Re: ssh-agent no longer being started
On Sunday November 05 2017 19:19:55 Kastus Shchuka wrote: >The Listeners key in ssh-agent plist creates a randomly named socket and >exports in SSH_AUTH_SOCK to the user’s shell. It should not be shared with >gpg-agent to the best of my knowledge. gpg-agent is definitely involved though. Its plist attempts to set SSH_AUTH_SOCKET the same way, but using a socket of a slightly different name (Listener_ssh). I can imagine that gpg-agent uses that variable to communicate with SSH for whatever it wants to do with it and indeed if I remove this particular bit from the plist the gpg-agent daemon fails to start correctly. Do we know why gpg-agent wants/needs to be started when someone connects to the Listener_ssh socket and why that socket would need to be exported in the same env. variable as ssh-agent's Listener socket? Final "proof": I notice that I installed or upgraded the gpg-agent port on Sept. 15th, meaning I didn't reboot or even re-login since that moment and last Friday. I can't remember if or why I used the +ssh_agent variant. I do see the port has gone obsolete so I'll have to update it and see what that changes. FWIW, I notice that on Linux SSH_AUTH_SOCK points to a socket called `ssh` and that both gpg-agent and ssh-agent are running happily together. Which btw I can also achieve on Mac by starting ssh-agent manually. >So if SSH_AUTH_SOCK is pointing to an existing file (ls -l $SSH_AUTH_SOCK >shows a socket file) can you run "ssh-add -l” ? I think that some sort of race condition is going on. 2 agents share a socket with the same name but a slightly different file (which is probably irrelevant). Launchd will probably start the agent registered last OR in user (instead of system) space, which leads to gpg-agent instead of ssh-agent . IOW, unless gpg-agent is set up to take over ssh-agent this situation is bound to lead to errors. Indeed, ssh-add just prints a single word that looks like an internal error code name indicating a failure communicating with the ssh agent. I don't have access to my Mac for a bit, but my guess is it will print that same error when I do `ssh-add -l` instead of `ssh-add -A` . >I also found this link helpful when I was debugging ssh-agent: > >https://blog.affien.com/archives/2015/09/07/use-macports-ssh-agent/ FWIW, starting the system ssh-agent or MacPorts version doesn't make any difference. I did disable MacPorts's ssh-add executable though (that probably means I didn't use the +gsskex variant and that Keychain support actually comes from ssh-add not ssh-agent). R.
Re: Differences in binary and compiled port
On 03/11/17 21:30, Mojca Miklavec wrote: On 3 November 2017 at 19:30, dan d. wrote: Hello macporters, I got the web browser lynx both by downloading the binary version and compiling one locally. Without going into much detail, there are some minor differences in how it works with speech using a screen reader. In the binary version it reads each link as I arrow up or down. The compiled version does not, I must read the line manually to have it spoken. Any idea why there is this difference? Can you please try to recompile with sudo port -ts install lynx and check whether it's still different? One thing that's easy to explain would be opportunistic linking: when a library is used despite not being defined as a dependency. But that's a blind guess. Usually the two should be the same. If they are not, that's a bug worth reporting. Mojca You could also compare the output of "otool -L /opt/local/bin/lynx" Russell
Re: ssh-agent no longer being started
On 2017-11-05 23:44, René J.V. Bertin wrote:
> I do have a SSH_AUTH_SOCK var in the launchctl env, but it points to a socket
> that's used only by launchd itself and by gpg-agent . I see that gpg-agent is
> started from
> ${prefix}/etc/LaunchAgents/org.macports.gpg-agent/org.macports.gpg-agent.plist,
> which also sets SSH_AUTH_SOCK . When I remove that Sockets key from that
> launchd plist, ssh-agent functionality is restored.
The gpg-agent port used to provide this LaunchAgent, but it was recently
marked as obsolete and replaced by gnupg2 [1]. Just uninstall the
gpg-agent port and switch to gnupg2. gpg-agent will now be launched
on-demand by gpg itself.
Rainer
[1]
https://github.com/macports/macports-ports/commit/ce526e044d46adfff3e5bef452188fe15760ccbf
Binary page
Hello, Could someone provide the url for the macports binary list please? Thanks. -- XB
Re: Binary page
On Nov 6, 2017, at 09:19, dan d. wrote: > Could someone provide the url for the macports binary list please? You mean the server from which MacPorts downloads precompiled binaries of ports? That's: https://packages.macports.org/
Re: ssh-agent no longer being started
On Monday November 06 2017 15:54:04 Rainer Müller wrote: > The gpg-agent port used to provide this LaunchAgent, but it was recently > marked as obsolete and replaced by gnupg2 [1]. Just uninstall the > gpg-agent port and switch to gnupg2. gpg-agent will now be launched > on-demand by gpg itself. Ah, thanks. I was already looking into what other ports I had to upgrade to do this. I have the impression that gnupg2 2.0.30 already launched the agent on-demand, at least I didn't notice any loss of functionality after unloading the gpg-agent plist. Cheers, René
`ssh-add -m` exit value always =/= 0?
Hi,
Does `${prefix}/ssh-add -m` always return a non-zero value, or is it trying to
tell me I have an error condition somewhere?
It does this regardless of whether I have the system or MacPorts's ssh-agent
running; the equivalent `/usr/bin/ssh-add -A` command exits with 0 under the
same conditions.
Thanks,
R.
Re: Binary page
Yes, thanks. If I want an older binary in the available list installed, how do I do it using macports at the cli. On Mon, 6 Nov 2017, Ryan Schmidt wrote: > > On Nov 6, 2017, at 09:19, dan d. wrote: > > > Could someone provide the url for the macports binary list please? > > You mean the server from which MacPorts downloads precompiled binaries of > ports? That's: > > https://packages.macports.org/ > > > -- XB
Re: Binary page
On Nov 6, 2017, at 10:00, dan d. wrote: > If I want an older binary in the available list installed, how do I do it > using macports at the cli. Regardless of whether you get a binary or build from source, the procedure is the same: https://trac.macports.org/wiki/howto/InstallingOlderPort
Re: Binary page
Ryan Schmidt wrote: > On Nov 6, 2017, at 10:00, dan d. wrote: > >> If I want an older binary in the available list installed, how do I do it >> using macports at the cli. > > Regardless of whether you get a binary or build from source, the procedure is > the same: > > https://trac.macports.org/wiki/howto/InstallingOlderPort You can also do something like this: sudo port install https://packages.macports.org/p7zip/p7zip-16.02_1.darwin_17.x86_64.tbz2 Either way, be aware that older binaries may not be compatible with the current versions of their dependencies. Rev-upgrade may detect this and automatically try to rebuild from source. - Josh
