Bug#833596: [pkg-gnupg-maint] Bug#833596: systemd user service {gpg-agent, dirmngr} breaks GNOME session startup
On Wed, Aug 10, 2016 at 11:46:55AM -0400, Daniel Kahn Gillmor wrote: > That's the exact same stack i used for my test, and i didn't see the > error. so yeah, i'd like to try to track it down. So I've tried again. I've good and bad news. Good news: I can no longer reproduce the session startup failure. GNOME starts just fine, and this is how the two services in question look: --- $ systemctl status --user dirmngr.service ● dirmngr.service - GnuPG network certificate management daemon Loaded: loaded (/usr/lib/systemd/user/dirmngr.service; enabled; vendor preset: enabled) Active: active (running) since mer 2016-08-17 09:09:06 CEST; 5min ago Docs: man:dirmngr(8) Process: 21506 ExecStart=/usr/bin/dirmngr --daemon --homedir %h/.gnupg (code=exited, status=0/SUCCESS) Main PID: 21509 (dirmngr) CGroup: /user.slice/user-1000.slice/user@1000.service/dirmngr.service └─21509 /usr/bin/dirmngr --daemon --homedir /home/zack/.gnupg ago 17 09:09:06 timira systemd[21502]: Starting GnuPG network certificate management daemon... ago 17 09:09:06 timira dirmngr[21506]: dirmngr[21506.0]: WARNING: *** ago 17 09:09:06 timira systemd[21502]: Started GnuPG network certificate management daemon. $ systemctl status --user gpg-agent.service ● gpg-agent.service - GnuPG secret key agent and passphrase cache Loaded: loaded (/usr/lib/systemd/user/gpg-agent.service; enabled; vendor preset: enabled) Active: active (running) since mer 2016-08-17 09:09:06 CEST; 5min ago Docs: man:gpg-agent(1) Process: 21507 ExecStart=/usr/bin/gpg-agent --daemon --homedir %h/.gnupg (code=exited, status=0/SUCCESS) Main PID: 21508 (gpg-agent) CGroup: /user.slice/user-1000.slice/user@1000.service/gpg-agent.service └─21508 /usr/bin/gpg-agent --daemon --homedir /home/zack/.gnupg ago 17 09:09:06 timira systemd[21502]: Starting GnuPG secret key agent and passphrase cache... ago 17 09:09:06 timira systemd[21502]: Started GnuPG secret key agent and passphrase cache. --- Bad news: I checked where the services belong in the service tree (as you suggested on debian-devel [1]) and they are still not part of the session scope: --- └─user.slice └─user-1000.slice ├─user@1000.service │ ├─gpg-agent.service │ │ └─21508 /usr/bin/gpg-agent --daemon --homedir /home/zack/.gnupg │ ├─dirmngr.service │ │ └─21509 /usr/bin/dirmngr --daemon --homedir /home/zack/.gnupg │ └─init.scope │ ├─21502 /lib/systemd/systemd --user │ └─21503 (sd-pam) └─session-1209.scope --- [1]: https://lists.debian.org/debian-devel/2016/08/msg00085.html FWIW I've checked and there are no other dirmngr or gpg-agent services running in the whole tree. Is this the expected behavior? In your test where did the two services ended up being located in the service tree? Hope this helps, Cheers -- Stefano Zacchiroli . z...@upsilon.cc . upsilon.cc/zack . . o . . . o . o Computer Science Professor . CTO Software Heritage . . . . . o . . . o o Former Debian Project Leader . OSI Board Director . . . o o o . . . o . « the first rule of tautology club is the first rule of tautology club » signature.asc Description: PGP signature
Bug#833596: [pkg-gnupg-maint] Bug#833596: systemd user service {gpg-agent, dirmngr} breaks GNOME session startup
