Bug#611487: xterm: immediately exits upon running: exec login USER
On Sat, Feb 12, 2011 at 08:46:00AM -0500, Thomas Dickey wrote:
> >looking at lxterminal now, and compiling the login program to add some
> >traces, I'm seeing _that_ fail at the same point, with the same cause.
> >(I'll compare with xfce4-terminal this evening, and investigate whether
> >one of the Debian packages might change this behavior).
>
> I did look further, found that in my configuration at least, that I was
> unable to get a login prompt from the unmodified setuid-login program
> for either lxterminal or xfce4-terminal (or even gnome-terminal).
>
> I simply copied /bin/login to /usr/local/bin/root-login, making it setuid
> and setgid to root:staff
>
> Since that prompt is what I understood "authentication process" to
> refer to above, I'm puzzled - need more info to reproduce the case where
> I would be seeing the VTE-based terminals working as you describe.
>
> --
> Thomas E. Dickey
Hi Thomas,
Here are some details on my setup,
# dpkg-query -l login xterm lxterminal xfce4-terminal
ii login 1:4.1.4.2+svn3 system login tools
hi xterm 235-2 X terminal emulator
ii lxterminal 0.1.8-2 desktop independent vte-based terminal emula
ii xfce4-terminal 0.4.5-1 Xfce terminal emulator
# type login
login is /bin/login
# ls -l /bin/login
-rwsr-xr-x 1 root root 36896 Sep 25 18:05 /bin/login
; Notice that login is setuid to root, and is not setgid.
;-----------------------------------------------------------------------
; Now I login from user jeff on pts/2 to user jsroot on same pts/2.
$ exec login jsroot
Password:
Last login: Fri Feb 11 08:42:34 EST 2011 on pts/3
...
# grep 'Feb 13 14:52:34 l2 login' /var/log/syslog
Feb 13 14:52:34 l2 login[6460]: pam_sm_authenticate: Called
Feb 13 14:52:34 l2 login[6460]: pam_sm_authenticate: username = [jsroot]
Feb 13 14:52:34 l2 login[6460]: pam_unix(login:session): session opened for user jsroot by jeff(uid=1001)
Feb 13 14:52:34 l2 login[6605]: ROOT LOGIN on '/dev/pts/2' from ':0.0'
; So the above is successful using xterm 235-2. Note that the above xterm has
; a PPID of 1 (init), since it was run from my $xclient, while the following
; VTEs have a PPID of 6461, which is the PID of the bash process that launched
; the VTE from pts/3.
;-----------------------------------------------------------------------
; Now startup xfce4-terminal (run from pts/3).
$ xfce4-terminal &
[1] 9545
; At this point an xfce4-terminal pops up, let $$ be its prompt.
$$ exec login jsroot
; The xfce4-terminal now disappears, and there was no Password: prompt,
; and there was nothing in /var/log/syslog from login at this time.
$
[1]+ Done xfce4-terminal
; Now I startup lxterminal just like xfce4-terminal, and I get the same
; results as for xfce4-terminal - immediate exit on 'exec login jsroot',
; no Password: prompt, and nothing from login in the syslog.
;-----------------------------------------------------------------------
; Now I just before install xterm 261-1, I try the same xfce4-terminal and
; lxterminal scenarios using instead xterm 235-2.
$ xterm &
[1] 10080
; At this point an xterm pops up, let $$ be its prompt
$$ exec login jsroot
Password:
Last login: Sun Feb 13 17:20:51 EST 2011 on pts/6
; Back at the xterm on pts/3 where I just ran 'xterm &'.
$
; Now I exit from the xterm where I successfully logged in as jsroot
$$
; Back again at the xterm on pts/3 where I just ran 'xterm &'
$ Cannot chmod /dev/pts/6 to 666 currently 620: Operation not permitted
; Why does the above error message get output to pts/3?
;
; Here are the syslog entries for this last login to jsroot,
Feb 13 17:26:17 l2 login[10081]: pam_sm_authenticate: Called
Feb 13 17:26:17 l2 login[10081]: pam_sm_authenticate: username = [jsroot]
Feb 13 17:26:17 l2 login[10081]: pam_unix(login:session): session opened for user jsroot by jeff(uid=1001)
Feb 13 17:26:17 l2 login[10153]: ROOT LOGIN on '/dev/pts/6' from ':0.0'
Feb 13 17:29:22 l2 login[10081]: pam_unix(login:session): session closed for user jsroot
;-----------------------------------------------------------------------
; Now I install xterm 261-1.
# apt-get install xterm=261-1
...
Setting up xterm (261-1) ...
...
; Switch to pts/3, where I'll launch an xterm (261-1) in the background.
$ dpkg-query -l xterm
hi xterm 261-1 X terminal emulator
$ who
jeff tty1 Feb 13 14:37
jeff pts/0 Feb 13 14:52 (:0.0)
jeff pts/1 Feb 13 14:52 (:0.0)
jsroot pts/2 Feb 13 14:52 (:0.0)
jeff pts/3 Feb 13 14:52 (:0.0)
jsroot pts/4 Feb 13 14:52 (:0.0)
jeff pts/5 Feb 13 14:59 (:0.0)
$ xterm &
[1] 11422
; At this point an xterm pops up, let $$ be its prompt
; Switch to pts/6, where [1] 11422 is running in the background.
$$ tty
/dev/pts/6
$$ logname
jsroot
; Why is logname jsroot on pts/6? May have something to do with having
; successfully done 'exec login jsroot' from xterm 235-2 on pts/6 in the
; first example above.
$$ who
jeff tty1 Feb 13 14:37
jeff pts/0 Feb 13 14:52 (:0.0)
jeff pts/1 Feb 13 14:52 (:0.0)
jsroot pts/2 Feb 13 14:52 (:0.0)
jeff pts/3 Feb 13 14:52 (:0.0)
jsroot pts/4 Feb 13 14:52 (:0.0)
jeff pts/5 Feb 13 14:59 (:0.0)
jeff pts/6 Feb 13 19:05 (:0.0)
$$ exec login jsroot
; Xterm process on pts/6 exits, no login prompt, no entry in syslog,
; just like with xfce4-terminal and lxterminal.
; Back to pts/3.
$
[1]+ Done xterm
$ who
jeff tty1 Feb 13 14:37
jeff pts/0 Feb 13 14:52 (:0.0)
jeff pts/1 Feb 13 14:52 (:0.0)
jsroot pts/2 Feb 13 14:52 (:0.0)
jeff pts/3 Feb 13 14:52 (:0.0)
jsroot pts/4 Feb 13 14:52 (:0.0)
jeff pts/5 Feb 13 14:59 (:0.0)
;-----------------------------------------------------------------------
If you can think of any other scenarios that you would like me to try,
I will be happy to do so.
Thanks,
--
Jeffrey Sheinberg
Reply to: