Raspberry Pi OS • Re: systemd-tmpefiles is removing my ssh agent files

(Do you think that you are the first person to want an ssh-agent, or for that matter the Unix-domain socket for an X11 server, to keep working?)

Well, the implicit assumption I make is that most people don't stay logged in (or running some utility) for anywhere near that long. I mean, my definition of "long running process" is really long. Most people's definition of that term might be a day or two at most.

You make a good point about the /tmp/.X11-unix/X0 sock. As of now, that file still exists, but I won't be surprised if it goes away in the near future. The difference is that that file is open all the time, by the Xorg process, so even if it gets deleted, it's still there (if you see what I mean). I think (not sure) that I have actually observed this - that that file goes away after 60 days or so of uptime, but, of course, the X server continues to work regardless. Note that SSH_AUTH_SOCK is not like this; it is only opened (and then closed) when needed, so if it gets removed, it's gone.

I think you're right that not recording atime has something to do with it. The system upon which I have most recently observed this was booted on Oct 12th, and all of the socks created then (as part of the bootup to the GUI) are dated that same date. I do not know if tmpcleaner cleans on the basis of atime or mtime, but you have given me some clues as to where to start looking.

All I know is that I have a process that at a certain point stops being able to ssh out and I am able to determine that its value of SSH_AUTH_SOCK is that of a no-longer-existent sock (*). When I quit and re-start the process, it picks up a correct (i.e., existent) value for SSH_AUTH_SOCK and thus resumes working correctly.

(*) Both the directory and the agent file are gone from /tmp. In fact, I can often tell from the write time of /tmp itself when it was deleted (which is usually around 6 AM).

Congratulations on finding multiple fixes already. How have you tested them, if it takes 60 days?

Largely speculation. I have been observing/studying this problem for a long time now - obviously, the test cycle for it is long.

Regarding my "link solution", I was able to verify that the following command works as expected:
So, I am assuming that whenever the original file on /tmp goes away (as it will sometime in the next few days, if my calculations are right), I will be able to start using the "mysock" file and things should "just work". Of course, we won't know for sure until it happens.

Statistics: Posted by BigRedMailbox — Wed Dec 18, 2024 2:45 pm

---