-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi,
Currently gnome-keyring (if installed) is started in every VM, providing, among other things, SSH agent. There is no sane way to disable it for the user[2]. Since the original reason why it is started this way is not true for a long time, I think about disabling it[1]. The (side?) effect will be - no longer gnome-keyring working as SSH agent, instead standard ssh-agent will be pointed by SSH_AUTH_SOCK variable. For some this may be a feature (as gnome-keyring do not support EC for example), but some may see this as a bug - no longer keys loaded automatically with a nice GUI prompt for a password (if set). It is still possible to enable it back for example by adding it to `~/.profile`. The tricky part is it can't be started just from `/etc/xdg/autostart`, because it isn't possible to set $SSH_AUTH_SOCK in shell environment from there (on real GNOME, some GNOME specific dbus API is used for this). So, now the questions: 1. Is this change in behavior ok? 2. If not, how to enable it by default, to make it easier to disable it if someone want to? [1] https://github.com/marmarek/qubes-gui-agent-linux/pull/21 [2] https://github.com/QubesOS/qubes-issues/issues/2351 - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJYImDTAAoJENuP0xzK19csP4EH/RR82r+omPLp8WG+4yw9e/jM ymIVK4B11BYAo8mMXYZ8nt8Vy0amYK6SAjE8PerLkUgdMeR47/XVL90ICEvYsgst UIbC2fXcaTaPMK4BKv8MAgzzmPdtRTgeu3OzJi8OmhNRA30b0lvKBMJuyzPuX1qw SyNwo1xj90U+aVI5Zl8yKtYSuyLz7+WuCZ3U2fV2LJ9uzwJvx+KbmPMMboQeEnV5 Y2wWQgXvl0hnbToHRrZkMOif2TTy+E1R6+7gwHRSWJtjQzGZnYjufw/W6DtrJnVM PPl/CJMqDgoCJcv7srmMQun3vH/6s8mKLbnHFx54ZjKpwJg87HC6+A0J3c28AIA= =pDS4 -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/20161108233339.GS22572%40mail-itl. For more options, visit https://groups.google.com/d/optout.
