I compiled X from the CVS head successfully yesterday (4/14/2006) on an x86 computer (Dell Latitude 810 running Debian unstable). This computer was already successfully running X11R7.0 from the latest Debian package. I installed the new X in /usr/local/X so as not to overlap with the original X libraries, adjusted my path and LD_LIBRARY_PATH accordingly, etc. When I tried to run the new startx program, I got this: xauth: creating new authority file /home/mvanier/.serverauth.3804 X Window System Version 7.0.0 Release Date: 21 December 2005 X Protocol Version 11, Revision 0, Release 7.0 Build Operating System: Linux 2.6.12.6 i686 Current Operating System: Linux tap 2.6.12.6 #4 Sat Sep 3 03:20:11 PDT 2005 i686 Build Date: 15 April 2006 Before reporting problems, check http://wiki.x.org to make sure that you have the latest version. Module Loader present Markers: (--) probed, (**) from config file, (==) default setting, (++) from command line, (!!) notice, (II) informational, (WW) warning, (EE) error, (NI) not implemented, (??) unknown. (==) Log file: "/usr/local/X/var/log/Xorg.0.log", Time: Sat Apr 15 22:01:56 2006 (==) Using config file: "/etc/X11/xorg.conf" Fatal server error: xf86OpenConsole: Cannot open /dev/tty0 (No such file or directory) XIO: fatal IO error 104 (Connection reset by peer) on X server ":0.0" after 0 requests (0 known processed) with 0 events remaining. Of course /dev/tty0 is alive and well, but it is owned by root (the error message is incorrect). I noticed that the working X11R7 implementation changed that to be owned by the user who ran startx, and it reverts back when X is halted. I also noticed that I could start the X server as root, and it runs fine, except that all my programs are then run as root, which is not advisable. I tried manually altering the ownership of /dev/tty0, and then it fails at a later stage: xauth: creating new authority file /home/mvanier/.serverauth.3739 X Window System Version 7.0.0 Release Date: 21 December 2005 X Protocol Version 11, Revision 0, Release 7.0 Build Operating System: Linux 2.6.12.6 i686 Current Operating System: Linux tap 2.6.12.6 #4 Sat Sep 3 03:20:11 PDT 2005 i686 Build Date: 15 April 2006 Before reporting problems, check http://wiki.x.org to make sure that you have the latest version. Module Loader present Markers: (--) probed, (**) from config file, (==) default setting, (++) from command line, (!!) notice, (II) informational, (WW) warning, (EE) error, (NI) not implemented, (??) unknown. (==) Log file: "/usr/local/X/var/log/Xorg.0.log", Time: Sat Apr 15 22:01:08 2006 (==) Using config file: "/etc/X11/xorg.conf" Fatal server error: xf86OpenConsole: Cannot open virtual console 7 (Permission denied) XIO: fatal IO error 104 (Connection reset by peer) on X server ":0.0" after 0 requests (0 known processed) with 0 events remaining. I am not sure if this is a bug or if I've misconfigured something, but I've looked through bug reports and searched the internet and found nothing. Any help would be appreciated.
that's right, it will only run as root. you need to make the X server suid root if you want to start it as a user.
(In reply to comment #1) > that's right, it will only run as root. you need to make the X server suid root > if you want to start it as a user. That works. Is it secure? Also, the Debian-installed Xorg isn't SUID root and it works. Maybe it's called from another SUID program... I'll have to poke around. I guess I'm surprised that the sudo program I passed in to the build script didn't automatically do this, if that's what's intended.
well, we hope it's secure ... that's why we issue security advisories for bugs in the server that can be exploited by clients. in Debian, /usr/bin/Xorg isn't u+s, but /usr/bin/X is. i believe you have to pass in an option to xorg-server's configure script to make the result suid.
(In reply to comment #3) > well, we hope it's secure ... that's why we issue security advisories for bugs > in the server that can be exploited by clients. > > in Debian, /usr/bin/Xorg isn't u+s, but /usr/bin/X is. i believe you have to > pass in an option to xorg-server's configure script to make the result suid. Thanks for the information. As you suggest, /usr/bin/X on Debian is an SUID wrapper program that calls the real X server. It also has its own configuration file, Xwrapper.config. I appreciate your help.
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.