NOT APPROVED: keychain
Alexander Dalloz
alex at dalloz.de
Fri Aug 5 13:01:51 UTC 2005
Am Fr, den 05.08.2005 schrieb Ville Skyttä um 14:32:
> On Fri, 2005-08-05 at 14:56 +0300, Ville Skyttä wrote:
>
> > I noticed a problem with the opt-in mechanism in the keychain package.
> > When a user who has done the opt-in and has such a ssh-agent running
> > runs "sudo -s", a new keychain/ssh-agent appears to be executed as root,
> > but using the original user's keys. This does not happen if I use the
> > old way of stuffing the commands from the man page to ~/.bash_profile.
> > Plain "su" or "su -" seem to behave as expected, no matter if the
> > ~/.keychainrc or ~/.bash_profile way is being used.
>
> ...and after reverting back to the ~/.bash_profile way locally, the bad
> interaction on X login is back. The ssh-agent started by Xsession
> overwrites the env settings of the one started by keychain. And the
> keys I entered passphrase for during login were added to the agent
> started by keychain. Sigh.
Thank you for reporting this, Ville. I will into the issue with the
opt-in behaviour and the one with specifics how Fedora's X scripts
(/etc/X11/xinit/xinitrc) start the ssh-agent automatically.
Alexander
--
1024D/866ED681 2005-07-11 Alexander Dalloz (Fedora Project) <alex at dalloz.de>
Key fingerprint = CD40 0A91 7814 C1E4 5940 8E0E 1FD5 C316 866E D681
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-extras-list/attachments/20050805/0659c169/attachment.sig>
More information about the fedora-extras-list
mailing list