What is `-l` flag in macos ssh-agent?
Asked Answered
F

1

5

When I search PID of manualy started ssh-agent I also found process /usr/bin/ssh-agent -l. I try to find description in man but I can't. What is the -l flag and can it be useful?

Flanagan answered 24/6, 2022 at 12:20 Comment(2)
If I recall correctly, there are occasions where it is convenient to use ssh-agent as a user's login "shell". The login program invokes the login shell with the -l option, so ssh-agent accepts it without actually doing anything with it.Nicolettenicoli
Looks like I did not recall correctly :)Nicolettenicoli
G
9

Looking at the source code, it seems to be an undocumented flag that is related to ssh-agent's integration into macOS' launchd, namely how the unix file socket used to communicate with other processes is created (l_flag is set if -l is given on the command line):

#ifdef __APPLE_LAUNCHD__
    if (l_flag) {
        int *fds = NULL;
        size_t count = 0;
        result = launch_activate_socket("Listeners", &fds, &count);

        if (result != 0 || fds == NULL || count < 1) {
            errno = result;
            perror("launch_activate_socket()");
            exit(1);
        }

        size_t i;
        for (i = 0; i < count; i++) {
            new_socket(AUTH_SOCKET, fds[i]);
        }

        if (fds)
            free(fds);

        goto skip2;
    } else {
 #endif
    prev_mask = umask(0177);
    sock = unix_listener(socket_name, SSH_LISTEN_BACKLOG, 0);
    if (sock < 0) {
        /* XXX - unix_listener() calls error() not perror() */
        *socket_name = '\0'; /* Don't unlink any existing file */
        cleanup_exit(1);
    }
#ifdef __APPLE_LAUNCHD__
    }
#endif

I'm not familiar with launchd's concepts, but checking the configuration of the ssh-agent service shows a corresponding section:

$ launchctl print gui/1010/com.openssh.ssh-agent
[...]
sockets = {
        "Listeners" = {
            type = stream
            path = /private/tmp/com.apple.launchd.4crvXaBll8/Listeners
            secure key = SSH_AUTH_SOCK
            owner uid = 1010
            group id = 0

            sockets = {
                26 (bytes to read)
            }

            active = 1
            passive = 1
            bonjour = 0
            ipv4v6 = 0
            receive_packet_info = 0
        }
    }
[...]
Grillage answered 24/6, 2022 at 12:49 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.