Your message dated Sat, 10 Apr 2010 16:43:16 +0200 with message-id <20100410144316.GA17626@patate.is-a-geek.org> and subject line Re: Bug#95214: xdm: envvar XAUTHORITY improperly set in "Xstartup" script has caused the Debian Bug report #95214, regarding xdm: uses XAUTHORITY variable for purposes other than those documented to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 95214: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=95214 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: xdm: envvar XAUTHORITY improperly set in "Xstartup" script
- From: Jeff Sheinberg <jeffsh@erols.com>
- Date: Tue, 24 Apr 2001 12:16:47 -0400 (EDT)
- Message-id: <20010424161647.CF0F015DAC@eden-hda7.my.local>
Package: xdm Version: 4.0.2-13 Severity: normal Hi, Here is what xdm(1) says about the XAUTHORITY envvar, DisplayManager.DISPLAY.userAuthDir When xdm is unable to write to the usual user authorization file ($HOME/.Xauthority), it creates a unique file name in this directory and points the environment variable XAUTHORITY at the created file. It uses /tmp by default. However, I noticed that when xdm invoked the "Xstartup" script, the XAUTHORITY envvar had this value, /var/lib/xdm/authdir/authfiles/A:0-riZSi9 which is the xdm authorization data communications file, which is quite different from the "user authorization file". I would wager a guess that the other xdm startup script (Xsetup) also exhibits this incorrect behavior, but I haven't verified it. By the time my "~/.xsession" file has been run, the XAUTHORITY envvar has been unset, which leads me to conclude that the xdm Xsession script does not have this problem. However, I have not tried logging in when my home directory is mounted on a read-only filesystem, in order to determine if the XAUTHORITY envvar is correctly set by xdm and thus exported to all three of the startup scripts (Xsetup, Xstartup, and Xsession) in this case. Thanks, -- Jeff Sheinberg <jeffsh@erols.com> -- System Information Debian Release: woody/testing Kernel Version: Linux eden-hda7.my.local 2.4.2 #2 Thu Mar 22 13:34:10 EST 2001 i586 unknown Versions of the packages xdm depends on: ii cpp 2.95.3-7 The GNU C preprocessor. ii debconf 0.9.28 Debian configuration management system ii libc6 2.2.2-4 GNU C Library: Shared libraries and Timezone ii libpam0g 0.72-9 Pluggable Authentication Modules library ii libxaw7 4.0.2-13 X Athena widget set library ii xbase-clients 4.0.2-13 miscellaneous X clients ii xlibs 4.0.2-13 X Window System client libraries --- Begin /etc/X11/xdm/Xreset (modified conffile) #!/bin/sh hostserver=$(echo $DISPLAY | cut -d. -f1) if [ -e /var/run/xconsole.$hostserver.pid ]; then pid=$(cat /var/run/xconsole.$hostserver.pid 2> /dev/null) if [ "$pid" ]; then kill $pid 2> /dev/null fi rm /var/run/xconsole.$hostserver.pid fi if grep -qs ^use-sessreg /etc/X11/xdm/xdm.options; then sessreg -d -l $DISPLAY -u /var/run/utmp -x /etc/X11/xdm/Xservers $USER fi echo >&2 "$0: off $(date)" exit 0 --- End /etc/X11/xdm/Xreset --- Begin /etc/X11/xdm/Xservers (modified conffile) :0 local /usr/X11R6/bin/X vt7 -dpi 100 -nolisten tcp --- End /etc/X11/xdm/Xservers --- Begin /etc/X11/xdm/Xsetup (modified conffile) #!/bin/sh PATH=$PATH:/usr/bin/X11 sysmodmap=/etc/X11/Xmodmap hostserver=$(echo $DISPLAY | cut -d. -f1) echo >&2 "$0: on $(date)" xsetroot -solid LavenderBlush4 if [ -e /var/run/xconsole.$hostserver.pid ]; then pid=$(cat /var/run/xconsole.$hostserver.pid 2> /dev/null) if [ "$pid" ]; then kill $pid 2> /dev/null fi rm /var/run/xconsole$hostsever.pid fi eval "`/etc/local/defs xconsole_xres`" if test "${xconsole_xres:+set}" = "set" ; then xrdb -merge "${xconsole_xres}" else echo >&2 "$0: expected xconsole resource file is not available" fi xconsole -notify -daemon -verbose -exitOnFail -file /dev/xconsole & echo $! > /var/run/xconsole.$hostserver.pid if command -v xmodmap > /dev/null 2>&1; then if [ -f $sysmodmap ]; then xmodmap $sysmodmap fi fi echo > /dev/xconsole grep -v '^#' /etc/X11/xdm/Xsetup-msg > /dev/xconsole echo > /dev/xconsole exit 0 --- End /etc/X11/xdm/Xsetup --- Begin /etc/X11/xdm/Xstartup (modified conffile) #!/bin/sh PATH=$PATH:/usr/bin/X11:/usr/games if grep -qs ^ignore-nologin /etc/X11/xdm/xdm.options; then if [ -f /etc/nologin ]; then xmessage -file /etc/nologin -geometry 640x480 fi elif [ -f /etc/nologin ]; then # root can log in anyway if [ "$(id -u)" != "0" ]; then xmessage -file /etc/nologin -geometry 640x480 exit 1 fi fi echo >&2 "${0}: on `date`" xconsole=/dev/null xconsole=/dev/xconsole lastmsg=`lastlog -u ${USER} | sed -n -e '2p'` failmsg=`faillog -u ${USER} | sed -n -e '2p'` set -- ${lastmsg} case ${#} in 4) lmsg="None - never logged in" ;; 8) lmsg="${3} ${4} ${5} ${6} ${8} on ${2}" ;; 9) lmsg="${4} ${5} ${6} ${7} ${9} on ${2} from ${3}" ;; 0) lmsg="** Unknown User: ${USER} **" ;; *) lmsg="** case error [${#}]: ${*} **" ;; esac echo "Last login: ${lmsg}." > ${xconsole} if test -f /etc/motd ; then cat /etc/motd > ${xconsole} fi : ${MAIL:=/var/mail/${USER}} if test -s "${MAIL}" ; then # Only recognizes new mail with GNU find -printf extensions. atime=`find "${MAIL}" -prune -printf "%A@\n"` mtime=`find "${MAIL}" -prune -printf "%T@\n"` if test "${?}" = "0" && test "${mtime}" -ge "${atime}" ; then echo "${USER}, you have new mail." > ${xconsole} else echo "${USER}, you have mail." > ${xconsole} fi else echo "No mail for ${USER}." > ${xconsole} fi set -- ${failmsg} fmsg="" case ${#} in 0) : "unknown user or never logged in" ;; 3) : "never logged in" ;; 11) case ${2} in 0) : "no failures since last login" ;; 1) fmsg="${2} failure" ;; *) fmsg="${2} failures" ;; esac test -n "${fmsg}" && \ fmsg="${fmsg} since last login. Last was ${4} ${5} ${6} ${7} ${9} on ${11}." ;; *) fmsg="??? failures for ${USER} since last login. ** case error [${#}]: ${*} **" ;; esac test -n "${fmsg}" && echo "${fmsg}" > ${xconsole} echo > ${xconsole} case `who | grep -c -e ""` in 1) fortune > ${xconsole} ;; esac if grep -qs ^use-sessreg /etc/X11/xdm/xdm.options && command -v sessreg > /dev/null 2>&1; then exec sessreg -a -l $DISPLAY -u /var/run/utmp -x /etc/X11/xdm/Xservers $USER # NOTREACHED fi exit 0 --- End /etc/X11/xdm/Xstartup --- Begin /etc/X11/xdm/xdm-config (modified conffile) ! $XConsortium: xdm-conf.cpp /main/3 1996/01/15 15:17:26 gildea $ ! $XFree86: xc/programs/xdm/config/xdm-conf.cpp,v 1.5 1999/08/29 12:21:06 dawes Exp $ DisplayManager.errorLogFile: /var/log/xdm.log DisplayManager.pidFile: /var/run/xdm.pid DisplayManager.keyFile: /usr/X11R6/lib/X11/xdm/xdm-keys DisplayManager.servers: /usr/X11R6/lib/X11/xdm/Xservers DisplayManager.accessFile: /usr/X11R6/lib/X11/xdm/Xaccess DisplayManager.authDir: /var/lib/xdm DisplayManager.willing: su nobody -c /usr/X11R6/lib/X11/xdm/Xwilling DisplayManager.randomFile: /dev/urandom ! All displays should use authorization. ! X terminals may not be configured that way, so they will