Matthieu Herrb <matth...@openbsd.org> wrote: > On Fri, Mar 05, 2021 at 09:10:32PM +0300, Vadim Zhukov wrote: > > чт, 4 мар. 2021 г. в 02:02, Vadim Zhukov <persg...@gmail.com>: > > > > > > Hello all. > > > > > > Since xenodm has DEF_USER_AUTH_DIR set to "/tmp", we need to ignore > > > /tmp/.Xauth* in daily cleanup, don't we? > > > > > > Found the hard way a few minutes ago on my X240. > > > > Thanks sthen@, I've realized this happens only when xenodm could not > > create ~/.Xauthority. In my case this happens because my laptop starts > > with /home mounted read-only, but there may be others. Mattieu, the > > xenodm logic itself is correct, right? If yes, anyone brave enough to > > okay the diff below then? :-) > > Hi, > > Yes I think the xenodm logic (inherithed from xdm) is correct. > > Althoug in my experience, when an X session cnnot write to $HOME it > generally doesn't get very far (iirc not beeing able to write to > .xsession-errors used to be fatal)... > > Anyways ok to skip that directory if it exists in daily.
It is not a directory -- it is a file. I don't understand how this file is created. Well-known names in /tmp are raceable -- therefore we and others increasingly use directories containing files as a safer pattern. Where is the code that creates this file? Is it safe? I am suspicious. I strongly disagree with the pattern ".Xauth*". It should be EXACT. If someone else creates a file called .Xauthsadflkjdsaf, it should not be deleted. As a final point, is this strategy of considering /tmp a safe place acceptable at all? If $HOME doesn't work, why not just have X fail to work correctly and consider this "fail over to /tmp" a junk idea from the past? > > > > > Index: daily > > > =================================================================== > > > RCS file: /cvs/src/etc/daily,v > > > retrieving revision 1.95 > > > diff -u -p -r1.95 daily > > > --- daily 20 Oct 2020 22:42:29 -0000 1.95 > > > +++ daily 3 Mar 2021 22:58:28 -0000 > > > @@ -49,7 +49,7 @@ if [ -d /tmp -a ! -L /tmp ]; then > > > cd /tmp && { > > > find -x . \ > > > \( -path './ssh-*' -o -path ./.X11-unix -o -path ./.ICE-unix \ > > > - -o -path './tmux-*' \) \ > > > + -o -path './tmux-*' -o -path './.Xauth*' \) \ > > > -prune -o -type f -atime +7 -delete 2>/dev/null > > > find -x . -type d -mtime +1 ! -path ./vi.recover ! -path > > > ./.X11-unix \ > > > ! -path ./.ICE-unix ! -name . \ > > > > -- > > WBR, > > Vadim Zhukov > > -- > Matthieu Herrb >