Created attachment 499692 [details] Xorg.0.log After upgrading to -r1, X no longer works. startx shows a blank screen with a blinking cursor for a few seconds and then fails with an error: parse_vt_settings: Cannot open /dev/tty0 (Permission denied) Downgrading to xorg-server-1.19.5 and it starts working again.
Something similar here - kodi didn't was unable to start. I think it has to do with the suid flag, which is missing in 1.19.5-r1 (but not in 1.19.5).
Yes, please restore the suid USE flag: https://github.com/gentoo/gentoo/commit/ca17c5f407cb5264369aafd39ead709e46777dc4 I also had the same problem.
Created attachment 499750 [details] strace of /usr/libexec/Xorg failure As mentioned in <https://bugs.gentoo.org/show_bug.cgi?id=450364#c5>, I got also permission denied failures. FWIW, in the last three years I never got hardware acceleration to work. I always lost keyboard and mouse input when trying it and need a hard reboot afterwards. To avoid that I must explicitely set ‘Option "Accel" "no"’ to get a working Xorg session. While testing x11-base/xorg-server-1.19.5-r1[+suid-wrapper] and running Xorg as root, I noticed (from the log) it runs *with* hardware acceleration for the first time in all these years but I cannot use it because – guess what – I lost my input devices. So for me it’s definitely a permission issue not just since xorg-server-1.19.5-r1.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7e9f7ca88eeeb4be5c5bfaa4f73cc3ba5c211947 commit 7e9f7ca88eeeb4be5c5bfaa4f73cc3ba5c211947 Author: Chí-Thanh Christopher Nguyễn <chithanh@gentoo.org> AuthorDate: 2017-10-23 19:40:12 +0000 Commit: Chí-Thanh Christopher Nguyễn <chithanh@gentoo.org> CommitDate: 2017-10-23 19:40:12 +0000 profiles/package.mask: mask >=x11-base/xorg-server-1.19.5-r1 Dropping suid breaks some use cases. Bug: https://bugs.gentoo.org/show_bug.cgi?id=450364 Bug: https://bugs.gentoo.org/show_bug.cgi?id=635102 profiles/package.mask | 5 +++++ 1 file changed, 5 insertions(+)}
(In reply to Floyd Anderson from comment #3) > Created attachment 499750 [details] > strace of /usr/libexec/Xorg failure > > As mentioned in <https://bugs.gentoo.org/show_bug.cgi?id=450364#c5>, I got > also > permission denied failures. > > FWIW, in the last three years I never got hardware acceleration to work. I > always lost keyboard and mouse input when trying it and need a hard reboot > afterwards. To avoid that I must explicitely set ‘Option "Accel" "no"’ to get > a working Xorg session. > > While testing x11-base/xorg-server-1.19.5-r1[+suid-wrapper] and running Xorg > as root, I noticed (from the log) it runs *with* hardware acceleration for > the > first time in all these years but I cannot use it because – guess what – I > lost > my input devices. So for me it’s definitely a permission issue not just since > xorg-server-1.19.5-r1. Is your user in the video group?
(In reply to jospezial from comment #5) > > Is your user in the video group? Yes, my user is in the video group. As you can see in my attachment, I’m able to get a proper file descriptor, e.g. for ‘/dev/dri/card0’. Thanks for your interest.
How does it go on? Is upstream work needed or done? Can we do something? I use x11-base/xorg-server-9999::gentoo . It is hit by "profiles/package.mask: mask >=x11-base/xorg-server-1.19.5-r1" too. Can I rebuild it or will I have then problems too? ls -l /usr/libexec/Xorg* -rwxr-xr-x 1 root root 2910760 22. Okt 18:26 /usr/libexec/Xorg -rws--x--x 1 root root 10360 22. Okt 18:26 /usr/libexec/Xorg.wrap
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=223d6b7e15d965e9254c303fa43f279deeec8f9d commit 223d6b7e15d965e9254c303fa43f279deeec8f9d Author: Matt Turner <mattst88@gentoo.org> AuthorDate: 2017-12-28 01:21:06 +0000 Commit: Matt Turner <mattst88@gentoo.org> CommitDate: 2017-12-28 01:28:23 +0000 x11-base/xorg-server: Drop version 1.19.5-r1 -r1 changed suid behavior, breaking some users for unknown reasons. Bug: https://bugs.gentoo.org/635102 Bug: https://bugs.gentoo.org/635582 profiles/package.mask | 5 - x11-base/xorg-server/xorg-server-1.19.5-r1.ebuild | 251 ---------------------- 2 files changed, 256 deletions(-)}
(In reply to Larry the Git Cow from comment #8) > The bug has been referenced in the following commit(s): > > https://gitweb.gentoo.org/repo/gentoo.git/commit/ > ?id=223d6b7e15d965e9254c303fa43f279deeec8f9d > > commit 223d6b7e15d965e9254c303fa43f279deeec8f9d > Author: Matt Turner <mattst88@gentoo.org> > AuthorDate: 2017-12-28 01:21:06 +0000 > Commit: Matt Turner <mattst88@gentoo.org> > CommitDate: 2017-12-28 01:28:23 +0000 > > x11-base/xorg-server: Drop version 1.19.5-r1 > > -r1 changed suid behavior, breaking some users for unknown reasons. > > Bug: https://bugs.gentoo.org/635102 > Bug: https://bugs.gentoo.org/635582 > > profiles/package.mask | 5 - > x11-base/xorg-server/xorg-server-1.19.5-r1.ebuild | 251 > ---------------------- > 2 files changed, 256 deletions(-)} xorg-server-9999.ebuild still has --enable-suid-wrapper instead of $(use_enable suid install-setuid) is this good or bad?
