Red Hat Bugzilla – Bug 484171
ssh doesn't forward dbus
Last modified: 2009-09-29 07:37:21 EDT
See e.g. the thread starting at http://lists.freedesktop.org/archives/dbus/2007-February/007170.html for some discussion.
This bug is meant as a tracker bug to collect issues caused by this.
I see this is a nice idea but I don't think it is acceptable upstream to add a special forwarding channel for DBus similar to the X forwarding. So if there is an option to reuse the regular TCP/IP forwarding as supported by ssh we should choose this option.
This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component.
This bug appears to have been reported against 'rawhide' during the Fedora 11 development cycle.
Changing version to '11'.
More information and reason for this action is here:
This is increasingly an issue, since autospawned dbus is no longer sufficient for gnome components as they won't run w/o gconf being present on that bus.
SSH can not currently forward unix-domain sockets and doing that would probably require a change to ssh server. Just plainly forwarding an UNIX-domain socket to TCP port is not viable, since it would be insecure. Is there a possibility other than making the ssh client forwarding the dbus connection via tcp/ip adding an a MAGIC_COOKIE authentication?
By the way, the documentation seems rather incomplete when it comes to specifying address that's a TCP connection with the cookie: http://dbus.freedesktop.org/doc/dbus-specification.html#addresses
Created attachment 359864 [details]
A perl-based prototype
Could it work like this? (Not enough for GConf forwarding, since it still uses a local orbit socket in /tmp).
IMHO: It would be better to make this as a separate package than to integrate this code into openssh.
Is there another report to which the bugs that this one blocks can be assigned, to track when this will be fixed?
(In reply to comment #9)
> ... track when this will be fixed?
I thought "WONTFIX" means it won't be fixed.
It means that Jan doesn't want to fix it in openssh.
If you have any backend which can be used for this functionality make it a new package in fedora by the package review and so on...