Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Where has my Xorg SUID bit gone? [SOLVED]
View unanswered posts
View posts from last 24 hours
View posts from last 7 days

 
Reply to topic    Gentoo Forums Forum Index Desktop Environments
View previous topic :: View next topic  
Author Message
Fog_Watch
Apprentice
Apprentice


Joined: 24 Jul 2006
Posts: 267
Location: Utility Muffin Research Kitchen

PostPosted: Wed Jan 09, 2013 4:52 am    Post subject: Where has my Xorg SUID bit gone? [SOLVED] Reply with quote

I would like to login without a password. I have previously achieved this with the following at the end of my /etc/iniittab:
Quote:
xp:5:respawn:su - admin -l -c 'exec startx -- :1 vt8 >& ~/.xsession-errors'
When startx was working for users the SUID bit for /usr/bin/Xorg was set, but this is no-longer the case.

Now:
Quote:
equery b /usr/bin/Xorg
* Searching for /usr/bin/Xorg ...
x11-base/xorg-server-1.13.1 (/usr/bin/Xorg)

Quote:
equery uses x11-base/xorg-server-1.13.1 | grep suid
+suid

Quote:
ls -la /usr/bin/Xorg
-rwxr-xr-x 1 root root 2108608 Jan 9 15:30 /usr/bin/Xorg


I thought the suid flag would set the SUID bit, but this does not seem to be so.

How do I turn the SUID bit back on for my /usr/bin/Xorg?


Last edited by Fog_Watch on Fri Jan 11, 2013 5:58 am; edited 1 time in total
Back to top
View user's profile Send private message
chithanh
Developer
Developer


Joined: 05 Aug 2006
Posts: 2158
Location: Berlin, Germany

PostPosted: Wed Jan 09, 2013 10:56 am    Post subject: Reply with quote

Works fine here.
Code:
# emerge -pv xorg-server
[ebuild   R    ] x11-base/xorg-server-1.13.1  USE="ipv6 nptl suid udev xorg -dmx -doc -kdrive -minimal (-selinux) -static-libs -tslib -xnest -xvfb" 0 kB

# stat /usr/bin/Xorg
  File: ‘/usr/bin/Xorg’
  Size: 2198856         Blocks: 4296       IO Block: 4096   regular file
Device: 805h/2053d      Inode: 2762688     Links: 1
Access: (4711/-rws--x--x)  Uid: (    0/    root)   Gid: (    0/    root)

You may want to look at the xorg-server build log if anything is wrong there. Set FEATURES="keeptemp" and rebuild the package, then retrieve the log from /var/tmp/portage/x11-base/xorg-server/temp/build.log
Back to top
View user's profile Send private message
PaulBredbury
Watchman
Watchman


Joined: 14 Jul 2005
Posts: 7310

PostPosted: Wed Jan 09, 2013 2:29 pm    Post subject: Reply with quote

There's a big clue in xorg-server's configure file:
Code:
--enable-install-setuid Install Xorg server as owned by root with setuid bit (default: auto)
Back to top
View user's profile Send private message
Fog_Watch
Apprentice
Apprentice


Joined: 24 Jul 2006
Posts: 267
Location: Utility Muffin Research Kitchen

PostPosted: Wed Jan 09, 2013 11:24 pm    Post subject: Reply with quote

This bug suggested to me that suid set the --enable-install-setuid configure flag. Line 23 of my build.log, however does not have --enable-install-setuid. Little surprise then that the SUID bit on my /use/bin/Xorg ends up not set.

Any other clues?

Thanks for your support, PaulBredbury and chithanh.
Back to top
View user's profile Send private message
VoidMage
Watchman
Watchman


Joined: 14 Oct 2006
Posts: 6196

PostPosted: Thu Jan 10, 2013 3:23 am    Post subject: Reply with quote

Fog_Watch wrote:
Any other clues?.


:roll: A big one: read the ebuild.
Recent xorg-server ebuilds have suid useflag. Guess what could it be for ?
chithanh's post already pointed it out.
Back to top
View user's profile Send private message
steveL
Watchman
Watchman


Joined: 13 Sep 2006
Posts: 5153
Location: The Peanut Gallery

PostPosted: Thu Jan 10, 2013 5:32 am    Post subject: Reply with quote

VoidMage wrote:
Recent xorg-server ebuilds have suid useflag. Guess what could it be for ?

Guess what s/he said s/he'd set in the first post..
Back to top
View user's profile Send private message
VoidMage
Watchman
Watchman


Joined: 14 Oct 2006
Posts: 6196

PostPosted: Thu Jan 10, 2013 5:58 am    Post subject: Reply with quote

:roll: well, so I've missed that (was confused by all the flailing), but on the other hand, in the log, there's
Code:
chmod u+s /var/tmp/portage/x11-base/xorg-server-1.13.1/image//usr/bin/Xorg


So the ebuild seems correct.
Back to top
View user's profile Send private message
Fog_Watch
Apprentice
Apprentice


Joined: 24 Jul 2006
Posts: 267
Location: Utility Muffin Research Kitchen

PostPosted: Thu Jan 10, 2013 10:17 am    Post subject: Reply with quote

VoidMage wrote:
Code:
chmod u+s /var/tmp/portage/x11-base/xorg-server-1.13.1/image//usr/bin/Xorg

I missed that. Thank you.

As part of my attempts to find out what is going on I:
Code:
ebuild /usr/portage/x11-base/xorg-server/xorg-server-1.13.1.ebuild install


Code:
ls -la /var/tmp/portage/x11-base/xorg-server-1.13.1/image//usr/bin/Xorg
-rwxr-xr-x 1 root root 2108608 Jan 10 20:51 /var/tmp/portage/x11-base/xorg-server-1.13.1/image//usr/bin/Xorg


Then if I:
Code:
chmod u+s /var/tmp/portage/x11-base/xorg-server-1.13.1/image//usr/bin/Xorg


Code:
ls -la /var/tmp/portage/x11-base/xorg-server-1.13.1/image//usr/bin/Xorg
-rwsr-xr-x 1 root root 2108608 Jan 10 20:51 /var/tmp/portage/x11-base/xorg-server-1.13.1/image//usr/bin/Xorg


So I can chmod u+s, but ebuild can't. I don't understand this, but if someone here does then I'm all ears.
Back to top
View user's profile Send private message
Fog_Watch
Apprentice
Apprentice


Joined: 24 Jul 2006
Posts: 267
Location: Utility Muffin Research Kitchen

PostPosted: Fri Jan 11, 2013 5:58 am    Post subject: Reply with quote

Some fstab documentation suggests defaults should be the option for ext4, which is what I'm on. That was the problem, previously it was noatime. Now, with defaults, the SUID bit is preserved when copied.

Xorg had nothing to do with it.

Thank you.

Regards

Fog_Watch.
Back to top
View user's profile Send private message
geki
Advocate
Advocate


Joined: 13 May 2004
Posts: 2387
Location: Germania

PostPosted: Fri Jan 11, 2013 7:01 am    Post subject: Reply with quote

this is interesting; had the same issue. manually added suid bit, enabled its useflag and did not rebuild.
seeing this post I wondered if my fstab flags would do the same. but they do not.

emerge --oneshot xorg-server:
>>> Installing (1 of 1) x11-base/xorg-server-1.13.1
 * >>> SetUID: [chmod go-r] /usr/bin/Xorg ...
 [ ok ]

ls -l /usr/bin/Xorg:
-rws--x--x 1 root root 2153544 11. Jan 08:00 /usr/bin/Xorg

/etc/fstab entry:
/dev/sda2       /                       ext4    discard,noatime,nodiratime

_________________
hear hear
Back to top
View user's profile Send private message
steveL
Watchman
Watchman


Joined: 13 Sep 2006
Posts: 5153
Location: The Peanut Gallery

PostPosted: Fri Jan 11, 2013 7:16 am    Post subject: Reply with quote

That's weird: I've always had to turn suid off with nosuid, so my /usr partition has just 'noatime' as well, and Xorg is properly suid. What version of sys-apps/util-linux are you on? (That provides the /bin/mount binary.) I'm on 2.21.2 (stable.) Perhaps something has changed recently.

edit: ah I'm on xorg-server-1.13-0-r1 still. I held off the upgrade as I wanted to get update to trigger a rebuild of xorg-drivers generically, instead of having to flag every big upgrade in /etc/warning. Then I thought perhaps portages sub-slots might make it unnecessary. Still, it's odd that prior mount shouldn't have had an issue.
Back to top
View user's profile Send private message
PaulBredbury
Watchman
Watchman


Joined: 14 Jul 2005
Posts: 7310

PostPosted: Fri Jan 11, 2013 8:49 am    Post subject: Reply with quote

Interesting. man mount shows that defaults represents:
Quote:
Use default options: rw, suid, dev, exec, auto, nouser, and async.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Desktop Environments All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum