I prefer to boot into console, then start X with startx if/when required. I don’t use a display manager.
I’m struggling a bit getting this to work with SUSE though. I set RL to 3 in inittab, then boot into console, all ok so far. But I can’t startx when i need to; I get some error about the UID bit not being set on xorg?? The only way I can start X is ether as root user, or by setting the UID bit. This can’t be the proper way to go about this though!
So what is? startx, xinit and init 5 all only work as root user.
That is logical to me. Running X is a system level task, not an end-user level task. When the system manager has set the default runlevel to three, (s)he did so on purpose. The end-user is thus not able to change runlevel. This is build-in security. And of course other ways to circumvent this security (like running certain services as end-user) should also be blocked.
Of course you can brake this security by setting the SUID bit (as you can brake almost any security thing in Linux), but this is at your own risk (inlcuding the fact that that SUID bit will probably be removed on updates).
I can totally see your point about security, if your quote above were universally true. But to me, and many others too I am sure, it isn’t true. I use X as an end-user task, much like zypper or elinks. This seems to be stopping me from doing so altogether (unless I accept a giant security hole side-effect by setting suid bit). Is this really the intended behaviour?
Someone on a mailing list mentioned file_caps=1 boot option, but didn’t expand on it. Any ideas how this might help?
You may be right, but I do not undderstand your comparison. I do not know elinks, but zypper is a CLI program like many others (ls, vi, sed, awk, sort, …). The only thing is that zypper when run by the end-user is “read-only” in that it will not (de)install anything (same as e.g. ifconfig).
Butto come back to your problem.
. It is clear to me that init is only to be run as root.
. I just did a test. I booted an 11.2 system in runlevel 3. I loged in on the console as an end-user. I entered startx and a GUI session for that end-user was started.
So it seems that on my system it works like you expects things to work and on your system it doesn’t.
This brings us to the task to find out why.
And about suid bits, it isn’t set:
ls -l $(which startx)
-rwxr-xr-x 1 root root 4921 Oct 24 2009 /usr/bin/startx
I have probably misled you somewhat as i am running 11.4 RC1 (sorry still not fully up on the posting rules re different releases etc).
I believe from what I have read on the mailing lists that this is some kind of deliberate security measure (presumably new to 11.4?), to require root priviliges to run X.???
suid bit is not set for Xorg in Debian, RH, SUSE, or anywhere else as far as I know, but it is now required to set it yourself, manually if you want to run X from RL3/without display manager. Seems weird to me, and no-one seems to be willing or able to really explain it (re the file_caps=1 boot option).
I don’t want to seem too negative though;), i’m open to new ways of doing things, that’s why i’m trying openSUSE. I would like to understand it though.
That link leads me to believe that POSIX file capabilities are now being used to partially elevate priviliges of Xorg. If this is the case, then why do I need to manually set the suid bit as well?
Or is it the other way around - has SUSE 11.4 removed previously implemented POSIX file capability control? This would seem to reflect the situation we are experiencing, but this would surely mean that SUSE has stepped away from the POSIX control method to a less secure method, which seems unlikely.
The situation is not clear to me from these links. Anyone care to explain properly (ie in more than one sentence) please?
> I believe from what I have read on the mailing lists that this is some
> kind of deliberate security measure (presumably new to 11.4?), to
> require root priviliges to run X.???
Yep.
> suid bit is not set for Xorg in Debian, RH, SUSE, or anywhere else as
> far as I know, but it is now required to set it yourself, manually if
> you want to run X from RL3/without display manager. Seems weird to me,
> and no-one seems to be willing or able to really explain it (re the
> file_caps=1 boot option).
They did. It is the new method, but it doesn’t affect X (yet?).
–
Cheers / Saludos,
Carlos E. R.
(from 11.2 x86_64 “Emerald” at Telcontar)
EDIT: I do not know. The original thread was moved fom Applications to Pre-Release/Beta. Something went wrong there. I merged the two threads. Hope that everything is OK now
> The situation is not clear to me from these links. Anyone care to
> explain properly (ie in more than one sentence) please?
They did in the mail list. Those people talking about it in there are devs
and mantainers, so they know. A different matter is whether they care to
explain.
Xorg does not use those posix caps (yet?) - that is what they said - thus
you still need set suid in oS.
–
Cheers / Saludos,
Carlos E. R.
(from 11.2 x86_64 “Emerald” at Telcontar)
I still need to set suid? I never had to set setuid until version 11.4!
Maybe if I ask for one word answers. Can anyone please fill in the questions below (Please, only reply if you actually know the answers. And please please no more pointless argumentative posts, I really don’t want to squabble with complete strangers) :
Did openSUSE have setuid bit set by default on Xorg in versions prior to version 11.4? =
Did openSUSE use file capabilities to elevate priviliges on Xorg in versions prior to version 11.4? =
Does openSUSE use file capabilities to elevate priviliges on Xorg in version 11.4 (RC1)? =
If not, Is it the intention to implement file capabilities on Xorg in version 11.4 at some point between now and the final 11.4 release date? =
Is it the intention of the devs to use file capabilities on Xorg in future releases? =
If so, does this mean that it will be possible to run Xorg from RL3 as a regular user, without having to set the setuid bit or otherwise run Xorg with full root priviliges? =
if not, is it the intention to deliberately prevent this action altogether, for the reasons set out in post number 2 above (ie Xorg being a system process rather than user process)? =
Thanks in advance. PS I’m sure it seems that i’m being obnoxious here, but I promise you that I am not trying to be, I am only trying to get a straight answer.
The questions are highly technical and since is this is a user powered form I doubt that the developers, who would know, will see it. Best to ask on the mailing list. And no I don’t know which one, but a google may find it or someone here may know a good one.
On 2011-02-22 17:06, spoovy wrote:
>
>>> - thus
> you still need set suid in oS
>
> I still need to set suid? I never had to set setuid until version
> 11.4!
That is exactly what I said. There is a language barrier, it seems. Let me
try again: the new posix caps are not enough (now), so you also, now, need
to set uid. Now means 11.4 in this context, before means older versions.
> Maybe if I ask for one word answers. Can anyone please fill in the
> questions below (_Please,only_reply_if_you_actually_know_the_answers.
> And please please no more pointless argumentative posts, I really don’t
> want to squabble with complete strangers) :
Ok, then I shut up. I expect none here to know. Only Devs know, and Devs do
not use the forums.
–
Cheers / Saludos,
Carlos E. R.
(from 11.2 x86_64 “Emerald” at Telcontar)