Running GnuPG on NFS mounted home partitions

The remote file system NFS and some other remote file systems do not allow the creation of special files. Now, GnuPG >= 2.1 uses fixed Unix domain socket names in the home directory which requires a special setup. For example the socket used to talk to the gpg-agent is ~/.gnupg/S.gpg-agent. If the home directory (~/) is NFS mounted you need to create a plain text file with that name and this content:

%Assuan%
socket=/var/run/USERNAME/S.gpg-agent

Note that no white spaces are allowed, both lines must be terminated by a single linefeed, and extra lines are not allowed.

This is a redirection file which uses the given socket instead of ~/.gnupg/S.gpg-agent The trick here is that /var/run is supposed to be a local file. The redirection file may evaluate environment variables. For example:

%Assuan%
socket=/var/run/gpg-sockets/${USER}/${HOSTNAME}.gpg-agent

redirects to a socket name made up of the username and the curent host. Using per user directories is suggested to setup proper permissions.

Note that Libassuan >= 2.2.0 must be used to enable this socket redirection.

NFS (last edited 2015-09-21 13:38:25 by Werner Koch)