Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[SOLVED] parse_vt_settings cannot open /dev/tty0 permission
View unanswered posts
View posts from last 24 hours
View posts from last 7 days

Goto page 1, 2  Next  
Reply to topic    Gentoo Forums Forum Index Desktop Environments
View previous topic :: View next topic  
Author Message
zhqtdhzh
n00b
n00b


Joined: 11 Sep 2016
Posts: 9

PostPosted: Wed Oct 19, 2016 7:25 am    Post subject: [SOLVED] parse_vt_settings cannot open /dev/tty0 permission Reply with quote

Hi all penguines,

I cannot launch up any instance of /usr/bin/X from non-root account. What's probable reasons? Is it because I have compiled x11-base/xorg-server without the suid flag?

I'd like to have your knowledge in advance to another re-compilation of xorg-server, because the related laptop, albeit low voltage and performance, is running for a VERY long updating task. UNDISRUPTABLE, imho.

My log file goes as following:[/code]
Code:
[ 56778.572]
X.Org X Server 1.18.4
Release Date: 2016-07-19
[ 56778.575] X Protocol Version 11, Revision 0
[ 56778.576] Build Operating System: Linux 4.4.6-gentoo i686 Gentoo
[ 56778.577] Current Operating System: Linux ultralow 4.4.6-gentoo #4 SMP Fri Oct 7 20:12:08 CST 2016 i686
[ 56778.578] Kernel command line: BOOT_IMAGE=/vmlinuz-4.4.6-gentoo root=/dev/mapper/gentoo--root-gentoo--root--netbook--0 ro dolvm domdadm rootfstype=ext4
[ 56778.581] Build Date: 06 October 2016  03:27:54PM
[ 56778.582] 
[ 56778.584] Current version of pixman: 0.34.0
[ 56778.587]    Before reporting problems, check http://wiki.x.org
   to make sure that you have the latest version.
[ 56778.588] Markers: (--) probed, (**) from config file, (==) default setting,
   (++) from command line, (!!) notice, (II) informational,
   (WW) warning, (EE) error, (NI) not implemented, (??) unknown.
[ 56778.595] (==) Log file: "/home/zhqtdhzh/.local/share/xorg/Xorg.4.log", Time: Wed Oct 19 13:12:33 2016
[ 56778.697] (==) Using config directory: "/etc/X11/xorg.conf.d"
[ 56778.700] (==) Using system config directory "/usr/share/X11/xorg.conf.d"
[ 56778.731] (==) No Layout section.  Using the first Screen section.
[ 56778.731] (==) No screen section available. Using defaults.
[ 56778.731] (**) |-->Screen "Default Screen Section" (0)
[ 56778.731] (**) |   |-->Monitor "<default monitor>"
[ 56778.752] (==) No device specified for screen "Default Screen Section".
   Using the first device section listed.
[ 56778.753] (**) |   |-->Device "intel"
[ 56778.753] (**) |   |-->GPUDevice "modesetting"
[ 56778.753] (==) No monitor specified for screen "Default Screen Section".
   Using a default monitor configuration.
[ 56778.753] (==) Automatically adding devices
[ 56778.753] (==) Automatically enabling devices
[ 56778.753] (==) Automatically adding GPU devices
[ 56778.753] (==) Max clients allowed: 256, resource mask: 0x1fffff
[ 56778.753] (WW) The directory "/usr/share/fonts/TTF/" does not exist.
[ 56778.753]    Entry deleted from font path.
[ 56778.753] (WW) The directory "/usr/share/fonts/OTF/" does not exist.
[ 56778.753]    Entry deleted from font path.
[ 56778.753] (WW) The directory "/usr/share/fonts/Type1/" does not exist.
[ 56778.753]    Entry deleted from font path.
[ 56778.753] (WW) `fonts.dir' not found (or not valid) in "/usr/share/fonts/100dpi/".
[ 56778.753]    Entry deleted from font path.
