From eae28f1bd4a5632e8f8e85b7248d1c4d4a10a5ed Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Mon, 23 Jan 2023 16:34:19 +0100 Subject: [PATCH] doc: Remove profile and systemd example files. -- The profiles are not any longer useful because global options are way more powerful (/etc/gnupg/gpg.conf et al.). The use of systemd is deprecated because of additional complexity and the race between systemd based autolaunching and the explicit gnupg based and lockfile protected autolaunching. GnuPG-bug-id: 6336 --- doc/Makefile.am | 15 +---- doc/examples/README | 2 - doc/examples/VS-NfD.prf | 24 ------- doc/examples/debug.prf | 29 -------- doc/examples/gpgconf.conf | 4 ++ doc/examples/systemd-user/README | 66 ------------------- doc/examples/systemd-user/dirmngr.service | 8 --- doc/examples/systemd-user/dirmngr.socket | 11 ---- .../systemd-user/gpg-agent-browser.socket | 13 ---- .../systemd-user/gpg-agent-extra.socket | 13 ---- .../systemd-user/gpg-agent-ssh.socket | 13 ---- doc/examples/systemd-user/gpg-agent.service | 8 --- doc/examples/systemd-user/gpg-agent.socket | 12 ---- 13 files changed, 6 insertions(+), 212 deletions(-) delete mode 100644 doc/examples/VS-NfD.prf delete mode 100644 doc/examples/debug.prf delete mode 100644 doc/examples/systemd-user/README delete mode 100644 doc/examples/systemd-user/dirmngr.service delete mode 100644 doc/examples/systemd-user/dirmngr.socket delete mode 100644 doc/examples/systemd-user/gpg-agent-browser.socket delete mode 100644 doc/examples/systemd-user/gpg-agent-extra.socket delete mode 100644 doc/examples/systemd-user/gpg-agent-ssh.socket delete mode 100644 doc/examples/systemd-user/gpg-agent.service delete mode 100644 doc/examples/systemd-user/gpg-agent.socket diff --git a/doc/Makefile.am b/doc/Makefile.am index 0093c43a8..390153c76 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -22,18 +22,9 @@ AM_CPPFLAGS = include $(top_srcdir)/am/cmacros.am examples = examples/README examples/scd-event examples/trustlist.txt \ - examples/VS-NfD.prf examples/Automatic.prf \ - examples/debug.prf examples/qualified.txt \ + examples/qualified.txt \ examples/common.conf \ examples/gpgconf.rnames examples/gpgconf.conf \ - examples/systemd-user/README \ - examples/systemd-user/dirmngr.service \ - examples/systemd-user/dirmngr.socket \ - examples/systemd-user/gpg-agent.service \ - examples/systemd-user/gpg-agent.socket \ - examples/systemd-user/gpg-agent-ssh.socket \ - examples/systemd-user/gpg-agent-browser.socket \ - examples/systemd-user/gpg-agent-extra.socket \ examples/pwpattern.list helpfiles = help.txt help.be.txt help.ca.txt help.cs.txt \ @@ -44,8 +35,6 @@ helpfiles = help.txt help.be.txt help.ca.txt help.cs.txt \ help.pt_BR.txt help.ro.txt help.ru.txt help.sk.txt \ help.sv.txt help.tr.txt help.zh_CN.txt help.zh_TW.txt -profiles = - EXTRA_DIST = samplekeys.asc mksamplekeys com-certs.pem \ gnupg-logo.pdf gnupg-logo.png gnupg-logo-tr.png \ gnupg-module-overview.png gnupg-module-overview.pdf \ @@ -61,7 +50,7 @@ BUILT_SOURCES = gnupg-module-overview.png gnupg-module-overview.pdf \ info_TEXINFOS = gnupg.texi -dist_pkgdata_DATA = $(helpfiles) $(profiles) +dist_pkgdata_DATA = $(helpfiles) nobase_dist_doc_DATA = FAQ DETAILS HACKING DCO TRANSLATE OpenPGP KEYSERVER \ $(examples) diff --git a/doc/examples/README b/doc/examples/README index 67508c471..cd341ab57 100644 --- a/doc/examples/README +++ b/doc/examples/README @@ -8,8 +8,6 @@ trustlist.txt A list of trustworthy root certificates gpgconf.conf A sample configuration file for gpgconf. -systemd-user Sample files for a Linux-only init system. - qualified.txt Sample file for qualified.txt. common.conf Sample file for common options. diff --git a/doc/examples/VS-NfD.prf b/doc/examples/VS-NfD.prf deleted file mode 100644 index edb9e018e..000000000 --- a/doc/examples/VS-NfD.prf +++ /dev/null @@ -1,24 +0,0 @@ -# VS-NfD.prf - Configure options for the VS-NfD mode -*- conf -*- -# -# The options