agent: Don't start in --supervised mode if no-autostart is enabled.

* agent/gpg-agent.c (main): Print an error message if no-autostart is set in common.conf.
2024-12-22 10:19:57 +01:00 · 2022-09-07 11:53:32 +02:00 · 2022-09-07 11:53:32 +02:00 · abf7d3c545
commit abf7d3c545
parent 0988e49c45
2 changed files with 14 additions and 0 deletions
--- a/agent/gpg-agent.c
+++ b/agent/gpg-agent.c
@ -1517,6 +1517,17 @@ main (int argc, char **argv)
      agent_deinit_default_ctrl (ctrl);
      xfree (ctrl);
    }
+  else if (is_supervised && comopt.no_autostart)
+    {
+      /* If we are running on a server and the user has set
+       * no-autostart for gpg or gpgsm.  gpg-agent would anyway be
+       * started by the supervisor which has the bad effect that it
+       * will steal the socket from a remote server.  Note that
+       * systemd has no knowledge about the lock files we take during
+       * the start operation.  */
+      log_info ("%s %s not starting in supervised mode due to no-autostart.\n",
+                gpgrt_strusage(11), gpgrt_strusage(13) );
+    }
  else if (is_supervised)
    {
 #ifndef HAVE_W32_SYSTEM
--- a/doc/gpg-agent.texi
+++ b/doc/gpg-agent.texi
@ -174,6 +174,9 @@ listening on provided file descriptors, which must already be bound to
 listening sockets.  This option is deprecated and not supported on
 Windows.

+If in @file{common.conf} the option @option{no-autostart} is set, any
+start attemps will be ignored.
+
 In --supervised mode, different file descriptors can be provided for
 use as different socket types (e.g. ssh, extra) as long as they are
 identified in the environment variable @code{LISTEN_FDNAMES} (see