On https://bugs.debian.org/833596 : On Wed 2016-08-10 04:27:21 -0400, Stefano Zacchiroli wrote: > On Wed, Aug 10, 2016 at 12:12:27AM -0400, Daniel Kahn Gillmor wrote: >> So i'm not able to reproduce this behavior. >> >> Zack, can you help me narrow down how this is happening for you? > > Sure, I'll be happy to. But as I mentioned before I wonder if it's worth > to do it with my current package mix: I'm using testing, where the GNOME > stack seems to be still in flux, apparently), with gnupg2 coming from > experimental. I can debug, but I wonder if it'd be a good time > investment. That's the exact same stack i used for my test, and i didn't see the error. so yeah, i'd like to try to track it down. > Unless you consider this issue potentially blocking for uploading to > unstable, I'd rather wait for gnupg2 to land in testing and try again. > After all the issue is for a non-default behavior that one should > explicitly enabled, right? I'm willing to upload to unstable with this bug still open -- but the software will still be the same software ;) >> do you have logs of the failed login session someplace, or other details >> that might help diagnose? > > I can look up logs, but I could use some guidance about where the GNOME > user session logs are supposed to be. ~/.xsession-errors seems to be > obsolete --- or else it hasn't received log entries on my laptop since > March 2016, which seems unlikely... Hm, maybe "journalctl --user" ? i'm cc'ing pkg-gnome-maintainers to see whether they have any suggestions for better debugging techniques. Thanks for following up, --dkg signature.asc Description: PGP signature
Bug#833596: [pkg-gnupg-maint] Bug#833596: systemd user service {gpg-agent, dirmngr} breaks GNOME session startup
On Wed, Aug 10, 2016 at 12:12:27AM -0400, Daniel Kahn Gillmor wrote: > So i'm not able to reproduce this behavior. > > Zack, can you help me narrow down how this is happening for you? Sure, I'll be happy to. But as I mentioned before I wonder if it's worth to do it with my current package mix: I'm using testing, where the GNOME stack seems to be still in flux, apparently), with gnupg2 coming from experimental. I can debug, but I wonder if it'd be a good time investment. Unless you consider this issue potentially blocking for uploading to unstable, I'd rather wait for gnupg2 to land in testing and try again. After all the issue is for a non-default behavior that one should explicitly enabled, right? OTOH if you do consider this a blocker, I'll roll up my sleeves and have a look ASAP :-) > do you have logs of the failed login session someplace, or other details > that might help diagnose? I can look up logs, but I could use some guidance about where the GNOME user session logs are supposed to be. ~/.xsession-errors seems to be obsolete --- or else it hasn't received log entries on my laptop since March 2016, which seems unlikely... Cheers. -- Stefano Zacchiroli . . . . . . . z...@upsilon.cc . . . . o . . . o . o Maître de conférences . . . . . http://upsilon.cc/zack . . . o . . . o o Former Debian Project Leader . . . . . @zacchiro . . . . o o o . . . o . « the first rule of tautology club is the first rule of tautology club »
Bug#833596: [pkg-gnupg-maint] Bug#833596: systemd user service {gpg-agent, dirmngr} breaks GNOME session startup
Control: tags 833596 + moreinfo unreproducible Hi Zack-- On Sat 2016-08-06 13:58:18 -0400, Stefano Zacchiroli wrote: >> > On Fri, Aug 05, 2016 at 12:41:18PM -0400, Daniel Kahn Gillmor wrote: >> >> On desktop systems (where i'd expect the majority of secret key access >> >> happens), for folks who are running systemd, i recommend enabling the >> >> systemd user services, as documented in >> >> /usr/share/doc/{gnupg-agent,dirmngr}/README.Debian : >> >> >> >> systemctl --user enable gpg-agent >> >> systemctl --user enable dirmngr > > OTOH, doing this inhibited a proper start of my GNOME session at next > login: only Nautilus started (I can tell because I've it handle my > desktop icons) and I could use it to browse the filesystem, but GNOME > Shell didn't see to be running. Reverting the above with "disable" [*] > fixed the issue, and at next login GNOME session started properly, > including GNOME Shell. > > [...] my package mix is kinda unusual at present: Debian testing + > hand-picked