[Bug 360344] New: xorg.conf overwritten by security updates
https://bugzilla.novell.com/show_bug.cgi?id=360344 Summary: xorg.conf overwritten by security updates Product: openSUSE 10.3 Version: Final Platform: i686 OS/Version: openSUSE 10.3 Status: NEW Severity: Normal Priority: P5 - None Component: SaX2 AssignedTo: ms@novell.com ReportedBy: com.opensuse@bucksch.org QAContact: qa@suse.de Found By: Customer Reproduction: 1. Install opensuse 10.3 2. Modify your xorg.conf, e.g. to use nvidia driver on a 2 monitor setup 3. <3 months pass> 4. Install security updates 5. Restart your machine Actual results: Glibberish on monitor 1 Reason: Something, probably a SaX update, has re-generated xorg.conf, dropping all your changes. You restart, try to re-install driver, check physical setup, until you realize that the "nv" driver is being used. Luckily, the proper xorg.conf is saved as xorg.conf.saxsave, but you lost quite some time on the investigation. Expected result: xorg.conf is left alone for security and reliability updates, only generated when it does not exist or upon explicit user (admin) confirmation. Workaround: Delete the comment at the header which says the stupid "Do not edit this file" (I have to!), and hope that SaX recognizes that the comment and leaves the file alone. This cannot be relied upon, though, that the user/admin knows that deleting a comment makes any difference (and in fact I am just hoping so). Also, the nvidia installer does not do that, IIRC. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=360344 User meissner@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=360344#c1 Marcus Meissner <meissner@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |meissner@novell.com, sndirsch@novell.com --- Comment #1 from Marcus Meissner <meissner@novell.com> 2008-02-10 03:13:12 MST --- probably for sndirsch -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=360344 User sndirsch@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=360344#c2 Stefan Dirsch <sndirsch@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |com.opensuse@bucksch.org --- Comment #2 from Stefan Dirsch <sndirsch@novell.com> 2008-02-10 04:04:36 MST --- AFAIK this only happens if the x11-video-nvidia/x11-video-nvidiaG01 gets uninstalled to make sure that X11 still starts aferwards, because the NVIDIA driver no longer exists. I'm wondering if this is what happened on your system. But this should no have happened since the NVIDIA driver was updated together with our kernel security update (due to a kABI breakage). Please check if there exists a /etc/X11/xorg.conf.nvidia-postun. This file is also copied back to /etc/X11/xorg.conf when installing the driver package again. This is a nice feature when you update your system to a new openSUSE release. Just reinstall the package and you're done. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=360344 User com.opensuse@bucksch.org added comment https://bugzilla.novell.com/show_bug.cgi?id=360344#c3 --- Comment #3 from Ben Bucksch <com.opensuse@bucksch.org> 2008-02-10 04:25:17 MST --- In fact, I used to have the nvidiaG01 package installed, but no longer use it. I am not sure when exactly it got uninstalled, it may have been during the update. I had compiled and installed 2.6.24 kernel in the meantime, so I didn't want the kernel update (was quite hard to get rid of it, BTW), and probably had to get rid of nvidiaG01 for that as well, which made sense, since I already use the nvidia driver package from nvidia.com anyways. Yes, I do have a /etc/X11/xorg.conf.nvidia-postun with last modification time of 3. Feb 01:50, which roughly co-incides with the update. It contains my old, proper xorg.conf, but with "nvidia" replaced with "nv". Note that this xorg.conf file will not work with "nv" driver, because it's a multi-monitor setup. I understand that in many cases for other users it would. I hope you're going to fix this anyways. Maybe even reconsider how you treat xorg.conf in updates. Please always keep the xorg.conf that the user has, don't regenerate it. If you have reason to believe that the new SaX2 would do a better job at generating it, ask the admin for explicit approval first, and tell him where the old file was saved, and call the files xorg.conf.saxold.<N>, allowing several backups, where <N> is an incremented number, or the last modification time of the file before the move, in ISO form. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=360344 User sndirsch@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=360344#c4 Stefan Dirsch <sndirsch@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |RESOLVED Info Provider|com.opensuse@bucksch.org | Resolution| |WONTFIX --- Comment #4 from Stefan Dirsch <sndirsch@novell.com> 2008-02-10 04:40:52 MST ---
In fact, I used to have the nvidiaG01 package installed, but no longer use it. I am not sure when exactly it got uninstalled, it may have been during the update. I had compiled and installed 2.6.24 kernel in the meantime, so I didn't want the kernel update (was quite hard to get rid of it, BTW), and probably had to get rid of nvidiaG01 for that as well, which made sense, since I already use the nvidia driver package from nvidia.com anyways.
