X Strike Force XFree86 SVN commit: r2121 - in trunk/debian: . patches
Author: branden
Date: 2005-01-08 17:52:36 -0500 (Sat, 08 Jan 2005)
New Revision: 2121
Modified:
trunk/debian/CHANGESETS
trunk/debian/TODO
trunk/debian/changelog
trunk/debian/patches/002_xdm_fixes.diff
trunk/debian/xdm.init
Log:
Add more cleanups and enchancements to xdm in patch #002:
+ Actually attempt to write data to the auth file in
SaveServerAuthorizations(); that way we detect problems like ENOSPC
(full filesystem, user over quota) early enough to do something about
it. (Closes: #217505, #253480)
+ Add comments documenting race-based symlink attack prevention
techniques when creating files.
+ Add more detailed debugging and logging of errors when replacing
authorization files in SetUserAuthorization() and
RemoveUserAuthorization().
+ Add RemovePid() function (which removes the pidFile), and register it
with atexit(). (Closes: #213076)
+ Add more debugging to execute().
+ Use the term "process ID" instead of "process-id".
Update the stillrunning() function in xdm's init script to remove a
known-stale /var/run/xdm.pid file if it is present. Stop removing the
daemon-not-stopped file, as code removing it is run elsewhere.
Modified: trunk/debian/CHANGESETS
===================================================================
--- trunk/debian/CHANGESETS 2005-01-08 02:44:17 UTC (rev 2120)
+++ trunk/debian/CHANGESETS 2005-01-08 22:52:36 UTC (rev 2121)
@@ -91,4 +91,23 @@
problem and testing the fix.
2120
+Add more cleanups and enchancements to xdm in patch #002:
++ Actually attempt to write data to the auth file in
+ SaveServerAuthorizations(); that way we detect problems like ENOSPC
+ (full filesystem, user over quota) early enough to do something about
+ it. (Closes: #217505, #253480)
++ Add comments documenting race-based symlink attack prevention
+ techniques when creating files.
++ Add more detailed debugging and logging of errors when replacing
+ authorization files in SetUserAuthorization() and
+ RemoveUserAuthorization().
++ Add RemovePid() function (which removes the pidFile), and register it
+ with atexit(). (Closes: #213076)
++ Add more debugging to execute().
++ Use the term "process ID" instead of "process-id".
+Update the stillrunning() function in xdm's init script to remove a
+known-stale /var/run/xdm.pid file if it is present. Stop removing the
+daemon-not-stopped file, as code removing it is run elsewhere.
+ 2121
+
vim:set ai et sts=4 sw=4 tw=80:
Modified: trunk/debian/TODO
===================================================================
--- trunk/debian/TODO 2005-01-08 02:44:17 UTC (rev 2120)
+++ trunk/debian/TODO 2005-01-08 22:52:36 UTC (rev 2121)
@@ -50,8 +50,6 @@
port. See <URL: http://lists.debian.org/debian-68k/2004/08/msg00392.html>.
* #245541: Evaluate Sven Luther's driver DDK package patch:
http://lists.debian.org/debian-x/2003/debian-x-200311/msg00002.html
-* #253480: xdm: XDM fails if the user is over disk quota, but empty files can
- be created
Post 4.3.0-1
------------
Modified: trunk/debian/changelog
===================================================================
--- trunk/debian/changelog 2005-01-08 02:44:17 UTC (rev 2120)
+++ trunk/debian/changelog 2005-01-08 22:52:36 UTC (rev 2121)
@@ -71,8 +71,27 @@
discover command segfaults. Thanks to Kyle McMartin for reporting this
problem and testing the fix.
- -- Branden Robinson <branden@debian.org> Fri, 7 Jan 2005 21:43:13 -0500
+ * Add more cleanups and enchancements to xdm in patch #002:
+ + Actually attempt to write data to the auth file in
+ SaveServerAuthorizations(); that way we detect problems like ENOSPC
+ (full filesystem, user over quota) early enough to do something about
+ it. (Closes: #217505, #253480)
+ + Add comments documenting race-based symlink attack prevention
+ techniques when creating files.
+ + Add more detailed debugging and logging of errors when replacing
+ authorization files in SetUserAuthorization() and
+ RemoveUserAuthorization().
+ + Add RemovePid() function (which removes the pidFile), and register it
+ with atexit(). (Closes: #213076)
+ + Add more debugging to execute().
+ + Use the term "process ID" instead of "process-id".
+ * Update the stillrunning() function in xdm's init script to remove a
+ known-stale /var/run/xdm.pid file if it is present. Stop removing the
+ daemon-not-stopped file, as code removing it is run elsewhere.
+
+ -- Branden Robinson <branden@debian.org> Sat, 8 Jan 2005 17:39:03 -0500
+
xfree86 (4.3.0.dfsg.1-10) unstable; urgency=medium
* Upload urgency set to medium due to fix for stable-release-critical bugs
Modified: trunk/debian/patches/002_xdm_fixes.diff
===================================================================
--- trunk/debian/patches/002_xdm_fixes.diff 2005-01-08 02:44:17 UTC (rev 2120)
+++ trunk/debian/patches/002_xdm_fixes.diff 2005-01-08 22:52:36 UTC (rev 2121)
@@ -25,17 +25,6 @@
the authorization file, pass openFiles() NULL as arg 3, and set "old"
to NULL, since the we know the temp file just created to contain auth
credentials will be empty and have no authorization records in it.
- - Richard Braakman observes the following about the above changes: "I
- can think of only one case where the new behaviour could be a
- problem: if a user already has a file ".Xauthority-n" in $HOME and
- the user's home directory is not writable for self (so the unlink
- fails) and the .Xauthority-n file _is_ writable then the old fopen
- would have succeeded (and truncated the file), while the new code
- would fail. Well, tough titties." Since "-n" files are cleaned
- shortly after they are created, the existence of any such file would
- be an anomaly (the result of an xdm or xinit process getting killed
- at an inopportune moment). This doesn't seem like an important
- concession.
- Also note that xdm is only susceptible to the aforementioned
race-condition-based symlink attacks if:
1) the administrator configures the authDir or authFile resources to
@@ -133,6 +122,31 @@
- (cosmetic) Don't capitalize or put periods at the ends of log
messages, since they aren't sentences.
+The following have not been submitted upstream to XFree86.
+
+(auth.c):
+ - Actually attempt to write data to the auth file in
+ SaveServerAuthorizations(); that way we detect problems like ENOSPC
+ (full filesystem, user over quota) early enough to do something about
+ it. (See Debian #217505, #253480)
+ - Whitespace cleanup.
+ - Add comments documenting race-based symlink attack prevention
+ techniques when creating files.
+ - Add more detailed debugging and logging of errors when replacing
+ authorization files in SetUserAuthorization() and
+ RemoveUserAuthorization().
+
+(dm.c):
+ - Add RemovePid() function (which removes the pidFile), and register it
+ with atexit(). (See Debian #213076.)
+ - Add comments.
+
+(session.c):
+ - Add more debugging to execute().
+
+(dm.c,xdm.man):
+ - Use the term "process ID" instead of "process-id".
