Bug 208148

see for more info FC bug 164869.

suspected patch. this may blow up your system, or cause a disaster.
can someone confirm otherwise ?


--- /etc/X11/xinit/xinitrc-common.orig 2006-11-23 14:05:58.000000000 +0530
+++ /etc/X11/xinit/xinitrc-common      2006-11-23 14:07:01.000000000 +0530
@@ -63,10 +63,19 @@
 # Prefix launch of session with ssh-agent if available and not already running.
 SSH_AGENT=
 if [ -x /usr/bin/ssh-agent -a -z "$SSH_AGENT_PID" ]; then
-    if [ "$TMPDIR" != "" ]; then
-        SSH_AGENT="/usr/bin/ssh-agent /bin/env TMPDIR=$TMPDIR"
-    else
-        SSH_AGENT="/usr/bin/ssh-agent"
+  ENV=
+  if [ "$TMPDIR" != "" ]; then
+      ENV="TMPDIR=$TMPDIR "
+  fi
+
+  if [ "$LD_LIBRARY_PATH" != "" ]; then
+      ENV="$ENV LD_LIBRARY_PATH=$LD_LIBRARY_PATH "
+  fi
+
+  if [ "$ENV" != "" ]; then
+      SSH_AGENT="/usr/bin/ssh-agent /bin/env $ENV"
+  elif
+      SSH_AGENT="/usr/bin/ssh-agent"
   fi
 fi

This patch DOES NOT WORK.

At the time you are attempting to check, and save LD_LIBRARY_PATH, it has not
yet been set.

During an xdm login, /etc/profile (and $HOME/.bash_profile) do not get sourced
in until the exec command in /etc/X11/xdm/Xsession:
   exec -l $SHELL -c "$SSH_AGENT $DBUS_LAUNCH ....."

Which is long after we have attemped to save LD_LIBRARY_PATH...

Created attachment 142261 [details]
how ld_library_path is shown on a test system with the stated patch.

After applying the stated patch on a frshly installed system, and setting
LD_LIBRARY_PATH in the files mentioned below, a screenshot of the output

/etc/profile
/etc/profile.d/myprofile
/home/user/.bashrc
/home/user/.bash_profile

additionally, it is usually recommended to add LD_LIBRARY_PATH as mentioned
below

if ! echo "$LD_LIBRARY_PATH" | grep -q /my/path ; then
    LD_LIBRARY_PATH="$LD_LIBRARY_PATH:/my/path"
fi


and yes, i have not used the above if block for my test case. hence multiple
listing for few certain paths for LD_LIBRARY_PATH

dang ! 
the stated patch seems to b disabling ssh-agent on system, and thus it works !

additionally, rhel3 do not have setuid ssh-agent . rhel4 and above do.

* additionally, a hacky workaround for gnome-session. a wrapper script ?

move gnome-session to gnome-session.orig
create a shell script called gnome-session as shown below
chmod +x /usr/bin/gnome-session
this is hacky, but should work.

---------------------------------------------------------------------------

#!/bin/sh

# 
# One of the wrost possible implementation of a warpper script
#                               -- Ritesh Khadgaray
#

var=`ssh-agent -s`
var_sock=`echo $var|cut -f1 -d';'|cut -f2 -d'='`
var_pid=`echo $var|cut -f3 -d';'|cut -f2 -d'='`
export SSH_AUTH_SOCK=$var_sock
export SSH_AGENT_PID=$var_pid

gnome-session.orig $*

kill -s SIGTERM $SSH_AGENT_PID
sleep 1
kill -s SIGKILL $SSH_AGENT_PID

---------------------------------------------------------------------------

additionally, w.r.t. https://bugzilla.redhat.com/bugzilla/process_bug.cgi#c8

i unset SSH_AGENT from /etc/X11/xinit/Xsession , before gnome-session was init'ed.

For a cleaner wrapper script check up bugzilla #164869

https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=144136

to install the proposed patch from comment#10.

A wrapper script to start desktop session and saving LD_LIBRARY_PATH .
To apply the patch

cd /
cat xinitrc_ld_library_path.patch| patch -p0
chmod a+x /etc/X11/xinit/xinitrc-ssh

log-out and login. This should resolve the issue.

We should probably just change ssh-agent to use its alternate syntax instead of
doing the pass through way we do now.

Devel ack for 4.6.

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=164869#c36 works for me .

This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.

What does the below email mean???  It looks like this issue is still open!

-----Original Message-----
From: bugzilla [bugzilla] 
Sent: Wednesday, July 11, 2007 6:15 AM
To: Aaron Scamehorn
Subject: [Bug 208148] LD_LIBRARY_PATH stripped when xdm login

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.

Summary: LD_LIBRARY_PATH stripped when xdm login


https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=208148





------- Additional Comments From tao  2007-07-11 07:15 EST -------
There have been no updates to this issue in the past month. This issue will
now be closed due to inactivity. If this is in error, please reopen the
issue and check to make sure that it is current and in the proper status.
If the issue is something which is on a longer timeline than a month,
please change the status to one of the long term selections to avoid
closure due to inactivity.
This event sent from IssueTracker by AutoCloser  [Nokia-BI-ETP]
 issue 116964

Hello Aaron

  This issue is not closed, but a IssueTracker marked against this bugzilla is
closed. This issue is still being worked upon.

Fixed in xinitrc-4_0_14_3-2

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2007-0770.html