Mail Archives: cygwin/2011/12/03/16:31:28
On Sat, Dec 03, 2011 at 01:44:59PM -0500, Christopher Faylor wrote:
>On Tue, Nov 29, 2011 at 09:19:10PM -0600, Yaakov (Cygwin/X) wrote:
>>For some time now, snapshots have displayed a bug wrt gnome-keyring,
>>namely that passwords don't "register" when entered. This wreaks
>>havoc on the GNOME desktop where so many programs rely on
>>gnome-keyring.
>>
>>This is easy to reproduce, but requires xorg-server, dbus,
>>gnome-keyring, and openssh. At a new terminal:
>>
>>$ XWin -multiwindow &>/dev/null &
>>$ export DISPLAY=:0
>>$ eval `dbus-launch --sh-syntax`
>>$ export `gnome-keyring-daemon --start --components=ssh`
>>$ ssh USER AT HOSTNAME
>>(Enter password for ssh key in GUI prompt)
>>
>>What should happen (and does with 1.7.9) is a successful login. WIth
>>the 20111129 snapshot, the following message is displayed on the
>>terminal:
>>
>>Agent admitted failure to sign using the key.
>>
>>(which AFAIK comes from ssh) and the gnome-keyring prompt asks for the
>>password to the next private key listed in ~/.ssh/config (even if its
>>the wrong key for HOSTNAME). Subsequent logins do succeed, however.
>>This does not occur with ssh-agent(1).
>>
>>Frankly, I'm a little baffled by this one, but a non-working GNOME
>>desktop is really keeping me from testing the snapshots for any length
>>of time.
>
>I'm looking at this now.
strace output led me to starting syslog to see what gnome-keyring-daemon
was complaining about. I'm seeing this:
Dec 3 16:22:55 norton gnome-keyring-daemon: PID 1136: couldn't set environment variable in session: The name org.gnome.SessionManager was not provided by any .service files
Dec 3 16:22:55 norton gnome-keyring-daemon: PID 1136: couldn't set environment variable in session: The name org.gnome.SessionManager was not provided by any .service files
Dec 3 16:22:56 norton gnome-keyring-daemon: PID 1136: couldn't allocate secure memory to keep passwords and or keys from being written to the disk
Dec 3 16:22:56 norton gnome-keyring-daemon: PID 1136: unsupported key algorithm in certificate: 1.2.840.10045.2.1
Dec 3 16:22:56 norton last message repeated 4 times
Dec 3 16:22:56 norton gnome-keyring-daemon: PID 1136: couldn't parse certificate data
Dec 3 16:22:56 norton gnome-keyring-daemon: PID 1136: couldn't parse certificate(s): /usr/ssl/certs/ca-bundle.trust.crt
Dec 3 16:22:56 norton gnome-keyring-daemon: PID 1136: couldn't parse certificate data
Dec 3 16:22:56 norton gnome-keyring-daemon: PID 1136: couldn't parse certificate(s): /usr/ssl/certs/README.RootCerts
Dec 3 16:22:56 norton sshd: PID 724: Address ::1 maps to norton, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Dec 3 16:22:56 norton gnome-keyring-prompt: Pango: No such file or directory
Dec 3 16:22:57 norton gnome-keyring-prompt: couldn't allocate secure memory to keep passwords and or keys from being written to the disk
Dec 3 16:22:59 norton gnome-keyring-daemon: PID 1136: GLib: Failed to read from child watch wake up pipe: Interrupted system call
Dec 3 16:22:59 norton gnome-keyring-daemon: PID 1136: gku_prompt_get_response: assertion `self->pv->output' failed
According to strace, the "couldn't allocate secure memory..." messages
seems to be caused by this:
gnome-keyring-daemon 3820 seterrno_from_nt_status: /cygnus/src/uberbaum/winsup/cygwin/mmap.cc:1399 status 0xC0000061
That is coming from mlock() which hasn't changed in months.
The status above translates to: STATUS_PRIVILEGE_NOT_HELD and that is
coming from NtLockVirtualMemory() .
Yaakov or Corinna does any of the above mean anything to you?
cgf
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
- Raw text -