[opensuse] Can't startx without root priviliges.
Hello all, my first mail so hope i'm doing this right. My problem is that I like to boot into rl3 by default, then start Xorg with startx. It doesn't work though, i get errors saying "no xauthority. xxx", "can't find screen.." etc, and that I should set the setuid bit. I can't find log files anywhere to give detail on the errors sorry. xinit gives a slightly different error, but still something about authority/permissions. The only way I can start X from console is either via logging in as the root user, by using sudo, or by switching on the setuid bit on the Xorg binary (which is suggested in the startx error message). So the only sensible way I can get X as a normal user is to set default boot to rl5 in inittab. I'm new to SUSE but not new to gnu/linux, and this doesn't seem like 'normal' gnu/linux bahaviour to me. So is this a problem with my installation (11.4 RC1) or is this the intended behaviour? Guys on IRC seemed to think it was a bug, but if so why the 'informative' error message suggesting I set the setuid bit? Thanks in advance -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Mon, Feb 21, 2011 at 02:18:55PM -0000, lukaspress@googlemail.com wrote:
Hello all, my first mail so hope i'm doing this right.
My problem is that I like to boot into rl3 by default, then start Xorg with startx. It doesn't work though, i get errors saying "no xauthority. xxx", "can't find screen.." etc, and that I should set the setuid bit. I can't find log files anywhere to give detail on the errors sorry. xinit gives a slightly different error, but still something about authority/permissions.
The only way I can start X from console is either via logging in as the root user, by using sudo, or by switching on the setuid bit on the Xorg binary (which is suggested in the startx error message). So the only sensible way I can get X as a normal user is to set default boot to rl5 in inittab.
I'm new to SUSE but not new to gnu/linux, and this doesn't seem like 'normal' gnu/linux bahaviour to me. So is this a problem with my installation (11.4 RC1) or is this the intended behaviour? Guys on IRC seemed to think it was a bug, but if so why the 'informative' error message suggesting I set the setuid bit?
No, this is intended. The setuid root bit from X was removed, so startx as user no longer works by default. If you need it back, uncomment this line in your /etc/permissions.local: /usr/bin/Xorg root:root 4711 and run SuSEconfig --module permissions Ciao, Marcus -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Monday 21 Feb 2011 14:27:23 Marcus Meissner wrote:
On Mon, Feb 21, 2011 at 02:18:55PM -0000, lukaspress@googlemail.com wrote:
Hello all, my first mail so hope i'm doing this right.
My problem is that I like to boot into rl3 by default, then start Xorg
with startx. It doesn't work though, i get errors saying "no xauthority. xxx", "can't find screen.." etc, and that I should set the setuid bit. I can't find log files anywhere to give detail on the errors sorry. xinit gives a slightly different error, but still something about authority/permissions.
The only way I can start X from console is either via logging in as the
root user, by using sudo, or by switching on the setuid bit on the Xorg binary (which is suggested in the startx error message). So the only sensible way I can get X as a normal user is to set default boot to rl5 in inittab.
I'm new to SUSE but not new to gnu/linux, and this doesn't seem like
'normal' gnu/linux bahaviour to me. So is this a problem with my installation (11.4 RC1) or is this the intended behaviour? Guys on IRC seemed to think it was a bug, but if so why the 'informative' error message suggesting I set the setuid bit?
No, this is intended. The setuid root bit from X was removed, so startx as user no longer works by default.
If you need it back, uncomment this line in your /etc/permissions.local:
/usr/bin/Xorg root:root 4711
and run SuSEconfig --module permissions
Ciao, Marcus
Oh, ok thanks. But isn't this creating a n unneccesary security hole, running X as root? Debian, Red Hat etc don't use setuid bit on Xorg, i've checked. Thanks Chris -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
El 21/02/11 11:46, lukas press escribió:
Oh, ok thanks. But isn't this creating a n unneccesary security hole, running X as root?
Debian, Red Hat etc don't use setuid bit on Xorg, i've checked.
boot with file_caps=1 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Monday 21 Feb 2011 14:53:54 Cristian Rodríguez wrote:
El 21/02/11 11:46, lukas press escribió:
Oh, ok thanks. But isn't this creating a n unneccesary security hole, running X as root?
Debian, Red Hat etc don't use setuid bit on Xorg, i've checked.
boot with file_caps=1
Care to expand on that? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
El 21/02/11 12:12, lukas press escribió:
On Monday 21 Feb 2011 14:53:54 Cristian Rodríguez wrote:
El 21/02/11 11:46, lukas press escribió:
Oh, ok thanks. But isn't this creating a n unneccesary security hole, running X as root?