+
--- xc/config/cf/gnu.cf~ 2003-09-21 15:53:53.000000000 -0500
+++ xc/config/cf/gnu.cf 2003-09-21 15:53:35.000000000 -0500
@@ -33,6 +33,9 @@
@@ -161,8 +175,8 @@
# define SystemManDirectory /usr/share/man
# define HasPam YES
diff -urN xc/programs/xdm~/access.c xc/programs/xdm/access.c
---- xc/programs/xdm~/access.c 2004-05-07 15:13:20.000000000 -0500
-+++ xc/programs/xdm/access.c 2004-05-07 15:13:24.000000000 -0500
+--- xc/programs/xdm~/access.c 2005-01-07 11:50:43.000000000 -0500
++++ xc/programs/xdm/access.c 2005-01-06 22:18:02.000000000 -0500
@@ -297,8 +297,8 @@
if (!addr)
@@ -202,8 +216,8 @@
}
ReadAccessDatabase (datafile);
diff -urN xc/programs/xdm~/auth.c xc/programs/xdm/auth.c
---- xc/programs/xdm~/auth.c 2003-09-21 15:39:22.000000000 -0500
-+++ xc/programs/xdm/auth.c 2003-09-21 15:40:41.000000000 -0500
+--- xc/programs/xdm~/auth.c 2005-01-07 11:50:43.000000000 -0500
++++ xc/programs/xdm/auth.c 2005-01-07 04:29:26.000000000 -0500
@@ -46,6 +46,7 @@
#include "dm_error.h"
@@ -212,16 +226,30 @@
#include <sys/ioctl.h>
-@@ -196,7 +197,7 @@
+@@ -125,9 +126,9 @@
+ void (*InitAuth)(unsigned short len, char *name);
+ Xauth *(*GetAuth)(unsigned short len, char *name);
+ void (*GetXdmcpAuth)(
+- struct protoDisplay *pdpy,
+- unsigned short authorizationNameLen,
+- char *authorizationName);
++ struct protoDisplay *pdpy,
++ unsigned short authorizationNameLen,
++ char *authorizationName);
+ int inited;
+ };
+
+@@ -196,19 +197,19 @@
auth = (*a->GetAuth) (name_length, name);
if (auth)
{
- Debug ("Got %p (%d %*.*s) ", auth,
+ Debug ("got %p (%d %*.*s) ", auth,
auth->name_length, auth->name_length,
- auth->name_length, auth->name);
+- auth->name_length, auth->name);
++ auth->name_length, auth->name);
for (i = 0; i < (int)auth->data_length; i++)
-@@ -204,11 +205,11 @@
+ Debug (" %02x", auth->data[i] & 0xff);
Debug ("\n");
}
else
@@ -242,20 +270,33 @@
- Debug ("Got %p (%d %*.*s)\n", auth,
+ Debug ("got %p (%d %*.*s)\n", auth,
auth->name_length, auth->name_length,
- auth->name_length, auth->name);
+- auth->name_length, auth->name);
++ auth->name_length, auth->name);
else
- Debug ("Got (null)\n");
+ Debug ("got (null)\n");
}
}
-@@ -333,8 +334,16 @@
+@@ -297,8 +298,8 @@
+ len = strlen (d->clientAuthFile) + 1;
+ else
+ {
+- CleanUpFileName (d->name, cleanname, NAMELEN - 8);
+- len = strlen (authDir) + strlen (authdir1) + strlen (authdir2)
++ CleanUpFileName (d->name, cleanname, NAMELEN - 8);
++ len = strlen (authDir) + strlen (authdir1) + strlen (authdir2)
+ + strlen (cleanname) + 14;
+ }
+ if (d->authFile)
+@@ -333,9 +334,17 @@
d->authFile = NULL;
return FALSE;
}
- sprintf (d->authFile, "%s/%s/%s/A%s-XXXXXX",
+ sprintf (d->authFile, "%s/%s/%s/A%s-XXXXXX",
authDir, authdir1, authdir2, cleanname);
+- (void) mktemp (d->authFile);
+ /*
+ * Security auditors should note that mktemp() is not used unsafely
+ * here. The authFile is created in authDir, which defaults to
@@ -264,72 +305,154 @@
+ * to execute xdm (which is not installed setuid or setgid by
+ * default) can change the authDir or authFile resources.
+ */
- (void) mktemp (d->authFile);
++ (void) mktemp (d->authFile);
}
return TRUE;
-@@ -350,42 +359,50 @@
+ }
+@@ -350,43 +359,115 @@
int mask;
int ret;
int i;
+ int fd;
++ char dummy_auth[] = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
++ "XXXXXXXXXXXXXXXXX"; /* 64 "X"s */
++ int err; /* for saving errno */
++ /*
++ * Set safe umask for file creation operations.
++ */
mask = umask (0077);
if (!d->authFile && !MakeServerAuthFile (d))
++ {
++ Debug ("d->authFile is NULL and MakeServerAuthFile() failed\n");
++ (void) umask (mask);
return FALSE;
- (void) unlink (d->authFile);
+- (void) unlink (d->authFile);
- auth_file = fopen (d->authFile, "w");
- umask (mask);
- if (!auth_file) {
- Debug ("Can't creat auth file %s\n", d->authFile);
- LogError ("Cannot open server authorization file %s\n", d->authFile);
+- free (d->authFile);
+- d->authFile = NULL;
+- ret = FALSE;
+ }
+- else
++ /*
++ * Unlink the authorization file we intend to create, and then open it
++ * with O_CREAT | O_EXCL to avoid race-based symlink attacks.
++ */
++ (void) (unlink (d->authFile));
+ fd = open (d->authFile, O_WRONLY | O_CREAT | O_EXCL, 0600);
++ /*
++ * There are no more attempts to create files after this point; restore
++ * the original umask.
++ */
++ (void) umask (mask);
+ if (fd >= 0)
-+ auth_file = fdopen (fd, "w");
-+ else
-+ {
-+ LogError ("cannot create server authorization file %s: %s\n",
-+ d->authFile, _SysErrorMsg (errno));
-+ Debug ("can't create auth file %s\n", d->authFile);
-+ }
-+ (void) umask (mask);
-+ if (!auth_file)
-+ {
- free (d->authFile);
- d->authFile = NULL;
- ret = FALSE;
- }
- else
{
- Debug ("File: %s auth: %p\n", d->authFile, auths);
-+ Debug ("file: %s auth: %p\n", d->authFile, auths);
- ret = TRUE;
- for (i = 0; i < count; i++)
+- ret = TRUE;
+- for (i = 0; i < count; i++)
++ auth_file = fdopen (fd, "w");
++ if (!auth_file)
{
- /*
+- /*
- * User-based auths may not have data until
- * a user logs in. In which case don't write
- * to the auth file so xrdb and setup programs don't fail.
-+ * User-based auths may not have data until a user logs in, in
-+ * which case don't write to the auth file so xrdb and setup
-+ * programs don't fail.
- */
- if (auths[i]->data_length > 0)
- if (!XauWriteAuth (auth_file, auths[i]) ||
- fflush (auth_file) == EOF)
+- */
+- if (auths[i]->data_length > 0)
+- if (!XauWriteAuth (auth_file, auths[i]) ||
+- fflush (auth_file) == EOF)
++ LogError ("cannot open server authorization file %s: %s\n",
++ d->authFile, _SysErrorMsg (errno));
++ ret = FALSE;
++ }
++ else
++ {
++ Debug ("file: %s auth: %p\n", d->authFile, auths);
++ ret = TRUE;
++ if (count == 0)
++ {
++ /*
++ * This is a crude hack to determine whether we really can
++ * write to the auth file even if we don't have real data
++ * to write right now.
++ */
++
++ /*
++ * Write garbage data to file to provoke ENOSPC and other
++ * errors.
++ */
++ (void) fprintf (auth_file, "%s", dummy_auth);
++ (void) fflush (auth_file);
++ if (ferror (auth_file))
{
- LogError ("Cannot write server authorization file %s\n",
-+ LogError ("cannot write to server authorization file %s\n",
- d->authFile);
+- d->authFile);
++ err = errno;
ret = FALSE;
- free (d->authFile);
- d->authFile = NULL;
+- free (d->authFile);
+- d->authFile = NULL;
}
- }
+- fclose (auth_file);
++ /*
++ * Rewind so that the garbage data is overwritten later.
++ */
++ rewind(auth_file);
++ }
++ for (i = 0; i < count; i++)
++ {
++ /*
++ * User-based auths may not have data until a user logs in,
++ * in which case don't write to the auth file so xrdb and
++ * setup programs don't fail.
++ */
++ if (auths[i]->data_length > 0)
++ {
++ if (!XauWriteAuth (auth_file, auths[i]))
++ {
++ Debug ("XauWriteAuth() failed\n");
++ }
++ (void) fflush (auth_file);
++ if (ferror (auth_file))
++ {
++ err = errno;
++ ret = FALSE;
++ }
++ }
++ }
++ /*
++ * XXX: This is not elegant, but stdio has no truncation
++ * function.
++ */
++ if (ftruncate(fileno(auth_file), ftell(auth_file)))
++ {
++ Debug ("ftruncate() failed\n");
++ }
++ fclose (auth_file);
+ }
- fclose (auth_file);
++ if (ret == FALSE)
++ {
++ LogError ("cannot write to server authorization file %s%s%s\n",
++ d->authFile,
++ err ? ": " : "",
++ err ? _SysErrorMsg (err) : "");
++ free (d->authFile);
++ d->authFile = NULL;
++ }
++ }
++ else
++ {
++ LogError ("cannot create server authorization file %s: %s\n",
++ d->authFile, _SysErrorMsg (errno));
++ Debug ("can't create auth file %s\n", d->authFile);
}
return ret;
-@@ -472,19 +489,36 @@
+ }
+@@ -472,19 +553,47 @@
openFiles (char *name, char *new_name, FILE **oldp, FILE **newp)
{
int mask;
@@ -337,7 +460,14 @@
strcpy (new_name, name);
strcat (new_name, "-n");
++ /*
++ * Set safe umask for file creation operations.
++ */
mask = umask (0077);
++ /*
++ * Unlink the authorization file we intend to create, and then open
++ * it with O_CREAT | O_EXCL to avoid race-based symlink attacks.
++ */
(void) unlink (new_name);
- *newp = fopen (new_name, "w");
+ newfd = open (new_name, O_WRONLY | O_CREAT | O_EXCL, 0600);
@@ -350,6 +480,10 @@
+ Debug ("can't create file %s\n", new_name);
+ *newp = NULL;
+ }
++ /*
++ * There are no more attempts to create files after this point;
++ * restore the original umask.
++ */
(void) umask (mask);
- if (!*newp) {
- Debug ("can't open new file %s\n", new_name);
@@ -372,7 +506,19 @@
return 1;
}
-@@ -818,10 +852,11 @@
+@@ -613,9 +722,9 @@
+ for (a = addrs; a; a = a->next) {
+ if (a->family == auth->family &&
+ a->address_length == auth->address_length &&
+- binaryEqual (a->address, auth->address, auth->address_length) &&
++ binaryEqual (a->address, auth->address, auth->address_length) &&
+ a->number_length == auth->number_length &&
+- binaryEqual (a->number, auth->number, auth->number_length) &&
++ binaryEqual (a->number, auth->number, auth->number_length) &&
+ a->name_length == auth->name_length &&
+ binaryEqual (a->name, auth->name, auth->name_length))
+ {
+@@ -818,10 +927,11 @@
struct in_ifaddr ifaddr;
struct strioctl str;
unsigned char *addr;
@@ -386,7 +532,7 @@
/* Indicate that we want to start at the begining */
ifnet.ib_next = (struct ipb *) 1;
-@@ -835,8 +870,9 @@
+@@ -835,8 +945,9 @@
if (ioctl (ipfd, (int) I_STR, (char *) &str) < 0)
{
@@ -397,7 +543,7 @@
}
ifaddr.ia_next = (struct in_ifaddr *) ifnet.if_addrlist;
-@@ -847,8 +883,9 @@
+@@ -847,8 +958,9 @@
if (ioctl (ipfd, (int) I_STR, (char *) &str) < 0)
{
@@ -408,7 +554,20 @@
}
/*
-@@ -909,7 +946,7 @@
+@@ -889,9 +1001,9 @@
+ DefineSelf (int fd, FILE *file, Xauth *auth)
+ {
+ char buf[2048], *cp, *cplim;
+- int len;
+- char *addr;
+- int family;
++ int len;
++ char *addr;
++ int family;
+ register ifr_type *ifr;
+ #ifdef USE_SIOCGLIFCONF
+ int n;
+@@ -909,7 +1021,7 @@
ifn.lifn_family = AF_UNSPEC;
ifn.lifn_flags = 0;
if (ioctl (fd, (int) SIOCGLIFNUM, (char *) &ifn) < 0)
@@ -417,7 +576,7 @@
if (buflen < (ifn.lifn_count * sizeof(struct lifreq))) {
buflen = ifn.lifn_count * sizeof(struct lifreq);
bufptr = malloc(buflen);
-@@ -944,7 +981,7 @@
+@@ -944,7 +1056,7 @@
#endif
if (ifioctl (fd, IFC_IOCTL_REQ, (char *) &ifc) < 0) {
@@ -426,16 +585,18 @@
#ifdef USE_SIOCGLIFCONF
if (bufptr != buf) {
-@@ -977,7 +1014,7 @@
+@@ -976,8 +1088,8 @@
+ continue;
if (len == 0)
- {
+- {
- Debug ("Skipping zero length address\n");
++ {
