Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Unable to setup SSH tunnel with SSH agent in Snap

See original GitHub issue

System information:

Ubuntu 20.04
Version 7.0.5.202005171753 (using latest snap)

Describe the problem you’re observing:

Using a MySQL connection (haven’t tested others) I’m unable to setup a SSH tunnel using a SSH agent. It seem it’s blocked by snapd:

May 26 15:19:57 wouter0100-xps java[106397]: gtk_box_gadget_distribute: assertion 'size >= 0' failed in GtkSpinButton
May 26 15:19:57 wouter0100-xps java[106397]: message repeated 4 times: [ gtk_box_gadget_distribute: assertion 'size >= 0' failed in GtkSpinButton]
May 26 15:19:57 wouter0100-xps dbeaver-ce_dbeaver-ce.desktop[106397]: shm_open() failed: Permission denied
May 26 15:19:57 wouter0100-xps kernel: [ 5980.614540] kauditd_printk_skb: 15 callbacks suppressed
May 26 15:19:57 wouter0100-xps kernel: [ 5980.614542] audit: type=1400 audit(1590499197.419:210): apparmor="DENIED" operation="open" profile="snap.dbeaver-ce.dbeaver-ce" name="/etc/pulse/client.conf" pid=106397 comm="java" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
May 26 15:19:57 wouter0100-xps kernel: [ 5980.615267] audit: type=1400 audit(1590499197.419:211): apparmor="DENIED" operation="mknod" profile="snap.dbeaver-ce.dbeaver-ce" name="/dev/shm/pulse-shm-557037589" pid=106397 comm="java" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000
May 26 15:19:57 wouter0100-xps kernel: [ 5980.615499] audit: type=1400 audit(1590499197.419:212): apparmor="DENIED" operation="connect" profile="snap.dbeaver-ce.dbeaver-ce" name="/run/user/1000/pulse/native" pid=106397 comm="java" requested_mask="wr" denied_mask="wr" fsuid=1000 ouid=1000
May 26 15:19:57 wouter0100-xps kernel: [ 5980.708924] audit: type=1400 audit(1590499197.515:213): apparmor="DENIED" operation="open" profile="snap.dbeaver-ce.dbeaver-ce" name="/etc/pulse/client.conf" pid=106397 comm="java" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
May 26 15:19:57 wouter0100-xps kernel: [ 5980.710189] audit: type=1400 audit(1590499197.515:214): apparmor="DENIED" operation="mknod" profile="snap.dbeaver-ce.dbeaver-ce" name="/dev/shm/pulse-shm-3569902338" pid=106397 comm="java" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000
May 26 15:19:57 wouter0100-xps kernel: [ 5980.710436] audit: type=1400 audit(1590499197.515:215): apparmor="DENIED" operation="connect" profile="snap.dbeaver-ce.dbeaver-ce" name="/run/user/1000/pulse/native" pid=106397 comm="java" requested_mask="wr" denied_mask="wr" fsuid=1000 ouid=1000
May 26 15:19:57 wouter0100-xps kernel: [ 5980.710653] audit: type=1400 audit(1590499197.515:216): apparmor="DENIED" operation="open" profile="snap.dbeaver-ce.dbeaver-ce" name="/etc/pulse/client.conf" pid=106397 comm="java" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
May 26 15:19:57 wouter0100-xps kernel: [ 5980.711027] audit: type=1400 audit(1590499197.515:217): apparmor="DENIED" operation="mknod" profile="snap.dbeaver-ce.dbeaver-ce" name="/dev/shm/pulse-shm-1419807463" pid=106397 comm="java" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000
May 26 15:19:57 wouter0100-xps kernel: [ 5980.711212] audit: type=1400 audit(1590499197.515:218): apparmor="DENIED" operation="connect" profile="snap.dbeaver-ce.dbeaver-ce" name="/run/user/1000/pulse/native" pid=106397 comm="java" requested_mask="wr" denied_mask="wr" fsuid=1000 ouid=1000
May 26 15:19:57 wouter0100-xps dbeaver-ce_dbeaver-ce.desktop[106397]: message repeated 2 times: [ shm_open() failed: Permission denied]
May 26 15:19:57 wouter0100-xps dbeaver-ce_dbeaver-ce.desktop[106397]: 2020-05-26 15:19:57.537 - pageant connect exception
May 26 15:19:57 wouter0100-xps dbeaver-ce_dbeaver-ce.desktop[106397]: com.jcraft.jsch.agentproxy.AgentProxyException: java.lang.NoClassDefFoundError: Could not initialize class com.jcraft.jsch.agentproxy.connector.PageantConnector$User32
May 26 15:19:57 wouter0100-xps dbeaver-ce_dbeaver-ce.desktop[106397]: #011at com.jcraft.jsch.agentproxy.connector.PageantConnector.<init>(PageantConnector.java:68)
May 26 15:19:57 wouter0100-xps dbeaver-ce_dbeaver-ce.desktop[106397]: #011at org.jkiss.dbeaver.model.net.ssh.SSHImplementationAbstract.initTunnel(SSHImplementationAbstract.java:116)
May 26 15:19:57 wouter0100-xps dbeaver-ce_dbeaver-ce.desktop[106397]: #011at org.jkiss.dbeaver.model.net.ssh.SSHTunnelImpl.initializeHandler(SSHTunnelImpl.java:75)
May 26 15:19:57 wouter0100-xps dbeaver-ce_dbeaver-ce.desktop[106397]: #011at org.jkiss.dbeaver.ui.net.ssh.SSHTunnelConfiguratorUI.lambda$0(SSHTunnelConfiguratorUI.java:203)
May 26 15:19:57 wouter0100-xps dbeaver-ce_dbeaver-ce.desktop[106397]: #011at org.jkiss.dbeaver.ui.UIUtils.lambda$14(UIUtils.java:1716)
May 26 15:19:57 wouter0100-xps dbeaver-ce_dbeaver-ce.desktop[106397]: #011at org.eclipse.jface.operation.ModalContext$ModalContextThread.run(ModalContext.java:122)
May 26 15:19:57 wouter0100-xps dbeaver-ce_dbeaver-ce.desktop[106397]: 2020-05-26 15:19:57.537 - ssh-agent connection exception
May 26 15:19:57 wouter0100-xps dbeaver-ce_dbeaver-ce.desktop[106397]: com.jcraft.jsch.agentproxy.AgentProxyException: java.io.IOException: failed to fctrl usocket: -1
May 26 15:19:57 wouter0100-xps dbeaver-ce_dbeaver-ce.desktop[106397]: #011at com.jcraft.jsch.agentproxy.connector.SSHAgentConnector.<init>(SSHAgentConnector.java:56)
May 26 15:19:57 wouter0100-xps kernel: [ 5980.728117] audit: type=1400 audit(1590499197.531:219): apparmor="DENIED" operation="connect" profile="snap.dbeaver-ce.dbeaver-ce" name="/run/user/1000/keyring/ssh" pid=106397 comm="ModalContext" requested_mask="wr" denied_mask="wr" fsuid=1000 ouid=1000
May 26 15:19:57 wouter0100-xps dbeaver-ce_dbeaver-ce.desktop[106397]: #011at com.jcraft.jsch.agentproxy.connector.SSHAgentConnector.<init>(SSHAgentConnector.java:44)
May 26 15:19:57 wouter0100-xps dbeaver-ce_dbeaver-ce.desktop[106397]: #011at org.jkiss.dbeaver.model.net.ssh.SSHImplementationAbstract.initTunnel(SSHImplementationAbstract.java:124)
May 26 15:19:57 wouter0100-xps dbeaver-ce_dbeaver-ce.desktop[106397]: #011at org.jkiss.dbeaver.model.net.ssh.SSHTunnelImpl.initializeHandler(SSHTunnelImpl.java:75)
May 26 15:19:57 wouter0100-xps dbeaver-ce_dbeaver-ce.desktop[106397]: #011at org.jkiss.dbeaver.ui.net.ssh.SSHTunnelConfiguratorUI.lambda$0(SSHTunnelConfiguratorUI.java:203)
May 26 15:19:57 wouter0100-xps dbeaver-ce_dbeaver-ce.desktop[106397]: #011at org.jkiss.dbeaver.ui.UIUtils.lambda$14(UIUtils.java:1716)
May 26 15:19:57 wouter0100-xps dbeaver-ce_dbeaver-ce.desktop[106397]: #011at org.eclipse.jface.operation.ModalContext$ModalContextThread.run(ModalContext.java:122)
May 26 15:19:57 wouter0100-xps java[106397]: gtk_box_gadget_distribute: assertion 'size >= 0' failed in GtkSpinButton
May 26 15:19:57 wouter0100-xps dbeaver-ce_dbeaver-ce.desktop[106397]: shm_open() failed: Permission denied
May 26 15:19:57 wouter0100-xps dbeaver-ce_dbeaver-ce.desktop[106397]: shm_open() failed: Permission denied
May 26 15:19:57 wouter0100-xps java[106397]: gtk_box_gadget_distribute: assertion 'size >= 0' failed in GtkSpinButton
May 26 15:19:57 wouter0100-xps java[106397]: message repeated 2 times: [ gtk_box_gadget_distribute: assertion 'size >= 0' failed in GtkSpinButton]