for each tool are configured in a section ("[TOOL]"); -# see the respective man page for a description of these options and -# the gpgconf manpage for a description of this file's syntax. - -[gpg] -compliance de-vs - -[gpgsm] -compliance de-vs -enable-crl-checks - -[gpg-agent] -default-cache-ttl 900 -max-cache-ttl 3600 -no-allow-mark-trusted -no-allow-external-cache -enforce-passphrase-constraints -min-passphrase-len 9 -min-passphrase-nonalpha 0 - -[dirmngr] -allow-ocsp diff --git a/doc/examples/debug.prf b/doc/examples/debug.prf deleted file mode 100644 index f635fc88e..000000000 --- a/doc/examples/debug.prf +++ /dev/null @@ -1,29 +0,0 @@ -# debug.prf - Configure options for easier debugging -*- conf -*- -# -# Note that the actual debug options for each component need to be set -# manually. Running the component with "--debug help" shows a list of -# supported values. To watch the logs this command can be used: -# -# watchgnupg --time-only --force $(gpgconf --list-dirs socketdir)/S.log -# - -[gpg] -log-file socket:// -verbose -#debug ipc - -[gpgsm] -log-file socket:// -verbose -#debug ipc - -[gpg-agent] -log-file socket:// -verbose -#debug ipc -#debug-pinentry - -[dirmngr] -log-file socket:// -verbose -#debug ipc,dns diff --git a/doc/examples/gpgconf.conf b/doc/examples/gpgconf.conf index a61d4d453..314b955b9 100644 --- a/doc/examples/gpgconf.conf +++ b/doc/examples/gpgconf.conf @@ -1,5 +1,9 @@ # gpgconf.conf - configuration for gpgconf #---------------------------------------------------------------------- +# +# === The use of this feature is deprecated === +# == Please use the more powerful global options. == +# # This file is read by gpgconf(1) to setup defaults for all or # specified users and groups. It may be used to change the hardwired # defaults in gpgconf and to enforce certain values for the various diff --git a/doc/examples/systemd-user/README b/doc/examples/systemd-user/README deleted file mode 100644 index 43122f568..000000000 --- a/doc/examples/systemd-user/README +++ /dev/null @@ -1,66 +0,0 @@ -Socket-activated dirmngr and gpg-agent with systemd -=================================================== - -When used on a GNU/Linux system supervised by systemd, you can ensure -that the GnuPG daemons dirmngr and gpg-agent are launched -automatically the first time they're needed, and shut down cleanly at -session logout. This is done by enabling user services via -socket-activation. - -System distributors -------------------- - -The *.service and *.socket files (from this directory) should be -placed in /usr/lib/systemd/user/ alongside other user-session services -and sockets. - -To enable socket-activated dirmngr for all accounts on the system, -use: - - systemctl --user --global enable dirmngr.socket - -To enable socket-activated gpg-agent for all accounts on the system, -use: - - systemctl --user --global enable gpg-agent.socket - -Additionally, you can enable socket-activated gpg-agent ssh-agent -emulation for all accounts on the system with: - - systemctl --user --global enable gpg-agent-ssh.socket - -You can also enable restricted ("--extra-socket"-style) gpg-agent -sockets for all accounts on the system with: - - systemctl --user --global enable gpg-agent-extra.socket - -Individual users ----------------- - -A user on a system with systemd where this has not been installed -system-wide can place these files in ~/.config/systemd/user/ to make -them available. - -If a given service isn't installed system-wide, or if it's installed -system-wide but not globally enabled, individual users will still need -to enable them. For example, to enable socket-activated dirmngr for -all future sessions: - - systemctl --user enable dirmngr.socket - -To enable socket-activated gpg-agent with ssh support, do: - - systemctl --user enable gpg-agent.socket gpg-agent-ssh.socket - -These changes won't take effect until your next login after you've -fully logged out (be