I've added xorg-server-1.19.99.901 to the tree, with the --enable-suid-wrapper flag passed unconditionally. Let's give this another try and see if it still causes problems. If it does, I'll poke some people upstream and see if they have an idea what's wrong.
Created attachment 521850 [details] startx.log I am seeing a failure on this new xorg-server-1.19.99.901 but only on startx. Starting sddm via /etc/init.d/xdm works ok. I've attached the terminal output of startx. I'm using openrc/consolekit. ~/.xinitrc has "exec ck-launch-session startkde" in it, which does work ok on the older USE=suid xorg-server
FWIW if I add 'needs_root_rights = yes' to /etc/X11/X11/Xwrapper.config then startx does work, but I think this just short-circuits the whole thing to force root-Xorg on. So definitely not a proper solution but an ok workaround for people who cannot afford to downgrade xorg-server atm.
(In reply to Matt Turner from comment #10) > I've added xorg-server-1.19.99.901 to the tree, with the > --enable-suid-wrapper flag passed unconditionally. Let's give this another > try and see if it still causes problems. If it does, I'll poke some people > upstream and see if they have an idea what's wrong. Fails for me with the same issue.
I can confirm this is still happening as of early this morning. A work around I saw online that worked for me was using "startx -- vt1 -keeptty" to launch X instead of just startx.
(In reply to Matt Turner from comment #10) > I've added xorg-server-1.19.99.901 to the tree, with the > --enable-suid-wrapper flag passed unconditionally. Let's give this another > try and see if it still causes problems. If it does, I'll poke some people > upstream and see if they have an idea what's wrong. After upgrading xorg-server to 1.19.99.901 on my notebook, startx fails, Xorg.0.log says Fatal server error: [ 54.624] (EE) parse_vt_settings: Cannot open /dev/tty0 (Permission denied) As a temporary workaround, I tried chmod o+x /dev/tty0 (I wanted to have X quickly). Then startx fails with Fatal server error: [ 206.870] (EE) xf86OpenConsole: Cannot open virtual console 7 (Permission denied) So, I had to downgrade xorg-server to 1.19.5-r1, and things returned to normal.
Same problem here, also with the updated ebuild xorg-server-1.19.99.901-r1.
Created attachment 523028 [details] strace -ff -o /tmp/xorg startx -- vt2 - /usr/bin/X So, on my desktop (xfce, VIDEO_CARDS="intel i965") - X doesn't start when trying to "startx" and error is parse_vt_settings: Cannot open /dev/tty0 (Permission denied) strace is pretty clear, that it has problem opening tty device with simple "startx" openat(AT_FDCWD, "/dev/tty0", O_WRONLY) = -1 EACCES (Permission denied) in case I tell it, on which tty it tries to run (startx -- vt2) ioctl(9, DRM_IOCTL_SET_MASTER, 0) = -1 EACCES (Permission denied) strace -ff -o /tmp/xorg attached (xorg.18578 seems to be of main interest) And then on my laptop (windowmaker, no dbus, VIDEO_CARDS="nouveau", and was non root xorg as per instructions on wiki: https://wiki.gentoo.org/wiki/Non_root_Xorg) - X starts, however mouse and keyboard doesn't respond to get input back to working state I need to use permission change from wiki but instead of changing permission of /usr/bin/X, I need to apply changes on /usr/libexec/Xorg (-rwxr-sr-x. 1 root input 2599560 Mar 7 22:27 /usr/libexec/Xorg)
So I figured why it doesn't work on my desktop, apparently modesetting driver calls SetMaster() and if it fails it exits https://cgit.freedesktop.org/xorg/xserver/tree/hw/xfree86/drivers/modesetting/driver.c#n1540 if I make it nonfailing it works similarly to my laptop, ie, I need to give it permissions to access input devices. -rwxr-sr-x 1 root input 2573800 Mar 9 00:30 /usr/libexec/Xorg Xorg.wrap, should probably be improved to check if it can call DRM_IOCTL_SET_MASTER for modesetting cards, as it is one that requires root rights drivers/gpu/drm/drm_ioctl.c: DRM_IOCTL_DEF(DRM_IOCTL_SET_MASTER, drm_setmaster_ioctl, DRM_UNLOCKED|DRM_ROOT_ONLY), in contrast to the one it checks (https://cgit.freedesktop.org/xorg/xserver/tree/hw/xfree86/xorg-wrapper.c#n245) ddrivers/gpu/drm/rm_ioctl.c: DRM_IOCTL_DEF(DRM_IOCTL_MODE_GETRESOURCES, drm_mode_getresources, DRM_CONTROL_ALLOW|DRM_UNLOCKED), anyway it's probably for upstream to decide. In the meantime can we go back to having suid flag? It's easier to manage.
