Bumped into this problem on Suse 10 last night. I normally run servers at runlevel 3 log in to the text terminal and type startx to get a graphical environment. Also, I don't like the sound of setting permissions to easy in /etc/sysconfig/security, so I set them to: CHECK_PERMISSIONS="set" PERMISSION_SECURITY="secure local" This means that the permissions in /etc/permissions.secure are applied nightly. But this takes the suid bit off /usr/X11R6/bin/Xorg and the window manager can't start for a normal user. /etc/permissions.easy sets it to -rws--x--x root:root 2711 So as a compromise in /etc/permissions.secure I changed /usr/X11R6/bin/Xorg to -rws--x--- root:video 2710 Then I put all the local users into "video" group. FWIW, michaelj -- Michael James michael.james@csiro.au System Administrator voice: 02 6246 5040 CSIRO Bioinformatics Facility fax: 02 6246 5166 No matter how much you pay for software, you always get less than you hoped. Unless you pay nothing, then you get more.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Tuesday 2005-11-08 at 11:06 +1100, Michael James wrote:
So as a compromise in /etc/permissions.secure I changed /usr/X11R6/bin/Xorg to -rws--x--- root:video 2710
You should do your changes to /etc/permissions.local only, as /etc/permissions.secure can be changed by SuSE by an update. - -- Cheers, Carlos Robinson -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFDcANTtTMYHG2NR9URAqZXAJ40HNkBKVxUEMb7r/qwltLaOHCHvwCcCK+7 kX/dfdG8brcU7npnSTALP64= =Onrd -----END PGP SIGNATURE-----
On Tue, 8 Nov 2005 11:06 am, Michael James wrote:
When the permissions in /etc/permissions.secure are applied it takes the suid bit off /usr/X11R6/bin/Xorg and "startx" won't work for a normal user.
Then Ludwig Nussel said that "startx" is obsolete, (without really explaining much). Apparently I should set the runlevel to 5 and let root start the window manager. So on 24/11/05, I asked:
For a workstation, set the runlevel to 5. No argument.
For a server, I've always set the runlevel to 3, (to save resources) logged on in plain text, then used startx because I want graphics. (Even if only to have 2 terminals side by side.)
Am I just being old-fashioned keeping my servers at runlevel 3? Is there no real resource penalty to having them at 5 all the time? (If it's just a bit of inactive RAM, it'll soon be swapped out.)
On Thu, 24 Nov 2005 06:34 pm, Mr B wrote:
Out of curiosity, I did some (very rudimentary) tests a while ago were I logged on remotely and measured loads on the system in various states. One of the things I noticed was when the system was just sitting at the (default) gdm login screen it used almost no more CPU/Memory power than if I was in RL 3.
It was a different story once X started and a lot of crap started chewing resources. Now if it's something I can do in text mode I just Ctrl+Atl+F1 and log in on a text window, but the graphical display is there if I need it (seemingly) without the overhead. Also noticed that it unloaded everything when I logged out and went back to the login screen. Was just wondering if there is another reason to not leave it on the login screen or if it's just a hangup from the old days?
So it IS old-fashioned keeping servers at runlevel 3. I'll take that suggestion and keep them at 5 from now on. Using an alt F1 console for text login. (if that's what I want) Thanks for that, michaelj -- Michael James michael.james@csiro.au System Administrator voice: 02 6246 5040 CSIRO Bioinformatics Facility fax: 02 6246 5166 No matter how much you pay for software, you always get less than you hoped. Unless you pay nothing, then you get more.
participants (2)
-
Carlos E. R.
-
Michael James