gpg from experimental. i've now tried to replicate this and failed :( My replication steps were: * new, fairly minimal debian testing installation (kvm guest, using -graphics sdl) * apt install gnome-core xserver-xorg xserver-xorg-video-qxl * apt install -t experimental gnupg dirmngr gnupg-l10n * reboot for clean machine state and see that the gdm login screen appears automatically * graphical login as a non-privileged user * open Gnome Terminal * systemctl --user enable dirmngr systemctl --user enable gpg-agent * log out * wait a minute or two for user-1000.slice to complete (it appears that i'm waiting for "/usr/bin/pulseaudio --start --log-target=syslog" to terminate) * log back in * reboot * log in all of the above worked without a problem :/ Then i tried to get tricky to see if i could force the issue: * log in * systemctl --user stop gpg-agent * gpgconf --launch gpg-agent * log out * observe that the session does not terminate because gpg-agent is holding it open (even after pulse quits) * log in and it all still works fine. So i'm not able to reproduce this behavior. Zack, can you help me narrow down how this is happening for you? do you have logs of the failed login session someplace, or other details that might help diagnose? --dkg signature.asc Description: PGP signature
Bug#833596: systemd user service {gpg-agent,dirmngr} breaks GNOME session startup
Package: gnupg Version: 2.1.14-3 Forwarding from debian-devel https://lists.debian.org/debian-devel/2016/08/msg00093.html , as requested by dkg. - Forwarded message from Stefano Zacchiroli- Date: Sat, 6 Aug 2016 12:32:39 +0200 From: Stefano Zacchiroli To: debian-de...@lists.debian.org Subject: Re: [pkg-gnupg-maint] Beware of leftover gpg-agent processes Message-ID: <20160806103239.ga12...@upsilon.cc> Resent-From: debian-de...@lists.debian.org [ quoted text reordered ] On Fri, Aug 05, 2016 at 02:43:30PM -0400, Daniel Kahn Gillmor wrote: > The simplest way to see the control group hierarchy is with "systemctl > status". When these processes are launched by the user service, they'll > end up in the user@.service like this: [...] > If they've been autolaunched, they'll end up in the sesion-X.scope > sub-tree. It was indeed the case for me: they had been auto-launched. > > On Fri, Aug 05, 2016 at 12:41:18PM -0400, Daniel Kahn Gillmor wrote: > >> On desktop systems (where i'd expect the majority of secret key access > >> happens), for folks who are running systemd, i recommend enabling the > >> systemd user services, as documented in > >> /usr/share/doc/{gnupg-agent,dirmngr}/README.Debian : > >> > >> systemctl --user enable gpg-agent > >> systemctl --user enable dirmngr OTOH, doing this inhibited a proper start of my GNOME session at next login: only Nautilus started (I can tell because I've it handle my desktop icons) and I could use it to browse the filesystem, but GNOME Shell didn't see to be running. Reverting the above with "disable" [*] fixed the issue, and at next login GNOME session started properly, including GNOME Shell. I haven't yet filed this as a bug report, because my package mix is kinda unusual at present: Debian testing + hand-picked gpg from experimental. But it might be useful for you to know about this. Let me know how I can debug it further and/or if you'd like to move this discussion into a dedicated bug report (and when). Cheers. [*] actually, I manually removed the symlinks from .config/systemd/user/default.target.wants/, but AFAICT the effect is the same -- Stefano Zacchiroli . . . . . . . z...@upsilon.cc . . . . o . . . o . o Maître de conférences . . . . . http://upsilon.cc/zack . . . o . . . o o Former Debian Project Leader . . . . . @zacchiro . . . . o o o . . . o . « the first rule of tautology club is the first rule of tautology club »