Page MenuHome GnuPG

gpg-agent instances leak
Closed, ResolvedPublic

Description

We run gpg2 from another program. A typical command would be:

gpg2 --homedir $tmpdir --status-file logfile --import keyfile

In all cases we pass a temporary directory as --homedir because we don't want to interfere or use the user's own gpg keys.

After the program runs the temporary directory is deleted.

After this, gpg-agent instances are found to be leaking:

16543 ?        Ss     0:00 gpg-agent --homedir /tmp/virt-builder.eYvl5v/vb.gpghome.zyHsvg --use-standard-socket --daemon
16559 ?        Ss     0:00 gpg-agent --homedir /tmp/virt-builder.eYvl5v/vb.gpghome.MN7zSD --use-standard-socket --daemon

They basically hang around forever as far as I can tell.

Details

Version
gnupg2-2.1.21-2.fc26.x86_64

Event Timeline

rwmj updated the task description. (Show Details)

For anyone following this bug, someone has worked out a (very awkward) workaround: https://stackoverflow.com/a/27689596/2505159

werner triaged this task as High priority.
werner added a project: gnupg (gpg22).
werner added a subscriber: werner.

Well, this is a regression due to us creating creating /run/user/gnupg/ socket directories now on the fly. Thus there is no more need to create non-default home directories via gpgconf. Now, gpg-agent watches the socket file and terminates itself as soon as the socket file vanishes. Before that change the socket for a non-default home directory was created in the homedir itself and thus removing the homedir also removed the socket file and in turn gpg-agent terminated itself.

The solution is to also watch the home directory...

I commited a change which should fix this on Linux

I have tested this and it appears to fix the leak of gpg-agent processes in virt-builder, thanks.

werner removed a project: Testing.