On 7 October 2011 11:14, Antoine Martin <[email protected]> wrote: > On 07/10/11 13:20, Antoine Martin wrote:
>> That's the idea.. It is meant to continue to prevent non-root users from >> using the suid wrapper to load arbitrary modules, config files or write >> to user-specified log files. >>> Still I cannot run X server with these arguments when I use su to log >>> in as root. >> Well, then this is an unintended problem. >> I suspect this is a consequence of using the euid/guid/ruid checks that >> Alan suggested here: >> http://www.mail-archive.com/[email protected]/msg25259.html >> Maybe those checks are a little too stringent for sudo/su vs suid wrappers? > Are you sure you can't run the X server after "su"ing to root? > This is what I get on an Ubuntu Lucid box when calling via the X wrapper: > $ su - > Password: > # X -v > ruid=0, euid=0, suid=0 > rgid=0, egid=0, sgid=0 I don't know where you get this. My X wrapper does not provide this option: # X -v Fatal server error: Server is already active for display 0 If this server is no longer running, remove /tmp/.X0-lock and start again. Please consult the The X.Org Foundation support at http://wiki.x.org for help. > > Looks ok to me, ruid==euid==suid so xf86PrivsElevated() returns FALSE. > The behaviour should be unchanged from before when using sudo or su. > What's the error message you are getting in this case? > The full command line and error would be nice, as well as distro and > versions. $ su - Password: OptiPlex960:~# Xorg +extension GLX +extension RANDR +extension RENDER -logfile /scratch/xdummy.log :1 Fatal server error: The '-logfile' option cannot be used with elevated privileges. Please consult the The X.Org Foundation support at http://wiki.x.org for help. Obviously, I am running with "eleveated privileges" which is technically true. Note that I normally use 'su' without any options which gives the same error. dpkg -S `which su` login: /bin/su ii login 1:4.1.4.2+svn3283-2+squeeze1 system login tools ii libc6 2.13-21 Embedded GNU C Library: Shared libraries I hope this provides the required info. Thanks Michal _______________________________________________ [email protected]: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
