|
Description
|
after setting up an lx branded zone as my primary desktop, i've discovered that
ssh and the ssh-agent don't work as expected. basically ssh can't talk to the
ssh-agent when it's running. after starting the agent there are two different
error messages that i've seen ssh emit when it tries to contact the agent:
Error writing to authentication socket.
and
Error reading response length from authentication socket.
in all cases i've ensured that the agent is running, the proper environment
variables are set (SSH_AGENT_PID and SSH_AUTH_SOCK), and that the communication
socket is owned by me and is marked writable.
after a lot of debugging, it turns out that the problem is actually in
the ssh-agent process. basically, the ssh-agent creates a socket for
clients to connect to, and when it recieves a connection it accepts that
connection and then immediatly terminates it. the reason that it terminates
the connection is because it attempts to invoke the following socket operation:
getsockopt(s, SOL_SOCKET, SO_PEERCRED, &cred, &len)
which our brand emulation library doesn't support. (we return ENOPROTOOPT
in lx_getsockopt().) solaris doesn't have a socket operation called SO_PEERCRED,
but instead we have the system call getpeerucred() which returns essentially
the same information. hence, the brand library should emulate SO_PEERCRED
using this system call.
|