Any more specific:

May 26 15:19:57 wouter0100-xps kernel: [ 5980.728117] audit: type=1400 audit(1590499197.531:219): apparmor="DENIED" operation="connect" profile="snap.dbeaver-ce.dbeaver-ce" name="/run/user/1000/keyring/ssh" pid=106397 comm="ModalContext" requested_mask="wr" denied_mask="wr" fsuid=1000 ouid=1000

Steps to reproduce, if exist:

Install dbeaver-ce using snap and try to test a SSH tunnel with a new connection.

Issue Analytics

State:
Created 3 years ago
Comments:18 (4 by maintainers)

Top GitHub Comments

1reaction

riednykocommented, Jul 28, 2020

Snap never get access to dotfiles/directories and hidden files for safety. We sent a request for permission to read such files/directories in the dbeaver snap package. While waiting for a response, to solve this problem, you can move the ssh key out of the /.ssh folder somewhere in homedir, or install the dbeaver-ce snap package using --devmode.

0reactions

vishal9565commented, Nov 21, 2022

snap connect mysql-workbench-community:password-manager-service

snap connect mysql-workbench-community:ssh-keys

Top Results From Across the Web

Beekeeper-studio: ssh-keys automatic connection request

I have changed this to a request for ssh-keys auto-connect. Package: beekeeper-studio. Store: https://snapcraft.io/beekeeper-studio. Reason: SSH tunnels for ...

SSH Tunneling is broken with SSH Agent with public key

Tries to automatically authenticate with public key and "none". It may fail, for instance it doesn't ask for a password and uses a...

Setting up an SSH -Agent Forwarding To Access Private ...

Now, Connect to the Bastion Host instance and forward your private keys with ssh. The -A argument sets the ForwardAgentoptions to yes and...

Dbeaver SSH Tunnel Error - mysql - Ask Ubuntu

I'm using the private key path to my id_rsa , its chmod'ed to 600. Like I say, it works perfectly fine from terminal....

Step 8: (Optional) Allow and controlling permissions for SSH ...

Allowing SSH connections for Session Manager · Ensure that version 1.1. · Update the SSH configuration file to allow running a proxy command...