From /var/log/xdm.log: ------------------------------------------------------------------------------ xdm info (pid 867): Starting xdm info (pid 867): Starting X server on :0 xdm error (pid 867): cannot make authentication directory /var/lib/xdm/authdir: No such file or directory ------------------------------------------------------------------------------ I imagine the problem might relate to the addition of the following to /etc/xdm/xdm-config: ------------------------------------------------------------------------------ DisplayManager.authDir: /var/lib/xdm ------------------------------------------------------------------------------ I have not tested whether manually creating /var/lib/xdm resolves this problem. According to the xdm man page, the "DisplayManager.authDir" resource specifies a directory under which xdm stores authorization files while initializing the session. The default value is /var/lib/xdm. Can be overridden for specific displays by DisplayManager.DISPLAY.authFile. Since it looks like we are using the default value, one would expect this to work, unless there is a privileges or permissions problem. Reproducible: Always Steps to Reproduce: start xdm at boot-up Actual Results: xdm displays "This is an unsecure session" instead of the user's welcome text. xdm.log receives: "cannot make authentication directory /var/lib/xdm/authdir: No such file or directory" Expected Results: the xdm authdir should either be dynamically created or should be created by the ebuild during installation. ~ # emerge --info Portage 2.1.6.13 (default/linux/x86/10.0, gcc-4.4.1, glibc-2.10.1-r0, 2.6.31-gentoo i686) ================================================================= System uname: Linux-2.6.31-gentoo-i686-Intel-R-_Pentium-R-_4_CPU_1400MHz-with-gentoo-2.0.1 Timestamp of tree: Thu, 24 Sep 2009 23:45:02 +0000 ccache version 2.4 [enabled] app-shells/bash: 4.0_p33 dev-java/java-config: 2.1.9-r1 dev-lang/python: 2.6.2-r2 dev-util/ccache: 2.4-r8 sys-apps/baselayout: 2.0.1 sys-apps/openrc: 0.4.3-r3 sys-apps/sandbox: 2.1 sys-devel/autoconf: 2.13, 2.63-r1 sys-devel/automake: 1.10.2, 1.11 sys-devel/binutils: 2.19.1-r1 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.6a virtual/os-headers: 2.6.30-r1 ACCEPT_KEYWORDS="x86 ~x86" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -march=pentium4 -pipe -fomit-frame-pointer" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/udev/rules.d" CXXFLAGS="-O2 -march=pentium4 -pipe -fomit-frame-pointer" DISTDIR="/usr/portage/distfiles" FEATURES="ccache distlocks fixpackages parallel-fetch protect-owned sandbox sfperms strict unmerge-orphans userfetch" GENTOO_MIRRORS="ftp://ftp.gtlib.gatech.edu/pub/gentoo http://gentoo.osuosl.org/ http://open-systems.ufl.edu/mirrors/gentoo " LANG="en_US.UTF-8" LC_ALL="en_US.UTF-8" LDFLAGS="-Wl,-O1,--hash-style=gnu" LINGUAS="en_US en" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.namerica.gentoo.org/gentoo-portage" USE="X alsa berkdb bzip2 cairo caps cli consolekit cracklib crypt cups dbus dri exif ffmpeg gdbm gif gpm gtk hal iconv java jpeg lcms mmx modules mp3 mudflap ncurses nls nptl nptlonly nsplugin ogg opengl openmp pam pcre perl png python readline reflection session spl sse sse2 ssl svg sysfs theora threads tiff truetype unicode vorbis win32codecs x86 xcb xorg xulrunner zlib" ALSA_CARDS="emu10k1" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="evdev" KERNEL="linux" LINGUAS="en_US en" USERLAND="GNU" VIDEO_CARDS="nv" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
mkdir /var/lib/xdm eliminated the problem.
Severity reduced to "minor" since there's an easy work-around.
Also, it seems the old location for the authdir was /etc/xdm. Whatever creates the new location (/var/lib/xdm) should maybe just move that to the new location, or at least clean up the cruft.
1) xorg-x11 is just a meta package. 2) I have no idea what exactly is in that directory so I can't really comment on how insecure that is Thanks
It’s insecure if that directory does not exist, since xdm can’t write its authfiles there and authorization is disabled then (see xdm man page, resources “DisplayManager.authDir” and “DisplayManager.DISPLAY.authorize”). On my machine (xdm 1.1.9), a file /var/lib/xdm/authdir/authfiles/A:0-OL1aab is created when xdm starts. However, this only works when manually creating the /var/lib/xdm directory. Suggestion: Modify the ebuild to put a .keep file into /var/lib/xdm, then everything is fine.
Had this problem on an update today... problem is resolved by adding the /var/lib/xdm directory as Tim suggests.
Had the same problem today, and creating /var/lib/xdm fixed it.
Created attachment 208192 [details, diff] patch for xdm-1.1.9.ebuild A working patch against the current Ebuild in Portage is attached. Alternatively, you may use x11-apps/xdm-1.1.9-r1 located in my overlay (see http://scytale.name/proj/overlay/), which also includes an "xconsole" USE flag to remove the (imho) annoying xconsole in xdm.
Patch is ok from my POV, remi what do you think :]
ACK on the patch. Oh and feel free to remove the stable keywords from 1.1.9 if you beat me to it. Thanks
Fixed in 1.1.9 without a revbump since the ebuild is currently p.masked. Thanks