Re: Boot bora as root
"ext Chris Taylor" <[EMAIL PROTECTED]> writes: > yes, I did get your private mail and you were correct as to the > cause of my problem.. I'll look forward to seeing sardine roll out. > Is the application installer from sardine binary compatible with bora? No, packages compiled in Sardine unstable will not be installable on IT OS 2007. Sardine unstable as a whole is 'binary compatible' with bora in the sense that you should be able to upgrade a IT OS 2007 device to Sardine unstable. You don't want to do this, tho, just to get the fixed Application Manager. > I'm hoping ya'll have fixed this to take into account people running > the front-end as root and not simply failing gracefully?? Err, no. :) The fix makes it only fail gracefully... can't you fix sudo to also work when used by root? ___ maemo-developers mailing list maemo-developers@maemo.org https://maemo.org/mailman/listinfo/maemo-developers
Re: Boot bora as root
Hi, On 4/20/07, Chris Taylor <[EMAIL PROTECTED]> wrote: I'm trying to create a ScratchBox build env on my FC6 and it looks like I've got to recompile the kernel to enable VDSO ... whatever that is... after I get that working I'm going to try and build a debug version of the application-installer and see what I get. You can enable COMPAT_VDSO, recompile your kernel, and echo 0 > /proc/sys/kernel/vdso; or you can add vdso=0 in the kernel boot options. This will possibly make things slower... how much? I have no idea, people have given me different answers. There doesn't seem to be a lot of information regarding vdso, but this is what I've found so far: * vDSO = Virtual Dynamically Shared Object * Without COMPAT_VDSO there's no /proc/sys/kernel/vdso * linux-gate.so.1 is a vDSO * Linus Torvalds is a disgusting pig and proud of it http://www.redhat.com/archives/fedora-test-list/2004-April/msg00658.html http://www.trilithium.com/johan/2005/08/linux-gate/ http://lkml.org/lkml/2002/12/18/218 Best regards. -- Felipe Contreras ___ maemo-developers mailing list maemo-developers@maemo.org https://maemo.org/mailman/listinfo/maemo-developers
Re: Boot bora as root
"ext Chris Taylor" <[EMAIL PROTECTED]> writes: > at any rate any ideas what might be causing the socket to fail? Chris, did you get my private mail? I explained a bit there. (I didn't see this thread until now, sorry.) In a nutshell, the frontend starts the backend via sudo, and that might fail when the frontend doesn't run as "user". When sudo fails, the frontend goes catatonic (which is a known bug that has been fixed in Sardine). ___ maemo-developers mailing list maemo-developers@maemo.org https://maemo.org/mailman/listinfo/maemo-developers
Re: Boot bora as root
He probably changed so many files' permissions and ownerships, that he could not recall it even under hypnosis. no permissions really and actually the list of things I had to change is rather quite small when I get around to it (hopefully this weekend) I'll post a patch ... hopefully someone can provide some feedback If root has "/root" and "/user/root", it could bring headache to apps, that don't have environment variables set. Finally, yes, I see a lot of I did have to copy some stuff over from /home/user to /root and some scripts were hardcoded to look in /home/$user so I guess I took the easy way out and made a symlink from /root to /home/root Finally, yes, I see a lot of restrictions as ass savers. I guess just a different philosopy I think somethings should be locked down ... like processes ... but not accounts ... IMO -Chris ___ maemo-developers mailing list maemo-developers@maemo.org https://maemo.org/mailman/listinfo/maemo-developers
Re: Boot bora as root
> also looks like there might be some problems with gtk ... that's the > best reasoning I can come up with to explain things not getting drawn > to screen If the socket read/open blocks, it won't refresh the UI either. It's not a threaded application AFAICT. https://stage.maemo.org/svn/maemo/projects/haf/trunk/osso-application-installer/README https://stage.maemo.org/svn/maemo/projects/haf/trunk/osso-application-installer/src/apt-worker.cc Yes, it seems you're correct it's not threaded but there are seperate instances of it running ... one part to handle the GUI and the other to do the work ... a seperate problem is that the processing one running as root accepts anything from anyone ... fromthe read me: No attempt has been made to restrict access to the backend. Every program, not just the frontend, can start the backend without needig to provide any credentials such as the root password. Since the backend can be instructed to execute arbitrary code (via the maintainer scripts of a package), having the