[ 56778.753]    (Run 'mkfontdir' on "/usr/share/fonts/100dpi/").
[ 56778.753] (WW) `fonts.dir' not found (or not valid) in "/usr/share/fonts/75dpi/".
[ 56778.753]    Entry deleted from font path.
[ 56778.753]    (Run 'mkfontdir' on "/usr/share/fonts/75dpi/").
[ 56778.753] (==) FontPath set to:
   /usr/share/fonts/misc/
[ 56778.753] (==) ModulePath set to "/usr/lib/xorg/modules"
[ 56778.753] (II) The server relies on udev to provide the list of input devices.
   If no devices become available, reconfigure udev or disable AutoAddDevices.
[ 56778.759] (II) Loader magic: 0x829b680
[ 56778.759] (II) Module ABI versions:
[ 56778.759]    X.Org ANSI C Emulation: 0.4
[ 56778.759]    X.Org Video Driver: 20.0
[ 56778.759]    X.Org XInput driver : 22.1
[ 56778.759]    X.Org Server Extension : 9.0
[ 56778.760] (II) xfree86: Adding drm device (/dev/dri/card0)
[ 56778.762] (--) PCI:*(0:0:2:0) 8086:22b1:1d05:101a rev 33, Mem @ 0x80000000/16777216, 0x90000000/268435456, I/O @ 0x0000f000/64
[ 56778.763] (II) LoadModule: "glx"
[ 56778.763] (II) Loading /usr/lib/xorg/modules/extensions/libglx.so
[ 56778.773] (II) Module glx: vendor="X.Org Foundation"
[ 56778.773]    compiled for 1.18.4, module version = 1.0.0
[ 56778.773]    ABI class: X.Org Server Extension, version 9.0
[ 56778.773] (==) AIGLX enabled
[ 56778.773] (II) LoadModule: "intel"
[ 56778.773] (II) Loading /usr/lib/xorg/modules/drivers/intel_drv.so
[ 56778.773] (II) Module intel: vendor="X.Org Foundation"
[ 56778.773]    compiled for 1.18.4, module version = 2.99.917
[ 56778.773]    Module class: X.Org Video Driver
[ 56778.773]    ABI class: X.Org Video Driver, version 20.0
[ 56778.773] (II) LoadModule: "modesetting"
[ 56778.774] (II) Loading /usr/lib/xorg/modules/drivers/modesetting_drv.so
[ 56778.796] (II) Module modesetting: vendor="X.Org Foundation"
[ 56778.796]    compiled for 1.18.4, module version = 1.18.4
[ 56778.796]    Module class: X.Org Video Driver
[ 56778.796]    ABI class: X.Org Video Driver, version 20.0
[ 56778.796] (II) intel: Driver for Intel(R) Integrated Graphics Chipsets:
   i810, i810-dc100, i810e, i815, i830M, 845G, 854, 852GM/855GM, 865G,
   915G, E7221 (i915), 915GM, 945G, 945GM, 945GME, Pineview GM,
   Pineview G, 965G, G35, 965Q, 946GZ, 965GM, 965GME/GLE, G33, Q35, Q33,
   GM45, 4 Series, G45/G43, Q45/Q43, G41, B43
[ 56778.797] (II) intel: Driver for Intel(R) HD Graphics: 2000-6000
[ 56778.797] (II) intel: Driver for Intel(R) Iris(TM) Graphics: 5100, 6100
[ 56778.797] (II) intel: Driver for Intel(R) Iris(TM) Pro Graphics: 5200, 6200, P6300
[ 56778.797] (II) modesetting: Driver for Modesetting Kernel Drivers: kms
[ 56778.797] (EE)
Fatal server error:
[ 56778.801] (EE) parse_vt_settings: Cannot open /dev/tty0 (Permission denied)
[ 56778.804] (EE)
[ 56778.806] (EE)
Please consult the The X.Org Foundation support
    at http://wiki.x.org
 for help.
[ 56778.816] (EE) Please also check the log file at "/home/zhqtdhzh/.local/share/xorg/Xorg.4.log" for additional information.
[ 56778.819] (EE)


Last edited by zhqtdhzh on Sun Oct 23, 2016 2:36 pm; edited 1 time in total
Back to top
View user's profile Send private message
zhqtdhzh
n00b
n00b


Joined: 11 Sep 2016
Posts: 9

PostPosted: Wed Oct 19, 2016 11:39 am    Post subject: Reply with quote

after reading https://forums.gentoo.org/viewtopic-t-1051962.html?sid=d84eb076909b7ef58512d5f7ec9b5072, I tried my own adventure.

