Bug 820514 - ssh-agent isn't started as part of the session [NEEDINFO]
ssh-agent isn't started as part of the session
Status: CLOSED EOL
Product: Fedora
Classification: Fedora
Component: lxdm (Show other bugs)
20
All All
unspecified Severity medium
: ---
: ---
Assigned To: Christoph Wickert
Fedora Extras Quality Assurance
: Reopened
: 912055 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-05-10 05:19 EDT by Kjetil T. Homme
Modified: 2015-06-29 20:35 EDT (History)
10 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 896269 912055 (view as bug list)
Environment:
Last Closed: 2015-06-29 20:35:57 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
mtasaka: needinfo? (cwickert)


Attachments (Terms of Use)
Patch to launch ssh-agent (990 bytes, patch)
2014-01-11 05:04 EST, Mamoru TASAKA
no flags Details | Diff
Patch to launch ssh-agent, take 2 (1.02 KB, patch)
2014-01-11 05:25 EST, Mamoru TASAKA
no flags Details | Diff

  None (edit)
Description Kjetil T. Homme 2012-05-10 05:19:52 EDT
Description of problem:

Launching ssh-agent during login is a bit tricky since some environment variables needs to be sourced into the environment of subsequent processes.

Version-Release number of selected component (if applicable):

lxde-common-0.5.5-0.3.20110328git87c368d7.fc16.noarch

How reproducible:

always

Steps to Reproduce:
1. log in
2. pgrep -U $USER ssh-agent || echo no ssh-agent

Suggested patch:

towards the end of /usr/bin/startlxde, add the following code:

    if [ -x /usr/bin/ssh-agent -a -d "$HOME/.ssh" ]
    then
        . `ssh-agent`
    fi

this should only start ssh-agent when the relevant package is installed and the user is using SSH.
Comment 1 Ranjan Maitra 2012-06-10 23:34:13 EDT
I wanted to mention that this issue continues with F17.
Comment 2 Christoph Wickert 2012-06-11 08:13:28 EDT
I wanted to do work on this this weekend but needed to do other packages such as lxpanel, lxappearance, lxpinput etc. first. Sorry, I am just too busy.
Comment 3 Ranjan Maitra 2012-06-11 09:01:59 EDT
Thanks! Glad to know that this is on your radar. Hopefully, you will find some time to get to it in the coming week!

Thanks again for all the hard work you have done on the LXDE spin!
Comment 4 Ranjan Maitra 2012-06-20 19:17:31 EDT
Hello, is it possible to fix this problem?

Many thanks!
Comment 5 Ranjan Maitra 2012-08-16 13:46:15 EDT
Can this please be looked into? the suggested workaround DOES NOT WORK for me. Not clear why.
Comment 6 Ranjan Maitra 2012-09-21 00:05:34 EDT
Any news on this? This bug has been since the end of F15, and it would be nice if this were finally fixed!
Comment 7 Kevin Cousin 2012-10-16 09:11:06 EDT
I confirm the issue, and the workaround doesn't work me.
Comment 8 Kevin Cousin 2012-10-17 09:23:10 EDT
Another workaround is to use KDM or GDM as Login manager, it works for me. The bug seems coming from LXDM.
Comment 9 Ranjan Maitra 2013-01-01 01:20:44 EST
I confirm this also. On a whim, I moved to SLiM, and I have had no problems ever since. Not sure when this bug will be resolved, but the problem is definitely lxdm.
Comment 10 Fedora End Of Life 2013-01-16 17:31:58 EST
This message is a reminder that Fedora 16 is nearing its end of life.
Approximately 4 (four) weeks from now Fedora will stop maintaining
and issuing updates for Fedora 16. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as WONTFIX if it remains open with a Fedora 
'version' of '16'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version prior to Fedora 16's end of life.

Bug Reporter: Thank you for reporting this issue and we are sorry that 
we may not be able to fix it before Fedora 16 is end of life. If you 
would still like to see this bug fixed and are able to reproduce it 
against a later version of Fedora, you are encouraged to click on 
"Clone This Bug" and open it against that version of Fedora.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events. Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

The process we are following is described here: 
http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Comment 11 Fedora End Of Life 2013-02-13 20:02:32 EST
Fedora 16 changed to end-of-life (EOL) status on 2013-02-12. Fedora 16 is 
no longer maintained, which means that it will not receive any further 
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of 
Fedora please feel free to reopen this bug against that version.

