Re: Now what is starting ssh-agent?

To: debian-user@lists.debian.org
Subject: Re: *Now* what is starting ssh-agent?
From: Chris Mitchell <chris@oldnest.ca>
Date: Thu, 28 Jul 2022 10:34:50 -0300
Message-id: <[🔎] 20220728103450.0a9c13ca@lincoln.oldnest.ca>
In-reply-to: <[🔎] 20220727105757.03fd9780@lincoln.oldnest.ca>
References: <[🔎] 20220726154048.1b1effc7@lincoln.oldnest.ca> <[🔎] 6300f7c8-640e-8de5-8aca-a16261ed864a@debian.org> <[🔎] 20220727105757.03fd9780@lincoln.oldnest.ca>

Still picking away at this…

The PIDs are, of course, a moving target, as every time I log out and
back in to test a change, ssh-agent instances are getting shut down and
new ones started. As of right now:
* my systemd-managed ssh-agent is PID 3017
* the rogue ssh-agent is PID 7687

$ systemctl --user status ssh-agent.service 
● ssh-agent.service - SSH key agent
     Loaded: loaded (/etc/xdg/systemd/user/ssh-agent.service; enabled;
vendor preset: enabled) Active: active (running) since Thu 2022-07-28
08:02:14 ADT; 1h 21min ago Main PID: 3017 (ssh-agent)
      Tasks: 1 (limit: 9302)
     Memory: 560.0K
        CPU: 5ms
     CGroup: /user.slice/user-1000.slice/user@1000.service/app.slice/ssh-agent.service
             └─3017 /usr/bin/ssh-agent -D -a /run/user/1000/ssh-agent.socket

From the output of systemd-cgls I see that the rogue ssh-agent process
is part of the .scope CGroup corresponding to my X login session.

# systemctl status session-8.scope
● session-8.scope - Session 8 of User chris
     Loaded: loaded (/run/systemd/transient/session-8.scope; transient)
  Transient: yes
     Active: active (running) since Thu 2022-07-28 08:59:48 ADT; 25min
ago Tasks: 254
     Memory: 957.6M
        CPU: 2min 5.903s
     CGroup: /user.slice/user-1000.slice/session-8.scope
             ├─ 7588 lightdm --session-child 14 23
             ├─ 7625 xfce4-session
             ├─ 7687 /usr/bin/ssh-agent -s
             etc.

man systemd.scope(5) says:
Scope units are not configured via unit configuration files, but are
only created programmatically using the bus interfaces of systemd.
[…] Unlike service units, scope units manage externally created
processes, and do not fork off processes on its own.

By my reading, that seems to indicate that the rogue ssh-agent (PID
7687) is a direct child of systemd's system instance (PID 1) only
because my XFCE4 session and all of its associated processes are running
contained in a "scope" (to take advantage of systemd's resource
management capabilities?), and this does not indicate that said
ssh-agent is in any direct or relevant sense being managed by systemd.
Can anyone confirm or correct my understanding here?

Also, in the absence of more promising leads, I followed Tomas' advice
and inserted "echo" statements at every decision point in
90x11-common_ssh-agent, which confirmed that the initial "if
has_option" check is returning False and none of the code in that if
block is being run. I'm convinced that Xsession is not the culprit.

Any ideas where I might look next? Anyone know if it's possible to ask
systemd what process "externally created" a process in a .scope?

Cheers!
 -Chris

Reply to:

Follow-Ups:
- Re: *Now* what is starting ssh-agent?
  - From: Greg Wooledge <greg@wooledge.org>

References:
- *Now* what is starting ssh-agent?
  - From: Chris Mitchell <chris@oldnest.ca>
- Re: *Now* what is starting ssh-agent?
  - From: Michael Biebl <biebl@debian.org>
- Re: *Now* what is starting ssh-agent?
  - From: Chris Mitchell <chris@oldnest.ca>

Prev by Date: Re: Help: disk swap
Next by Date: Re: Virtualization anomalies
Previous by thread: Re: *Now* what is starting ssh-agent?
Next by thread: Re: *Now* what is starting ssh-agent?
Index(es):
- Date
- Thread

Re: *Now* what is starting ssh-agent?

Re: Now what is starting ssh-agent?