summaryrefslogtreecommitdiffstats
path: root/doc/examples/systemd-user/README
blob: 43122f568e5d4da52297d0982c25d33eb8b82b1f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
Socket-activated dirmngr and gpg-agent with systemd
===================================================

When used on a GNU/Linux system supervised by systemd, you can ensure
that the GnuPG daemons dirmngr and gpg-agent are launched
automatically the first time they're needed, and shut down cleanly at
session logout.  This is done by enabling user services via
socket-activation.

System distributors
-------------------

The *.service and *.socket files (from this directory) should be
placed in /usr/lib/systemd/user/ alongside other user-session services
and sockets.

To enable socket-activated dirmngr for all accounts on the system,
use:

    systemctl --user --global enable dirmngr.socket

To enable socket-activated gpg-agent for all accounts on the system,
use:

    systemctl --user --global enable gpg-agent.socket

Additionally, you can enable socket-activated gpg-agent ssh-agent
emulation for all accounts on the system with:

    systemctl --user --global enable gpg-agent-ssh.socket

You can also enable restricted ("--extra-socket"-style) gpg-agent
sockets for all accounts on the system with:

    systemctl --user --global enable gpg-agent-extra.socket

Individual users
----------------

A user on a system with systemd where this has not been installed
system-wide can place these files in ~/.config/systemd/user/ to make
them available.

If a given service isn't installed system-wide, or if it's installed
system-wide but not globally enabled, individual users will still need
to enable them.  For example, to enable socket-activated dirmngr for
all future sessions:

    systemctl --user enable dirmngr.socket

To enable socket-activated gpg-agent with ssh support, do:

    systemctl --user enable gpg-agent.socket gpg-agent-ssh.socket

These changes won't take effect until your next login after you've
fully logged out (be sure to terminate any running daemons before
logging out).

If you'd rather try a socket-activated GnuPG daemon in an
already-running session without logging out (with or without enabling
it for all future sessions), kill any existing daemon and start the
user socket directly.  For example, to set up socket-activated dirmgnr
in the current session:

    gpgconf --kill dirmngr
    systemctl --user start dirmngr.socket