下面是我的gpg-agent.conf
文件,该log-file
选项指定了放置日志的位置,但是即使gpg-agent
工作正常,日志也从未创建过。
我在想要么该选项被忽略,要么我缺少一些其他选项?
Debian 12
因此,我的环境是systemd
,是否可以将日志放入其他日志文件中?我希望日志文件按照设置写入gpg-agent.conf
# Set the time a cache entry is valid to n seconds.
default-cache-ttl 14400 # 4h
# Set the maximum time a cache entry is valid to n seconds.
max-cache-ttl 28800 # 8h
# Use program filename as the PIN entry.
pinentry-program /usr/bin/pinentry-qt
# This option asks the Pinentry to timeout after n seconds with no user input.
pinentry-timeout 120 # 2min
# Append all logging output to file
log-file /var/log/gpg-agent.log
gpg-agent
文档文件gpg-agent.conf
被放入~/.gnupg/gpg-agent.conf
我已经检查了两者/var/log/user.log
,并且/var/log/syslog
代理没有在那里记录,唯一看到的消息是代理是由systemd
以下是故障排除输出:
gpgconf --check-options gpg-agent
gpg-agent:私钥:/usr/bin/gpg-agent:1:1:
gpgconf --list-options gpg-agent
Monitor:1:0:Options controlling the diagnostic output:0:0::::
verbose:12:0:verbose:0:0::::
debug-level:24:1::1:1::"none::
log-file:8:1:write server mode logs to FILE:32:1:FILE:::"/var/log/gpg-agent.log
Configuration:1:0:Options controlling the configuration:0:0::::
disable-scdaemon:8:1:do not use the SCdaemon:0:0::::
enable-ssh-support:0:0:enable ssh support:0:0::::
ssh-fingerprint-digest:24:2:use ALGO to show ssh fingerprints:1:1:ALGO:"md5::
enable-putty-support:0:0::0:0::::
enable-extended-key-format:8:3::0:0::::
faked-system-time:0:3::1:1::::
Security:1:0:Options controlling the security:0:0::::
default-cache-ttl:24:0:expire cached PINs after N seconds:3:3:N:600::14400
default-cache-ttl-ssh:24:1:expire SSH keys after N seconds:3:3:N:1800::
max-cache-ttl:24:2:set maximum PIN cache lifetime to N seconds:3:3:N:7200::28800
max-cache-ttl-ssh:24:2:set maximum SSH key lifetime to N seconds:3:3:N:7200::
ignore-cache-for-signing:8:0:do not use the PIN cache when signing:0:0::::
no-allow-external-cache:8:0:disallow the use of an external password cache:0:0::::
no-allow-mark-trusted:8:1:disallow clients to mark keys as "trusted":0:0::::
Passphrase policy:1:1:Options enforcing a passphrase policy:0:0::::
enforce-passphrase-constraints:8:2:do not allow bypassing the passphrase policy:0:0::::
min-passphrase-len:24:1:set minimal required length for new passphrases to N:3:3:N:8::
min-passphrase-nonalpha:24:2:require at least N non-alpha characters for a new passphrase:3:3:N:1::
check-passphrase-pattern:8:2:check new passphrases against pattern in FILE:32:1:FILE:::
check-sym-passphrase-pattern:8:2::32:1::::
max-passphrase-days:24:2:expire the passphrase after N days:3:3:N:0::
enable-passphrase-history:8:2:do not allow the reuse of old passphrases:0:0::::
Pinentry:1:1:Options controlling the PIN-Entry:0:0::::
no-allow-loopback-pinentry:8:2:disallow caller to override the pinentry:0:0::::
grab:8:2:let PIN-Entry grab keyboard and mouse:0:0::::
pinentry-timeout:8:1:set the Pinentry timeout to N seconds:3:3:N:::120
allow-emacs-pinentry:8:1:allow passphrase to be prompted through Emacs:0:0::::
答案1
gpg-agent
通常作为用户服务运行,因此它不太可能具有写入/var/log/
.即使您已授予足够的文件/目录权限,也可能有 AppArmor 规则阻止它。
设置指向运行gpg-agent
.