Thank you for reporting this bug and we are sorry it could not be fixed.
Comment 12 Christoph Wickert 2013-02-17 11:02:40 EST
*** Bug 912055 has been marked as a duplicate of this bug. ***
Comment 13 Christoph Wickert 2013-02-17 16:48:54 EST
*** Bug 912055 has been marked as a duplicate of this bug. ***
Comment 14 Ranjan Maitra 2013-02-17 20:05:04 EST
component should be changed to lxdm.
Comment 15 Christoph Wickert 2013-02-18 02:46:07 EST
Done.

exec ssh-agent bash

works fine, but it should be done automatically from /etc/X11/xinit/xinitrc-common. When you say this used to work with LXDM, do you recall what version of lxdm this was?
Comment 16 Ranjan Maitra 2013-02-18 09:46:23 EST
sorry don't know the version, but at the beginning of F15 it was fine. Some subsequent update then killed it (and this has never been possible since then). For a while, I thought it was a Fedora problem, but then I tried the other spins and then they worked fine, so that is when I filed this bug report.
Comment 17 Fedora End Of Life 2013-04-03 15:16:18 EDT
This bug appears to have been reported against 'rawhide' during the Fedora 19 development cycle.
Changing version to '19'.

(As we did not run this process for some time, it could affect also pre-Fedora 19 development
cycle bugs. We are very sorry. It will help us with cleanup during Fedora 19 End Of Life. Thank you.)

More information and reason for this action is here:
https://fedoraproject.org/wiki/BugZappers/HouseKeeping/Fedora19
Comment 18 Milan Kerslager 2013-09-04 18:40:30 EDT
This is still does not work in Fedora 19.
Comment 19 Milan Kerslager 2013-09-04 18:52:18 EDT
I have F19 with Lxde. I'm logging to the system by lxdm. The ssh-agent is not started.
Comment 20 Greg Ward 2013-12-05 09:36:56 EST
Still there in Fedora 20. I tried the suggested workaround of switching to SLiM, but couldn't get SLiM to work. ;-(
Comment 21 Mamoru TASAKA 2014-01-08 02:17:03 EST
Well, on F-20 I switched from lightdm to lxdm, then I also see
this issue.

Okay, perhaps the bad commit is
http://lxde.git.sourceforge.net/git/gitweb.cgi?p=lxde/lxdm;a=commitdiff;h=1cea087b8d9ef3f34bd8f325a18a2354743529e4

, and so on F-16, update package lxdm-0.4.1-1.fc16 caused this issue
(lxdm when F-16 was released was lxdm-0.3.0-4.fc16, which I guess
did not see this issue)

(In reply to Christoph Wickert from comment #15)
> Done.
> 
> exec ssh-agent bash
> 
> works fine, but it should be done automatically from
> /etc/X11/xinit/xinitrc-common. When you say this used to work with LXDM, do
> you recall what version of lxdm this was?

... But lxdm calls /etc/lxdm/Xsession , not /etc/X11/xinit/Xsession directly.
/etc/X11/xinit/xinitrc-common just sets SSH_AGENT environ, and
perhaps on gdm, lightdm (not tried kdm), they call /etc/lxdm/Xsession,
which actually executes $SSH_AGENT.

For lxdm, looking at /etc/lxdm/Xsession:

    15  if [ -f /etc/X11/xinit/xinitrc-common ]; then
    16  # fedora
    17          . /etc/X11/xinit/xinitrc-common
    18          if ! [ -z "$XDG_SESSION_COOKIE" ]; then
    19                  CK_XINIT_SESSION=
    20          elif [ -x /usr/bin/ck-launch-session -a -z "$CK_XINIT_SESSION" ]; then
    21                  CK_XINIT_SESSION="/usr/bin/ck-launch-session"
    22          fi
    23          exec -l $SHELL -c "$CK_XINIT_SESSION $LXSESSION"
    24  elif [ -x /etc/X11/xinit/Xsession ]; then
    25  # fedora
    26          exec /etc/X11/xinit/Xsession "$LXSESSION"

Note that the "-f" line 15, and the line 24 "elif". So /etc/lxdm/Xsession
just "source"s /etc/X11/xinit/xinitrc-common and not execute
/etc/X11/xinit/Xsession, then $SSH_AGENT is not executed.

on lxdm 0.3.0, the line 15 was "if [ -x /etc/X11/xinit/xinitrc-common ]",
so the elif on the line 24 is executed, then /etc/X11/xinit/Xsession is
executed.

