startx with xorg-server-21.1.1-r2 built with USE=suid fails to start. The log ends with Fatal server error: [ 2379.555] (EE) xf86OpenConsole: Cannot open virtual console 7 (Permission denied) Reproducible: Always Steps to Reproduce: 1. build xorg-server-21.1.1-r2 with USE=suid 2. startx 3. Actual Results: xorg fails to start. Expected Results: It just works. $ emerge --info Portage 3.0.28 (python 3.9.9-final-0, default/linux/amd64/17.1/no-multilib, gcc-11.2.1, glibc-2.34-r3, 5.15.0-gentoo x86_64) ================================================================= System uname: Linux-5.15.0-gentoo-x86_64-AMD_Ryzen_9_5950X_16-Core_Processor-with-glibc2.34 KiB Mem: 131894716 total, 128192600 free KiB Swap: 0 total, 0 free Timestamp of repository gentoo: Mon, 06 Dec 2021 14:30:01 +0000 Head commit of repository gentoo: 8c3c9b3ee65110b260bad3d6f77384cd54151b04 Head commit of repository gentoo-static: 291f36208d4a56d7549570ec5c62d946556e58f5 sh bash 5.1_p12 ld GNU ld (Gentoo 2.37_p1 p1) 2.37 distcc 3.4 x86_64-pc-linux-gnu [disabled] app-shells/bash: 5.1_p12::gentoo dev-java/java-config: 2.3.1::gentoo dev-lang/perl: 5.34.0-r5::gentoo dev-lang/python: 3.8.12_p1::gentoo, 3.9.9::gentoo, 3.10.0_p1::gentoo dev-lang/rust: 1.56.1::gentoo dev-util/cmake: 3.22.0::gentoo sys-apps/baselayout: 2.8::gentoo sys-apps/openrc: 0.17-r1::gentoo-static sys-apps/sandbox: 2.29::gentoo sys-devel/autoconf: 2.13-r1::gentoo, 2.71-r1::gentoo sys-devel/automake: 1.13.4-r2::gentoo, 1.16.5::gentoo sys-devel/binutils: 2.36.1-r2::gentoo, 2.37_p1-r1::gentoo sys-devel/gcc: 10.3.0-r2::gentoo, 11.2.1_p20211127::gentoo sys-devel/gcc-config: 2.5-r1::gentoo sys-devel/libtool: 2.4.6-r6::gentoo sys-devel/make: 4.3::gentoo sys-kernel/linux-headers: 5.15::gentoo (virtual/os-headers) sys-libs/glibc: 2.34-r3::gentoo Repositories: gentoo location: /var/db/repos/gentoo sync-type: rsync sync-uri: rsync://rsync.gentoo.org/gentoo-portage priority: -1000 sync-rsync-verify-max-age: 24 sync-rsync-extra-opts: sync-rsync-verify-metamanifest: yes sync-rsync-verify-jobs: 1 crossdev location: /var/db/repos/crossdev masters: gentoo gentoo-static location: /var/db/repos/gentoo-static sync-type: git sync-uri: https://github.com/NeddySeagoon/gentoo-static masters: gentoo Installed sets: @system-groups ACCEPT_KEYWORDS="amd64 ~amd64" ACCEPT_LICENSE="@FREE AVASYS MSttfEULA PUEL fairuse freedist linux-fw-redistributable ms-teams-pre no-source-code" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=native -mindirect-branch=thunk -O2 -pipe -flto=8" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/lib64/libreoffice/program/sofficerc /usr/share/config /usr/share/gnupg/qualified.txt" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo" CXXFLAGS="-march=native -mindirect-branch=thunk -O2 -pipe -flto=8" DISTDIR="/var/cache/distfiles" ENV_UNSET="CARGO_HOME DBUS_SESSION_BUS_ADDRESS DISPLAY GOBIN GOPATH PERL5LIB PERL5OPT PERLPREFIX PERL_CORE PERL_MB_OPT PERL_MM_OPT XAUTHORITY XDG_CACHE_HOME XDG_CONFIG_HOME XDG_DATA_HOME XDG_RUNTIME_DIR" FCFLAGS="-march=native -mindirect-branch=thunk -O2 -pipe -flto=8" FEATURES="assume-digests binpkg-docompress binpkg-dostrip binpkg-logs buildpkg config-protect-if-modified distlocks ebuild-locks fixlafiles ipc-sandbox merge-sync multilib-strict network-sandbox news parallel-fetch pid-sandbox preserve-libs protect-owned qa-unresolved-soname-deps sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr" FFLAGS="-march=native -mindirect-branch=thunk -O2 -pipe -flto=8" GENTOO_MIRRORS="http://www.mirrorservice.org/sites/distfiles.gentoo.org/ http://ftp.free.fr/mirrors/ftp.gentoo.org/ http://ftp.snt.utwente.nl/pub/os/linux/gentoo http://mirrors.soeasyto.com/distfiles.gentoo.org/ http://gentoo.mirror.root.lu/ http://mirror.bytemark.co.uk/gentoo/ http://ftp.belnet.be/pub/rsync.gentoo.org/gentoo/ http://mirror.netcologne.de/gentoo/" LANG="en_GB.utf8" LDFLAGS="-Wl,-O1 -Wl,--as-needed" MAKEOPTS="-j32" PKGDIR="/var/cache/binpkgs" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git" PORTAGE_TMPDIR="/var/tmp" USE="X a52 aacs acl alsa amd64 amr ao apng bdplus bluray bzip2 cairo caps cdda cddb cdio cdparanoia cli crypt cups curl device-mapper dri drm dvd dvdnav dvdr egl encode extras fdk ffmpeg flac fontconfig fortran fuse gdbm gegl geoip gif gimp glamor gles2 gpg gpm graphite gtk gtk3 guidexml iconv icu introspection ipv6 jpeg jpeg2k ladspa libglvnd libtirpc lock lto luajit lzma lzo mad minizip