gpg-agent: invert grab and no-grab behavior
The GNU Privacy Guard 2.3 man page for `gpg-agent` describes the `--grab` and `--no-grab` options as follows: > Tell the pinentry to grab the keyboard and mouse. This option should > be used on X-Servers to avoid X-sniffing attacks. Any use of the > option --grab overrides an used option --no-grab. The default is > --no-grab. Therefore Home Manager should explicitly output `grab` when `cfg.grabKeyboardAndMouse` is true. Previously Home Manager emitted `no-grab` when `cfg.grabKeyboardAndMouse` was false. PR #3192
This commit is contained in:
parent
5bd66dc6cd
commit
7b512c94ff
|
@ -216,7 +216,7 @@ in {
|
||||||
{
|
{
|
||||||
home.file."${homedir}/gpg-agent.conf".text = concatStringsSep "\n"
|
home.file."${homedir}/gpg-agent.conf".text = concatStringsSep "\n"
|
||||||
(optional (cfg.enableSshSupport) "enable-ssh-support"
|
(optional (cfg.enableSshSupport) "enable-ssh-support"
|
||||||
++ optional (!cfg.grabKeyboardAndMouse) "no-grab"
|
++ optional cfg.grabKeyboardAndMouse "grab"
|
||||||
++ optional (!cfg.enableScDaemon) "disable-scdaemon"
|
++ optional (!cfg.enableScDaemon) "disable-scdaemon"
|
||||||
++ optional (cfg.defaultCacheTtl != null)
|
++ optional (cfg.defaultCacheTtl != null)
|
||||||
"default-cache-ttl ${toString cfg.defaultCacheTtl}"
|
"default-cache-ttl ${toString cfg.defaultCacheTtl}"
|
||||||
|
|
Loading…
Reference in a new issue