Thanks. I think this explains what happened. The dependancies of the nvidiaG01 KMP package could no longer be resolved, so it was marked to be removed together with the nvidiaG01 video package and then as explained before rewrote the xorg.conf during uninstallation of the package. So you've been mixing the NVIDIA packages with a manual installation of the driver. This is a scenario we do not support. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=360344 User com.opensuse@bucksch.org added comment https://bugzilla.novell.com/show_bug.cgi?id=360344#c5 Ben Bucksch <com.opensuse@bucksch.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|WONTFIX | --- Comment #5 from Ben Bucksch <com.opensuse@bucksch.org> 2008-02-10 04:58:31 MST --- Asking me for information just to WONTFIX a bug is not very nice.
So you've been mixing the NVIDIA packages with a manual installation of the driver. This is a scenario we do not support.
I have essentially been changing from your kernel + your nvidia packages to the generic, self-combiled kernel with the generic nvidia package. That must be possible without problems. This is a bug. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=360344 User com.opensuse@bucksch.org added comment https://bugzilla.novell.com/show_bug.cgi?id=360344#c6 --- Comment #6 from Ben Bucksch <com.opensuse@bucksch.org> 2008-02-10 05:00:17 MST --- Independent of that, please see my suggestion above. *Never* touch my xorg.conf without my approval. You are quite likely to break the system. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=360344 User com.opensuse@bucksch.org added comment https://bugzilla.novell.com/show_bug.cgi?id=360344#c7 --- Comment #7 from Ben Bucksch <com.opensuse@bucksch.org> 2008-02-10 05:08:29 MST ---
I have essentially been changing from your kernel + your nvidia packages to the generic, self-combiled kernel with the generic nvidia package.
Reproduction: 1. Install openSuSE including SuSE kernel, and SuSE nvidia driver package 2. Modify your xorg.conf, to adapt it to your needs like multimon, mouse buttons etc. 3. <2 months pass> 4. Decide to compile your own kernel (e.g. because a new one 2.6.24 just came out, or because you want to make it faster or smaller, or because you need a specific driver, or because you feel like it) 5. nvidia module no longer works. You don't know what to do, so you get the driver from nvidia.com. That works nicely. 6. All works. 7. <2 months pass> 8. Kernel security update, maybe with other updates. You are alert enough to notice and remove the kernel to not overwrite yours. 9. This requires you to remove the nvidia package as well in the flow of the update. 10. nvidia package breaks your X11 config, you see completely garbled screen output on at least one screen. Don't tell me that installing my own kernel in the most obvious (but maybe not ideal) way is "not supported". -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=360344 User sndirsch@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=360344#c8 Stefan Dirsch <sndirsch@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |RESOLVED Resolution| |INVALID --- Comment #8 from Stefan Dirsch <sndirsch@novell.com> 2008-02-10 05:26:24 MST ---
I have essentially been changing from your kernel + your nvidia packages to the generic, self-compiled kernel with the generic nvidia package. That must be possible without problems. This is a bug.
No, unfortunately in most cases this cannot work - due to a not stable kABI.
*Never* touch my xorg.conf without my approval. You are quite likely to break the system.
Not changing would make it even more likely to break the system (X usually doesn't start any longer). There is no mechanism in YaST Online Update to ask for an approval. There is no reason to assume, that there is another NVIDIA driver installation available, when the package gets uninstalled. As said before we do not support such a scenario. In my eyes a messed up system anyway. Please decide if you prefer to use our packages or (exclusive) a manual installation of the driver. But please don't complain, when a kernel update results in the need of rebuilding the NVIDIA kernel module, if chosing the latter. Probably in your case it would be the best to chose the manuall driver installation and uninstall all kernel-* packages, rebuild and install your own kernel and take care of any kernel security updates yourself. This time - INVALID. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=360344 User sndirsch@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=360344#c9 --- Comment #9 from Stefan Dirsch <sndirsch@novell.com> 2008-02-10 05:29:57 MST ---
4. Decide to compile your own kernel (e.g. because a new one 2.6.24 just came out, or because you want to make it faster or smaller, or because you need a specific driver, or because you feel like it)
Not supported.
