ssh-agent subprocess parentage

Ángel González keisial at gmail.com
Tue May 10 07:16:51 EST 2011


Daniel Kahn Gillmor wrote:
> On 05/09/2011 01:29 PM, Ángel González wrote:
>> Making the original ssh-agent a process group can probably avoid it, though:
> which process (the parent or the child) would need to be its own process
> group for this to work?  Would there be other side effects of doing this?
The parent. The parent pid would then also be a process group id, and while
there is a process belonging to it (in this case the child agent), it
can't be reused.
I think shelles usually do that already, but there are cases with side
effects, although
I doubt they are common.
Note that my knowledge of process groups is very limited, though.

>> I guess it's so you can supervise the "right process", as the important one
>> would be the parameter, so you could replace transparently the called
>> command with
>> "ssh-agent oldcommand".
> but in the example i gave, i actually want to supervise the agent, not
> the "oldcommand".  and indeed, the man page suggests that i should be
> able to do that :/
>
> I see what you're saying about how this could be useful in some cases,
> but it is explicitly not the documented behavior.
Yes. Either the code or the documentation should be changed.

Note that you could supervise it by running the commands in the shell.
So instead of
$ supervise ssh-agent bash
you can do
$ bash
bash$ eval $(supervise ssh-agent)

Or even
bash -c 'eval $(supervise ssh-agent); exec bash'

There's probably a way to avoid that second bash, though.

>> It's also cleaner having the agent showing as child of bash. It's part
>> of your bash session
>> (although 'adopted').
> Why is this cleaner than the other way around?
When you login into a system, the shell is the ancestor of everything.
Thus it looks
more natural that it is the same for ssh-agent, too. But your view may
be completely
different :)




More information about the openssh-unix-dev mailing list