On 19.11.2025 5:26, Max Nikulin wrote:
On 19/11/2025 01:26, Peter Milesson wrote:
When the user profile is locally stored, the LXDE desktop is
displayed as it should, even when the user is authenticated with
Kerberos.
It is already irrelevant, but I suggested to carefully *compare*
systemd user session logs for local vs. CIFS directory to see if some
units are missed in the latter case. It is not the same as just
success vs. failure test result.
unix_listener_tmp: bind "/home/miles/.ssh/agent/
s.p5yeigkbUn.agent.LNVFOjW41c": Operation not supported
main: Couldn't prepare agent socket
There are no files created in the ~/.ssh/agent directory with the
newer kernel.
You may disable starting of ssh agent as a part of X11 session. There
are systemd units that may create sockets in /run/user
(XDG_RUNTIME_DIR). However synchronizing of environment of the main
process of X11 session might be necessary.
systemctl --user list-sockets '*ssh*'
(GUI session is not necessary, likely it should be registered e.g. for
ssh logins as well).
Maybe I should report it as a bug?
I am in doubts if failure to start ssh-agent should be a fatal error
for whole session. So I would consider a bug for that script. Perhaps
there are reasonable objections to my point of view.
Hi Max,
I have compared the journals for the success and failure cases. There is
nothing out of order in either. The only log file that gave any clue,
was ~/.xsession-errors.
The basic problem was, that one of the original mount parameter for
pam-mount was mfsymlinks. Socket creation with that parameter is not
permitted using cifs mount in the newer kernel, while still working in
the older. When replacing cifs mount parameter mfsymlinks with sfu, user
sockets are created in ~/.ssh/agent when the desktop starts. I have no
idea if the sockets are needed for LXDE, or not. When I log on with SSH
from a remote client, sockets are not created under ~/.ssh/agent. There
are however, a bunch of sockets created under /run/user/<uid> in both cases.
I don't know if the socket fulfills a purpose, or it's a bug, and it
rightly belongs into /run/usr/<uid> instead. Logically, it should be
created in /run/user/<uid>. The sockets are not persisted and I really
do not see any purpose for creating them under the user's home directory.
I guess the ssh-agent may be needed in some settings. Tunneling RDP
connections may be one valid use, for example.
Thanks a lot for your suggestions, most helpful.
Peter
