Logout from UI closes remote ssh sessions (and kills detached screen)

[miceno]

How to reproduce

1. RaspberryPi 4B running RaspberryPi OS 64 bit Desktop.

   Linux raspberrypi2 6.6.20+rpt-rpi-v8 #1 SMP PREEMPT Debian 1:6.6.20-1+rpt1 (2024-03-07) aarch64 GNU/Linux

2. Run an update of packages and nothing pending to install.

   astro@raspberrypi2:~ $ sudo apt update && sudo apt upgrade
   Hit:1 http://deb.debian.org/debian bookworm InRelease
   Hit:2 http://deb.debian.org/debian-security bookworm-security InRelease
   Hit:3 http://archive.raspberrypi.com/debian bookworm InRelease
   Hit:4 http://deb.debian.org/debian bookworm-updates InRelease
   Reading package lists... Done
   Building dependency tree... Done
   Reading state information... Done
   All packages are up to date.
   Reading package lists... Done
   Building dependency tree... Done
   Reading state information... Done
   Calculating upgrade... Done
   0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

3. Open a remote connection using VNC to RPi from your laptop in the same LAN as the RPi (using Wifi). You will see Wayland desktop.
4. Open a remote ssh session from your laptop in the same LAN as the RPi (using Wifi).
5. Open a screen window on the SSH session and detach it.
6. Logout from the Wayland desktop.

Expected behaviour

After logout of Wayland desktop, the SSH session is not closed and I can attach again to the detached screen session.

Actual behaviour

The SSH session is closed when closing the Wayland session.

Upon reopening a new ssh to the RPi, and running screen, the previous detached session is dead:

Connection to raspberrypi.local closed by remote host.
Connection to raspberrypi.local closed.
$ ssh user@raspberrypi.local
Linux raspberrypi 6.6.20+rpt-rpi-v8 #1 SMP PREEMPT Debian 1:6.6.20-1+rpt1 (2024-03-07) aarch64

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Sat Apr 20 11:52:06 2024
user@raspberrypi:~ $ screen -wipe
There is a screen on:
    3217.pts-0.raspberrypi  (04/20/24 11:46:17) (Removed)
1 socket wiped out.
No Sockets found in /run/screen/S-astro.

There is no way to recover the detached screen session, and the only way is by wiping the dead session.

Additional details

journalctl show the SSH daemon is killed during logout.

Apr 20 17:52:47 raspberrypi2 systemd[1]: user-1000.slice: Sending signal SIGKILL to process 867 ((sd-pam)) on client request.
Apr 20 17:52:47 raspberrypi2 systemd[1]: user-1000.slice: Sending signal SIGKILL to process 34680 (sshd) on client request.
Apr 20 17:52:47 raspberrypi2 systemd[1]: user-1000.slice: Sending signal SIGKILL to process 34686 (sshd) on client request.
Apr 20 17:52:47 raspberrypi2 systemd[1]: user-1000.slice: Sending signal SIGKILL to process 34687 (bash) on client request.
Apr 20 17:52:47 raspberrypi2 systemd[1]: user-1000.slice: Sending signal SIGKILL to process 1348 (login) on client request.
Apr 20 17:52:47 raspberrypi2 systemd[1]: user-1000.slice: Sending signal SIGKILL to process 1405 (bash) on client r

[spl237]

At present, when a VNC session is closed, all processes belonging to that user are also closed, so if you have logged in via SSH as the same user, then that SSH session will also be terminated.

This was a recent change, and there are arguments on both sides as to whether this is the "right" thing to do, but it is intentional and not a bug.

[andrum993]

...there are arguments on both sides as to whether this is the "right" thing to do...

Please name an argument for this new behaviour, as I'm struggling to think of any. Why would you want a footgun like this? Does any other remote control software do this???

[spl237]

As with everything else in this day and age, "security". There is an argument that when a user logs out, that should not leave any of the processes started by that user running, as otherwise the user is not really "logged out" and their account is still active and could potentially be accessed.

For example - if, while logged in, you start a process or application which gives access to your camera - would you really want that to continue running invisibly once you had logged out?

I am not going to get into a debate about whether this is right or wrong (so please don't start one...) but the behaviour is, as far as I am aware, deliberate.

[miceno]

@spl237 Thank you for the details!

This is not the place then to argue about it, so are you aware where that discussion is happenning about what to do when logging out from the GUI?

[miceno]

At present, when a VNC session is closed, all processes belonging to that user are also closed, so if you have logged in via SSH as the same user, then that SSH session will also be terminated.

So it is the code in wayvnc that is closing the session? Or is it a wrapper around it? Would you please point me to the code that is making this happen? I can then try to patch it in my setup.

[cmitu]

Does any other remote control software do this???

Reminds me of GNU screen gets killed on logout - https://bugzilla.redhat.com/show_bug.cgi?id=1480460, which leads to https://lists.freedesktop.org/archives/systemd-devel/2016-May/036583.html. Perhaps it's something similar and can be controlled by configuring systemd-logind ?

[ghollingworth]

This is unrelated to WayVNC, the same behaviour exists if you just logout of Wayfire from the desktop while you have an ssh connection.

Unsure why this is the case, the SSH client shouldn't actually be a child of the Wayfire process...

[spl237]

See above - it is because it is a process owned by the same user, so it gets terminated when the desktop closes, since this change - https://github.com/raspberrypi-ui/pishutdown/commit/113553f878ccac367dab48af657da8d20f0a605f

If you close the desktop by just killing the wayfire process manually, the SSH process will continue running.