Gitkraken: Error authenticating: failed connecting with agent


#1

Even with app is using ssh local agent account login working fine but user can not clone ssh links of repos and push commits to git repos.

App has access to these interfaces but still

ssh-keys
ssh-public-keys

log

= AppArmor =
Time: Apr 09 18:19:39
Log: apparmor="DENIED" operation="connect" profile="snap.gitkraken.gitkraken" name="/run/user/999/keyring/ssh" pid=8497 comm="gitkraken" requested_mask="wr" denied_mask="wr" fsuid=999 ouid=999
File: /run/user/999/keyring/ssh (write)
Suggestions:
* adjust program to use $SNAP_DATA
* adjust program to use run/shm/snap.$SNAP_NAME.*

snap version

snap    2.32+18.04
snapd   2.32+18.04
series  16
ubuntu  18.04
kernel  4.15.0-13-generic

app shell env

XDG_VTNR=1
SSH_AGENT_PID=1670
XDG_SESSION_ID=1
CLUTTER_IM_MODULE=xim
GPG_AGENT_INFO=/run/user/999/gnupg/S.gpg-agent:0:1
TERM=xterm-256color
SHELL=/bin/bash
VTE_VERSION=5200
XDG_MENU_PREFIX=gnome-
SNAP_USER_COMMON=/home/ubuntu/snap/gitkraken/common
SNAP_CONTEXT=WM6qS1VpTqhBwTrn4lPxbMBQrp691Fft1WYVJGHNkJjt
TMPDIR=/run/user/999/snap.gitkraken
GJS_DEBUG_OUTPUT=stderr
GNOME_TERMINAL_SCREEN=/org/gnome/Terminal/screen/67fe35f2_43fe_4f2f_8dd1_858fce62a615
GJS_DEBUG_TOPICS=JS ERROR;JS LOG
GTK_MODULES=gail:atk-bridge
SNAP_REEXEC=
USER=ubuntu
QT_ACCESSIBILITY=1
LS_COLORS=rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=00:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arc=01;31:*.arj=01;31:*.taz=01;31:*.lha=01;31:*.lz4=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.tzo=01;31:*.t7z=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.lrz=01;31:*.lz=01;31:*.lzo=01;31:*.xz=01;31:*.zst=01;31:*.tzst=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.alz=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.cab=01;31:*.wim=01;31:*.swm=01;31:*.dwm=01;31:*.esd=01;31:*.jpg=01;35:*.jpeg=01;35:*.mjpg=01;35:*.mjpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=00;36:*.au=00;36:*.flac=00;36:*.m4a=00;36:*.mid=00;36:*.midi=00;36:*.mka=00;36:*.mp3=00;36:*.mpc=00;36:*.ogg=00;36:*.ra=00;36:*.wav=00;36:*.oga=00;36:*.opus=00;36:*.spx=00;36:*.xspf=00;36:
GNOME_TERMINAL_SERVICE=:1.71
SNAP_LIBRARY_PATH=/var/lib/snapd/lib/gl:/var/lib/snapd/lib/gl32:/var/lib/snapd/void
SSH_AUTH_SOCK=/run/user/999/keyring/ssh
SESSION_MANAGER=local/ubuntu:@/tmp/.ICE-unix/1550,unix/ubuntu:/tmp/.ICE-unix/1550
SNAP_COMMON=/var/snap/gitkraken/common
USERNAME=ubuntu
SNAP_USER_DATA=/home/ubuntu/snap/gitkraken/x1
XDG_CONFIG_DIRS=/etc/xdg/xdg-ubuntu:/etc/xdg/xdg-ubuntu:/etc/xdg
SNAP_DATA=/var/snap/gitkraken/x1
GNOME_SHELL_SESSION_MODE=ubuntu
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games
DESKTOP_SESSION=ubuntu
TEMPDIR=/tmp
QT_IM_MODULE=ibus
PWD=/home/ubuntu
XDG_SESSION_TYPE=x11
XMODIFIERS=@im=ibus
LANG=C.UTF-8
IM_CONFIG_PHASE=2
GDMSESSION=ubuntu
SNAP_REVISION=x1
XDG_SEAT=seat0
SHLVL=2
HOME=/home/ubuntu/snap/gitkraken/x1
SNAP_NAME=gitkraken
GNOME_DESKTOP_SESSION_ID=this-is-deprecated
SNAP_COOKIE=WM6qS1VpTqhBwTrn4lPxbMBQrp691Fft1WYVJGHNkJjt
LOGNAME=ubuntu
XDG_SESSION_DESKTOP=ubuntu
DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/999/bus
XDG_DATA_DIRS=/usr/share/ubuntu:/usr/share/ubuntu:/usr/local/share:/usr/share:/var/lib/snapd/desktop
QT4_IM_MODULE=xim
SNAP_ARCH=amd64
LESSOPEN=| /usr/bin/lesspipe %s
SNAP_VERSION=3.5.1
TEXTDOMAIN=im-config
WINDOWPATH=1
XDG_RUNTIME_DIR=/run/user/999/snap.gitkraken
DISPLAY=:0
SNAP=/snap/gitkraken/x1
GTK_IM_MODULE=ibus
XDG_CURRENT_DESKTOP=ubuntu:GNOME
LESSCLOSE=/usr/bin/lesspipe %s %s
TEXTDOMAINDIR=/usr/share/locale/
XAUTHORITY=/run/user/999/gdm/Xauthority
COLORTERM=truecolor
_=/usr/bin/env

#2

Yes. The ssh interfaces intentionally do not include accessing the agent: Ssh-agent plug request.


#3

it did worked on Arch linux which has partial confinement so not on ubuntu.

should I stage ssl ssh to snap why it does not use the core’s ssl ssh.

Initialising new SSH agent...
/snap/gitkraken/x3/bin/desktop-launch: line 408: /home/ubuntu/snap/gitkraken/x3/.ssh/environment: No such file or directory
chmod: cannot access '/home/ubuntu/snap/gitkraken/x3/.ssh/environment': No such file or directory
/snap/gitkraken/x3/bin/desktop-launch: line 410: /home/ubuntu/snap/gitkraken/x3/.ssh/environment: No such file or directory
/snap/gitkraken/x3/bin/desktop-launch: line 411: /usr/bin/ssh-add: Permission denied

Denials

= AppArmor =
Time: Apr 14 07:45:17
Log: apparmor="DENIED" operation="exec" profile="snap.gitkraken.gitkraken" name="/usr/bin/ssh-add" pid=11782 comm="desktop-launch" requested_mask="x" denied_mask="x" fsuid=999 ouid=0
File: /usr/bin/ssh-add (exec)
Suggestions:
* adjust snap to ship 'ssh-add'
* adjust program to use relative paths if the snap already ships 'ssh-add'

= AppArmor =
Time: Apr 14 07:45:17
Log: apparmor="DENIED" operation="open" profile="snap.gitkraken.gitkraken" name="/usr/bin/ssh-add" pid=11782 comm="desktop-launch" requested_mask="r" denied_mask="r" fsuid=999 ouid=0
File: /usr/bin/ssh-add (read)
Suggestions:
* adjust snap to ship 'ssh-add'
* adjust program to use relative paths if the snap already ships 'ssh-add'

PS: did tried with staging ssh client so that did not worked as well fail connect agent square back to beginning error of previous

File: /run/user/999/keyring/ssh (write)


#4

Yes, at this time you should stage openssh-client (which has ssh-add), then adjust your script to call it. It seems you have some script errors too when /home/ubuntu/snap/gitkraken/x3/.ssh/environment doesn’t exist. We could consider adding ssh-add to the ssh interfaces.