1. Create new rule to make device files readable
Code:
# cat /lib/udev/rules.d/50-udev-default.rules | sed  -n "21{s/0620/0660/;p}" > /etc/udev/rules.d/mytty.rules
# udevadm control --reload
# udevadm trigger


2. Add user into supplement group 'tty'. This is a dangerous according to my referred post.
Code:
# usermod -aG tty user


3. Logout and Login

4. Try Xorg and it reports:
Code:
xf86EnableIOPorts failed to set IOPL for I/O operation not permitted
, and found no screen in config files.

5. Read log file to find permission to operate on /dev/dri/card0 is disallowed.

6.
Code:
# usermod -aG video user
to have an additional supplement group for me.

7. Logout and login

8. Try Xorg. There is no more (EE) message, and I have an 'X desktop'. Hooray.

9. But my touchpad is not working. Try search Internet to find this link:https://wiki.gentoo.org/wiki/Non_root_Xorg. Gentoo's wiki is so gr~r~eat. Why not have been found it earlier?

10. Find my laptop dead. Not only a unworking touchpad, there also are blalcked-out screen and keyboard due to energe-saving..(by apmd or acpid?)

11. While waiting for one or two days for completing the updating task to make sure my laptop power off safely, noobs having a Xorg server compiled without suid flag, like me, are warned here:

Just refer to the wiki page, "Non root Xorg". It's at https://wiki.gentoo.org/wiki/Non_root_Xorg.
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 21490

PostPosted: Thu Oct 20, 2016 1:50 am    Post subject: Reply with quote

I knew the bad advice in that thread would cause problems. I just did not expect it to mislead someone so quickly.
Back to top
View user's profile Send private message
zhqtdhzh
n00b
n00b


Joined: 11 Sep 2016
Posts: 9

PostPosted: Sat Oct 22, 2016 4:35 am    Post subject: Reply with quote

Nice you, Hu. Supposedly my laptop go dumb because I was not in input group at that time.



The wiki page, non_root_Xorg ignores a possbility which should result in the error as in the title of this post.

Let's look at the more secure alternative method which arranges user NOT in input or tty group.
When I had conditions like:
====================
/dev/event0 root input
...
/dev/event10 root input
/dev/mice root input
/dev/mouse0 root input

/usr/bin/Xorg -rwxr-s-r-x root input

/dev/tty[1-4] crw--w----root tty
/dev/tty5 crw------- user tty # user had logged on this tty
/dev/tty6 crw--w---- root tty

user groups: user, video
==================
".. parse_vt_settings: .. /dev/tty0 ..permission .."

solution: add user into wheel group (or maybe root group :) ).
----found by my fingers. :wink:

I don't know where wheel's power comes from in detail, but it works.
Better add this fact into wiki.gentoo.org/wiki/non_root_Xorg by someone of you gentoos.

regards.

===================
Well been shamefully provided a totally wrong recommend, I'm here to reclaim that: non_root_Xorg page is all right. Never bother to wheel group for permission thingies. Specifying a wrong (unlogged on) virtual terminal simly leads to tty reading operation to fail. If any user logged on via tty5, then append "vt5" onto server's options of xinit/startx in command line...(after the "--").
Back to top
View user's profile Send private message
i92guboj
Bodhisattva
Bodhisattva


Joined: 30 Nov 2004
Posts: 10315
Location: Córdoba (Spain)

PostPosted: Fri Oct 27, 2017 10:41 am    Post subject: Reply with quote

Hi.

I've been hit by this today. Why today, it's unknown to me. All of a sudden, I could no longer startx.

Nice, after trying a few things I noticed I could downgrade xorg-server and a "suid" USE flag was to be added. That seems fantastic, since we've been told since our kindergarten times that running X as root is bad bad bad. B-A-D.

So, the proposed to solutions are:

A) follow some weird wiki page to try to get the DEFAULT setup fixed, with mixed degrees of success, from what I've read around
B) open your throat and taste X as root, either by suid, wheel or, just be brave, by directly logging in as root (why not? same nonsense)

Before openly declaring what I think about this (you might already have an intuition :lol: ), I'd truly like to know what the hell is going on here or if there's something basic that I have missed during these last years.
Back to top
View user's profile Send private message
Wizumwalt
Guru
Guru


Joined: 20 Aug 2006
Posts: 547

PostPosted: Sat Nov 03, 2018 9:30 pm    Post subject: Reply with quote

Just got hit by this today. Was there ever a "proper" fix for this as opposed to all the methods of running X as root?
Back to top
View user's profile Send private message
Anon-E-moose
Watchman
Watchman


Joined: 23 May 2008
Posts: 6095
Location: Dallas area

PostPosted: Sat Nov 03, 2018 10:00 pm    Post subject: Reply with quote

Not sure about a proper method but ... on my single user system

I added my user to input, video and tty groups
chown of /dev/tty7 to my user

Now I can start X as regular user, all I do is "startx" I don't supply the vt parm.
If you wanted to use some other vt, then it would be trivial to chown of that vt.

It would even be easy to modify startx or wrap a script around it to change the owner of the tty/vt and then change it back afterward with something like sudo.

And yes, they changed the "suid use flag" from the xorg-server ebuild, first they removed it in favor of using the systemd use flag, after a number of people complained, they then added it back, but it's not on by default, if you want suid, then add it in package.use.

Note: I made the modifications yesterday and so far no problems with running X as my user.

ETA: https://wiki.gentoo.org/wiki/Non_root_Xorg
_________________
PRIME x570-pro, 3700x, 6.1 zen kernel
gcc 13, profile 17.0 (custom bare multilib), openrc, wayland
Back to top
View user's profile Send private message
Wizumwalt
Guru
Guru


Joined: 20 Aug 2006
Posts: 547

PostPosted: Sat Nov 03, 2018 10:24 pm    Post subject: Reply with quote

So I added my user to input, video, and tty. Before I was getting a perm denied on /dev/tty0. Now I'm getting:

Cannot open virtual console 7 (Permission denied)

And I'm not sure what device "virtual console 7" is.

All I do to start x is the same as you, "startx" with no params.
Back to top
View user's profile Send private message
Anon-E-moose
Watchman
Watchman


Joined: 23 May 2008
Posts: 6095
Location: Dallas area

PostPosted: Sat Nov 03, 2018 10:28 pm    Post subject: Reply with quote

Wizumwalt wrote:
So I added my user to input, video, and tty. Before I was getting a perm denied on /dev/tty0. Now I'm getting:

Cannot open virtual console 7 (Permission denied)

And I'm not sure what device "virtual console 7" is.

All I do to start x is the same as you, "startx" with no params.


what does "ls -l /dev/tty7" return
_________________
PRIME x570-pro, 3700x, 6.1 zen kernel
gcc 13, profile 17.0 (custom bare multilib), openrc, wayland
Back to top
View user's profile Send private message
Wizumwalt
Guru
Guru


Joined: 20 Aug 2006
Posts: 547

PostPosted: Sat Nov 03, 2018 10:30 pm    Post subject: Reply with quote

$ls -l appears as follows:
Code:
crw--w---- 1 root tty 4, 7 Nov  3 12:21 /dev/tty7
Back to top
View user's profile Send private message
Anon-E-moose
Watchman
Watchman


Joined: 23 May 2008
Posts: 6095
Location: Dallas area

PostPosted: Sat Nov 03, 2018 10:32 pm    Post subject: Reply with quote

"chown <your user name> /dev/tty7"

This will reset every time you reboot (if I'm not mistaken), although a udev rule could be made to have it set to your user on reboot.

I wouldn't do it this way on a multi-user system, but for a single user, there's no problem.
_________________
PRIME x570-pro, 3700x, 6.1 zen kernel
gcc 13, profile 17.0 (custom bare multilib), openrc, wayland
Back to top
View user's profile Send private message
Wizumwalt
Guru
Guru


Joined: 20 Aug 2006
Posts: 547

PostPosted: Sat Nov 03, 2018 10:35 pm    Post subject: Reply with quote

Ugh, and that's how it has to be done? That just doesn't seem right.