+ Debug ("skipping zero length address\n");
continue;
}
/*
-@@ -991,7 +1028,7 @@
+@@ -991,7 +1103,7 @@
addr[0] == 127 && addr[1] == 0 &&
addr[2] == 0 && addr[3] == 1)
{
@@ -444,7 +605,7 @@
continue;
}
}
-@@ -1156,7 +1193,7 @@
+@@ -1156,7 +1268,7 @@
snprintf (home_name, sizeof(home_name), "%s/.Xauthority", home);
Debug ("XauLockAuth %s\n", home_name);
lockStatus = XauLockAuth (home_name, 1, 2, 10);
@@ -453,7 +614,7 @@
if (lockStatus == LOCK_SUCCESS) {
if (openFiles (home_name, new_name, &old, &new)) {
name = home_name;
-@@ -1165,28 +1202,47 @@
+@@ -1165,28 +1277,47 @@
Debug ("openFiles failed\n");
XauUnlockAuth (home_name);
lockStatus = LOCK_ERROR;
@@ -505,7 +666,39 @@
home_name, backup_name);
return;
}
-@@ -1242,7 +1298,7 @@
+@@ -1205,11 +1336,11 @@
+ !strncmp (auths[i]->name, "MIT-MAGIC-COOKIE-1", 18))
+ {
+ magicCookie = i;
+- if (d->displayType.location == Local)
+- writeLocalAuth (new, auths[i], d->name);
++ if (d->displayType.location == Local)
++ writeLocalAuth (new, auths[i], d->name);
+ #ifdef XDMCP
+- else
+- writeRemoteAuth (new, auths[i], d->peer, d->peerlen, d->name);
++ else
++ writeRemoteAuth (new, auths[i], d->peer, d->peerlen, d->name);
+ #endif
+ break;
+ }
+@@ -1226,11 +1357,11 @@
+ if (auths[i]->name_length == 14 &&
+ !strncmp (auths[i]->name, "MIT-KERBEROS-5", 14))
+ auths[i]->data_length = 0;
+- if (d->displayType.location == Local)
+- writeLocalAuth (new, auths[i], d->name);
++ if (d->displayType.location == Local)
++ writeLocalAuth (new, auths[i], d->name);
+ #ifdef XDMCP
+- else
+- writeRemoteAuth (new, auths[i], d->peer, d->peerlen, d->name);
++ else
++ writeRemoteAuth (new, auths[i], d->peer, d->peerlen, d->name);
+ #endif
+ auths[i]->data_length = data_len;
+ }
+@@ -1242,7 +1373,7 @@
while ((entry = XauReadAuth (old))) {
if (!checkEntry (entry))
{
@@ -514,18 +707,46 @@
writeAuth (new, entry);
}
XauDisposeAuth (entry);
-@@ -1255,8 +1311,9 @@
- Debug ("unlink %s failed\n", name);
+@@ -1251,19 +1382,29 @@
+ }
+ doneAddrs ();
+ fclose (new);
+- if (unlink (name) == -1)
+- Debug ("unlink %s failed\n", name);
++ if (unlink (name))
++ if (errno != ENOENT)
++ LogError ("cannot remove old authorization file %s: %s\n",
++ name, _SysErrorMsg (errno));
envname = name;
- if (link (new_name, name) == -1) {
-+ LogError ("cannot move authorization file into place: %s\n",
+- if (link (new_name, name) == -1) {
+- Debug ("link failed %s %s\n", new_name, name);
+- LogError ("Can't move authorization into place\n");
++ if (link (new_name, name))
++ {
++ LogError ("cannot link temporary authorization file %s to old "
++ "location %s: %s\n", new_name, name,
+ _SysErrorMsg (errno));
- Debug ("link failed %s %s\n", new_name, name);
-- LogError ("Can't move authorization into place\n");
setenv = 1;
envname = new_name;
- } else {
-@@ -1296,7 +1353,7 @@
+- } else {
+- Debug ("new is in place, go for it!\n");
+- unlink (new_name);
+ }
+- if (setenv) {
++ else
++ {
++ Debug ("authorization file %s successfully updated\n", name);
++ if (unlink (new_name))
++ if (errno != ENOENT)
++ LogError ("cannot remove new authorization file %s:"
++ " %s\n", new_name, _SysErrorMsg (errno));
++ }
++ if (setenv)
++ {
+ verify->userEnviron = setEnv (verify->userEnviron,
+ "XAUTHORITY", envname);
+ verify->systemEnviron = setEnv (verify->systemEnviron,
+@@ -1296,7 +1437,7 @@
snprintf(name, sizeof(name), "%s/.Xauthority", home);
Debug ("XauLockAuth %s\n", name);
lockStatus = XauLockAuth (name, 1, 2, 10);
@@ -534,7 +755,20 @@
if (lockStatus != LOCK_SUCCESS)
return;
if (openFiles (name, new_name, &old, &new))
-@@ -1320,7 +1377,7 @@
+@@ -1306,10 +1447,10 @@
+ for (i = 0; i < d->authNum; i++)
+ {
+ if (d->displayType.location == Local)
+- writeLocalAuth (new, auths[i], d->name);
++ writeLocalAuth (new, auths[i], d->name);
+ #ifdef XDMCP
+ else
+- writeRemoteAuth (new, auths[i], d->peer, d->peerlen, d->name);
++ writeRemoteAuth (new, auths[i], d->peer, d->peerlen, d->name);
+ #endif
+ }
+ doWrite = 1;
+@@ -1320,7 +1461,7 @@
while ((entry = XauReadAuth (old))) {
if (!checkEntry (entry))
{
@@ -543,25 +777,43 @@
writeAuth (new, entry);
}
XauDisposeAuth (entry);
-@@ -1332,12 +1389,14 @@
- if (unlink (name) == -1)
- Debug ("unlink %s failed\n", name);
- if (link (new_name, name) == -1) {
-+ LogError ("cannot move authorization file into place: %s\n",
+@@ -1329,15 +1470,25 @@
+ }
+ doneAddrs ();
+ fclose (new);
+- if (unlink (name) == -1)
+- Debug ("unlink %s failed\n", name);
+- if (link (new_name, name) == -1) {
+- Debug ("link failed %s %s\n", new_name, name);
+- LogError ("Can't move authorization into place\n");
+- } else {
+- Debug ("new is in place, go for it!\n");
+- unlink (new_name);
++ if (unlink (name))
++ if (errno != ENOENT)
++ LogError ("cannot remove new authorization file %s: %s\n",
++ name, _SysErrorMsg (errno));
++ if (link (new_name, name))
++ {
++ LogError ("cannot link temporary authorization file %s to old "
++ "location %s: %s\n", new_name, name,
+ _SysErrorMsg (errno));
- Debug ("link failed %s %s\n", new_name, name);
-- LogError ("Can't move authorization into place\n");
- } else {
- Debug ("new is in place, go for it!\n");
- unlink (new_name);
++ }
++ else
++ {
++ Debug ("authorization file %s successfully updated\n", name);
++ if (unlink (new_name))
++ if (errno != ENOENT)
++ LogError ("cannot remove new authorization file %s:"
++ " %s\n", new_name, _SysErrorMsg (errno));
}
}
XauUnlockAuth (name);
+ Debug ("done RemoveUserAuthorization\n");
}
diff -urN xc/programs/xdm~/choose.c xc/programs/xdm/choose.c
---- xc/programs/xdm~/choose.c 2003-09-21 15:39:22.000000000 -0500
-+++ xc/programs/xdm/choose.c 2003-09-21 15:40:41.000000000 -0500
+--- xc/programs/xdm~/choose.c 2005-01-07 11:50:43.000000000 -0500
++++ xc/programs/xdm/choose.c 2005-01-06 22:18:02.000000000 -0500
@@ -191,8 +191,8 @@
if (GetChooserAddr ((char *)addr_buf, &addr_len) == -1)
@@ -713,8 +965,8 @@
}
diff -urN xc/programs/xdm~/config/Imakefile xc/programs/xdm/config/Imakefile
---- xc/programs/xdm~/config/Imakefile 2003-09-21 15:39:23.000000000 -0500
-+++ xc/programs/xdm/config/Imakefile 2003-09-21 15:40:41.000000000 -0500
+--- xc/programs/xdm~/config/Imakefile 2005-01-07 11:50:43.000000000 -0500
++++ xc/programs/xdm/config/Imakefile 2005-01-07 11:52:01.000000000 -0500
@@ -39,7 +39,11 @@
#endif
@@ -728,8 +980,8 @@
LinkFile(Xservers,Xservers.$(SERVERSTYPE))
diff -urN xc/programs/xdm~/config/Xres.cpp xc/programs/xdm/config/Xres.cpp
---- xc/programs/xdm~/config/Xres.cpp 2003-09-21 15:39:23.000000000 -0500
-+++ xc/programs/xdm/config/Xres.cpp 2003-09-21 15:40:41.000000000 -0500
+--- xc/programs/xdm~/config/Xres.cpp 2005-01-07 11:50:43.000000000 -0500
++++ xc/programs/xdm/config/Xres.cpp 2005-01-07 11:52:01.000000000 -0500
@@ -28,22 +28,25 @@
#endif /* XPM */
xlogin*fail: Login incorrect
@@ -788,8 +1040,8 @@
xlogin*logoPadding: 10
#endif /* XPM */
diff -urN xc/programs/xdm~/daemon.c xc/programs/xdm/daemon.c
---- xc/programs/xdm~/daemon.c 2003-09-21 15:39:23.000000000 -0500
-+++ xc/programs/xdm/daemon.c 2003-09-21 15:40:41.000000000 -0500
+--- xc/programs/xdm~/daemon.c 2005-01-07 11:50:43.000000000 -0500
++++ xc/programs/xdm/daemon.c 2005-01-06 22:18:02.000000000 -0500
@@ -87,7 +87,7 @@
break;
case -1:
@@ -869,8 +1121,8 @@
#endif
}
diff -urN xc/programs/xdm~/dm.c xc/programs/xdm/dm.c
---- xc/programs/xdm~/dm.c 2003-09-21 15:39:23.000000000 -0500
-+++ xc/programs/xdm/dm.c 2003-09-21 15:40:41.000000000 -0500
+--- xc/programs/xdm~/dm.c 2005-01-07 11:50:43.000000000 -0500
++++ xc/programs/xdm/dm.c 2005-01-07 07:14:45.000000000 -0500
@@ -35,41 +35,42 @@
* display manager
*/
@@ -937,7 +1189,7 @@
#endif
-@@ -100,7 +101,9 @@
+@@ -100,7 +101,10 @@
static SIGVAL ChildNotify (int n);
#endif
@@ -945,10 +1197,11 @@
+static int pidFd;
+static FILE *pidFilePtr;
+static long StorePid (void);
++static void RemovePid (void);
static int parent_pid = -1; /* PID of parent xdm process */
-@@ -124,34 +127,42 @@
+@@ -124,34 +128,44 @@
InitResources (argc, argv);
SetConfigFileTime ();
LoadDMResources ();
@@ -983,26 +1236,28 @@
{
if (oldpid == -1)
- LogError ("Can't create/lock pid file %s\n", pidFile);
-+ LogError ("error opening process-id file %s; exiting\n", pidFile);
++ LogError ("error opening process ID file %s; exiting\n", pidFile);
else
- LogError ("Can't lock pid file %s, another xdm is running (pid %d)\n",
- pidFile, oldpid);
-+ LogError ("process-id file %s indicates another xdm is "
++ LogError ("process ID file %s indicates another xdm is "
+ "running (pid %d); exiting\n", pidFile, oldpid);
exit (1);
}
- if (debugLevel == 0)
- InitErrorLog ();
++ if (atexit (RemovePid))
++ LogError ("could not register RemovePid() with atexit()\n");
++
++ LogInfo ("starting\n");
- if (nofork_session == 0) {
-+ LogInfo ("starting\n");
-+
+ if (nofork_session == 0)
+ {
/* Clean up any old Authorization files */
/* AUD: all good? */
snprintf(cmdbuf, sizeof(cmdbuf), "/bin/rm -f %s/authdir/authfiles/A*", authDir);
-@@ -190,6 +201,7 @@
+@@ -190,6 +204,7 @@
#ifndef UNRELIABLE_SIGNALS
(void) Signal (SIGCHLD, ChildNotify);
#endif
@@ -1010,7 +1265,7 @@
while (
#ifdef XDMCP
AnyWellKnownSockets() ||
-@@ -207,8 +219,9 @@
+@@ -207,8 +222,9 @@
WaitForSomething ();
#endif
}
@@ -1022,7 +1277,7 @@
/*NOTREACHED*/
}
-@@ -218,7 +231,7 @@
+@@ -218,7 +234,7 @@
{
int olderrno = errno;
@@ -1031,7 +1286,7 @@
Rescan = 1;
#ifdef SIGNALS_RESET_WHEN_CAUGHT
(void) Signal (SIGHUP, RescanNotify);
-@@ -278,7 +291,7 @@
+@@ -278,7 +294,7 @@
RescanServers (void)
{
Debug ("rescanning servers\n");
@@ -1040,7 +1295,7 @@
ForEachDisplay (MarkDisplay);
SetConfigFileTime ();
ReinitResources ();
-@@ -319,8 +332,8 @@
+@@ -319,8 +335,8 @@
{
if (statb.st_mtime != ConfigModTime)
{
@@ -1051,7 +1306,7 @@
ConfigModTime = statb.st_mtime;
ReinitResources ();
LoadDMResources ();
-@@ -330,8 +343,8 @@
+@@ -330,8 +346,8 @@
{
if (statb.st_mtime != ServersModTime)
{
@@ -1062,7 +1317,7 @@
ServersModTime = statb.st_mtime;
ForEachDisplay (MarkDisplay);
ScanServers ();
-@@ -342,8 +355,8 @@
+@@ -342,8 +358,8 @@
{
if (statb.st_mtime != AccessFileModTime)
{
@@ -1073,7 +1328,7 @@
AccessFileModTime = statb.st_mtime;
ScanAccessDatabase ();
UpdateListenSockets();
-@@ -371,13 +384,14 @@
+@@ -371,13 +387,14 @@
*
* See defect XWSog08655 for more information.