Debian, Red Hat etc don't use setuid bit on Xorg, i've checked.
boot with file_caps=1
Care to expand on that?
The setuid bit has been replaced by posix file capabilities http://www.ibm.com/developerworks/library/l-posixcap.html -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Mon, Feb 21, 2011 at 12:16:05PM -0300, Cristian Rodríguez wrote:
El 21/02/11 12:12, lukas press escribió:
On Monday 21 Feb 2011 14:53:54 Cristian Rodríguez wrote:
El 21/02/11 11:46, lukas press escribió:
Oh, ok thanks. But isn't this creating a n unneccesary security hole, running X as root?
Debian, Red Hat etc don't use setuid bit on Xorg, i've checked.
boot with file_caps=1
Care to expand on that?
The setuid bit has been replaced by posix file capabilities http://www.ibm.com/developerworks/library/l-posixcap.html
Just not for Xorg. Ciao, Marcus -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Monday 21 Feb 2011 15:35:09 Marcus Meissner wrote:
On Mon, Feb 21, 2011 at 12:16:05PM -0300, Cristian Rodríguez wrote:
El 21/02/11 12:12, lukas press escribió:
On Monday 21 Feb 2011 14:53:54 Cristian Rodríguez wrote:
El 21/02/11 11:46, lukas press escribió:
Oh, ok thanks. But isn't this creating a n unneccesary security hole, running X as root?
Debian, Red Hat etc don't use setuid bit on Xorg, i've checked.
boot with file_caps=1
Care to expand on that?
The setuid bit has been replaced by posix file capabilities http://www.ibm.com/developerworks/library/l-posixcap.html
Just not for Xorg.
Ciao, Marcus
Sorry, what? I'm sure you are trying to help but be reasonable; four-word answers are not going to explain anything. Are you saying that Debian/RH have replaced the suid bit on Xorg with POSIX file capabilities, but SUSE hasn't, and that's why the suid bit needs to be set in SUSE? ? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
* lukas press <lukaspress@googlemail.com> [02-21-11 11:38]:
On Monday 21 Feb 2011 15:35:09 Marcus Meissner wrote:
On Mon, Feb 21, 2011 at 12:16:05PM -0300, Cristian Rodríguez wrote:
The setuid bit has been replaced by posix file capabilities http://www.ibm.com/developerworks/library/l-posixcap.html
Just not for Xorg.
Ciao, Marcus
Sorry, what?
Well, it is rather difficult to read. I'll try to break it down for you.
I'm sure you are trying to help but be reasonable; four-word answers are not going to explain anything.
ah, there were two words of three letters :^)
Are you saying that Debian/RH have replaced the suid bit on Xorg with POSIX file capabilities, but SUSE hasn't,
No, he said nothing about Debina/RH.
and that's why the suid bit needs to be set in SUSE? ?
I read that it needs to be set as described earlier, that the "file_caps=1" will not affect the access settings for display/Xorg. -- (paka)Patrick Shanahan Plainfield, Indiana, USA HOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 http://en.opensuse.org openSUSE Community Member Registered Linux User #207535 @ http://counter.li.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
If your running rc1 your better forwarding this to opensuse-factory@opensuse.org mailing list I have done it for you this time. Stuart Sent from my BlackBerry® smartphone -----Original Message----- From: lukaspress@googlemail.com Date: Mon, 21 Feb 2011 14:18:55 To: <opensuse@opensuse.org> Subject: [opensuse] Can't startx without root priviliges. Hello all, my first mail so hope i'm doing this right. My problem is that I like to boot into rl3 by default, then start Xorg with startx. It doesn't work though, i get errors saying "no xauthority. xxx", "can't find screen.." etc, and that I should set the setuid bit. I can't find log files anywhere to give detail on the errors sorry. xinit gives a slightly different error, but still something about authority/permissions. The only way I can start X from console is either via logging in as the root user, by using sudo, or by switching on the setuid bit on the Xorg binary (which is suggested in the startx error message). So the only sensible way I can get X as a normal user is to set default boot to rl5 in inittab. I'm new to SUSE but not new to gnu/linux, and this doesn't seem like 'normal' gnu/linux bahaviour to me. So is this a problem with my installation (11.4 RC1) or is this the intended behaviour? Guys on IRC seemed to think it was a bug, but if so why the 'informative' error message suggesting I set the setuid bit? Thanks in advance -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (6)
-
Cristian Rodríguez -
lukas press -
lukaspress@googlemail.com
-
Marcus Meissner -
Patrick Shanahan -
stuart@bolin.org.uk