Thanks for that though, helpful. I'm just surprised we're a year or more w/ this issue and that's the best we have.
Back to top
View user's profile Send private message
Anon-E-moose
Watchman
Watchman


Joined: 23 May 2008
Posts: 6095
Location: Dallas area

PostPosted: Sat Nov 03, 2018 10:37 pm    Post subject: Reply with quote

As I said it could be done by way of modifying startx, and probably cleaner that way, but on my single user system, I just don't care. :lol:
_________________
PRIME x570-pro, 3700x, 6.1 zen kernel
gcc 13, profile 17.0 (custom bare multilib), openrc, wayland
Back to top
View user's profile Send private message
Anon-E-moose
Watchman
Watchman


Joined: 23 May 2008
Posts: 6095
Location: Dallas area

PostPosted: Sat Nov 03, 2018 10:45 pm    Post subject: Reply with quote

For example, we'll use sudo to change things.

Lets say user is "joe" add this to sudoers file
Code:

joe ALL=(ALL) NOPASSWD: /bin/chown joe /dev/tty7
joe ALL=(ALL) NOPASSWD: /bin/chown root /dev/tty7

Add this to the beginning of startx
Code:

sudo /bin/chown joe /dev/tty7

at the end of startx, after the xinit call add
Code:

sudo /bin/chown root /dev/tty7


I haven't tested it, but it should work.

With a little thought and some scripting, it should be easy enough to manage both sudoers and startx for even several people.

ETA: startx could even be modified to add the user to the proper groups, and then remove them at the end of the session.
This isn't rocket science.

As the top of the startx file says
Code:
# This is just a sample implementation of a slightly less primitive
# interface than xinit. It looks for user .xinitrc and .xserverrc
# files, then system xinitrc and xserverrc files, else lets xinit choose
# its default. The system xinitrc should probably do things like check
# for .Xresources files and merge them in, start up a window manager,
# and pop a clock and several xterms.

_________________
PRIME x570-pro, 3700x, 6.1 zen kernel
gcc 13, profile 17.0 (custom bare multilib), openrc, wayland
Back to top
View user's profile Send private message
rogerx
Tux's lil' helper
Tux's lil' helper


Joined: 06 Apr 2004
Posts: 118

PostPosted: Tue Nov 06, 2018 11:35 pm    Post subject: Reply with quote

Think I tracked this offending device file permissions problem down to the file "/etc/init.d/devfs" at line 92:

-- "devpts /dev/pts 0755 ,gid=5,mode=0620 devpts"
++ "devpts /dev/pts 0755 ,gid=5,mode=0660 devpts"

This should resolve this over-reaching power/control problem. (I'll test with a reboot in another 30 minutes.)

This file is apparently provided by the sys-apps/openrc, now that's a surprise and am now wondering what caused this. Further research shows the 0620 permissions were instated during or prior to the year 2014. It's possibly something now in 2018 is now executing this file, and was likely haphazardly inactive for the past years. (eg. rc start/stop on boot/default)

(Putting chown/chmod into the your sudo file is probably not a good idea.)

UPDATE:
I've rebooted and the above doesn't solve this permissions/group problem. Even after modifying another line, at line #72:
[ -c /dev/tty1 ] || mknod -m 620 /dev/tty1 c 4 1

Might be I have to reboot into a rescue mode and manually augment these files, but so far it looks like something within /etc/init.d/devfs is definitely triggering and enforcing 0620 regardless of stating 0660! (eg. Execute "rc-service devfs restart" reverts to 0620!)
_________________
Roger
http://rogerx.freeshell.org/
Back to top
View user's profile Send private message
jesnow
l33t
l33t


Joined: 26 Apr 2006
Posts: 856

PostPosted: Sun Aug 02, 2020 7:42 pm    Post subject: Reply with quote

I can't believe I'm in 2020 suddenly caught by this after a world update.

What is the approved solution?

jon
Back to top
View user's profile Send private message
SlashBeast
Retired Dev
Retired Dev


Joined: 23 May 2006
Posts: 2922

PostPosted: Sun Aug 02, 2020 7:55 pm    Post subject: Reply with quote

You have most definitely different problem than what was discussed here years ago. Check https://wiki.gentoo.org/wiki/Non_root_Xorg and create new thread if you need help.
Back to top
View user's profile Send private message
jesnow
l33t
l33t


Joined: 26 Apr 2006
Posts: 856

PostPosted: Sun Aug 02, 2020 7:59 pm    Post subject: Reply with quote

Thanks for the quick response!