Application installer in your system is like having a globally known password on the root account. This is deemed acceptable for the maemo platform since devices built using that platform are not multi-user devices (yet) and there is no system administrator. Privilege separation is used only to contain damage in the case of accidents, not to defend against attacks. a little bit of a security problem not that bad for know but as these kinds of devices become more ubiqutious this will become a problem ... reasonable trade off for know... at any rate any ideas what might be causing the socket to fail? I'm trying to create a ScratchBox build env on my FC6 and it looks like I've got to recompile the kernel to enable VDSO ... whatever that is... after I get that working I'm going to try and build a debug version of the application-installer and see what I get. Respectfully, Chris Taylor ___ maemo-developers mailing list maemo-developers@maemo.org https://maemo.org/mailman/listinfo/maemo-developers
Re: Boot bora as root
> still no luck on getting application installer to run > as far as some programs not working when unning as root per Zoran's > comment, I see no reason why they shouldn't (I accept that they might > not, but they probably should IMO) ... these internet tablets have a > LOT of potential > . the more mature and closer to a multi-user environment It was not easy to me to understand the logic behind the gadget first time I fired it up. Sudoers bridged two worlds the way I didn't expect. I simply stoped to compare 770 to desktop and all ghosts gone. Now I see Chris' attempt as an effort to free the hidden power. He probably changed so many files' permissions and ownerships, that he could not recall it even under hypnosis. I assume that might be easier to trouble- shoot from command line, starting from brand new bora. One step at time. If root has "/root" and "/user/root", it could bring headache to apps, that don't have environment variables set. Finally, yes, I see a lot of restrictions as ass savers. Zoran ___ maemo-developers mailing list maemo-developers@maemo.org https://maemo.org/mailman/listinfo/maemo-developers
Re: Boot bora as root
On Thu, 2007-04-19 at 09:50:35 +0300, ext Eero Tamminen wrote: > ext Kalle Vahlman wrote: > > 2007/4/19, Chris Taylor <[EMAIL PROTECTED]>: > >> looks like you ran strace with /usr/bin/run-standalone.sh > >> /usr/bin/maemo-summoner /usr/bin/osso-application-launcher I > >> couldn't get that to work . > > > > I ran it like this (from a ssh shell): > > > > strace /usr/bin/maemo-summoner /usr/bin/osso-application-installer.launch > > And this maemo-summoner usage should be documented in the Maemo > debugging guide... The utility usage is already documented on its man page. regards, guillem ___ maemo-developers mailing list maemo-developers@maemo.org https://maemo.org/mailman/listinfo/maemo-developers
Re: Boot bora as root
Hi, ext Kalle Vahlman wrote: > 2007/4/19, Chris Taylor <[EMAIL PROTECTED]>: >> looks like you ran strace with /usr/bin/run-standalone.sh >> /usr/bin/maemo-summoner /usr/bin/osso-application-launcher I >> couldn't get that to work . > > I ran it like this (from a ssh shell): > > strace /usr/bin/maemo-summoner /usr/bin/osso-application-installer.launch And this maemo-summoner usage should be documented in the Maemo debugging guide... If there are things that should be improved in the doc, mail them to list / file a bug. > The .launch-file is the real binary, the one without is just a symlink > to maemo-invoker that tells a separate maemo-launcher process to load > and run the .launch (simple, eh?-). This is a gross hack (though it > does work ;) to speed up application startup time. KDE has used a similar "hack" for years (their performance problem was mostly due to C++ symbol resolving, not Gtk theme). > Maemo-summoner is a > tool to do that directly so you can run strace and gdb for them > without recompiling to a "normal" binary. > >> also looks like there might be some problems with gtk ... that's the >> best reasoning I can come up with to explain things not getting drawn >> to screen > > If the socket read/open blocks, it won't refresh the UI either. It's > not a threaded application AFAICT. - Eero ___ maemo-developers mailing list maemo-developers@maemo.org https://maemo.org/mailman/listinfo/maemo-developers
Re: Boot bora as root
