GNOME Bugzilla – Bug 520664
seahorse-agent does not work on FreeBSD
Last modified: 2008-03-10 13:56:03 UTC
Since mlock() requires root privileges, seahorse-agent is setuid root on FreeBSD. This causes seahorse-agent to die at startup since GTK+ apps cannot be setuid: execute: /usr/bin/ssh-agent -- ssh-agent dbus-launch --exit-with-session seahorse-agent --execute gnome-session (process:1539): Gtk-WARNING **: This process is currently running setuid or setgid. This is not a supported use of GTK+. You must create a helper program instead. For further details, see: http://www.gtk.org/setuid.html Refusing to initialize GTK+. However, it appears that seahorse no longer uses mlock() so I don't think seahorse-agent needs to be setuid (or if mlock() is still needed, then another solution needs to be sought).
You're right, mlock doesn't appear to be used in the code anymore. This is probably due to the fact that secure memory is now provided by gnome-keyring. I'll look into it and remove the Makefile checks if that's true.
Created attachment 106940 [details] [review] Removes mlock checks Give this a whirl and let me know if it fixes your build.
Yeah, it works. We've since removed the setuid bit on seahorse-agent, and users confirm it works just fine.
2008-03-10 Adam Schreiber <sadam@clemson.edu> * configure.in: * agent/Makefile.am: * daemon/Makefile.am: * acinclude.m4: Remove code concerning mlock that is no longer used now that secure memory is provided by gnome-keyring. Fixes bug #520664