5. nvidia module no longer works. You don't know what to do, so you get the driver from nvidia.com. That works nicely.
Before uninstall the nvidia-gfxG01-kmp-<kernel-flavor> / x11-video-nvidiaG01 package. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=360344 User sndirsch@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=360344#c10 --- Comment #10 from Stefan Dirsch <sndirsch@novell.com> 2008-02-10 05:36:07 MST --- Anyway, thanks for the details, how to reproduce this issue! -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=360344 User sndirsch@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=360344#c11 --- Comment #11 from Stefan Dirsch <sndirsch@novell.com> 2008-02-10 05:42:07 MST ---
5. nvidia module no longer works. You don't know what to do, so you get the driver from nvidia.com. That works nicely. In this case it's a good idea to check, to which KMP package this module belongs and uninstall this KMP package. Then you would have seen that it requires the other nvidia package. Still by uninstalling both packages the xorg.conf would have been rewritten for the user's convenience.
-- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=360344 User com.opensuse@bucksch.org added comment https://bugzilla.novell.com/show_bug.cgi?id=360344#c12 Ben Bucksch <com.opensuse@bucksch.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|INVALID | --- Comment #12 from Ben Bucksch <com.opensuse@bucksch.org> 2008-10-29 10:03:55 MDT ---
compile your own kernel
Not supported.
That's ridiculous. A) that must be supported B) you can't trash my X11 config because I do something "unsupported" (but sensible). REOPEN -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=360344 User sndirsch@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=360344#c13 Stefan Dirsch <sndirsch@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |RESOLVED Resolution| |WONTFIX --- Comment #13 from Stefan Dirsch <sndirsch@novell.com> 2008-10-29 10:30:46 MDT --- @A) No, we do not support self compiled kernels or kernels tainted with proprietary modules. @B) WONTFIX -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=360344 User com.opensuse@bucksch.org added comment https://bugzilla.novell.com/show_bug.cgi?id=360344#c14 Ben Bucksch <com.opensuse@bucksch.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|WONTFIX | --- Comment #14 from Ben Bucksch <com.opensuse@bucksch.org> 2008-10-29 19:34:43 MDT --- Please be reasonable. WONTFIX for not trashing my config is not reasonable. Stefan Dirsch, please leave my bugs alone (same for bug 439873 and others), thank you. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=360344 User sndirsch@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=360344#c15 Stefan Dirsch <sndirsch@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |NEW QAContact|qa@suse.de |sax2-maintainer-bugs@forge.provo.novell.com --- Comment #15 from Stefan Dirsch <sndirsch@novell.com> 2008-10-29 20:42:26 MDT ---
Stefan Dirsch, please leave my bugs alone (same for bug 439873 and others), thank you.
Don't know, why this bug has ever been assigned to Marcus. Probably since he was still the default assignee for SaX2 bugs at the time the bug has been openend. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=360344 User sndirsch@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=360344#c16 Stefan Dirsch <sndirsch@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |WORKSFORME --- Comment #16 from Stefan Dirsch <sndirsch@novell.com> 2008-10-29 20:49:04 MDT --- Everything is said in comment #8. In short. Do not use the NVIDIA driver RPMs, if you don't want to run into this situation. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=360344 User com.opensuse@bucksch.org added comment https://bugzilla.novell.com/show_bug.cgi?id=360344#c17 Ben Bucksch <com.opensuse@bucksch.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|WORKSFORME | --- Comment #17 from Ben Bucksch <com.opensuse@bucksch.org> 2008-10-30 05:48:06 MDT --- There was a good reason why I *had* to switch to a newer kernel.org kernel, e.g. a new (other) driver that I needed or I don't remember what it was. You're closing this as INVALID, then WONTFIX, now WORKSFORME. This is not acceptable for a bug which *trashes my system* by an automatic process, out of nowhere, 2 months after my change. LEAVE THE BUG OPEN and allow somebody to fix it. See comment 8. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=360344 User ms@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=360344#c18 Marcus Schaefer <ms@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|ms@novell.com |sndirsch@novell.com Status|REOPENED |NEW --- Comment #18 from Marcus Schaefer <ms@novell.com> 2008-10-30 06:20:43 MDT ---
AFAIK this only happens if the x11-video-nvidia/x11-video-nvidiaG01 gets uninstalled to make sure that X11 still starts aferwards, because the NVIDIA driver no longer exists. I'm wondering if this is what happened on your system.
