Bug#923204: [pkg-gnupg-maint] Bug#923204: Bug#923204: gpg-agent has a false dependency on libpam-systemd
On Mon 2019-02-25 13:33:57 +0100, Werner Koch wrote: > On Sun, 24 Feb 2019 16:56, joshud...@gmail.com said: > >> gpg-agent --server or directly from .profile (ssh sessions) by >> gpg-agent --daemon. > > FWIW, actually gpg-agent is started on-demand from all tools requiring > it. To explicitly start it "gpgconf --launch agent" can and should be > used. On systems where you actually care about all processes terminating when you log out (which is most well-managed systems), you want something that can automatically spawn and reap per-user daemons as they're needed by the user. Users of GNU/Linux systems with systemd as the process supervisor can rely on libpam-systemd to manage user sessions successfully. That way, when you log out, your agent actually goes away, any secrets currently unlocked are flushed, and your overall session (and all related processes) terminates correctly. This allows things like automated unmounting of relevant filesystems, flushing of in-kernel keys, etc. There are many other possible ways to manage per-user daemons on other systems, but if you're already using systemd, it makes no sense to have each daemon re-invent that wheel (and potentially fail to clean up at the end of the session, as Werner's suggestion above does). That's why gpg-agent Suggests: libpam-systemd. If you want to propose better integration with any system or session managers that can be used in Debian (whether systemd or otherwise), i'm all ears -- please submit those changes to the BTS as specific improvements so that we can review them and make things better for users of those systems. Regards, --dkg signature.asc Description: PGP signature
Bug#923204: [pkg-gnupg-maint] Bug#923204: gpg-agent has a false dependency on libpam-systemd
On Sun, 24 Feb 2019 16:56, joshud...@gmail.com said: > gpg-agent --server or directly from .profile (ssh sessions) by > gpg-agent --daemon. FWIW, actually gpg-agent is started on-demand from all tools requiring it. To explicitly start it "gpgconf --launch agent" can and should be used. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. signature.asc Description: PGP signature
Bug#923204: gpg-agent has a false dependency on libpam-systemd
Package: gpg-agent Version: 2.2.12-1 Severity: serious Tags: newcomer Justification: Policy 7.2 gpg-agent has a false dependency on libpam-systemd; while systemd sessions can and do start gpg-agent this is no depenency of gpg-agent. gpg-agent is designed to be started by any session manager with gpg-agent --server or directly from .profile (ssh sessions) by gpg-agent --daemon. Dependency should be removed outright. -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.19.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) LSM: AppArmor: enabled Versions of packages gpg-agent depends on: ii gpgconf 2.2.12-1 ii libassuan0 2.5.2-1 ii libc6 2.28-7 ii libgcrypt20 1.8.4-5 ii libgpg-error0 1.35-1 ii libnpth01.6-1 ii pinentry-gnome3 [pinentry] 1.1.0-1+b1 ii pinentry-gtk2 [pinentry]1.1.0-1+b1 Versions of packages gpg-agent recommends: ii gnupg 2.2.12-1 Versions of packages gpg-agent suggests: pn dbus-user-session ii libpam-systemd-apt-holepunch [libpam-systemd] 1 ii pinentry-gnome31.1.0-1+b1 pn scdaemon -- no debconf information