require ! individualized resource settings. DisplayManager*authorize: true ! Scripts to start the server, start the user session, and reset the server DisplayManager*setup: /usr/X11R6/lib/X11/xdm/Xsetup DisplayManager*startup: /usr/X11R6/lib/X11/xdm/Xstartup DisplayManager*reset: /usr/X11R6/lib/X11/xdm/Xreset DisplayManager*resources: /usr/X11R6/lib/X11/xdm/Xresources DisplayManager*session: /usr/X11R6/lib/X11/xdm/Xsession ! Scripts to start the server, etc, for the :0 display. !!DisplayManager._0.setup: /etc/X11/xdm/Xsetup_0 !!DisplayManager._0.startup: /etc/X11/xdm/Xstartup_0 !!DisplayManager._0.reset: /etc/X11/xdm/Xreset_0 !!DisplayManager._0.resources: /etc/X11/xdm/Xresources_0 ! One must first export these variables in the invocation of xdm. !!DisplayManager.exportList: EXPORTED_VAR ANOTHER_EXPORTED_VAR ! DisplayManager*userPath: /usr/local/bin:/usr/bin:/bin:/usr/bin/X11:/usr/games DisplayManager*systemPath: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/bin/X11 DisplayManager*loginmoveInterval: 10 ! SECURITY: do not listen for XDMCP or Chooser requests ! Comment out this line if you want to manage X terminals with xdm DisplayManager.requestPort: 0 --- End /etc/X11/xdm/xdm-config
--- End Message ---
--- Begin Message ---
- To: Jeff Sheinberg <jeffsh@erols.com>, 95214-done@bugs.debian.org
- Subject: Re: Bug#95214: xdm: envvar XAUTHORITY improperly set in "Xstartup" script
- From: Julien Cristau <jcristau@debian.org>
- Date: Sat, 10 Apr 2010 16:43:16 +0200
- Message-id: <20100410144316.GA17626@patate.is-a-geek.org>
- In-reply-to: <20010424161647.CF0F015DAC@eden-hda7.my.local>
- References: <20010424161647.CF0F015DAC@eden-hda7.my.local>
Hi, 9 years ago you filed the following bug against xdm in Debian (sorry for the very late followup): On Tue, Apr 24, 2001 at 12:16:47 -0400, Jeff Sheinberg wrote: > Here is what xdm(1) says about the XAUTHORITY envvar, > > DisplayManager.DISPLAY.userAuthDir > > When xdm is unable to write to the usual user > authorization file ($HOME/.Xauthority), it creates > a unique file name in this directory and points the > environment variable XAUTHORITY at the created > file. It uses /tmp by default. > > However, I noticed that when xdm invoked the "Xstartup" script, > the XAUTHORITY envvar had this value, > > /var/lib/xdm/authdir/authfiles/A:0-riZSi9 > > which is the xdm authorization data communications file, which is > quite different from the "user authorization file". > > I would wager a guess that the other xdm startup script (Xsetup) > also exhibits this incorrect behavior, but I haven't verified it. > > By the time my "~/.xsession" file has been run, the XAUTHORITY > envvar has been unset, which leads me to conclude that the xdm > Xsession script does not have this problem. > > However, I have not tried logging in when my home directory is > mounted on a read-only filesystem, in order to determine if the > XAUTHORITY envvar is correctly set by xdm and thus exported to all > three of the startup scripts (Xsetup, Xstartup, and Xsession) in > this case. > The Xsetup and Xstartup scripts are run as root, so they need an X cookie which is not the one used by the user session. The manpage section you quote refers to the user session (the Xsession script). I don't believe there's a bug here. Feel free to follow up and clarify your report if you disagree. Cheers, JulienAttachment: signature.asc
Description: Digital signature
--- End Message ---