sure to terminate any running daemons before -logging out). - -If you'd rather try a socket-activated GnuPG daemon in an -already-running session without logging out (with or without enabling -it for all future sessions), kill any existing daemon and start the -user socket directly. For example, to set up socket-activated dirmgnr -in the current session: - - gpgconf --kill dirmngr - systemctl --user start dirmngr.socket diff --git a/doc/examples/systemd-user/dirmngr.service b/doc/examples/systemd-user/dirmngr.service deleted file mode 100644 index 3c060cde5..000000000 --- a/doc/examples/systemd-user/dirmngr.service +++ /dev/null @@ -1,8 +0,0 @@ -[Unit] -Description=GnuPG network certificate management daemon -Documentation=man:dirmngr(8) -Requires=dirmngr.socket - -[Service] -ExecStart=/usr/bin/dirmngr --supervised -ExecReload=/usr/bin/gpgconf --reload dirmngr diff --git a/doc/examples/systemd-user/dirmngr.socket b/doc/examples/systemd-user/dirmngr.socket deleted file mode 100644 index ebabf896a..000000000 --- a/doc/examples/systemd-user/dirmngr.socket +++ /dev/null @@ -1,11 +0,0 @@ -[Unit] -Description=GnuPG network certificate management daemon -Documentation=man:dirmngr(8) - -[Socket] -ListenStream=%t/gnupg/S.dirmngr -SocketMode=0600 -DirectoryMode=0700 - -[Install] -WantedBy=sockets.target diff --git a/doc/examples/systemd-user/gpg-agent-browser.socket b/doc/examples/systemd-user/gpg-agent-browser.socket deleted file mode 100644 index bc8d344e1..000000000 --- a/doc/examples/systemd-user/gpg-agent-browser.socket +++ /dev/null @@ -1,13 +0,0 @@ -[Unit] -Description=GnuPG cryptographic agent and passphrase cache (access for web browsers) -Documentation=man:gpg-agent(1) - -[Socket] -ListenStream=%t/gnupg/S.gpg-agent.browser -FileDescriptorName=browser -Service=gpg-agent.service -SocketMode=0600 -DirectoryMode=0700 - -[Install] -WantedBy=sockets.target diff --git a/doc/examples/systemd-user/gpg-agent-extra.socket b/doc/examples/systemd-user/gpg-agent-extra.socket deleted file mode 100644 index 5b87d09df..000000000 --- a/doc/examples/systemd-user/gpg-agent-extra.socket +++ /dev/null @@ -1,13 +0,0 @@ -[Unit] -Description=GnuPG cryptographic agent and passphrase cache (restricted) -Documentation=man:gpg-agent(1) - -[Socket] -ListenStream=%t/gnupg/S.gpg-agent.extra -FileDescriptorName=extra -Service=gpg-agent.service -SocketMode=0600 -DirectoryMode=0700 - -[Install] -WantedBy=sockets.target diff --git a/doc/examples/systemd-user/gpg-agent-ssh.socket b/doc/examples/systemd-user/gpg-agent-ssh.socket deleted file mode 100644 index 798c1d967..000000000 --- a/doc/examples/systemd-user/gpg-agent-ssh.socket +++ /dev/null @@ -1,13 +0,0 @@ -[Unit] -Description=GnuPG cryptographic agent (ssh-agent emulation) -Documentation=man:gpg-agent(1) man:ssh-add(1) man:ssh-agent(1) man:ssh(1) - -[Socket] -ListenStream=%t/gnupg/S.gpg-agent.ssh -FileDescriptorName=ssh -Service=gpg-agent.service -SocketMode=0600 -DirectoryMode=0700 - -[Install] -WantedBy=sockets.target diff --git a/doc/examples/systemd-user/gpg-agent.service b/doc/examples/systemd-user/gpg-agent.service deleted file mode 100644 index a050fccdc..000000000 --- a/doc/examples/systemd-user/gpg-agent.service +++ /dev/null @@ -1,8 +0,0 @@ -[Unit] -Description=GnuPG cryptographic agent and passphrase cache -Documentation=man:gpg-agent(1) -Requires=gpg-agent.socket - -[Service] -ExecStart=/usr/bin/gpg-agent --supervised -ExecReload=/usr/bin/gpgconf --reload gpg-agent diff --git a/doc/examples/systemd-user/gpg-agent.socket b/doc/examples/systemd-user/gpg-agent.socket deleted file mode 100644 index 4257c2c80..000000000 --- a/doc/examples/systemd-user/gpg-agent.socket +++ /dev/null @@ -1,12 +0,0 @@ -[Unit] -Description=GnuPG cryptographic agent and passphrase cache -Documentation=man:gpg-agent(1) - -[Socket] -ListenStream=%t/gnupg/S.gpg-agent -FileDescriptorName=std -SocketMode=0600 -DirectoryMode=0700 - -[Install] -WantedBy=sockets.target