On Thu, Oct 08, 2020 at 04:53:49PM +0200, Michael Pujos wrote:
After this update I could not start Xorg anymore due to the xorg/xinit package changes
Now my setup is unusual, as I do not use a DM and just use startx launched in ~/.profile which itself run at console login. I'm documenting the issue I had, for reference.
With this update /usr/bin/Xorg is now a shell script running /usr/bin/Xorg.wrap if present or /usr/bin/Xorg.bin otherwise. previously, /usr/bin/Xorg was /usr/bin/Xorg.bin.
I had /usr/bin/Xorg setuid root via /etc/permission.local and chkstat, but this obviously did not work anymore since now /usr/bin/Xorg.bin needed to be setuid root instead.
Did that and X started successfully but exited immediately with code 0. Investigating further, I found that /etc/X11/xinit/xinitrc had been moved to /usr/libexec/xinit/xinitrc, and since I had my ~/.xinitrc call /etc/X11/xinit/xinitrc, it choked on that (file not found) and updating the path fixed it.
Next, I thought it might be a good idea to switch to Xorg.wrap found in package xorg-x11-server-wrapper. So I installed it, removed setuid on /usr/bin/Xorg.bin and startx worked when logged on the console and starting it from there. But it failed when startx was launched in ~/.profile, during console login. Looked at 'man Xrapper.config', created /etc/X11/Xwrapper.conf with
allowed_users=anybody
But then, no matter what, startx always failed with:
/usr/bin/Xorg.wrap: Xserver option ":0" invalid or not in whitelist. Aborting.
Thus had to revert to the initial setuid solution.
I suggest with your setup to uninstall xorg-x11-server-wrapper, i.e. not to use Xwrapper at all. Background: We introduced it for gdm, so Xserver started by gdm no longer needs to be run as user root. Until now we used a special patch against gdm to start it still as root, which our gdm developers wanted to get rid of. RH/Debian are using Xwrapper since some time for gdm. It sounds weird you're calling xinitrc thru your ~/.xinitrc. The sample .xinitrc in /etc/skel just sources /etc/X11/xinit/xinitrc.common, but I added a compat link for this. When using xinit/startx, /usr/libexec/xinit/xinitrc should be found. Try these first without any ~/.xinitrc. Although we no longer really support starting a Xsession via xinit/startx, at least for simple WMs it should be somewhat possible with a reduced functionality (sound may not work, etc.). So if this is no longer working, I need to fix this.
allowed_users=anybody
This is already the default for our Xwrapper. This doesn't need to be set explicitely. We've added a Xserver option whitelist to Xwrapper for security reasons. Therefore ":0" is not allowed as option (gdm doesn't use/need it). Hope this helps. Thanks for your feedback! CU, Stefan Public Key available ------------------------------------------------------ Stefan Dirsch (Res. & Dev.) SUSE Software Solutions Germany GmbH Tel: 0911-740 53 0 Maxfeldstraße 5 FAX: 0911-740 53 479 D-90409 Nürnberg http://www.suse.de Germany ---------------------------------------------------------------- (HRB 36809, AG Nürnberg) Geschäftsführer: Felix Imendörffer ---------------------------------------------------------------- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org