Request for review: keychain opt-in mechanism
Alexander Dalloz
alex at dalloz.de
Fri Aug 5 01:02:25 UTC 2005
Am Do, den 04.08.2005 schrieb Ville Skyttä um 23:00:
> > http://www.uni-x.org/review/keychain.spec
> > http://www.uni-x.org/review/keychain-2.5.4.1-2.src.rpm
>
> Looks mostly good to me. Remarks:
>
> - 2.5.5 is out, looks like a simple tarball update wrt this package.
Ok, I'll head up. The changelog speak about an added feature only.
> - keychain.pod isn't useful and should be dropped.
Wasn't sure about that, so I left it. Will follow your advise.
> Take care of the above and go ahead and commit to CVS, and I'll follow
> up with an approval.
Fine.
> The bad interaction with X login I mentioned earlier: I can no longer
> reproduce it, things seem to work. Still, two ssh-agents are started on
> initial X login, but it might be tricky to avoid that, and probably
> shouldn't be even attempted in the keychain package. The culprit
> appears to be "exec -l $SHELL -c "$SSH_AGENT ...""
> in /etc/X11/xdm/Xsession, where the -l triggers loading of keychain
> along with the shell profile, and $SSH_AGENT is then launched by the
> shell later. xinitrc-common doesn't set $SSH_AGENT if one is already
> running, but that check is done too early wrt. keychain in the X
> login/startup sequence.
Does that cause any harm on your system? On my freshly rebootet system I
now get following result:
$ ps axuwww | grep ssh-agent
root 3430 0.0 0.0 3584 720 ? S 01:57 0:00 ssh-agent
adalloz 3801 0.0 0.0 4424 848 ? S 01:59 0:00 ssh-agent
adalloz 3880 0.0 0.0 3396 700 ? S 01:59 0:00
/usr/bin/ssh-agent /etc/X11/xinit/Xclients
backup 6144 0.0 0.0 5188 752 ? S 02:04 0:00 ssh-agent
adalloz 7409 0.0 0.0 5616 712 pts/16 R 02:52 0:00 grep
ssh-agent
1 ssh-agent for 1 root login, 2 ssh-agent processes as I am logged in as
"adalloz" graphically and 1 ssh-agent for my "backup" user running
automated backups through cron. Though "adalloz" has 2 ssh-agents I do
not perceive any problem, while I share the opinion it could be prettier
;)
Thanks!
Alexander
--
1024D/866ED681 2005-07-11 Alexander Dalloz (Fedora Project) <alex at dalloz.de>
Key fingerprint = CD40 0A91 7814 C1E4 5940 8E0E 1FD5 C316 866E D681
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-extras-list/attachments/20050805/ca33a5c9/attachment.sig>
More information about the fedora-extras-list
mailing list