Not sure if it's about X or the kernel actually. I've moved my system to a Skylake-based laptop and cannot use the modesetting driver on it, with both USE={-,}suid: Xorg producing this error in the log: [ 1392.088] (EE) modeset(0): drmSetMaster failed: Permission denied strace shows that it is able to open the drm device file, but then fails at ioctl: [pid 4441] ioctl(10, DRM_IOCTL_SET_MASTER, 0) = -1 EACCES (Permission denied) Googling have only hinted me that DRM_IOCTL_SET_MASTER is only accessible to root on vanilla kernels, although this may be old info: https://groups.google.com/a/chromium.org/forum/#!topic/chromium-os-reviews/MkLntCYRP-g I've also tried X with Intel DDX: X starts, but then Mesa silently decides to use llvmpipe instead of the hardware-accelerated OpenGL implementation. I run X through qingy's xsession option, but get essentially same results with `startx -- vt1`.
Worked around by `chmod u+s /usr/libexec/Xorg`.
Does your kernel have CONFIG_TMPFS_POSIX_ACL enabled?
(In reply to Chí-Thanh Christopher Nguyễn from comment #2) > Does your kernel have CONFIG_TMPFS_POSIX_ACL enabled? Yes.
Hi to use DRM SETMASTER you need to either have suid bit on your /usr/bin/Xorg, CAP_SYS_ADMIN or xorg-server built with logind support (systemd USE flag as for now). Please share your xorg-server USE flags, information if you run systemd and file mode of /usr/bin/Xorg You can also chcek if running `setcap cap_sys_admin+ep /usr/bin/Xorg` helps in your case.
(In reply to Piotr Karbowski from comment #4) > Please share your xorg-server USE flags, information if you run systemd and > file mode of /usr/bin/Xorg Installed versions: 1.20.4(0/1.20.4)(08:18:35 2019-03-02)(glamor ipv6 kdrive suid udev xcsecurity xephyr xorg xvfb -debug -dmx -doc -libressl -minimal -selinux -static-libs -systemd -unwind -wayland -xnest) No systemd. -rwxr-xr-x 1 root root 273 Mar 2 08:18 /usr/bin/Xorg
(In reply to Piotr Karbowski from comment #4) > You can also chcek if running `setcap cap_sys_admin+ep /usr/bin/Xorg` helps > in your case. It doesn't.
(In reply to Sergey 'L29Ah' Alirzaev from comment #5) > (In reply to Piotr Karbowski from comment #4) > > Please share your xorg-server USE flags, information if you run systemd and > > file mode of /usr/bin/Xorg > > Installed versions: 1.20.4(0/1.20.4)(08:18:35 2019-03-02)(glamor ipv6 > kdrive suid udev xcsecurity xephyr xorg xvfb -debug -dmx -doc -libressl > -minimal -selinux -static-libs -systemd -unwind -wayland -xnest) > No systemd. > -rwxr-xr-x 1 root root 273 Mar 2 08:18 /usr/bin/Xorg I don't understand how that can be. With USE="suid -systemd" I get -rwsr-xr-x 1 root root 2.3M Mar 4 22:06 /usr/bin/Xorg whereas your binary doesn't have suid set. Is something on your system dropping the suid bit? Does some file system not support suid? (In reply to Sergey 'L29Ah' Alirzaev from comment #1) > Worked around by `chmod u+s /usr/libexec/Xorg`. Also strange, since you shouldn't have a /usr/libexec/Xorg if you are building without systemd.
(In reply to Sergey 'L29Ah' Alirzaev from comment #5) > (In reply to Piotr Karbowski from comment #4) > > Please share your xorg-server USE flags, information if you run systemd and > > file mode of /usr/bin/Xorg > > Installed versions: 1.20.4(0/1.20.4)(08:18:35 2019-03-02)(glamor ipv6 > kdrive suid udev xcsecurity xephyr xorg xvfb -debug -dmx -doc -libressl > -minimal -selinux -static-libs -systemd -unwind -wayland -xnest) > No systemd. > -rwxr-xr-x 1 root root 273 Mar 2 08:18 /usr/bin/Xorg 273 bytes is the size of the Xorg suid wrapper. It's installed as /usr/bin/Xorg if USE="suid systemd" I cannot reproduce what your report with your USE flags, but I can if I use your USE flags but with +systemd (in which case /usr/libexec/Xorg.wrap has suid). Please attach a build log of xorg-server.
(In reply to Matt Turner from comment #7) > I don't understand how that can be. With USE="suid -systemd" I get > > -rwsr-xr-x 1 root root 2.3M Mar 4 22:06 /usr/bin/Xorg > > whereas your binary doesn't have suid set. Is something on your system > dropping the suid bit? Does some file system not support suid? Nah, it's a regular ext4 without any fancy flags.
(In reply to Matt Turner from comment #8) > 273 bytes is the size of the Xorg suid wrapper. It's installed as > /usr/bin/Xorg if USE="suid systemd" > > I cannot reproduce what your report with your USE flags, but I can if I use > your USE flags but with +systemd (in which case /usr/libexec/Xorg.wrap has > suid). > > Please attach a build log of xorg-server. Okay, i found out i had the ebuild modified using sed since the systemd flag introduction that enabled suid unconditionally since https://bugs.gentoo.org/669648#c8, and it messed up: - $(usex suid $(use_enable systemd suid-wrapper) '--disable-suid-wrapper') - $(usex suid $(use_enable !systemd install-setuid) '--disable-install-setuid') + $(usex suid --enable-suid-wrapper '--disable-suid-wrapper') + $(usex suid --disable-install-setuid '--disable-install-setuid') It worked just fine on ivy bridge, but it seems like on kaby lake the kernel decided only a privileged user can use drm. What?! USE=suid works as expected since i reverted the patch.
The code that handle it in kernel did not changed recently, and if your Ivy Bridge were using either the intel driver or modesetting driver over KMS it would require the extra privileges to take control over framebuffer. Perhaps you do have suid on Xorg or suid-enabled suidwrapper there.
Okay, that makes more sense.
