Using systemd to start gpg-agent?

The gpg-agent command starts a daemon, but programs that use it expect certain environment variables (GPG_AGENT_INFO and GPG_TTY) to be set so they know how to communicate with the agent. You have to somehow propagate these from the service script to your shells. The gpg-agent MAN page contains a snippet that starts the daemon and writes a shell code fragment to a file in the user's home

gpg-agent --daemon --write-env-file "${HOME}/.gpg-agent-info"

You can put this line into as shell script and call it from your service file

[Service]
Type=forking
ExecStart=script-file.sh
<...>

The .gpg-agent-info file has to be sourced from every shell. The MAN page recommends

if [ -f "${HOME}/.gpg-agent-info" ]; then
  . "${HOME}/.gpg-agent-info"
  export GPG_AGENT_INFO
fi

GPG_TTY=$(tty)
export GPG_TTY

in your .profile file to do this. Information on how to write systemd service files can be found in the systemd.service MAN page.

Roland W

Posted 2014-06-06T07:44:27.737

Reputation: 261

Yes, that much is clear from reading the man page, but isn't there some way of getting gpg-agent started so that its environment variables makes it into the login session? – Magnus – 2014-06-06T08:44:11.540

@Magnus I think you can do what you want by sourcing .gpg-agent-info from $HOME/.xprofile I use bash as my session command processor (and interactive shell), thus I source my .bashrc from both my .profile and .xprofile files. Then in my .bashrc I have a division: all that should go into the session environment comes first, then I add this test "[[ $- != *i* ]] && return" (no quotes) that detects if it is a non-interactive shell and exits, and all the settings that should go into an interactive environment go at the end of the file. – palopezv – 2014-06-07T20:16:14.133

Using systemd to start gpg-agent?

Answers