You are not logged in.
- Topics: Active | Unanswered
#1 2017-12-29 10:36:55
- kinodont
- Member
- Registered: 2017-12-29
- Posts: 4
testing/xorg-server: Xorg.wrap is missing the SUID bit
Hello,
I have a laptop that has no KMS support, and after the upgrade to xorg-server 1.19.6-2.0, the X server could not start because the Xorg.wrap binary did not have the SUID bit set
$ tar -tvf xorg-server-1.19.6-2.0-i686.pkg.tar.xz 2> /dev/null
[...]
drwxr-xr-x root/root 0 2017-12-28 11:42 usr/lib/xorg-server/
-rwxr-xr-x root/root 9712 2017-12-28 11:42 usr/lib/xorg-server/Xorg.wrap
-rwxr-xr-x root/root 2554756 2017-12-28 11:42 usr/lib/xorg-server/Xorg
[...]For reference, this is the output for xorg-server 1.19.5-1 from extra:
$ tar -tvf xorg-server-1.19.5-1-i686.pkg.tar.xz 2> /dev/null
[...]
drwxr-xr-x root/root 0 2017-10-13 17:26 usr/lib/xorg-server/
-rwsr-xr-x root/root 9688 2017-10-13 17:26 usr/lib/xorg-server/Xorg.wrap
-rwxr-xr-x root/root 2554728 2017-10-13 17:26 usr/lib/xorg-server/Xorg
[...]Last edited by kinodont (2017-12-29 10:38:33)
Offline
#2 2017-12-29 11:10:20
- deep42thought
- Administrator
- From: Jena, Germany
- Registered: 2017-06-17
- Posts: 617
Re: testing/xorg-server: Xorg.wrap is missing the SUID bit
This is strange, the respective file seems to get installed by "make install" and I can't think of a reason, why that should fail to set suid. I'll look into this.
Offline
#3 2017-12-29 11:30:22
- deep42thought
- Administrator
- From: Jena, Germany
- Registered: 2017-06-17
- Posts: 617
Re: testing/xorg-server: Xorg.wrap is missing the SUID bit
interestingly, the x86_64 build also does not set suid for me ... I'll open a bug upstream
Offline
#4 2017-12-29 11:46:34
- deep42thought
- Administrator
- From: Jena, Germany
- Registered: 2017-06-17
- Posts: 617
Re: testing/xorg-server: Xorg.wrap is missing the SUID bit
Offline
#5 2017-12-29 14:16:52
- kinodont
- Member
- Registered: 2017-12-29
- Posts: 4
Re: testing/xorg-server: Xorg.wrap is missing the SUID bit
I see that the bug has been closed. I couldn't reproduce it either on my system.
Here are the steps I've taken:
$ asp update
$ asp export extra/xorg-server
$ asp shortlog xorg-server | head -n 1
b0a1c2fbb6ff248ba37914218c29c43243d6e237 Remove dependency on xorg-fonts-misc (FS#56808)
$ cd xorg-server
$ extra-x86_64-build
$ tar -tvf xorg-server-1.19.6-2-x86_64.pkg.tar.xz 2> /dev/null | grep '/xorg-server/Xorg\.wrap'
-rwsr-xr-x root/root 10432 2017-12-29 14:14 usr/lib/xorg-server/Xorg.wrapOffline
#6 2017-12-29 14:58:57
- deep42thought
- Administrator
- From: Jena, Germany
- Registered: 2017-06-17
- Posts: 617
Re: testing/xorg-server: Xorg.wrap is missing the SUID bit
ok, I see three possibilities, then:
1st: the additional dependency messes something up (I don't think so)
2nd: devtools32 diverged far enough from devtools
3rd: my systems are messed up
I'm currently checking for the 2nd by building with original devtools.
Offline
#7 2017-12-29 15:00:59
- deep42thought
- Administrator
- From: Jena, Germany
- Registered: 2017-06-17
- Posts: 617
Re: testing/xorg-server: Xorg.wrap is missing the SUID bit
ok, original devtools also generate a binary w/o suid for me.
I'll reset my build environments now ...
Offline
#8 2017-12-29 15:18:42
- deep42thought
- Administrator
- From: Jena, Germany
- Registered: 2017-06-17
- Posts: 617
Re: testing/xorg-server: Xorg.wrap is missing the SUID bit
nope, didn't help either
Offline
#9 2017-12-29 16:09:14
- kinodont
- Member
- Registered: 2017-12-29
- Posts: 4
Re: testing/xorg-server: Xorg.wrap is missing the SUID bit
Honestly, I'm not sure.
Here is a few more things to check:
xorg-server-1.19.6-2-x86_64-package_xorg-server.log from the build should contain
chown root /build/xorg-server/pkg/xorg-server/usr/lib/xorg-server/Xorg.wrap && chmod u+s /build/xorg-server/pkg/xorg-server/usr/lib/xorg-server/Xorg.wrapThe SUID bit should be seen in a fakeroot environment and out of it, and it should be present in the create archive:
$ cd <package-destination-dir>
$ fakeroot /bin/bash
# touch suid
# chown root suid
# chmod a+x,u+s suid
# ls -l suid
-rwsr-xr-x 1 root root 0 Dec 29 15:50 suid
# tar -cJf archive.tar.xz suid
# exit
$ tar -tvf archive.tar.xz
-rwsr-xr-x root/root 0 2017-12-29 16:01 suid
$ ls -l suid
$ -rwsr-xr-x 1 kinodont users 0 Dec 29 15:50 suidOffline
#10 2017-12-29 22:51:42
- deep42thought
- Administrator
- From: Jena, Germany
- Registered: 2017-06-17
- Posts: 617
Re: testing/xorg-server: Xorg.wrap is missing the SUID bit
interestingly, I have
chown root /build/xorg-server/pkg/xorg-server/usr/lib/xorg-server/Xorg.wrap && chmod u+s /build/xorg-server/pkg/xorg-server/usr/lib/xorg-server/Xorg.wrap
chown: cannot access '/build/xorg-server/pkg/xorg-server/usr/lib/xorg-server/Xorg.wrap': No such file or directory
make[6]: [Makefile:1151: install-exec-hook] Error 1 (ignored)there - maybe it's a race condition?
Offline
#11 2017-12-30 09:10:20
- kinodont
- Member
- Registered: 2017-12-29
- Posts: 4
Re: testing/xorg-server: Xorg.wrap is missing the SUID bit
Yes, looks like that's exactly it. Xorg.wrap is installed in the install-data hook, but the chmod is applied in the install-exec hook, and they can be reordered freely.
According to the automake manual, just putting 'exec' in the name of the Xorg.wrap program variable should place it in the correct hook.
The following changes to the PKGBUILD should (hopefully) do the trick.
Offline
#12 2017-12-30 09:20:24
- deep42thought
- Administrator
- From: Jena, Germany
- Registered: 2017-06-17
- Posts: 617
Re: testing/xorg-server: Xorg.wrap is missing the SUID bit
I'll give it a shot 
Offline
#13 2017-12-30 09:48:19
- deep42thought
- Administrator
- From: Jena, Germany
- Registered: 2017-06-17
- Posts: 617
Re: testing/xorg-server: Xorg.wrap is missing the SUID bit
yup, worked: xorg-server-1.19.6-2.1 has suid
Offline