It sure seems like the same issue, as chown user:users /dev/tty0 worked.

I've never run startx any other way than as user, but maybe the issues is with elogind or xorg not being suid? I don't really want to know, I just want it to work.

edit: it was indeed a problem with missing elogind use flag. Disable the consolekit use flag (also in /etc/portage/package.use) and re-emerge -DNu world.

Cheers,

Jon.
Back to top
View user's profile Send private message
rogerx
Tux's lil' helper
Tux's lil' helper


Joined: 06 Apr 2004
Posts: 118

PostPosted: Sun Aug 02, 2020 11:38 pm    Post subject: Reply with quote

Recently ran into this bug again last week after an emerge world.

It's caused by udev rules.

I recently just created a custom rule to also also group read/write on /dev/tty* devices. Easily done by searching google.
_________________
Roger
http://rogerx.freeshell.org/
Back to top
View user's profile Send private message
superdeez
n00b
n00b


Joined: 10 May 2015
Posts: 59

PostPosted: Tue Aug 11, 2020 1:01 am    Post subject: Reply with quote

While doing my weekly updates I ran across this myself on my spare box and my laptop both.

Putting my user in the tty group made it change to the
Code:
can't open vt7 (permission denied)
or whatever it said.

I looked at the guide here: https://wiki.gentoo.org/wiki/Non_root_Xorg

On both machines I had to add dbus to the default runlevel. I rebooted and it began to work.

Not sure if this is what does this, but running startx now puts X on whatever vt I logged in on. My mainbox has done that for some time so maybe I ran into the trouble there and forgot about it. That closes the old security hole that someone could <ctrl+C> and get to a prompt.

Spare box works as well as an old P4 can. Laptop has an input problem now, but that's for another thread. Hope this helps
Back to top
View user's profile Send private message
Tony0945
Watchman
Watchman


Joined: 25 Jul 2006
Posts: 5127
Location: Illinois, USA

PostPosted: Tue Aug 11, 2020 2:24 am    Post subject: Reply with quote

I just added suid to xorg-server in package.use and it runs like it has for the last twelve years. no muss. no fuss. Just works.

This is not a business machine. It's a desktop private PC in a home with no children. Just me and my computerphobic wife. (I answer her e-mail).
Back to top
View user's profile Send private message
dartleader
Tux's lil' helper
Tux's lil' helper


Joined: 21 Apr 2019
Posts: 118

PostPosted: Thu Aug 27, 2020 1:20 am    Post subject: Reply with quote

I ran into this problem today and simply adding elogind to my default runlevel fixed the problem upon logging out/back in.
Back to top
View user's profile Send private message
Duncan Mac Leod
Guru
Guru


Joined: 02 May 2004
Posts: 304
Location: Germany

PostPosted: Mon Sep 07, 2020 11:45 am    Post subject: Reply with quote

Tony0945 wrote:
I just added suid to xorg-server in package.use and it runs like it has for the last twelve years. no muss. no fuss. Just works.

This is not a business machine. It's a desktop private PC in a home with no children. Just me and my computerphobic wife. (I answer her e-mail).


Just trying your suggestion with suid... - works :-) !!

...and your "(I answer her e-mail)": LOL, GREAT ;-)
Back to top
View user's profile Send private message
sbr
n00b
n00b


Joined: 02 Jun 2019
Posts: 8

PostPosted: Tue Sep 08, 2020 4:53 pm    Post subject: Reply with quote

FWIW, adding elogind to default runlevel, starting it, logging out and back in worked for me.

Code:
rc-config add elogind default
rc-service elogind start
Back to top
View user's profile Send private message
Ant P.
Watchman
Watchman


Joined: 18 Apr 2009
Posts: 6920

PostPosted: Wed Sep 09, 2020 12:59 am    Post subject: Reply with quote

I avoid these problems by running X as a root service.

I don't care that it's insecure. I have no interest in installing bloat like elogind and all information about running unpriv X without that has been deemed contraband by the devs.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Desktop Environments All times are GMT
Goto page 1, 2  Next
Page 1 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum