Thanks. I understand (and a bit better, now) why strace/ptrace may have problems with a program that calls setuid. On the other hand, i3lock doesn't have the setuid bit set, and the strace logs do not show an attempt to call strace.
[S-18]jeff@siegfried:~ $ stat /usr/bin/i3lock File: ‘/usr/bin/i3lock’ Size: 31912 Blocks: 64 IO Block: 4096 regular file Device: fc01h/64513d Inode: 1575208 Links: 1 Access: (0755/-rwxr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root) Access: 2015-04-16 20:02:56.634223226 +0200 Modify: 2014-07-19 01:13:09.000000000 +0200 Change: 2015-03-04 15:18:43.959784604 +0100 Birth: - [S-18]jeff@siegfried:~ $ grep setuid /tmp/i3lock-log-1429256* 1,[S-18] jeff@siegfried:~ $ This said, if something PAM did when I logged in affects the behavior of stracing i3lock, I do not think I will try to figure out what PAM has done. ;-) But I still find it odd that i3lock would interpret keystrokes differently under strace or not based on what I know so far. Well, I will debug what I can. Maybe I will compile an i3lock with scaffolding over the weekend to see what I can learn. Thanks again. Jeff Abrahamson +33 6 24 40 01 57 +44 7920 594 255 <-- only if I'm in the UK http://jeff.purple.com/ http://blog.purple.com/jeff/ On 17 April 2015 at 11:47, Michael Stapelberg <mich...@i3wm.org> wrote: > See http://superuser.com/a/248127 for why setuid is ignored when > running under strace. > > Given that you run i3lock on linux, it might be PAM which uses setuid > in some of its modules. > > On Fri, Apr 17, 2015 at 1:20 AM, Jeff Abrahamson <j...@purple.com> wrote: > > Interesting. How does setuid have this effect on i3lock but only under > > strace? > > > > Any idea where the setuid is coming from or how to find out? The system > is > > pretty vanilla ubuntu 14.10 (they have a good installer) aside from > running > > i3 instead of gnome. > > > > The exec path that's visible once I'm logged in is lightdm -> lightdm > > --sesion-child -> i3. I see that i3 parents what is executed due to > > .xsessionrc. > > > > I'll try to gather traces with -p, but this will depend on me thinking to > > trace i3lock from a vt before unlocking the screen. My apologies in > advance > > if I take a long time to catch the occasional errant process that way. > > > > And thanks for your ever prompt assistance and insights. > > > > Jeff Abrahamson > > +33 6 24 40 01 57 > > +44 7920 594 255 <-- only if I'm in the UK > > > > http://jeff.purple.com/ > > http://blog.purple.com/jeff/ > > > > On 17 April 2015 at 10:09, Michael Stapelberg <mich...@i3wm.org> wrote: > >> > >> Ugh, then you’re running it in a setuid setup. You’ll need to start > i3lock > >> and then attach strace afterwards using -p. > >> > >> On Fri, Apr 17, 2015 at 9:56 AM, Jeff Abrahamson <j...@purple.com> > wrote: > >>> > >>> I invoke i3lock at the commandline thus: > >>> > >>> [S-18]jeff@siegfried:gtd $ strace -o/tmp/i3lock-log-$(date +%s) -f -s > >>> 2048 -tt i3lock --dpms --inactivity-timeout 10 --color=220022 > >>> [S-18]jeff@siegfried:gtd $ > >>> > >>> and the result is that i3lock does not recognize my password. It does > >>> echo my typing, it just always says fail. I switch to a vt, login, > and kill > >>> it. > >>> > >>> Jeff Abrahamson > >>> +33 6 24 40 01 57 > >>> +44 7920 594 255 <-- only if I'm in the UK > >>> > >>> http://jeff.purple.com/ > >>> http://blog.purple.com/jeff/ > >>> > >>> On 17 April 2015 at 09:39, Michael Stapelberg <mich...@i3wm.org> > wrote: > >>>> > >>>> Yes, but also use -f (to follow child processes) and -s 2048 (to > >>>> increase the size of strings) and -tt (to get timing). > >>>> > >>>> On Fri, Apr 17, 2015 at 9:23 AM, Jeff Abrahamson <j...@purple.com> > >>>> wrote: > >>>>> > >>>>> Sure thing. > >>>>> > >>>>> Just to be clear, do you mean that instead of launching "i3lock .." I > >>>>> substitute "strace -o/tmp/i3lock-log-$(date +%s) i3lock ..."? > >>>>> > >>>>> Jeff Abrahamson > >>>>> +33 6 24 40 01 57 > >>>>> +44 7920 594 255 <-- only if I'm in the UK > >>>>> > >>>>> http://jeff.purple.com/ > >>>>> http://blog.purple.com/jeff/ > >>>>> > >>>>> On 17 April 2015 at 09:19, Michael Stapelberg <mich...@i3wm.org> > wrote: > >>>>>> > >>>>>> i3lock shouldn’t hang around. Can you start stracing all your i3lock > >>>>>> instances automatically and provide the corresponding strace output > of a > >>>>>> hung instance in a bugreport? > >>>>>> > >>>>>> On Fri, Apr 17, 2015 at 9:04 AM, Jeff Abrahamson <j...@purple.com> > >>>>>> wrote: > >>>>>>> > >>>>>>> I have a maintenance function that ought not bother spinning the > CPU > >>>>>>> if the screen is locked. It checks this thus: > >>>>>>> > >>>>>>> if pidof i3lock >/dev/null; then > >>>>>>> ... > >>>>>>> > >>>>>>> This is i3-specific, which is sad, but not a huge problem. What > is a > >>>>>>> problem is that i3lock sometimes hangs around even though I think > it should > >>>>>>> exit on unlock. And, indeed, most of the time it does exit on > unlock. Once > >>>>>>> in a while, I find I have one or even several i3lock processes > hanging > >>>>>>> around. > >>>>>>> > >>>>>>> I either lock my screen explicitly > >>>>>>> > >>>>>>> bindsym $mod+Control+L exec i3lock --dpms --inactivity-timeout 10 > >>>>>>> --color=220022 > >>>>>>> > >>>>>>> or else it's done by inactivity > >>>>>>> > >>>>>>> xautolock -detectsleep \ > >>>>>>> -time 3 -locker "i3lock --dpms --color=220022 > >>>>>>> --inactivity-timeout 10 --nofork" > >>>>>>> > >>>>>>> This question thus has two parts: > >>>>>>> > >>>>>>> 1. Am I doing something wrong that I sometimes have multiple i3lock > >>>>>>> instances? > >>>>>>> 2. Is there a better way to detect screen lock than pidof i3lock? > >>>>>>> > >>>>>>> Jeff Abrahamson > >>>>>>> +33 6 24 40 01 57 > >>>>>>> +44 7920 594 255 <-- only if I'm in the UK > >>>>>>> > >>>>>>> http://jeff.purple.com/ > >>>>>>> http://blog.purple.com/jeff/ > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> -- > >>>>>> Best regards, > >>>>>> Michael > >>>>> > >>>>> > >>>> > >>>> > >>>> > >>>> -- > >>>> Best regards, > >>>> Michael > >>> > >>> > >> > >> > >> > >> -- > >> Best regards, > >> Michael > > > > > > > > -- > Best regards, > Michael >