mmx mmxext mp3 mplayer mtp ncurses nfs nls nptl nsplugin nss odf ogg olde-gentoo opengl openmp pam pcre pcre16 pdf png popcnt postproc postscript python raw readline sdl seccomp session smpeg spell split-usr sqlite ssl startup-notification svg sysfs theora threads thunar tiff tools truetype twolame udf unicode usb v4l vaapi vdpau video vorbis vulkan wav wavpack x264 xattr xft xv xvid xvmc zlib" ABI_X86="64" ADA_TARGET="gnat_2020" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="karbon sheets words" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="aes avx avx2 f16c fma3 mmx mmxext pclmul popcnt rdrand sha sse sse2 sse3 sse4_1 sse4_2 sse4a ssse3" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock greis isync itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 timing tsip tripmate tnt ublox ubx" KERNEL="linux" L10N="en en-GB en-US" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" LUA_SINGLE_TARGET="lua5-1" LUA_TARGETS="lua5-1" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php7-3 php7-4" POSTGRES_TARGETS="postgres12 postgres13" PYTHON_SINGLE_TARGET="python3_9" PYTHON_TARGETS="python3_9" RUBY_TARGETS="ruby26 ruby27" SANE_BACKENDS="epson epson2 net" USERLAND="GNU" VIDEO_CARDS="fbdev vesa nv nouveau amdgpu radeonsi" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq proto steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CC, CPPFLAGS, CTARGET, CXX, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, LINGUAS, PORTAGE_BINHOST, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, RUSTFLAGS
Created attachment 757561 [details] Xorg Statup Log
Haven't tested/looked closely, but I think this PR is related.
(In reply to Ionen Wolkens from comment #2) > Haven't tested/looked closely, but I think this PR is related. It is related. As stated in the linked pull request, Xorg's new Meson-based build system no longer installs Xorg itself with the set-user-ID-on-execution permission. Something that the old configure script allowed with the --enable-install-setuid option, and Gentoo enabled with USE="suid -elogind -systemd". What the new build system does install with the set-user-ID-on-execution permission is the Xorg wrapper. But without a configuration file specifying otherwise (needs_root_rights=yes), the wrapper will drop privileges before running the real X server if it can successfully call the DRM_IOCTL_MODE_GETRESOURCES ioctl for every video card —a condition that is likely true on recent enough hardware—. And then, with USE="suid -elogind -systemd" Xorg will have neither the required privileges for opening /dev files itself, nor a logind daemon for doing that on its behalf. The PR attempts to have the ebuild do what the old GNU-style build system did with the appropriate configuration.
The pull request looks okay to me and as such commented on it. Unless some other comments will get there, I will merge the pull request tomorrow.
After sleeping on it I think I rather not roll it back to old mechanism. The goal is to allow X to work without logind provider, and for that I'd prefer to go with wrapper that by default allows anyone to start X, so the end result is like old suid bit, but still staying within the competence of build system. Am I missing anything?
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fefef5fbb829b1b9c0713252713b7a8454766876 commit fefef5fbb829b1b9c0713252713b7a8454766876 Author: Alan Swanson <reiver@improbability.net> AuthorDate: 2021-12-03 12:25:06 +0000 Commit: Matt Turner <mattst88@gentoo.org> CommitDate: 2021-12-16 02:37:22 +0000 x11-base/xorg-server: Restore setuid for non-logind meson build The meson build does not support the autotools build option install-setuid and when not using systemd or logind the suid_wrapper is not equivalent as it does not resolve tty or input device permissions unless /etc/X11/Xwrapper.config is created with; allowed_users = anybody needs_root_rights = yes In which case you can skip the wrapper as this would be the default preference when using startx or xinit without systemd or logind from the console or init scripts. So revert to previous autotools build behaviour. Closes: https://bugs.gentoo.org/828462 Closes: https://github.com/gentoo/gentoo/pull/23160 Signed-off-by: Alan Swanson <reiver@improbability.net> Signed-off-by: Matt Turner <mattst88@gentoo.org> x11-base/xorg-server/xorg-server-9999.ebuild | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-)