But this should no have happened since the NVIDIA driver was updated together with our kernel security update (due to a kABI breakage).
So a good explanation was given why the process is like it is. imho uninstalling the kmp package we provide resets your xorg.conf to allow it to still work. I wouldn't name that "trash my system" Maybe a warning would be useful. Installing your own stuff afterwards doesn't trash any of your xorg.conf settings All this happens on a package script level and is not influenced by sax2 Stefan I think it's again up to you to decide if we still want to touch the xorg.conf when installing/uninstalling packages thanks -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=360344 User com.opensuse@bucksch.org added comment https://bugzilla.novell.com/show_bug.cgi?id=360344#c19 --- Comment #19 from Ben Bucksch <com.opensuse@bucksch.org> 2008-10-30 07:41:00 MDT ---
resets your xorg.conf to allow it to still work
Well, it didn't.
Maybe a warning would be useful
Yes, please. (with ability to cancel) That's the minimum. If the updater doesn't allow that, then it needs to be implemented there, or a different mechanism for the config problem be sought altogether. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=360344 User sndirsch@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=360344#c20 Stefan Dirsch <sndirsch@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|sndirsch@novell.com |hvogel@novell.com --- Comment #20 from Stefan Dirsch <sndirsch@novell.com> 2008-10-30 08:42:27 MDT --- Thanks for the input, Marcus. It was a feature request for our product to make sure that X still works after uninstalling the driver - and even when reinstalling the driver, i.e. picking up an existing configuration. To achieve this the existing xorg.conf neeeds to be touched (backup will be created). Taking a mixed system into consideration with RPMs and driver manually installed would be a pain and is probably more or less impossible. I still call this a messed up system. Anyway, this bug will be reopened again anyway, no matter how I close it (see View Bug Activity). Therefore reassigning to my teamlead. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=360344 User com.opensuse@bucksch.org added comment https://bugzilla.novell.com/show_bug.cgi?id=360344#c21 --- Comment #21 from Ben Bucksch <com.opensuse@bucksch.org> 2008-10-30 10:14:54 MDT ---
when reinstalling the driver
Note that this is a common situation. Esp. now that there are several versions of the nvidia drivers. I may go from nvidia to nvidiaG01 and vice versa, from RPM to installer and vice versa etc.. I may have the nvidia driver installed, but decided to no longer use it, but haven't uninstalled yet. A month later, I am confident with the nv driver and decide to uninstall the nvidia driver. You'll also overwrite my working nv xorg, possibly overwriting other fine-tuning I made. I question the basic assumption that installing and uninstalling a binary should modify a central configuration file, without user confirmation. These cases above are at least as likely as me going from nvidia to nv. Therefore, they need to be considered. That's what this bug asks for. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=360344 User sndirsch@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=360344#c22 --- Comment #22 from Stefan Dirsch <sndirsch@novell.com> 2008-10-30 10:47:01 MDT --- With reinstalling I don't mean updating, no I mean driver RPM gets uninstalled and later reinstalled again. This can easily happen during system update, when no NVIDIA repo has been configured, kernel gets updated and driver RPM uninstalled due to kernel dependancies which cannot be fulfilled any longer. Later the user installs the RPM for the new openSUSE version again. There's no interaction between %pre/%post sections and YaST2 updating/(un)installing RPMs, so giving a (graphical) warning is just not possible. A warning on stdout won't be seen by the user at all. But at least backup files are created. Search for /etc/X11/xorg.conf.nvidia-post and /etc/X11/xorg.conf.nvidia-postun. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=360344 Stefan Dirsch <sndirsch@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |sndirsch@novell.com AssignedTo|hvogel@novell.com |bnc-team-screening@forge.provo.novell.com Component|SaX2 |X11 3rd Party Driver QAContact|sax2-maintainer-bugs@forge.provo.novell.com |sndirsch@novell.com -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=360344 Stefan Dirsch <sndirsch@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC|sndirsch@novell.com | AssignedTo|bnc-team-screening@forge.provo.novell.com |hvogel@novell.com -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=360344 Stefan Dirsch <sndirsch@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- QAContact|sndirsch@novell.com |qa@suse.de -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com