agent: Don't start in --supervised mode if no-autostart is enabled.

* agent/gpg-agent.c (main): Print an error message if no-autostart is
set in common.conf.

2 files changed, 14 insertions, 0 deletions

diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
index 7194e020a..fad2a363e 100644
--- a/agent/gpg-agent.c
+++ b/agent/gpg-agent.c
@@ -1517,6 +1517,17 @@ main (int argc, char **argv)
       agent_deinit_default_ctrl (ctrl);
       xfree (ctrl);
     }
+  else if (is_supervised && comopt.no_autostart)
+    {
+      /* If we are running on a server and the user has set
+       * no-autostart for gpg or gpgsm.  gpg-agent would anyway be
+       * started by the supervisor which has the bad effect that it
+       * will steal the socket from a remote server.  Note that
+       * systemd has no knowledge about the lock files we take during
+       * the start operation.  */
+      log_info ("%s %s not starting in supervised mode due to no-autostart.\n",
+                gpgrt_strusage(11), gpgrt_strusage(13) );
+    }
   else if (is_supervised)
     {
 #ifndef HAVE_W32_SYSTEM
diff --git a/doc/gpg-agent.texi b/doc/gpg-agent.texi
index 1655847bf..97abbed59 100644
--- a/doc/gpg-agent.texi
+++ b/doc/gpg-agent.texi
@@ -174,6 +174,9 @@ listening on provided file descriptors, which must already be bound to
 listening sockets.  This option is deprecated and not supported on
 Windows.
 
+If in @file{common.conf} the option @option{no-autostart} is set, any
+start attemps will be ignored.
+
 In --supervised mode, different file descriptors can be provided for
 use as different socket types (e.g. ssh, extra) as long as they are
 identified in the environment variable @code{LISTEN_FDNAMES} (see