On 8/1/19 1:13 PM, DJ Lucas via blfs-dev wrote:
On 8/1/19 11:40 AM, Bruce Dubbs via blfs-dev wrote:
On 8/1/19 10:49 AM, Pierre Labastie via blfs-dev wrote:
On 31/07/2019 00:44, DJ Lucas via blfs-dev wrote:
On July 30, 2019 3:54:34 PM CDT, Pierre Labastie via blfs-dev
<[email protected]> wrote:
IIUC above, this is because we do not have elogind in LFS, so our
first build of dbus does not link to libsystemd (unlike in
LFS-systemd). The lack of dbus support is inconsequential in that
configuration because we are going to rebuild systemd later in BLFS.
There is also another thing, which bothers me: instructions for the
xorg
server are the same in both books (sysv/elogind and systemd). So, when
we add
--enable-install-setuid to xorg-server, we add it in both books. But I
believed it was not needed in the systemd book...
That would be my doing as I had believed that they would be the same
(and still believe they should be, but my attempts to find the
reason for the differences have failed me thus far), so the two
variants got merged down. In fact, I think I am the only one who has
demonstrated that a rootless Xorg is even possible with elogind in
our group. Five consecutive builds, all slightly different, but
logical (apparently only to me), build orders. I'd gotten frustrated
trying to track it down, I was simply spinning my wheels, so I put
it on the back burner (knowing that a viable workaround exists).
I'll be testing noveau on an existing build next week to possibly
eliminate hardware/drivers. I want to also say that I've built
entirely in chroot already, but I'm not 100% certain on that.
HTH
OK, I've found the error!!!!
On the Xinit page, we have:
---
sed -e '/$serverargs $vtarg/ s/serverargs/: #&/' \
-i startx.cpp
---
for the Sysv/elogind book, while we do not have this for the systemd
book.
Removing the ": #" allows startx to run the server and the usual
clients.
I think even the suid-wrapper is not needed! (it drops privilege
anyway if
/dev/dri/card0 is KMS compatible). This can be tested by moving
/usr/libexec/Xorg.wrap to /usr/libexec/Xorg.wrap.nouse, and trying
again:
startx still works.
So we can:
remove the sed on the Xinit page
remove any enable-xxx-suid switch for xorg-server (well, maybe some
drivers do
need the wrapper, this has to be tested, but I do not have the
hardware (intel
driver works fine without the wrapper)).
Pierre
PS: I've spend almost 24 h running the server, xinit, with gdb,
playing with
xauth files, etc, before finding this stupid bug!
I appreciate your hard work in finding the discrepancy.
We added that sed on purpose so Xorg will come up on vt7 instead of
vt<current>. For most users it probably does not make a difference,
but it is convenient to be able to switch between vt1 and vt7 when
debugging.
My preference is to leave the sed and the suid alone in the sysv book,
but as an alternative we could just document the technique in a note.
Apologies if this comes through twice, my work laptop had an old
configuration, the first will probably get blocked.
I don't think this is correct, but might be a clue. My build script for
xinit has this sed, and it works.
http://www.linuxfromscratch.org/~dj/mkbuild.sh/sources/buildscripts/xinit.sh
The proposed sed also does nothing from what I can see (this from Arch,
where it would not have been applied, but I can't get to my workstation
from here):
[dj@DJ-ARCH-02 ~]$ head -n 137 /usr/bin/startx | tail -n 3
if [ "$have_vtarg" = "no" ]; then
serverargs="$serverargs $vtarg"
fi
[dj@DJ-ARCH-02 ~]$ sed -e '/$serverargs $vtarg/ s/serverargs/&/'
/usr/bin/startx | head -n 137 | tail -n 3
if [ "$have_vtarg" = "no" ]; then
serverargs="$serverargs $vtarg"
fi
If this is actually the issue, I must have successfully done something
wrong multiple times (but I wouldn't put it past me at this point), but
then my preference is for opposite Bruce's suggestion. IOW: put the
commands on the xinit page to add the suid bit for Xorg along with the
sed and put them inside of nodump tags.Like Bruce said, the majority of
users won't care one way or the other, but avoiding a suid bit wherever
possible is a good thing.
Your sed does nothing:
sed -e '/$serverargs $vtarg/ s/serverargs/&/'
you need
sed -e '/$serverargs $vtarg/ s/serverargs/: #&/'
Which comments out that particular line, but adds the colon because it
is in an 'if' construct.
I'm working on a modification to the book now.
-- Bruce
--
http://lists.linuxfromscratch.org/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
