Is it okay to source /tmp/qubes-session-env in a systemd script?

[Michael Strasser]

Hi!

I'm trying to set up qubes-app-split-ssh
(https://github.com/henn/qubes-app-split-ssh) which works fine, except
for the .desktop file in the autostart folder that should be used to add
SSH-keys. So I wrote a systemd unit file that would accomplish the same
functionality. To get the $SSH_AUTH_SOCK environment variable I sourced
/tmp/qubes-session-env, because it's the only way I found to connect to
the ssh-agent. I wrote a .path unit that would monitor for
/tmp/qubes-session-env and start a .service oneshot unit that would then
source the file and make some calls to ssh-add.

As I have no experience with systemd units, or with Qubes OS internals,
I was wondering if this is an okay solution for the problem or if it's
somehow problematic?

Thanks in advance for your answers!

[Jean-Philippe Ouellet]

Not a real answer (sorry), but want to point out that propagating
SSH_AUTH_SOCK from regular ssh-agent has similar issues, and there's
been related prior discussion in:
- https://github.com/QubesOS/qubes-issues/issues/1962
- https://github.com/QubesOS/qubes-issues/issues/2351

Cheers,
Jean-Philippe