On 8/1/19 1:44 PM, Bruce Dubbs wrote:
On 8/1/19 1:13 PM, DJ Lucas via blfs-dev wrote:
On 8/1/19 11:40 AM, Bruce Dubbs via blfs-dev wrote:
On 8/1/19 10:49 AM, Pierre Labastie via blfs-dev wrote:
On 31/07/2019 00:44, DJ Lucas via blfs-dev wrote:
On July 30, 2019 3:54:34 PM CDT, Pierre Labastie via blfs-dev
<[email protected]> wrote:
IIUC above, this is because we do not have elogind in LFS, so our
first build of dbus does not link to libsystemd (unlike in
LFS-systemd). The lack of dbus support is inconsequential in that
configuration because we are going to rebuild systemd later in BLFS.
There is also another thing, which bothers me: instructions for the
xorg
server are the same in both books (sysv/elogind and systemd). So,
when
we add
--enable-install-setuid to xorg-server, we add it in both books.
But I
believed it was not needed in the systemd book...
That would be my doing as I had believed that they would be the
same (and still believe they should be, but my attempts to find the
reason for the differences have failed me thus far), so the two
variants got merged down. In fact, I think I am the only one who
has demonstrated that a rootless Xorg is even possible with elogind
in our group. Five consecutive builds, all slightly different, but
logical (apparently only to me), build orders. I'd gotten
frustrated trying to track it down, I was simply spinning my
wheels, so I put it on the back burner (knowing that a viable
workaround exists). I'll be testing noveau on an existing build
next week to possibly eliminate hardware/drivers. I want to also
say that I've built entirely in chroot already, but I'm not 100%
certain on that.
HTH
OK, I've found the error!!!!
On the Xinit page, we have:
---
sed -e '/$serverargs $vtarg/ s/serverargs/: #&/' \
-i startx.cpp
---
for the Sysv/elogind book, while we do not have this for the systemd
book.
Removing the ": #" allows startx to run the server and the usual
clients.
I think even the suid-wrapper is not needed! (it drops privilege
anyway if
/dev/dri/card0 is KMS compatible). This can be tested by moving
/usr/libexec/Xorg.wrap to /usr/libexec/Xorg.wrap.nouse, and trying
again:
startx still works.
So we can:
remove the sed on the Xinit page
remove any enable-xxx-suid switch for xorg-server (well, maybe some
drivers do
need the wrapper, this has to be tested, but I do not have the
hardware (intel
driver works fine without the wrapper)).
Pierre
PS: I've spend almost 24 h running the server, xinit, with gdb,
playing with
xauth files, etc, before finding this stupid bug!
I appreciate your hard work in finding the discrepancy.
We added that sed on purpose so Xorg will come up on vt7 instead of
vt<current>. For most users it probably does not make a difference,
but it is convenient to be able to switch between vt1 and vt7 when
debugging.
My preference is to leave the sed and the suid alone in the sysv
book, but as an alternative we could just document the technique in a
note.
Apologies if this comes through twice, my work laptop had an old
configuration, the first will probably get blocked.
I don't think this is correct, but might be a clue. My build script
for xinit has this sed, and it works.
http://www.linuxfromscratch.org/~dj/mkbuild.sh/sources/buildscripts/xinit.sh
The proposed sed also does nothing from what I can see (this from
Arch, where it would not have been applied, but I can't get to my
workstation from here):
[dj@DJ-ARCH-02 ~]$ head -n 137 /usr/bin/startx | tail -n 3
if [ "$have_vtarg" = "no" ]; then
serverargs="$serverargs $vtarg"
fi
[dj@DJ-ARCH-02 ~]$ sed -e '/$serverargs $vtarg/ s/serverargs/&/'
/usr/bin/startx | head -n 137 | tail -n 3
if [ "$have_vtarg" = "no" ]; then
serverargs="$serverargs $vtarg"
fi
If this is actually the issue, I must have successfully done something
wrong multiple times (but I wouldn't put it past me at this point),
but then my preference is for opposite Bruce's suggestion. IOW: put
the commands on the xinit page to add the suid bit for Xorg along with
the sed and put them inside of nodump tags.Like Bruce said, the
majority of users won't care one way or the other, but avoiding a suid
bit wherever possible is a good thing.
Your sed does nothing:
sed -e '/$serverargs $vtarg/ s/serverargs/&/'
you need
sed -e '/$serverargs $vtarg/ s/serverargs/: #&/'
Which comments out that particular line, but adds the colon because it
is in an 'if' construct.
I'm working on a modification to the book now.
Please take a look at the xinit instructions from commit 21892.
http://www.linuxfromscratch.org/blfs/view/svn/x/xinit.html
Feedback welcome.
-- Bruce
--
http://lists.linuxfromscratch.org/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
