On Fri, 27 Sep 2024 09:23, Phillip Susi said:

> Then how do you convince the agent to work in a chroot?  At first it
> just keep saying inappropriate ioctl for the device.  I tried bind
> mounting /sys, /proc, /dev, and /dev/pts into the chroot and it changed

/var/run/user might also be a good idea.  Instead of doing a chroot you
may want to run the agent under different user and use the extra-socket
feature.  This will be quite some work to get it working but it better
secures your private keys than a chroot.

You may want to first tell us your goals and then we can see how it can
be achieved.  "running in a chroot" is nopt specific enough for useful
help.


Shalom-Salam,

   Werner

-- 
The pioneers of a warless world are the youth that
refuse military service.             - A. Einstein

Attachment: openpgp-digital-signature.asc
Description: PGP signature

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to