocol version information.) This is working for me, but there's a catch: [[BR]]If users have programs starting up right after login, those programs won't inherit the correct environment variable. In order to solve this, one has to restart the application(s) in question. I admit that this is very uncomfortable. However, this solution also has a good side: [[BR]]The SSH agent option is fail-safe. As `gpg-agent` is started after `launchd` initialized all sockets (and environment variables it sets), `SSH_AUTH_SOCK` will always be populated with some value, if another `LaunchAgent` is providing SSH agent support (like for instance Apple's or MacPorts's `ssh-agent`.) `gpg-agent` can query that and gracefully disable SSH agent support, to not collide with the other daemon. This said, I guess that nobody is using SSH agent support in gpg-agent anyway. [[BR]][[BR]] There is another, more intrusive way to do stuff. I could restore the previous behavior (setting `GPG_AGENT_INFO` to "`/tmp /launch-xxxxxx/Listeners`" only) and patch the other GPG ports, so that they accept a "malformed" `GPG_AGENT_INFO` value with the PID and protocol version stripped. This may lead to a race condition when it comes to `SSH_AUTH_SOCK`. I don't know what happens when two Agents define that in their plist files. Probably one of them gets control over it, likely the first one to come. I will thus disable SSH agent support completely. [[BR]][[BR]] In general, I think that an always available `GPG_AGENT_INFO` environment variable without clumsy application restarts outweights the benefits of SSH agent support (and, really, nobody uses this. Apple even ships ssh- agent and it's turned on by default.) -- Ticket URL: <https://trac.macports.org/ticket/43584#comment:5> MacPorts <http://www.macports.org/> Ports system for OS X