[Bug 1174593] pam_xauth(.so) module is extremly slow on Leap 15.2

https://bugzilla.suse.com/show_bug.cgi?id=1174593 https://bugzilla.suse.com/show_bug.cgi?id=1174593#c17 Stefan Dirsch <sndirsch@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags|needinfo?(sndirsch@suse.com |needinfo?(josef.moellers@su |) |se.com) --- Comment #17 from Stefan Dirsch <sndirsch@suse.com> --- (In reply to Dr. Werner Fink from comment #15)
This is what I see as root even with option `-i`
boole:~ # XAUTHORITY=/suse/werner/.Xauthority xauth -vi nlist xauth: /suse/werner/.Xauthority not writable, changes will be ignored
that means that even for read action (and `nlist` seems to be a read action) xauth tries to lock. Nevertheless as root even can not read the Xauthority file
ll /suse/werner/.Xauthority -rw------- 1 werner suse 363 Oct 1 08:12 /suse/werner/.Xauthority
the correct solution is to do the xauth call as user and not as root hence this bug belongs IMHO to the maintainer of pam(_xauth)
I fully agree with Werner. (In reply to Josef Möllers from comment #16)
(In reply to Dr. Werner Fink from comment #15)
This is what I see as root even with option `-i`
boole:~ # XAUTHORITY=/suse/werner/.Xauthority xauth -vi nlist xauth: /suse/werner/.Xauthority not writable, changes will be ignored
that means that even for read action (and `nlist` seems to be a read action) xauth tries to lock. Nevertheless as root even can not read the Xauthority file
I straced the xauth invocation and found that it tries to create a file in ~user: openat(AT_FDCWD, "/suse/jmoellers/.Xauthority-c", O_WRONLY|O_CREAT|O_EXCL, 0600) but as it does not have permission, this fails (EACCES (Permission denied)). Xauth (or XauLockAuth()) then hopes that this will go away by itself, so it sleeps for 2s: nanosleep({tv_sec=2, tv_nsec=0}, 0x7ffe5d5194f0) and tries again. After 10 tries it gives up.
So what would help it to create this somewhere else, where root has access to, if root cannot read the /suse/jmoellers/.Xauthority file anyway to get the information it needs? -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@suse.com