*/
@@ -1090,7 +1345,7 @@
#ifdef XDMCP
DestroyWellKnownSockets ();
#endif
-@@ -428,66 +442,62 @@
+@@ -428,66 +445,62 @@
/* XXX classic System V signal race condition here with RescanNotify */
if ((pid = wait (&status)) != -1)
#else
@@ -1179,7 +1434,7 @@
/*
* no display connection was ever made, tell the
* terminal that the open attempt failed
-@@ -500,7 +510,7 @@
+@@ -500,7 +513,7 @@
d->status == zombie ||
++d->startTries >= d->startAttempts)
{
@@ -1188,7 +1443,7 @@
StopDisplay (d);
}
else
-@@ -510,7 +520,7 @@
+@@ -510,7 +523,7 @@
break;
case RESERVER_DISPLAY:
d->startTries = 0;
@@ -1197,7 +1452,7 @@
if (d->displayType.origin == FromXDMCP || d->status == zombie)
StopDisplay(d);
else
-@@ -520,33 +530,45 @@
+@@ -520,33 +533,45 @@
time(&Time);
Debug("time %i %i\n",Time,d->lastCrash);
if (d->lastCrash &&
@@ -1252,7 +1507,7 @@
/*
* XDMCP will restart the session if the display
* requests it
-@@ -556,6 +578,13 @@
+@@ -556,6 +581,13 @@
else
RestartDisplay (d, FALSE);
break;
@@ -1266,7 +1521,7 @@
}
}
/* SUPPRESS 560 */
-@@ -565,30 +594,34 @@
+@@ -565,30 +597,34 @@
switch (d->status)
{
case zombie:
@@ -1308,7 +1563,7 @@
}
}
StartDisplays ();
-@@ -599,7 +632,8 @@
+@@ -599,7 +635,8 @@
{
if (d->displayType.origin == FromFile)
{
@@ -1318,7 +1573,7 @@
case MissingEntry:
StopDisplay (d);
break;
-@@ -625,10 +659,12 @@
+@@ -625,10 +662,12 @@
int pid;
Debug ("StartDisplay %s\n", d->name);
@@ -1332,7 +1587,7 @@
* certainly notice when they exit
*/
d->pingInterval = 0;
-@@ -648,7 +684,8 @@
+@@ -648,7 +687,8 @@
}
if (d->serverPid == -1 && !StartServer (d))
{
@@ -1342,7 +1597,7 @@
RemoveDisplay (d);
return;
}
-@@ -666,7 +703,8 @@
+@@ -666,7 +706,8 @@
switch (pid)
{
case 0:
@@ -1352,7 +1607,7 @@
CleanUpChild ();
(void) Signal (SIGPIPE, SIG_IGN);
}
-@@ -750,7 +788,8 @@
+@@ -750,7 +791,8 @@
ClearCloseOnFork (int fd)
{
FD_CLR (fd, &CloseMask);
@@ -1362,7 +1617,7 @@
while (--fd >= 0)
if (FD_ISSET (fd, &CloseMask))
break;
-@@ -772,100 +811,68 @@
+@@ -772,100 +814,85 @@
max = 0;
}
@@ -1370,6 +1625,9 @@
-static FILE *pidFilePtr;
-
-static int
++/*
++ * Create and populate file storing xdm's process ID.
++ */
+static long
StorePid (void)
{
@@ -1385,6 +1643,7 @@
- if (pidFd == -1 || !(pidFilePtr = fdopen (pidFd, "r+")))
+ if (pidFile[0] != '\0')
+ {
++ Debug ("storing process ID in %s\n", pidFile);
+ pidFd = open (pidFile, O_WRONLY|O_CREAT|O_EXCL, 0666);
+ if (pidFd == -1)
{
@@ -1415,13 +1674,13 @@
+ pidFilePtr = fopen (pidFile, "r");
+ if (pidFilePtr == NULL)
+ {
-+ LogError ("cannot open process-id file %s for reading: "
++ LogError ("cannot open process ID file %s for reading: "
+ "%s\n", pidFile, _SysErrorMsg (errno));
return -1;
+ }
+ if (fscanf (pidFilePtr, "%ld\n", &oldpid) != 1)
+ {
-+ LogError ("existing process-id file %s empty or contains "
++ LogError ("existing process ID file %s empty or contains "
+ "garbage\n", pidFile);
+ oldpid = -1;
+ }
@@ -1444,7 +1703,7 @@
- return oldpid;
- else
- return -1;
-+ LogError ("cannot fdopen process-id file %s for writing: "
++ LogError ("cannot fdopen process ID file %s for writing: "
+ "%s\n", pidFile, _SysErrorMsg (errno));
+ return -1;
}
@@ -1454,7 +1713,7 @@
- fprintf (pidFilePtr, "%5ld\n", (long)getpid ());
+ if ((pidFilePtr = fdopen (pidFd, "w")) == NULL)
+ {
-+ LogError ("cannot open process-id file %s for writing: %s\n",
++ LogError ("cannot open process ID file %s for writing: %s\n",
+ pidFile, _SysErrorMsg (errno));
+ return -1;
+ }
@@ -1462,7 +1721,7 @@
+ pidstrlen = strlen (pidstr);
+ if (fprintf (pidFilePtr, "%s\n", pidstr) != ( pidstrlen + 1))
+ {
-+ LogError ("cannot write to process-id file %s: %s\n", pidFile,
++ LogError ("cannot write to process ID file %s: %s\n", pidFile,
+ _SysErrorMsg (errno));
+ return -1;
+ }
@@ -1476,7 +1735,12 @@
-#if 0
-void
-UnlockPidFile (void)
--{
++/*
++ * Remove process ID file. This function is registered with atexit().
++ */
++static void
++RemovePid (void)
+ {
- if (lockPidFile)
-#ifdef F_SETLK
- {
@@ -1495,9 +1759,14 @@
-#endif
- close (pidFd);
- fclose (pidFilePtr);
--}
++ Debug ("unlinking process ID file %s\n", pidFile);
++ if (unlink (pidFile))
++ if (errno != ENOENT)
++ LogError ("cannot remove process ID file %s: %s\n", pidFile,
++ _SysErrorMsg (errno));
+ }
-#endif
--
+
#ifndef HAS_SETPROCTITLE
void SetTitle (char *name, ...)
