View previous topic :: View next topic |
Author |
Message |
Jaglover Watchman
Joined: 29 May 2005 Posts: 8291 Location: Saint Amant, Acadiana
|
Posted: Fri Dec 03, 2021 12:38 am Post subject: startx - RIP? |
|
|
After xorg-server upgrade to 21.1.1 X won't start with startx any more, USE=suid. "Cannot connect to X server" is the error. Some input devices related errors in log. I had no time to mess with it, had to downgrade quick.
Is startx supposed to work with 21.1.1 and suid binary? _________________ My Gentoo installation notes.
Please learn how to denote units correctly! |
|
Back to top |
|
|
turtles Veteran
Joined: 31 Dec 2004 Posts: 1653
|
Posted: Fri Dec 03, 2021 1:47 am Post subject: Re: startx - RIP? |
|
|
I seriously hope xorg server would not do that to us.
Jaglover wrote: | After xorg-server upgrade to 21.1.1 |
21.1.1? is that a type o?
on my system I see
x11-base/xorg-server
Available versions: 1.20.13-r1(0/1.20.13)
Installed versions: 1.20.13-r1(0/1.20.13)
EDIT nevermind i see it in ~ ~21.1.1-r2 _________________ Donate to Gentoo |
|
Back to top |
|
|
sam_ Developer
Joined: 14 Aug 2020 Posts: 1670
|
Posted: Fri Dec 03, 2021 2:11 am Post subject: |
|
|
Not aware of it being broken (this is the first report I've seen). Don't think this would happen intentionally upstream because some devices still need it.
Could you share Xorg.log? May end up needing you to file a bug if it's somehow related to the Meson port (this is possible): could be either a flaw in the ebuild or in the upstream build system. As you might know, the Meson port was a looooong time in the making upstream and suffered a huge amount of churn. |
|
Back to top |
|
|
Jaglover Watchman
Joined: 29 May 2005 Posts: 8291 Location: Saint Amant, Acadiana
|
Posted: Fri Dec 03, 2021 4:37 am Post subject: |
|
|
sam_ wrote: | Not aware of it being broken (this is the first report I've seen). Don't think this would happen intentionally upstream because some devices still need it. |
Yeah, for instance I have a Kodi frontend which I set up to have CLI autologin and run Kodi directly on Xorg. When I power it up it goes straight to Kodi. How silly it would be to have all that login cruft there. Not to mention embedded devices.
sam_ wrote: | Could you share Xorg.log? May end up needing you to file a bug if it's somehow related to the Meson port (this is possible): could be either a flaw in the ebuild or in the upstream build system. As you might know, the Meson port was a looooong time in the making upstream and suffered a huge amount of churn. |
Thanks for looking into this, I will try again tomorrow and post here. _________________ My Gentoo installation notes.
Please learn how to denote units correctly! |
|
Back to top |
|
|
Jaglover Watchman
Joined: 29 May 2005 Posts: 8291 Location: Saint Amant, Acadiana
|
Posted: Fri Dec 03, 2021 1:49 pm Post subject: |
|
|
Now I can't run Xorg at all. I had 'exec /usr/bin/X -listen tcp' in my ~/.xserverrc. With this line and old xorg-server-1.20.13 when I execute startx it runs. When I remove my ~/.xserverrc then even old Xorg won't run. I vaguely remember there was a need to specify tty in startx command line? Can someone refresh my memory, please. I need to get the old Xorg running properly before doing anything else. _________________ My Gentoo installation notes.
Please learn how to denote units correctly! |
|
Back to top |
|
|
smartding Tux's lil' helper
Joined: 22 Jan 2021 Posts: 129
|
Posted: Fri Dec 03, 2021 2:54 pm Post subject: |
|
|
Jaglover wrote: | I vaguely remember there was a need to specify tty in startx command line? Can someone refresh my memory, please. I need to get the old Xorg running properly before doing anything else. |
No, there's no need to specify tty for startx.
I tried xorg-server 21.1.1-3 on archlinux, I can start Xorg with startx without any issue.
On archlinux, the Xorg process is running as a normal user without setuid. Have you tried rootless Xorg? https://wiki.gentoo.org/wiki/Non_root_Xorg |
|
Back to top |
|
|
swanson Tux's lil' helper
Joined: 04 Jun 2004 Posts: 147 Location: Edinburgh, Scotland
|
Posted: Fri Dec 03, 2021 3:42 pm Post subject: |
|
|
Coincidently had the same issue after updating to xorg-server 21.1.1 for with Kodi started via xinit from an init script.
The problem is that meson build does not support the autotools build option install-setuid and when not using systemd or logind the suid_wrapper is not equivalent as it does not resolve tty or input device permissions unless /etc/X11/Xwrapper.config is created with;
Code: | allowed_users = anybody
needs_root_rights = yes |
(Note that setting needs_root_rights=auto only checks required video card permissions and nothing else.)
Which is just the same as setting /usr/bin/Xorg suid as the old ebuild using autotools did with install-setuid. So if we're not using systemd or logind and running startx or xinit from the console or init scripts we might as well skip the wrapper.
Pull request to fix is in PR23160 to revert to previous ebuilds autotools behaviour. _________________ Alan. |
|
Back to top |
|
|
Jaglover Watchman
Joined: 29 May 2005 Posts: 8291 Location: Saint Amant, Acadiana
|
|
Back to top |
|
|
swanson Tux's lil' helper
Joined: 04 Jun 2004 Posts: 147 Location: Edinburgh, Scotland
|
Posted: Fri Dec 03, 2021 7:00 pm Post subject: |
|
|
Ok, but still a potentially valid issue though as you'll get the xinit: unable to connect to X server: Connection refused error after parse_vt_settings: Cannot open /dev/tty0 (No such file or directory) or similar if it's the suid_wrapper without elogind or systemd problem.
Whilst you are getting the logs I might suggest checking if there is a X process already running hogging the vt if specified and also displaynumber :0 if (not) specified. X uses the first available virtual terminal if not specified and displaynumber 0 if not specified but displaynumbers for multiple running X must be different.
You can specify display number and virtual terminal like; xinit -- :0 vt7
Bit bemused by X running with your ~/.xserverrc using exec /usr/bin/X -listen tcp and not without which would then use /etc/X11/xinit/xserverrc with exec /usr/bin/X -nolisten tcp "$@". Very odd. Note, unless remote access is required then listen is not recommended for security and potential conflict at port 6000+displaynumber. _________________ Alan. |
|
Back to top |
|
|
Jaglover Watchman
Joined: 29 May 2005 Posts: 8291 Location: Saint Amant, Acadiana
|
Posted: Sat Dec 04, 2021 7:06 pm Post subject: |
|
|
I'm getting three lines when I execute startx, after abut 30 seconds. There is no xerrors log and the normal log looks like the server started, had nothing to do and shut down. Yet, with that xserverrc everything works. I've never dug into startup process of X, didn't have to. Maybe it fails to parse some files? But why?
Code: | xinit: giving up
xinit: unable to connect to X server: Connection refused
xinit: server error |
(I'm very slow working on it. The computer I'm testing is in another room, anything what cannot be done over SSH is very difficult at the moment. I was riding my bike a few days ago and a ~50 lbs dog ran into my bike, wiped away all my left side foot pegs and the the gear shifter. Hurt my leg real bad, can't stand on it. Literally crawling from bed to my desktop and back.) _________________ My Gentoo installation notes.
Please learn how to denote units correctly! |
|
Back to top |
|
|
Anon-E-moose Watchman
Joined: 23 May 2008 Posts: 6095 Location: Dallas area
|
Posted: Sat Dec 04, 2021 8:35 pm Post subject: |
|
|
Code: | /bin/sh /usr/bin/startx
\_ xinit /home/don/.xinitrc -- /home/don/.xserverrc :0 -auth /tmp/serverauth.dlbn3m7tNC
\_ /usr/bin/X -nolisten tcp :0 -auth /tmp/serverauth.dlbn3m7tN |
startx runs xinit, which in turn runs X.
if you do /usr/bin/X -nolisten tcp :0 does X start and run?
What does ls -la /usr/bin/X* return
Edit to add: since secure-rpc is turned on by default in the latest xorg server I wonder if that has something to do with your problem(s)
ETA2: It might be better to stay with the last 1.20.* version until they figure out how to make the meson version (21.*) work the same as the last. _________________ PRIME x570-pro, 3700x, 6.1 zen kernel
gcc 13, profile 17.0 (custom bare multilib), openrc, wayland |
|
Back to top |
|
|
SlashBeast Retired Dev
Joined: 23 May 2006 Posts: 2922
|
Posted: Sun Dec 05, 2021 6:30 pm Post subject: |
|
|
startx is not dead, this is the way I start it.
If you would like to report problem start with actually providing full log. Information that command do not work is meaningless if you are not pushing your log in the first post in the thread you create.
Run something like:
Code: | command startx >/tmp/startx.log 2>&1 |
Then provide the content of said log. |
|
Back to top |
|
|
NeddySeagoon Administrator
Joined: 05 Jul 2003 Posts: 54099 Location: 56N 3W
|
Posted: Sun Dec 05, 2021 6:50 pm Post subject: |
|
|
Jaglover,
I'm joining in this fun now. I've only just rebooted but my update was several days ago. _________________ Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
Back to top |
|
|
The Doctor Moderator
Joined: 27 Jul 2010 Posts: 2678
|
Posted: Mon Dec 06, 2021 2:29 am Post subject: |
|
|
I experienced the same thing. Can't locate the log at the moment, I'll try to find it when I have the time.
I can confirm that the fatal error was that it didn't have permission to access TTY1. _________________ First things first, but not necessarily in that order.
Apologies if I take a while to respond. I'm currently working on the dematerialization circuit for my blue box. |
|
Back to top |
|
|
NeddySeagoon Administrator
Joined: 05 Jul 2003 Posts: 54099 Location: 56N 3W
|
Posted: Mon Dec 06, 2021 9:26 am Post subject: |
|
|
Team,
Here's my .local/share/xorg/Xorg.0.log
It should have been in /var/log.
All the broken video driver are irrelevant. _________________ Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
Back to top |
|
|
Anon-E-moose Watchman
Joined: 23 May 2008 Posts: 6095 Location: Dallas area
|
Posted: Mon Dec 06, 2021 10:14 am Post subject: |
|
|
Neddy, it's trying to use vt7 (normal for suid), is Xorg set suid? And are you using Xorg, or the xorg wrappers? _________________ PRIME x570-pro, 3700x, 6.1 zen kernel
gcc 13, profile 17.0 (custom bare multilib), openrc, wayland |
|
Back to top |
|
|
NeddySeagoon Administrator
Joined: 05 Jul 2003 Posts: 54099 Location: 56N 3W
|
Posted: Mon Dec 06, 2021 10:19 am Post subject: |
|
|
Anon-E-moose,
I'll need to revert the downgrade. Xorg is suid now but that's not helpful to know. Its on my list of things to poke at today. _________________ Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
Back to top |
|
|
SlashBeast Retired Dev
Joined: 23 May 2006 Posts: 2922
|
Posted: Mon Dec 06, 2021 12:25 pm Post subject: |
|
|
Seems like suid_wrapper is not working out of the box with +suid. Please create a bug on bugzilla so we can get it sorted out.
Meanwhile you can either downgrade or switch to logind interface (either elogind with openrc or systemd) and suid will no longer be needed. |
|
Back to top |
|
|
Anon-E-moose Watchman
Joined: 23 May 2008 Posts: 6095 Location: Dallas area
|
Posted: Mon Dec 06, 2021 12:48 pm Post subject: |
|
|
Neddy:
So if one set -elogind, -suid emerges xorg-server and manually runs "chmod 4755 /usr/bin/Xorg" then startx should behave the way it always has.
Can you try that?
Note: I don't run X anymore (not even installed), but I did try the wrappers early on and could never get them to work properly (don't remember why now, just remember I couldn't get it to work).
If you run startx with a vt arg (using the one you're on) then it shouldn't need to be suid at all, nor should you need the wrapper.
In other words if on console 1 (tty1) running "/usr/bin/startx -- vt1" should work without any magic or at least it used to work. _________________ PRIME x570-pro, 3700x, 6.1 zen kernel
gcc 13, profile 17.0 (custom bare multilib), openrc, wayland |
|
Back to top |
|
|
swanson Tux's lil' helper
Joined: 04 Jun 2004 Posts: 147 Location: Edinburgh, Scotland
|
Posted: Mon Dec 06, 2021 1:50 pm Post subject: |
|
|
You'll still need permissions to the /dev/input devices with startx from the console (for xf86-input-evdev or xf86-input-libinput) either via a suid Xorg or by being member of the input group.
EDIT: Also assuming you're not trying to start on a different virtual terminal such as often used vt7 and for security you really shouldn't be a member of the tty group to access /dev/ttyX.
@SlashBeast: As noted earlier PR23160 has already been raised to revert to prior autotools build behaviour for suid. _________________ Alan. |
|
Back to top |
|
|
NeddySeagoon Administrator
Joined: 05 Jul 2003 Posts: 54099 Location: 56N 3W
|
Posted: Mon Dec 06, 2021 3:20 pm Post subject: |
|
|
Its Bug 828462
-- edit --
I still use x11-drivers/xf86-input-keyboard and x11-drivers/xf86-input-mouse.
fortune wrote: | It Is Fatuous To Attempt To Indoctrinate A Superannuated Canine With Innovative Maneuvers. | and I'm one of them :) _________________ Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
Back to top |
|
|
Anon-E-moose Watchman
Joined: 23 May 2008 Posts: 6095 Location: Dallas area
|
Posted: Mon Dec 06, 2021 4:41 pm Post subject: |
|
|
From 1.20 series
Code: | if use systemd || use elogind; then
XORG_CONFIGURE_OPTIONS+=(
--enable-systemd-logind
--disable-install-setuid
$(use_enable suid suid-wrapper)
)
else
XORG_CONFIGURE_OPTIONS+=(
--disable-systemd-logind
--disable-suid-wrapper
$(use_enable suid install-setuid)
)
fi |
From 21.* series
Code: | if use systemd || use elogind; then
emesonargs+=(
-Dsystemd_logind=true
$(meson_use suid suid_wrapper)
)
else
emesonargs+=(
-Dsystemd_logind=false
$(meson_use suid suid_wrapper)
)
fi |
During the install phase, they should apply suid to the suid_wrapper.
Or more properly, suid, suid-wrapper and *logind should be 3 choices IMO (though I understand why the move away from suid binaries)
Note: If the wish is to continue in the old way with no wrapper and suid then chmod suid on /usr/bin/Xorg after installing and use no *logind/suid USE flags when building.
Edit to add: it might be possible to use a post install hook to setuid where one wants, but I haven't investigated this aspect. _________________ PRIME x570-pro, 3700x, 6.1 zen kernel
gcc 13, profile 17.0 (custom bare multilib), openrc, wayland |
|
Back to top |
|
|
Jaglover Watchman
Joined: 29 May 2005 Posts: 8291 Location: Saint Amant, Acadiana
|
|
Back to top |
|
|
NeddySeagoon Administrator
Joined: 05 Jul 2003 Posts: 54099 Location: 56N 3W
|
Posted: Mon Dec 06, 2021 6:07 pm Post subject: |
|
|
Anon-E-moose,
Spot on, thank you.
Code: | USE=-suid emerge xorg-server -1av |
Then Code: | chmod +s /usr/bin/Xorg | restores normality here.
All the drivers need to be rebuilt too but portage does that. _________________ Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
Back to top |
|
|
|