[Bug 1088564] New: "ssh-agent" is not started on login to Plasma5-Wayland
http://bugzilla.opensuse.org/show_bug.cgi?id=1088564 Bug ID: 1088564 Summary: "ssh-agent" is not started on login to Plasma5-Wayland Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.0 Hardware: x86-64 OS: SUSE Other Status: NEW Severity: Normal Priority: P5 - None Component: KDE Workspace (Plasma) Assignee: opensuse-kde-bugs@opensuse.org Reporter: nwr10cst-oslnx@yahoo.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0 Build Identifier: This happens in both Leap 15.0 and Tumbleweed. When I login to a Plasma5-Wayland session, "ssh-agent" is not running for the desktop session. This happens whether I use SDDM or GDM for the login manager. I'm aware that Plasma5-Wayland isn't really ready for prime time. Still, it would be nice to have this fixed by the time Leap 15.0 is officially released. My current workaround -- I'm starting "ssh-agent" in the shell startup file (with cross checks so that it isn't started if already running). Reproducible: Always -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1088564 http://bugzilla.opensuse.org/show_bug.cgi?id=1088564#c1 Fabian Vogt <fabian@ritter-vogt.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |fabian@ritter-vogt.de, | |nwr10cst-oslnx@yahoo.com Flags| |needinfo?(nwr10cst-oslnx@ya | |hoo.com) --- Comment #1 from Fabian Vogt <fabian@ritter-vogt.de> --- ssh-agent is never started by itself - how did you configure autostart? -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1088564 http://bugzilla.opensuse.org/show_bug.cgi?id=1088564#c2 Wolfgang Bauer <wbauer@tmo.at> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |wbauer@tmo.at --- Comment #2 from Wolfgang Bauer <wbauer@tmo.at> --- (In reply to Fabian Vogt from comment #1)
ssh-agent is never started by itself
It is started by /etc/X11/xdm/sys.xsession if a gpg config is found in the user's home. Btw, I think there is another bug report already that this doesn't work on Wayland, but I'm not sure. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1088564 http://bugzilla.opensuse.org/show_bug.cgi?id=1088564#c3 --- Comment #3 from Fabian Vogt <fabian@ritter-vogt.de> --- (In reply to Wolfgang Bauer from comment #2)
(In reply to Fabian Vogt from comment #1)
ssh-agent is never started by itself
It is started by /etc/X11/xdm/sys.xsession if a gpg config is found in the user's home.
Btw, I think there is another bug report already that this doesn't work on Wayland, but I'm not sure.
If that's the only place, it's by design. No files in /etc/X11/ are ever read in a wayland session. The correct place is in /etc/xdg/autostart/, it also has the benefit of it being visible in the autostart KCM. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1088564 http://bugzilla.opensuse.org/show_bug.cgi?id=1088564#c4 --- Comment #4 from Wolfgang Bauer <wbauer@tmo.at> --- (In reply to Fabian Vogt from comment #3)
If that's the only place, it's by design. No files in /etc/X11/ are ever read in a wayland session.
AFAICT, it is the only place. And that explains why this has been reported as bug at all I suppose.
The correct place is in /etc/xdg/autostart/, it also has the benefit of it being visible in the autostart KCM.
With gpg 2.1 or higher, gpg-agent should actually be autostarted on demand though AFAIK. See also bug#1050438. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1088564 http://bugzilla.opensuse.org/show_bug.cgi?id=1088564#c5 Neil Rickert <nwr10cst-oslnx@yahoo.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags|needinfo?(nwr10cst-oslnx@ya | |hoo.com) | --- Comment #5 from Neil Rickert <nwr10cst-oslnx@yahoo.com> --- I'm not quite sure what you are asking. ssh-agent has always been started for KDE and other desktops. When Gnome first became available on Wayland, that had the same problem. It is now corrected, but I think that uses seahorse. The KaOS distro does start ssh-agent on Wayland session startup (perhaps only if ".ssh" exists in home directory. I can manage either way, but some consistency would be useful. I'm currently starting from my shell startup script. That's ".login" since I am a csh user. In effect, the startup script checks whether $SSH_AUTH_SOCK is defined in the environment. If not defined, it uses: eval `ssh-agent -c` to start ssh-agent. This depends on the session startup running the shell startup script. Starting as a normal autostart application probably would not work, because that would not set the environment for the entire session. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1088564 http://bugzilla.opensuse.org/show_bug.cgi?id=1088564#c6 Fabian Vogt <fvogt@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |fvogt@suse.com --- Comment #6 from Fabian Vogt <fvogt@suse.com> --- (In reply to Neil Rickert from comment #5)
I'm not quite sure what you are asking.
ssh-agent has always been started for KDE and other desktops.
When Gnome first became available on Wayland, that had the same problem. It is now corrected, but I think that uses seahorse.
The KaOS distro does start ssh-agent on Wayland session startup (perhaps only if ".ssh" exists in home directory.
I can manage either way, but some consistency would be useful.
The only way I'd be happy with is an actual upstream way the same on every distro and DE. Implementing everything downstream is just a waste of time. Can you create an upstream bug on bugs.kde.org?
I'm currently starting from my shell startup script. That's ".login" since I am a csh user. In effect, the startup script checks whether $SSH_AUTH_SOCK is defined in the environment. If not defined, it uses: eval `ssh-agent -c` to start ssh-agent.
This depends on the session startup running the shell startup script. Starting as a normal autostart application probably would not work, because that would not set the environment for the entire session.