{
@@ -1506,7 +1775,7 @@
char *p = Title;
int left = TitleLen;
char *s;
-@@ -890,6 +897,6 @@
+@@ -890,6 +917,6 @@
--left;
}
va_end(args);
@@ -1516,8 +1785,8 @@
-#endif
+#endif /* HAS_SETPROCTITLE */
diff -urN xc/programs/xdm~/dm_auth.h xc/programs/xdm/dm_auth.h
---- xc/programs/xdm~/dm_auth.h 2003-09-21 15:39:23.000000000 -0500
-+++ xc/programs/xdm/dm_auth.h 2003-09-21 15:40:41.000000000 -0500
+--- xc/programs/xdm~/dm_auth.h 2005-01-07 11:50:43.000000000 -0500
++++ xc/programs/xdm/dm_auth.h 2005-01-06 22:18:02.000000000 -0500
@@ -42,18 +42,40 @@
extern void MitInitAuth (unsigned short name_len, char *name);
extern Xauth *MitGetAuth (unsigned short namelen, char *name);
@@ -1581,8 +1850,8 @@
extern int SaveServerAuthorizations (struct display *d, Xauth **auths, int count);
diff -urN xc/programs/xdm~/dm_error.h xc/programs/xdm/dm_error.h
---- xc/programs/xdm~/dm_error.h 2003-09-21 15:39:23.000000000 -0500
-+++ xc/programs/xdm/dm_error.h 2003-09-21 15:40:41.000000000 -0500
+--- xc/programs/xdm~/dm_error.h 2005-01-07 11:50:43.000000000 -0500
++++ xc/programs/xdm/dm_error.h 2005-01-06 22:18:02.000000000 -0500
@@ -50,7 +50,6 @@
extern void LogInfo (char * fmt, ...) GCC_PRINTFLIKE(1,2);
extern void LogOutOfMem (char * fmt, ...) GCC_PRINTFLIKE(1,2);
@@ -1592,8 +1861,8 @@
#endif /* _DM_ERROR_H_ */
diff -urN xc/programs/xdm~/error.c xc/programs/xdm/error.c
---- xc/programs/xdm~/error.c 2003-09-21 15:39:23.000000000 -0500
-+++ xc/programs/xdm/error.c 2003-09-21 15:40:41.000000000 -0500
+--- xc/programs/xdm~/error.c 2005-01-07 11:50:43.000000000 -0500
++++ xc/programs/xdm/error.c 2005-01-06 22:18:02.000000000 -0500
@@ -34,23 +34,41 @@
*
* error.c
@@ -1781,8 +2050,8 @@
+ }
}
diff -urN xc/programs/xdm~/file.c xc/programs/xdm/file.c
---- xc/programs/xdm~/file.c 2003-09-21 15:39:23.000000000 -0500
-+++ xc/programs/xdm/file.c 2003-09-21 15:40:41.000000000 -0500
+--- xc/programs/xdm~/file.c 2005-01-07 11:50:43.000000000 -0500
++++ xc/programs/xdm/file.c 2005-01-06 22:18:02.000000000 -0500
@@ -152,14 +152,14 @@
return;
if (!args[0])
@@ -1825,8 +2094,9 @@
d->name, d->class ? d->class : "", type);
}
d->displayType = displayType;
---- xc/programs/xdm/genauth.c~ 2003-10-24 17:18:33.000000000 -0500
-+++ xc/programs/xdm/genauth.c 2003-10-24 17:18:37.000000000 -0500
+diff -urN xc/programs/xdm~/genauth.c xc/programs/xdm/genauth.c
+--- xc/programs/xdm~/genauth.c 2005-01-07 11:50:43.000000000 -0500
++++ xc/programs/xdm/genauth.c 2005-01-06 22:18:02.000000000 -0500
@@ -33,14 +33,16 @@
* Author: Keith Packard, MIT X Consortium
*/
@@ -1906,8 +2176,8 @@
#endif /* DEV_RANDOM */
/* Try some pseudo-random number genrator daemon next */
diff -urN xc/programs/xdm~/greeter/Login.c xc/programs/xdm/greeter/Login.c
---- xc/programs/xdm~/greeter/Login.c 2003-09-21 15:39:23.000000000 -0500
-+++ xc/programs/xdm/greeter/Login.c 2003-09-21 15:40:41.000000000 -0500
+--- xc/programs/xdm~/greeter/Login.c 2005-01-07 11:50:43.000000000 -0500
++++ xc/programs/xdm/greeter/Login.c 2005-01-06 22:18:02.000000000 -0500
@@ -863,7 +863,7 @@
xim = XOpenIM(XtDisplay(ctx), NULL, NULL, NULL);
@@ -1936,8 +2206,8 @@
w->login.logoValid = False;
goto SkipXpmLoad;
diff -urN xc/programs/xdm~/greeter/greet.c xc/programs/xdm/greeter/greet.c
---- xc/programs/xdm~/greeter/greet.c 2003-09-21 15:39:23.000000000 -0500
-+++ xc/programs/xdm/greeter/greet.c 2003-09-21 15:40:41.000000000 -0500
+--- xc/programs/xdm~/greeter/greet.c 2005-01-07 11:50:43.000000000 -0500
++++ xc/programs/xdm/greeter/greet.c 2005-01-06 22:18:02.000000000 -0500
@@ -273,13 +273,13 @@
XtGetValues (login, arglist, 1);
if (allow)
@@ -1989,8 +2259,8 @@
SessionExit (d, OBEYSESS_DISPLAY, FALSE);
}
diff -urN xc/programs/xdm~/greeter/verify.c xc/programs/xdm/greeter/verify.c
---- xc/programs/xdm~/greeter/verify.c 2003-09-21 15:39:23.000000000 -0500
-+++ xc/programs/xdm/greeter/verify.c 2003-09-21 15:40:41.000000000 -0500
+--- xc/programs/xdm~/greeter/verify.c 2005-01-07 11:50:43.000000000 -0500
++++ xc/programs/xdm/greeter/verify.c 2005-01-06 22:18:02.000000000 -0500
@@ -196,29 +196,29 @@
endpwent();
@@ -2114,8 +2384,8 @@
return 0;
}
diff -urN xc/programs/xdm~/resource.c xc/programs/xdm/resource.c
---- xc/programs/xdm~/resource.c 2003-09-21 15:39:23.000000000 -0500
-+++ xc/programs/xdm/resource.c 2003-09-21 15:41:15.000000000 -0500
+--- xc/programs/xdm~/resource.c 2005-01-07 11:50:43.000000000 -0500
++++ xc/programs/xdm/resource.c 2005-01-06 22:18:02.000000000 -0500
@@ -35,11 +35,11 @@
* resource.c
*/
@@ -2440,8 +2710,8 @@
snprintf (class, sizeof(class), "DisplayManager.%s.%s",
dpyClass, resources[i].class);
diff -urN xc/programs/xdm~/rpcauth.c xc/programs/xdm/rpcauth.c
---- xc/programs/xdm~/rpcauth.c 2003-09-21 15:39:23.000000000 -0500
-+++ xc/programs/xdm/rpcauth.c 2003-09-21 15:40:41.000000000 -0500
+--- xc/programs/xdm~/rpcauth.c 2005-01-07 11:50:43.000000000 -0500
++++ xc/programs/xdm/rpcauth.c 2005-01-06 22:18:02.000000000 -0500
@@ -69,7 +69,7 @@
new->number = 0;
@@ -2452,8 +2722,8 @@
new->data = (char *) malloc (new->data_length);
if (!new->data)
diff -urN xc/programs/xdm~/server.c xc/programs/xdm/server.c
---- xc/programs/xdm~/server.c 2003-09-21 15:39:23.000000000 -0500
-+++ xc/programs/xdm/server.c 2003-09-21 15:40:41.000000000 -0500
+--- xc/programs/xdm~/server.c 2005-01-07 11:50:43.000000000 -0500
++++ xc/programs/xdm/server.c 2005-01-06 22:18:02.000000000 -0500
@@ -80,7 +80,7 @@
char arg[1024];
int pid;
@@ -2567,8 +2837,8 @@
return 1;
}
diff -urN xc/programs/xdm~/session.c xc/programs/xdm/session.c
---- xc/programs/xdm/session.c.orig 2004-01-21 16:14:39.000000000 -0500
-+++ xc/programs/xdm/session.c 2004-01-21 16:15:09.000000000 -0500
+--- xc/programs/xdm~/session.c 2005-01-07 11:50:43.000000000 -0500
++++ xc/programs/xdm/session.c 2005-01-07 11:52:14.000000000 -0500
@@ -54,7 +54,7 @@
#ifdef SECURE_RPC
# include <rpc/rpc.h>
@@ -3048,7 +3318,22 @@
Debug ("StartSession, fork succeeded %d\n", pid);
*pidp = pid;
return 1;
-@@ -856,7 +860,7 @@
+@@ -808,12 +812,14 @@
+ open ("/dev/null", O_RDONLY);
+ /* make stdout follow stderr to the log file */
+ dup2 (2,1);
++ Debug ("attempting to execve() %s\n", argv[0]);
+ execve (argv[0], argv, environ);
+ /*
+ * In case this is a shell script which hasn't been
+ * made executable (or this is a SYSV box), do
+ * a reasonable thing
+ */
++ Debug ("execve() of %s failed: %s\n", argv[0], _SysErrorMsg (errno));
+ if (errno != ENOENT) {
+ char program[1024], *e, *p, *optarg;
+ FILE *f;
+@@ -856,7 +862,7 @@
p = "/bin/sh";
optarg = 0;
}
@@ -3057,7 +3342,15 @@
p, optarg ? optarg : "(null)");
for (av = argv, argc = 0; *av; av++, argc++)
/* SUPPRESS 530 */
-@@ -910,9 +914,10 @@
+@@ -872,6 +878,7 @@
+ while ((*av++ = *argv++))
+ /* SUPPRESS 530 */
+ ;
++ Debug ("attempting to execve() %s\n", newargv[0]);
+ execve (newargv[0], newargv, environ);
+ }
+ }
+@@ -910,9 +917,10 @@
return env;
}
@@ -3072,8 +3365,8 @@
}
#endif
diff -urN xc/programs/xdm~/socket.c xc/programs/xdm/socket.c
---- xc/programs/xdm~/socket.c 2003-09-21 15:39:23.000000000 -0500
-+++ xc/programs/xdm/socket.c 2003-09-21 15:40:41.000000000 -0500
+--- xc/programs/xdm~/socket.c 2005-01-07 11:50:43.000000000 -0500
++++ xc/programs/xdm/socket.c 2005-01-07 11:52:19.000000000 -0500
@@ -67,10 +67,10 @@
registerHostname (name, strlen (name));
@@ -3115,8 +3408,8 @@
fd = -1;
return fd;
diff -urN xc/programs/xdm~/streams.c xc/programs/xdm/streams.c
---- xc/programs/xdm~/streams.c 2003-09-21 15:39:23.000000000 -0500
-+++ xc/programs/xdm/streams.c 2003-09-21 15:40:41.000000000 -0500
+--- xc/programs/xdm~/streams.c 2005-01-07 11:50:43.000000000 -0500
++++ xc/programs/xdm/streams.c 2005-01-06 22:18:02.000000000 -0500
@@ -107,7 +107,7 @@
FD_SET (xdmcpFd, &WellKnownSocketsMask);
@@ -3127,8 +3420,8 @@
{
LogError ("chooser stream creation failed\n");
diff -urN xc/programs/xdm~/util.c xc/programs/xdm/util.c
---- xc/programs/xdm~/util.c 2003-09-21 15:39:23.000000000 -0500
-+++ xc/programs/xdm/util.c 2003-09-21 15:40:41.000000000 -0500
+--- xc/programs/xdm~/util.c 2005-01-07 11:50:43.000000000 -0500
++++ xc/programs/xdm/util.c 2005-01-06 22:18:02.000000000 -0500
@@ -55,7 +55,7 @@
#undef _POSIX_SOURCE
#endif
@@ -3139,8 +3432,8 @@
#endif
diff -urN xc/programs/xdm~/xdm.man xc/programs/xdm/xdm.man
---- xc/programs/xdm~/xdm.man 2003-09-21 15:39:23.000000000 -0500
-+++ xc/programs/xdm/xdm.man 2003-09-21 15:41:15.000000000 -0500
+--- xc/programs/xdm~/xdm.man 2005-01-07 11:50:43.000000000 -0500
++++ xc/programs/xdm/xdm.man 2005-01-07 05:24:25.000000000 -0500
@@ -151,8 +151,9 @@
At the end of the session, the \fIXreset\fP script is run to clean up,
the X server is reset, and the cycle starts over.
@@ -3153,6 +3446,15 @@
.I xdm
and anything output to stderr by \fIXsetup, Xstartup, Xsession\fP
or \fIXreset\fP.
+@@ -295,7 +296,7 @@
+ this resource to ``false'' will disable this feature.
+ .IP "\fBDisplayManager.pidFile\fP"
+ The filename specified will be created to contain an ASCII
+-representation of the process-id of the main
++representation of the process ID of the main
+ .I xdm
+ process.
+ .I Xdm
@@ -312,7 +313,8 @@
This names a directory under which
.I xdm
@@ -3247,8 +3549,8 @@
Here is a reasonable configuration file, which could be
named \fIxdm-config\fP:
diff -urN xc/programs/xdm~/xdmauth.c xc/programs/xdm/xdmauth.c
---- xc/programs/xdm~/xdmauth.c 2003-09-21 15:39:23.000000000 -0500
-+++ xc/programs/xdm/xdmauth.c 2003-09-21 15:40:41.000000000 -0500
+--- xc/programs/xdm~/xdmauth.c 2005-01-07 11:50:43.000000000 -0500
++++ xc/programs/xdm/xdmauth.c 2005-01-06 22:18:02.000000000 -0500
@@ -45,11 +45,20 @@
static char auth_name[256];
static int auth_name_len;
@@ -3417,8 +3719,8 @@
+# endif /* XDMCP */
#endif /* HASXDMAUTH (covering the entire file) */
diff -urN xc/programs/xdm~/xdmshell.c xc/programs/xdm/xdmshell.c
---- xc/programs/xdm~/xdmshell.c 2003-09-21 15:39:23.000000000 -0500
-+++ xc/programs/xdm/xdmshell.c 2003-09-21 15:40:41.000000000 -0500
+--- xc/programs/xdm~/xdmshell.c 2005-01-07 11:50:43.000000000 -0500
++++ xc/programs/xdm/xdmshell.c 2005-01-06 22:18:02.000000000 -0500
@@ -41,6 +41,7 @@
#include <stdio.h>
#include "dm.h"
Modified: trunk/debian/xdm.init
===================================================================
--- trunk/debian/xdm.init 2005-01-08 02:44:17 UTC (rev 2120)
+++ trunk/debian/xdm.init 2005-01-08 22:52:36 UTC (rev 2121)
@@ -21,8 +21,10 @@
2>&1; then
true
else
- # if the daemon does not remove its own pidfile, we will
- rm -f $PIDFILE $UPGRADEFILE
+ if [ -e $PIDFILE ]; then
+ echo -n " (removing stale $PIDFILE)"
+ rm $PIDFILE
+ fi
false
fi
}
Reply to: