Re: gnome-keyring gvfsd-sftp without -daemon on OpenBSD

[Stef Walter <stef-list memberwebs com>]

Alexander Larsson wrote:
> So, if you never want to use the g-k-r ssh agent, why does the
> GetEnvironment call return a ssh agent? Wouldn't it be a better idea to
> disable the ssh-agent part of gnome-keyring?

First of all there needs to be a better way of disabling the
gnome-keyring SSH agent.  In fact I have some ideas in this area that
could might be implementable by 2.30. We would use the standard "Startup
Applications" gnome-session-properties stuff.

gnome-keyring-daemon already has a two phase startup complicated by the
fact that part of it is started by PAM. The second phase calls into a
running daemon and initializes it. [1] This is currently undergoing some
changes, but the principle will remain the same.

I think we could use a similar principle and install an autostart
desktop file which calls into the running daemon and turns on the SSH
agent. This could then be disabled by the user in "Startup Applications".

But IMO that's an aside to the real issue:

I think the reason gvfs-sftp hard codes a call to GetEnvironment is
because gvfsd's autostart often gets started before
gnome-keyring-daemon's autostart. Therefore it won't have the real
SSH_AUTH_SOCK environment variable needed for openssh to use the agent.

Although gnome-keyring-daemon registers its environment variables with
org.gnome.SessionManager the gvfsd horse has already left the barn.

Disclaimer: although I researched the above a while back, I didn't check
that's still the case.

Cheers,

Stef

[1] http://live.gnome.org/GnomeKeyring/RunningDaemon