2007/4/19, Chris Taylor <[EMAIL PROTECTED]>: looks like you ran strace with /usr/bin/run-standalone.sh /usr/bin/maemo-summoner /usr/bin/osso-application-launcher I couldn't get that to work . I ran it like this (from a ssh shell): strace /usr/bin/maemo-summoner /usr/bin/osso-application-installer.launch The .launch-file is the real binary, the one without is just a symlink to maemo-invoker that tells a separate maemo-launcher process to load and run the .launch (simple, eh?-). This is a gross hack (though it does work ;) to speed up application startup time. Maemo-summoner is a tool to do that directly so you can run strace and gdb for them without recompiling to a "normal" binary. also looks like there might be some problems with gtk ... that's the best reasoning I can come up with to explain things not getting drawn to screen If the socket read/open blocks, it won't refresh the UI either. It's not a threaded application AFAICT. -- Kalle Vahlman, [EMAIL PROTECTED] Powered by http://movial.fi Interesting stuff at http://syslog.movial.fi ___ maemo-developers mailing list maemo-developers@maemo.org https://maemo.org/mailman/listinfo/maemo-developers
Re: Boot bora as root
Kalle, I did an strace: # strace -f /usr/bin/osso-application-installer but I died at a completly different location: execve("/usr/bin/osso-application-installer", ["/usr/bin/osso-application-instal"...], [/* 54 vars */]) = 0 uname({sys="Linux", node="Nokia-N800-10", ...}) = 0 brk(0) = 0x12000 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0644, st_size=17592186044416, ...}) = 0 mmap2(NULL, 20758, PROT_READ, MAP_PRIVATE, 3, 0) = 0x4000 close(3)= 0 open("/lib/libc.so.6", O_RDONLY)= 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0(\0\1\0\0\0\30\275\3"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0755, st_size=17592186044416, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40006000 mmap2(0x41028000, 1083444, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x41028000 mprotect(0x41124000, 51252, PROT_NONE) = 0 mmap2(0x4112b000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xfb) = 0x4112b000 mmap2(0x4112f000, 6196, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x4112f000 close(3)= 0 mprotect(0x4112b000, 8192, PROT_READ) = 0 mprotect(0x4101e000, 4096, PROT_READ) = 0 munmap(0x4000, 20758) = 0 brk(0) = 0x12000 brk(0x33000)= 0x33000 getpriority(PRIO_PROCESS, 0)= 20 socket(0x973c /* PF_??? */, 0xbe99086f /* SOCK_??? */, 35736) = 3 connect(38716, {sa_family=0x752f /* AF_??? */, sa_data="sr/bin/osso-ap"}, 35736) = 0 write(3, "<\227\0\0", 4)= 4 read(3, "<\227\0\0", 4) = 4 write(3, "<\227\0\0", 4)= 4 write(3, "\1\0\0\0", 4) = 4 write(3, "/usr/bin/osso-application-instal"..., 36) = 36 read(3, "\0\0\0\0", 4) = 4 write(3, "\0\0\0\0", 4) = 4 write(3, "$\0\0\0", 4) = 4 write(3, "/usr/bin/osso-application-instal"..., 43) = 43 read(3, "\0\0\0\0", 4) = 4 write(3, "\0\0\0\0", 4) = 4 write(3, "\0\0\0\0", 4) = 4 write(3, "+\0\0\0", 4) = 4 write(3, "/usr/bin/osso-application-instal"..., 36) = 36 read(3, "\0\0\0\0", 4) = 4 write(3, "\0\0\0\0", 4) = 4 write(3, "\0\0\0\0", 4) = 4 read(3, "\0\0\0\0", 4) = 4 write(3, "\0\0\0\0", 4) = 4 read(3, "\0\0\255\336", 4) = 4 read(3, "\0\0\35\35", 4)= 4 read(3, "\0\0\35\35", 4)= 4 rt_sigaction(SIGHUP, {0x8984, [], SA_RESTART|0x400}, NULL, 8) = 0 rt_sigaction(SIGINT, {0x8984, [], SA_RESTART|0x400}, NULL, 8) = 0 rt_sigaction(SIGQUIT, {0x8984, [], SA_RESTART|0x400}, NULL, 8) = 0 rt_sigaction(SIGTERM, {0x8984, [], SA_RESTART|0x400}, NULL, 8) = 0 rt_sigaction(SIGUSR1, {0x8984, [], SA_RESTART|0x400}, NULL, 8) = 0 rt_sigaction(SIGUSR2, {0x8984, [], SA_RESTART|0x400}, NULL, 8) = 0 rt_sigaction(SIGWINCH, {0x41051a50, [], 0}, NULL, 8) = 0 read(3, 0xbe990534, 4) = ? ERESTARTSYS (To be restarted) --- SIGWINCH (Window changed) @ 0 (0) --- kill(1220, SIGWINCH)= 0 sigreturn() = ? (mask now [QUIT ILL TRAP ABRT KILL SEGV]) read(3, had to ctl-c it nothing was getting drawn to the screen looks like you ran strace with /usr/bin/run-standalone.sh /usr/bin/maemo-summoner /usr/bin/osso-application-launcher I couldn't get that to work . looks like I have some of the same communication problems you're having also looks like there might be some problems with gtk ... that's the best reasoning I can come up with to explain things not getting drawn to screen ... I'm going to try to compile up application-installer and see where things go bad -Chris ___ maemo-developers mailing list maemo-developers@maemo.org https://maemo.org/mailman/listinfo/maemo-developers
Re: Boot bora as root
2007/4/18, Chris Taylor <[EMAIL PROTECTED]>: Well, still no luck on getting application installer to run the window pops up and nothing is drawn to the screen anyone have any ideas? FWIW, I have this same problem, and the process seems to block somewhere using the apt-worker sockets: open("/tmp/apt-worker.to", O_WRONLY (the line is left unfinished). A full trace showing some funny references to scratchbox and AFAICS the apt side dying ("child exited") is available for further investigations from: http://iki.fi/zuh/appman-stracelog.gz (I tend to just use apt-get so not really motivated to look into this... ;) -- Kalle Vahlman, [EMAIL PROTECTED] Powered by http://movial.fi Interesting stuff at http://syslog.movial.fi ___ maemo-developers mailing list maemo-developers@maemo.org https://maemo.org/mailman/listinfo/maemo-developers
