Red Hat Bugzilla – Bug 208148
LD_LIBRARY_PATH stripped when xdm login
Last modified: 2015-01-07 19:14:35 EST
Description of problem:
This is a dup of https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=164869.
I am entering it again now as it is in RHEL4.4
In /etc/X11/xdm/Xsession, the addition of $SSH_AGENT in the following line:
exec -l $SHELL -c "$SSH_AGENT $DBUS_LAUNCH gnome-session"
The ssh-agent executable is has its setgid bit set; this causes glibc (?) to
remove LD_LIBRARY_PATH from the environment before launching $DBUS_LAUNCH
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Login via xdm
2. Open gnome-terminal
3. echo $LD_LIBRARY_PATH
Anything you have set in ~/.bash_profile or /etc/profile
Login via a console (ctrl-alt-F1); echo $LD_LIBRARY_PATH: Viola,
LD_LIBRARY_PATH is set.
see for more info FC bug 164869.
suspected patch. this may blow up your system, or cause a disaster.
can someone confirm otherwise ?
--- /etc/X11/xinit/xinitrc-common.orig 2006-11-23 14:05:58.000000000 +0530
+++ /etc/X11/xinit/xinitrc-common 2006-11-23 14:07:01.000000000 +0530
@@ -63,10 +63,19 @@
# Prefix launch of session with ssh-agent if available and not already running.
if [ -x /usr/bin/ssh-agent -a -z "$SSH_AGENT_PID" ]; then
- if [ "$TMPDIR" != "" ]; then
- SSH_AGENT="/usr/bin/ssh-agent /bin/env TMPDIR=$TMPDIR"
+ if [ "$TMPDIR" != "" ]; then
+ ENV="TMPDIR=$TMPDIR "
+ if [ "$LD_LIBRARY_PATH" != "" ]; then
+ ENV="$ENV LD_LIBRARY_PATH=$LD_LIBRARY_PATH "
+ if [ "$ENV" != "" ]; then
+ SSH_AGENT="/usr/bin/ssh-agent /bin/env $ENV"
This patch DOES NOT WORK.
At the time you are attempting to check, and save LD_LIBRARY_PATH, it has not
yet been set.
During an xdm login, /etc/profile (and $HOME/.bash_profile) do not get sourced
in until the exec command in /etc/X11/xdm/Xsession:
exec -l $SHELL -c "$SSH_AGENT $DBUS_LAUNCH ....."
Which is long after we have attemped to save LD_LIBRARY_PATH...
Created attachment 142261 [details]
how ld_library_path is shown on a test system with the stated patch.
After applying the stated patch on a frshly installed system, and setting
LD_LIBRARY_PATH in the files mentioned below, a screenshot of the output
additionally, it is usually recommended to add LD_LIBRARY_PATH as mentioned
if ! echo "$LD_LIBRARY_PATH" | grep -q /my/path ; then
and yes, i have not used the above if block for my test case. hence multiple
listing for few certain paths for LD_LIBRARY_PATH
the stated patch seems to b disabling ssh-agent on system, and thus it works !
additionally, rhel3 do not have setuid ssh-agent . rhel4 and above do.
* additionally, a hacky workaround for gnome-session. a wrapper script ?
move gnome-session to gnome-session.orig
create a shell script called gnome-session as shown below
chmod +x /usr/bin/gnome-session
this is hacky, but should work.
# One of the wrost possible implementation of a warpper script
# -- Ritesh Khadgaray
var_sock=`echo $var|cut -f1 -d';'|cut -f2 -d'='`
var_pid=`echo $var|cut -f3 -d';'|cut -f2 -d'='`
kill -s SIGTERM $SSH_AGENT_PID
kill -s SIGKILL $SSH_AGENT_PID
additionally, w.r.t. https://bugzilla.redhat.com/bugzilla/process_bug.cgi#c8
i unset SSH_AGENT from /etc/X11/xinit/Xsession , before gnome-session was init'ed.
For a cleaner wrapper script check up bugzilla #164869
to install the proposed patch from comment#10.
A wrapper script to start desktop session and saving LD_LIBRARY_PATH .
To apply the patch
cat xinitrc_ld_library_path.patch| patch -p0
chmod a+x /etc/X11/xinit/xinitrc-ssh
log-out and login. This should resolve the issue.
We should probably just change ssh-agent to use its alternate syntax instead of
doing the pass through way we do now.
Devel ack for 4.6.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=164869#c36 works for me .
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release. Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products. This request is not yet committed for inclusion in an Update
What does the below email mean??? It looks like this issue is still open!
From: firstname.lastname@example.org [mailto:email@example.com]
Sent: Wednesday, July 11, 2007 6:15 AM
To: Aaron Scamehorn
Subject: [Bug 208148] LD_LIBRARY_PATH stripped when xdm login
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: LD_LIBRARY_PATH stripped when xdm login
------- Additional Comments From firstname.lastname@example.org 2007-07-11 07:15 EST -------
There have been no updates to this issue in the past month. This issue will
now be closed due to inactivity. If this is in error, please reopen the
issue and check to make sure that it is current and in the proper status.
If the issue is something which is on a longer timeline than a month,
please change the status to one of the long term selections to avoid
closure due to inactivity.
This event sent from IssueTracker by AutoCloser [Nokia-BI-ETP]
This issue is not closed, but a IssueTracker marked against this bugzilla is
closed. This issue is still being worked upon.
Fixed in xinitrc-4_0_14_3-2
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.