updates sd-gpg autoaccept timeout to 8 hours #207
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Noted in Issue #154 that it'd be preferred to increase the time to 8hrs; Conor & Mikael & Jen thumbs-up'd the req! 💃 |
|
Not a problem, PR will get some minor refactoring anyway. If nobody else
picks it up I'll make the change ASAP
…On Sun, Nov 11, 2018, 3:42 PM Nina Eleanor Alter ***@***.*** wrote:
Noted in Issue #154
<#154>
that it'd be preferred to increase the time to 8hrs; Conor & Mikael & Jen
thumbs-up'd the req! 💃
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#207 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/ACp26NJHrqnb_ZxAn_8MWbwU9__y6XvAks5uuLXZgaJpZM4YYuIR>
.
|
zenmonkeykstop
force-pushed
the
154-increase-split-gpg-timeout
branch
from
d602956 to
7cbdb86
Compare
zenmonkeykstop
changed the title
Same as we're doing in the dom0 Qubes RPC policies, for forward-compatibility: we want to make sure we can adjust settings over time automatically. Setting the block as a target ensures that any content changes will be replaced entirely. Using "append" rather than "prepend" mode since later lines in a sourced file will override prior entries.
|
Works as advertised. Tweaked the provisioning logic to allow updates over time, using |
conorsch
approved these changes
Nov 12, 2018
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This addresses #154 by increasing the split GPG autaccept interval to 1 hour for the sd-gpg vault VM
In UX terms, this will mean that the user will be prompted with the gpg accept dialog once at the beginning of their session and then again every hour. General consensus seems to be that the dialog offers no security benefits, so the interval could even be bumped up higher. It doesn't look like it can be suppressed without changes in split-gpg.