My input had broke too and I fixed it by emerging libinput IIRC. I saw messages about it not being able to load it in Xorg.log
I just added xinit-1.4.0 to the tree, which looks like it has some potential fixes. Please give that a try.
(In reply to Matt Turner from comment #20) Nope. Same issue.
So, I still need to run it as "startx -- vt1", if I want it to start at all (but I don't mind this, as it allows me to run as user) Re intel modesetting problem, it's separate bug, so commented again here: https://bugs.gentoo.org/649678 As for input devices, apparently year ago there was migration to INPUT_DEVICES="libinput" on default profiles (https://bugs.gentoo.org/601132), but changing it to such config doesn't help me at all, I still need to change /usr/libexec/Xorg permissions to have it working
I also want to clarify, for fixing input I had to emerge x11-drivers/xf86-input-libinput, earlier I just said just libinput which is inaccurate.
So, I'm thinking this isn't ready for primetime. Can someone patch their xorg-server with https://src.fedoraproject.org/rpms/xorg-x11-server/blob/master/f/0001-Fedora-hack-Make-the-suid-root-wrapper-always-start-.patch) and see if all their problems go away? Just put the patch in /etc/portage/patches/x11-base/xorg-server/
Yes, the patch works, but it's effectively same as running suid root. To run as user it needs to be allowed input access and only runs on current tty (-- vt1 etc.), can't be started on tty7.
Also, is everyone who is dealing with this problem running without systemd?
(In reply to Matt Turner from comment #26) > Also, is everyone who is dealing with this problem running without systemd? I'm not running systemd. My init system is "openrc (OpenRC) 0.35.2 (Gentoo Linux).
I am not using systemd and still am affected.
(In reply to Matt Turner from comment #26) > Also, is everyone who is dealing with this problem running without systemd? I'm using openrc-0.35.2. And I start X by startx, not from a display manager.
Please try 1.19.99.904.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=39fdaceded21ebd4c6665ec6147ab65f263ac564 commit 39fdaceded21ebd4c6665ec6147ab65f263ac564 Author: Matt Turner <mattst88@gentoo.org> AuthorDate: 2018-04-15 22:56:14 +0000 Commit: Matt Turner <mattst88@gentoo.org> CommitDate: 2018-04-15 22:56:14 +0000 x11-base/xorg-server: Install setuid without systemd When using systemd, the Xserver does not need to run with root privileges. Without systemd... I'm not sure. Bug: https://bugs.gentoo.org/635102 Bug: https://bugs.gentoo.org/635582 x11-base/xorg-server/xorg-server-9999.ebuild | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)}
(In reply to Matt Turner from comment #30) > Please try 1.19.99.904. Tired, display messed up with crash (radeon). Did not try 9999.
I pushed 1.19.99.905 to the tree. Can any of the many people who commented while the the package.mask was not in place please test?
(In reply to Matt Turner from comment #33) > I pushed 1.19.99.905 to the tree. Can any of the many people who commented > while the the package.mask was not in place please test? I don't see that version any more, but it works properly with 1.19.5-r2.
(In reply to Tomáš Mózes from comment #34) > (In reply to Matt Turner from comment #33) > > I pushed 1.19.99.905 to the tree. Can any of the many people who commented > > while the the package.mask was not in place please test? > > I don't see that version any more, but it works properly with 1.19.5-r2. Please test 1.20.0 (1.19.99.905 was RC5 of 1.20.0)
xorg-server-1.20.0 works for me.
(In reply to Matt Turner from comment #35) > (In reply to Tomáš Mózes from comment #34) > > (In reply to Matt Turner from comment #33) > > > I pushed 1.19.99.905 to the tree. Can any of the many people who commented > > > while the the package.mask was not in place please test? > > > > I don't see that version any more, but it works properly with 1.19.5-r2. > > Please test 1.20.0 (1.19.99.905 was RC5 of 1.20.0) Yes, that one works too, thank you.
Awesome. Thanks for testing!