Re: Boot bora as root
Well, still no luck on getting application installer to run the window pops up and nothing is drawn to the screen anyone have any ideas? I may have to compile up a custom version of the application installer and see where it's crapping out as far as some programs not working when unning as root per Zoran's comment, I see no reason why they shouldn't (I accept that they might not, but they probably should IMO) ... these internet tablets have a LOT of potential it's just a matter of time until Nokia or someone can squeeze whatever electronics into one of these so they can go celluar, link it with a bt headset ... combine with voice activated dialing . the more mature and closer to a multi-user environment we can the IT's the better off everyone will be ... just one man's opinion ... -Chris ___ maemo-developers mailing list maemo-developers@maemo.org https://maemo.org/mailman/listinfo/maemo-developers
Re: Boot bora as root
> That was my assumption also. I changed the occurances of use/users > (one occurance of systemui/users) to root/root in the init scripts > so I changed out all the references to /home/user to /home/root and > made a symlink from /home/root to point to /root I then copied > over (without overwrite) all the /home/user/. over to root's > home dir > I'm booting as root now > something onto the mameo wiki ... what say everyone? What was the real reason for that? I second your wish for login option. But, it is far away from all power root all the time. There exist programs that cannot work as root. In case you don't go wireless, you could play as you like, no harm. I envision troubles when particular app tries to fork and finds wrong permission. Anyway, if you have fun, it's your playground. Zoran ___ maemo-developers mailing list maemo-developers@maemo.org https://maemo.org/mailman/listinfo/maemo-developers
Re: Boot bora as root
On 4/17/07, Chris Taylor <[EMAIL PROTECTED]> wrote: simple, I don't do sudo ;) But there is no visible sudo in the GUI. Installing an app, for example, doesn't require the user switch to root or initiate gksudo. If it's just the term you're after, setting the xterm to root ownership and marking the SUID bit seems the most logical solution. The only benefit I see other than xterm is for something like a third party file manager to allow browsing--and manipulating--the full file system, but then again the filemanager could probably be "fixed" to run as root by using SUID... --Paul ___ maemo-developers mailing list maemo-developers@maemo.org https://maemo.org/mailman/listinfo/maemo-developers
Re: Boot bora as root
Yes, some rationale in such wiki page would be nice. I admit I'm baffled by this and would like to achieve enlightenment. How is this useful? Perhaps next step is running everything in kernel mode? simple, I don't do sudo ;) -Chris ___ maemo-developers mailing list maemo-developers@maemo.org https://maemo.org/mailman/listinfo/maemo-developers
Re: Boot bora as root
Paul Klapperich wrote: By nature of it being a wiki, IMHO you should go ahead and do whatever you want. I'm still now sure what benefit this gives you on an embedded device that doesn't ask for authentication anyway. Yes, some rationale in such wiki page would be nice. I admit I'm baffled by this and would like to achieve enlightenment. How is this useful? Perhaps next step is running everything in kernel mode? ___ maemo-developers mailing list maemo-developers@maemo.org https://maemo.org/mailman/listinfo/maemo-developers
Re: Boot bora as root
By nature of it being a wiki, IMHO you should go ahead and do whatever you want. I'm still now sure what benefit this gives you on an embedded device that doesn't ask for authentication anyway. --Paul On 4/17/07, Chris Taylor <[EMAIL PROTECTED]> wrote: > Whatever is launching X is going to be what tells it the user to run the > graphical environment as. That was my assumption also. I changed the occurances of use/users (one occurance of systemui/users) to root/root in the init scripts (and in a few places in /etc/osso-af-init) ...so I thought that would have worked ... turns out I forgot to set the home path as well so I changed out all the references to /home/user to /home/root and made a symlink from /home/root to point to /root I then copied over (without overwrite) all the /home/user/. over to root's home dir I'm booting as root now I hope my little set of pathetic instructions above helps people out in the future who want to boot as root. If there's demand, and the os dev team doesn't object ... I can post something onto the mameo wiki ... what say everyone? -Chris ___ maemo-developers mailing list maemo-developers@maemo.org https://maemo.org/mailman/listinfo/maemo-developers ___ maemo-developers mailing list maemo-developers@maemo.org https://maemo.org/mailman/listinfo/maemo-developers
Re: Boot bora as root
Whatever is launching X is going to be what tells it the user to run the graphical environment as. That was my assumption also. I changed the occurances of use/users (one occurance of systemui/users) to root/root in the init scripts (and in a few places in /etc/osso-af-init) ...so I thought that would have worked ... turns out I forgot to set the home path as well so I changed out all the references to /home/user to /home/root and made a symlink from /home/root to point to /root I then copied over (without overwrite) all the /home/user/. over to root's home dir I'm booting as root now I hope my little set of pathetic instructions above helps people out in the future who want to boot as root. If there's demand, and the os dev team doesn't object ... I can post something onto the mameo wiki ... what say everyone? -Chris ___ maemo-developers mailing list maemo-developers@maemo.org https://maemo.org/mailman/listinfo/maemo-developers
Re: Boot bora as root
Whatever is launching X is going to be what tells it the user to run the graphical environment as. On a desktop it's GDM, XDM, or KDM. Poke around in /etc/init.d/ and figure out which one it is, and then on a desktop linux system or using google figure out what you need to do for automatic user login for the system in place. Since this is an embedded system, it could be something as simple as setting the SUID of some binary and changing that binary from owner user to owner root. I'd do more poking around on my own, but my device has been boot locked for a week or so and I haven't had time to repair it. There's also a chance that because of how things are constructed what you're trying to do is simply not feasible, or at least non-trivial. Mind if I ask why it is you need to be running as the root user? There could be some simplier hacks--like making the file manager run as root--that would accomplish the same thing your trying to do. Oh, and also, "you shouldn't run as root." ;) --Paul On 4/17/07, Chris Taylor <[EMAIL PROTECTED]> wrote: Hello all, I was wondering if someone could give me a little guidance on getting bora on the N800 to boot as root. I've tried the following: giving user a uid/gid of 0/0 editing the init scripts to run as root/root and the gui as root/root also tried systemui/root loading the developer fs (thougth for sure that would boot as root) If someone could point me in the right direction, I would appreicate it. And just to starve off the 'you shouldn't run as root' arguement yes I realize that ... but I want to so let's not argue the merits of not running as root. what I'd really like is a login Thank you for your time and help. Respectfully, Christopher Taylor ___ maemo-developers mailing list maemo-developers@maemo.org https://maemo.org/mailman/listinfo/maemo-developers ___ maemo-developers mailing list maemo-developers@maemo.org https://maemo.org/mailman/listinfo/maemo-developers
Boot bora as root
Hello all, I was wondering if someone could give me a little guidance on getting bora on the N800 to boot as root. I've tried the following: giving user a uid/gid of 0/0 editing the init scripts to run as root/root and the gui as root/root also tried systemui/root loading the developer fs (thougth for sure that would boot as root) If someone could point me in the right direction, I would appreicate it. And just to starve off the 'you shouldn't run as root' arguement yes I realize that ... but I want to so let's not argue the merits of not running as root. what I'd really like is a login Thank you for your time and help. Respectfully, Christopher Taylor ___ maemo-developers mailing list maemo-developers@maemo.org https://maemo.org/mailman/listinfo/maemo-developers
Re: Boot bora as root
On Tue, 2007-04-17 at 11:31 -0400, Chris Taylor wrote: > what I'd really like is a login Install a SSH server and you can just ssh [EMAIL PROTECTED] Ross -- Ross Burton mail: [EMAIL PROTECTED] jabber: [EMAIL PROTECTED] www: http://www.burtonini.com./ PGP Fingerprint: 1A21 F5B0 D8D0 CFE3 81D4 E25A 2D09 E447 D0B4 33DF ___ maemo-developers mailing list maemo-developers@maemo.org https://maemo.org/mailman/listinfo/maemo-developers