> > Message: 1 > Date: Sun, 13 Jan 2013 10:05:16 -0500 > From: Richard <[email protected]> > Subject: [blfs-support] Two strange things related to Xorg (I think) > To: [email protected] > Message-ID: <[email protected]> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed > > > I have built LFS-7.2 and have added packages > according to a version of the BLFS book that > says it is compatible with LFS-7.2. I have > installed Xorg-7.7 along with the required > and recommended dependencies. When I start > Xorg I observe some strange behavior, I > am hoping somebody can give me an idea why > this occurs and how I might prevent it. > > The first thing is that after I start X, > I intermittently get a window-full of > messages like this: > > ---------------------------------------- > OS Function mkdir declared > OS Attempting to declare FFI mkstemp > OS Function mkstemp declared > OS Attempting to declare FFI open > OS Function open declared > OS Attempting to declare FFI opendir > OS Function opendir declared > OS Attempting to declare FFI pread > OS Function pread declared > OS Attempting to declare FFI pwrite > OS Function pwrite declared > OS Attempting to declare FFI read > OS Function read declared > OS Attempting to declare FFI readdir > OS Function readdir declared > OS Attempting to declare FFI rename > OS Function rename declared > OS Attempting to declare FFI rmdir > OS Function rmdir declared > OS Attempting to declare FFI splice > OS Function splice declared > OS Attempting to declare FFI strerror > OS Function strerror declared > OS Attempting to declare FFI symlink > OS Function symlink declared > OS Attempting to declare FFI truncate > OS Function truncate declared > OS Attempting to declare FFI unlink > OS Function unlink declared > OS Attempting to declare FFI write > OS Function write declared > OS Attempting to declare FFI pipe > OS Function pipe declared > -------------------------------------- > > I am guessing this is related to > libffi-3.0.11, which I installed as > a recommended dependency of LLVM-3.1, > which in turn was a recommended dependency > of MesaLib-9.0. Any ideas why I am getting > this? >
I was wrong about this being related to Xorg or libffi -- I discovered instead that it is a problem with firefox-16.0.1, which is actually logging these messages. There is a bug I found on mozilla Bugzilla, number 785200, which deals with this issue. There is also an associated patch. Unfortunately I was not able to apply the patch directly, it appears to refer to slightly different filenames than I have in my firefox build directory. However I was able to manually edit the files according to the changes indicated in the patch. The files that must be modified are: mozilla-release/toolkit/components/osfile/osfile_shared.jsm mozilla-release/toolkit/components/osfile/osfile_unix_back.jsm After making the changes in the patch and re-building firefox-16.0.1, the above messages disappeared. I found this bug by searching on google -- on the ftp.mozilla.org site I found all the versions of firefox, but no mention of applicable bugs or patches for each version. Did I just miss this information, is it located somewhere on the mozilla site? > -------------------------------------------- > > The second thing that happens is when I try to > set up a firewall using iptables so that local > messages even from 127.0.0.1 are not accepted. > I did this in LFS-6.2 without any apparent > problems, and in fact one of the HOWTO's > suggests that you do this. However when I > block local messages I get the following when > I type startx: > > --------------------------------------------------- > [ 3886.542624] FIREWALL:INPUT IN=lo OUT= > MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 > DST=127.0.0.1 LEN=53 TOS=0x00 PREC=0x00 TTL=64 ID=47598 DF PROTO=UDP > SPT=34531 DPT=53 LEN=33 > [ 3886.557503] FIREWALL:INPUT IN=lo OUT= > MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 > DST=127.0.0.1 LEN=53 TOS=0x00 PREC=0x00 TTL=64 ID=47599 DF PROTO=UDP > SPT=34531 DPT=53 LEN=33 > [ 3891.577950] FIREWALL:INPUT IN=lo OUT= > MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 > DST=127.0.0.1 LEN=53 TOS=0x00 PREC=0x00 TTL=64 ID=47600 DF PROTO=UDP > SPT=34531 DPT=53 LEN=33 > [ 3891.594048] FIREWALL:INPUT IN=lo OUT= > MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 > DST=127.0.0.1 LEN=53 TOS=0x00 PREC=0x00 TTL=64 ID=47601 DF PROTO=UDP > SPT=34531 DPT=53 LEN=33 > --------------------------------------------------- > > This occurs before X actually starts, and I keep getting these > messages until I type Ctrl-C. At that point Xorg seems to start > up normally. Is there any way I can avoid this (other than > allowing local messages to get through the firewall)? > > > > Message: 2 > Date: Sun, 13 Jan 2013 12:13:30 -0600 > From: Bruce Dubbs <[email protected]> > Subject: Re: [blfs-support] Two strange things related to Xorg (I > think) > To: BLFS Support List <[email protected]> > Message-ID: <[email protected]> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed > > > > Try disabling xdmcp with > > startx -- -nolisten tcp > > -- Bruce > I tried this but it didn't make any difference. Is it likely that xdmcp is enabled on my system? I read that it is usually disabled by default because it is not secure, and I have not done anything to intentionally enable it. Is there a way I can tell if it is enabled on my system? Anyway I have become resigned to allowing traffic on the loopback interface through my firewall. However, I am concerned about the way this is done in the /etc/rc.d/rc.iptables file suggested in the BLFS book. If I include the following rule: # Allow local-only connections iptables -A INPUT -i lo -j ACCEPT then I get for INPUT: ----------------------------------------------------- iptables -L Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED LOG all -- anywhere anywhere LOG level warning prefix "FIREWALL:INPUT " ---------------------------------------------------- Doesn't this mean that packets from *anywhere* will be accepted?? On the other hand, if I use: # Allow local-only connections iptables -A INPUT -i lo -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT then I get for INPUT: iptables -L Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- localhost localhost ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED LOG all -- anywhere anywhere LOG level warning prefix "FIREWALL:INPUT " Isn't this what I want? By allowing communication on 127.0.0.1 I no longer get the above messages on startx. Richard -- http://linuxfromscratch.org/mailman/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