Indeed. You'd need to put it into ~/.config/plasma-workspace/env/. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1088564 http://bugzilla.opensuse.org/show_bug.cgi?id=1088564#c7 --- Comment #7 from Neil Rickert <nwr10cst-oslnx@yahoo.com> --- It seems that the recommended KDE way of doing this is with a suitable script in $HOME/.config/plasma-workspace/env I've tested that with something like: #### ksshagt.sh ### if [ -z "$SSH_AUTH_SOCK" ] ; then eval `ssh-agent -s` fi #### The "if" test is needed, in case the KDE login is with X11, where there is already ssh-agent being started and we won't want to start a second one. And it is recommended that a shutdown script also be used to terminate ssh-agent on logout. This seems to be working fine, and is probably better than using the standard shell startup script. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1088564 Maximilian Trummer <opensuse@trummer.xyz> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |opensuse@trummer.xyz -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1088564 http://bugzilla.opensuse.org/show_bug.cgi?id=1088564#c9 --- Comment #9 from Maximilian Trummer <opensuse@trummer.xyz> --- *** Bug 1182869 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1088564 http://bugzilla.opensuse.org/show_bug.cgi?id=1088564#c10 --- Comment #10 from Maximilian Trummer <opensuse@trummer.xyz> --- (In reply to Neil Rickert from comment #7)
It seems that the recommended KDE way of doing this is with a suitable script in $HOME/.config/plasma-workspace/env
This blocks loading the desktop until you entered the KWallet password, but it works. I guess there's no way to make it asynchronous, right? -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1088564 http://bugzilla.opensuse.org/show_bug.cgi?id=1088564#c11 --- Comment #11 from Mathias Homann <Mathias.Homann@opensuse.org> --- there's a pam module that can unlock your wallet on log in. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1088564 http://bugzilla.opensuse.org/show_bug.cgi?id=1088564#c12 --- Comment #12 from Neil Rickert <nwr10cst-oslnx@yahoo.com> --- Responding to c#10
This blocks loading the desktop until you entered the KWallet password, but it works.
Then you are doing too much in your script. You are starting ssh-agent and you are adding a key. Just start ssh-agent, then you won't run into problems. You can setup a separate script, maybe with systems-settings --> startup and shutdown for adding a key. Starting ssh-agent needs to be done early in startup, so that the relevant ENVIRONMENT variables can be shared with the entire desktop. So it has to be synchronous. But adding a key can be done later in startup, because the key is just handed to the already running ssh-agent, which does any sharing needed. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1088564 http://bugzilla.opensuse.org/show_bug.cgi?id=1088564#c13 Ludwig Nussel <lnussel@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |lnussel@suse.com, | |sndirsch@suse.com Version|Leap 15.0 |Leap 15.4 --- Comment #13 from Ludwig Nussel <lnussel@suse.com> --- Can we find a solution that just works across Wayland, X11, DMs and DEs? Ie move /usr/etc/X11/xdm/scripts/11-ssh-agent somewhere to be found by all methods? -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1088564 http://bugzilla.opensuse.org/show_bug.cgi?id=1088564#c14 --- Comment #14 from Stefan Dirsch <sndirsch@suse.com> --- I don't know. There are more scripts in this directory, which might be relevant for Wayland and others affected. It could be found before the move to /usr/etc and it can still be found when adjusting the path. Reference for the /usr/etc move: boo#1173049 -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1088564 http://bugzilla.opensuse.org/show_bug.cgi?id=1088564#c15 --- Comment #15 from Ludwig Nussel <lnussel@suse.com> --- Any update on this? Today I switched to Wayland on TW for curiosity as I keep having isses with X but missing ssh-agent hits there too. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1088564 http://bugzilla.opensuse.org/show_bug.cgi?id=1088564#c16 --- Comment #16 from Stefan Dirsch <sndirsch@suse.com> --- I don't have any, but I already commented on this ... -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1088564 http://bugzilla.opensuse.org/show_bug.cgi?id=1088564#c17 Ludwig Nussel <lnussel@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |hpj@suse.com --- Comment #17 from Ludwig Nussel <lnussel@suse.com> --- Looks like this is how Fedora does it: https://src.fedoraproject.org/rpms/openssh/blob/rawhide/f/ssh-agent.service However, considering bug #1201564, maybe a socket unit would also work. Ideally we'd just set the default IdentityAgent setting in sshd to $XDG_RUNTIME_DIR/ssh-agent.socket so no env vars are needed by default. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1088564 http://bugzilla.opensuse.org/show_bug.cgi?id=1088564#c18 --- Comment #18 from Ludwig Nussel <lnussel@suse.com> --- How about this? https://build.opensuse.org/package/rdiff/home:lnussel:branches:network/openssh?opackage=openssh&oproject=network&rev=4 -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1088564 http://bugzilla.opensuse.org/show_bug.cgi?id=1088564#c21 Robert Riemann <robert-suse@riemann.cc> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CONFIRMED CC| |robert-suse@riemann.cc --- Comment #21 from Robert Riemann <robert-suse@riemann.cc> --- I switched now from X11 to Plasma Wayland and ssh-agent cannot be found anylonger. Distributor ID: openSUSE Description: openSUSE Tumbleweed Release: 20221203 I run Tumbleweed as of 03 December 2022. -- You are receiving this mail because: You are on the CC list for the bug.
participants (2)
-
bugzilla_noreply@novell.com
-
bugzilla_noreply@suse.com