So now /etc/lxdm/Xsession calls /usr/bin/startlxde, I think /usr/bin/startlxde must explicitly execute $SSH_AGENT like /etc/X11/xinit/Xsession does.
Comment 22 Mamoru TASAKA 2014-01-08 02:18:59 EST
Changing to lxde-common, as /usr/bin/startlxde should treat this.

Note that Ubuntu adds a patch against /usr/bin/startlxde like this:
http://launchpadlibrarian.net/134350928/lxde-common_0.5.0-4ubuntu3_0.5.0-4ubuntu4.diff.gz
Comment 23 Mamoru TASAKA 2014-01-08 02:23:18 EST
(Just note that /etc/X11/xinit/Xsession sources /etc/X11/xinit/xinitrc-common)
Comment 24 Mamoru TASAKA 2014-01-08 02:26:15 EST
(In reply to Mamoru TASAKA from comment #21)
> ... But lxdm calls /etc/lxdm/Xsession , not /etc/X11/xinit/Xsession directly.
> /etc/X11/xinit/xinitrc-common just sets SSH_AGENT environ, and
> perhaps on gdm, lightdm (not tried kdm), they call /etc/lxdm/Xsession,
> which actually executes $SSH_AGENT.

which should read 
"and perhaps on gdm, lightdm (not tried kdm), they call /etc/X11/xinit/Xsession,
which actually executes $SSH_AGENT"
Comment 25 Mamoru TASAKA 2014-01-08 05:42:23 EST
(In reply to Globe Trotter from comment #6)
> This bug has been since the end of F15, 

I guess F-15 updates lxdm-0.4.1-1.fc15 caused this
Comment 26 Mamoru TASAKA 2014-01-11 05:01:16 EST
(In reply to Mamoru TASAKA from comment #22)
> Changing to lxde-common, as /usr/bin/startlxde should treat this.

Ah, no, when /usr/bin/startlxde is executed, $SSH_AGENT is not set, because
$SSH_AGENT is not "export"ed.

So /etc/lxdm/Xsession should behave like /etc/X11/xinit/Xsession, reassigning to lxdm again.
Comment 27 Mamoru TASAKA 2014-01-11 05:04:51 EST
Created attachment 848556 [details]
Patch to launch ssh-agent

Suggestion patch
Comment 28 Mamoru TASAKA 2014-01-11 05:25:12 EST
Created attachment 848568 [details]
Patch to launch ssh-agent, take 2

Oops, sorry, patch take 2
Comment 29 Mamoru TASAKA 2014-02-11 22:40:36 EST
Christoph, would you take a look at my patch on the comment 28 ?
Comment 30 Renich Bon Ciric 2014-05-15 04:50:17 EDT
I am interested in this. Still happening on F20.
Comment 31 Stefanie Forrester 2014-10-09 12:32:34 EDT
In case this helps anyone, this is the workaround I'm using in F20. It'll give you a graphical ssh-add prompt on login (assuming you have that prompt installed, but really you can take your pick of whichever prompt you like).

[dakini@nibbana ~]$ sudo tail /usr/bin/startlxde
# set up ssh
SSH_ASKPASS=/usr/libexec/openssh/gnome-ssh-askpass
export SSH_ASKPASS
eval $( ssh-agent -s )
ssh-add &

# Start the LXDE session
exec /usr/bin/lxsession -s LXDE -e LXDE
eval $( ssh-agent -k )
Comment 32 Fedora End Of Life 2015-05-29 04:44:21 EDT
This message is a reminder that Fedora 20 is nearing its end of life.
Approximately 4 (four) weeks from now Fedora will stop maintaining
and issuing updates for Fedora 20. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as EOL if it remains open with a Fedora  'version'
of '20'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version.

Thank you for reporting this issue and we are sorry that we were not 
able to fix it before Fedora 20 is end of life. If you would still like 
to see this bug fixed and are able to reproduce it against a later version 
of Fedora, you are encouraged  change the 'version' to a later Fedora 
version prior this bug is closed as described in the policy above.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events. Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.
Comment 33 Fedora End Of Life 2015-06-29 20:35:57 EDT
Fedora 20 changed to end-of-life (EOL) status on 2015-06-23. Fedora 20 is
no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of
Fedora please feel free to reopen this bug against that version. If you
are unable to reopen this bug, please file a new report against the
current release. If you experience problems, please add a comment to this
bug.

Thank you for reporting this bug and we are sorry it could not be fixed.

Note You need to log in before you can comment on or make changes to this bug.