From ebd4b3eea68c097ee30ca03e02c07dd3f354d07e Mon Sep 17 00:00:00 2001
From: ayham <me@ayham.xyz>
Date: Wed, 7 Aug 2024 21:10:05 +0000
Subject: [PATCH] profiles: ssh: allow gpgagent socket for custom homedir
 (#6419)

If a custom GPG homedir is used, a hash of its path is used in the path
of the gpg agent socket[1].

For example, when running:

    gpgconf --list-dirs agent-ssh-socket

With a custom homedir it returns:

    /run/user/1000/gnupg/<hashed homedir>/S.gpg-agent.ssh

Environment: gnupg 2.4.5-4 on Arch Linux.

[1] https://github.com/gpg/gnupg/blob/91532dc3f40599b74fff489cb021c0cd3344ae60/common/homedir.c#L1342
---
 etc/profile-m-z/ssh.profile | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/etc/profile-m-z/ssh.profile b/etc/profile-m-z/ssh.profile
index 62efa28db..1c4d85ea0 100644
--- a/etc/profile-m-z/ssh.profile
+++ b/etc/profile-m-z/ssh.profile
@@ -19,7 +19,8 @@ include disable-exec.inc
 include disable-programs.inc
 
 whitelist ${RUNUSER}/gcr/ssh
-whitelist ${RUNUSER}/gnupg/S.gpg-agent.ssh
+whitelist ${RUNUSER}/gnupg/S.gpg-agent.ssh # default gpg homedir setup
+whitelist ${RUNUSER}/gnupg/*/S.gpg-agent.ssh # custom gpg homedir setup
 whitelist ${RUNUSER}/keyring/ssh
 include whitelist-usr-share-common.inc
 include whitelist-runuser-common.inc