From unknown Mon Aug 18 02:37:03 2025 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Mailer: MIME-tools 5.509 (Entity 5.509) Content-Type: text/plain; charset=utf-8 From: bug#29212 <29212@debbugs.gnu.org> To: bug#29212 <29212@debbugs.gnu.org> Subject: Status: Setuid programs don't honor the system's timezone Reply-To: bug#29212 <29212@debbugs.gnu.org> Date: Mon, 18 Aug 2025 09:37:03 +0000 retitle 29212 Setuid programs don't honor the system's timezone reassign 29212 guix submitter 29212 Diego Nicola Barbato severity 29212 normal thanks From debbugs-submit-bounces@debbugs.gnu.org Wed Nov 08 09:36:16 2017 Received: (at submit) by debbugs.gnu.org; 8 Nov 2017 14:36:16 +0000 Received: from localhost ([127.0.0.1]:57828 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1eCRSh-0002AI-Sb for submit@debbugs.gnu.org; Wed, 08 Nov 2017 09:36:16 -0500 Received: from eggs.gnu.org ([208.118.235.92]:57733) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1eCRSg-00029x-DY for submit@debbugs.gnu.org; Wed, 08 Nov 2017 09:36:14 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eCRSV-0005i8-Ta for submit@debbugs.gnu.org; Wed, 08 Nov 2017 09:36:09 -0500 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([2001:4830:134:3::11]:49484) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eCRSV-0005i0-QP for submit@debbugs.gnu.org; Wed, 08 Nov 2017 09:36:03 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:48663) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eCRSU-0001Hy-T8 for bug-guix@gnu.org; Wed, 08 Nov 2017 09:36:03 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eCRSQ-0005c0-0c for bug-guix@gnu.org; Wed, 08 Nov 2017 09:36:02 -0500 Received: from mout02.posteo.de ([185.67.36.66]:53299) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eCRSP-0005YN-Q6 for bug-guix@gnu.org; Wed, 08 Nov 2017 09:35:57 -0500 Received: from submission (posteo.de [89.146.220.130]) by mout02.posteo.de (Postfix) with ESMTPS id 2A37620DE9 for ; Wed, 8 Nov 2017 15:35:54 +0100 (CET) Received: from customer (localhost [127.0.0.1]) by submission (posteo.de) with ESMTPSA id 3yX83s2VlPzyp6 for ; Wed, 8 Nov 2017 15:35:53 +0100 (CET) From: Diego Nicola Barbato To: bug-guix@gnu.org Subject: XLockMore displays wrong time Date: Wed, 08 Nov 2017 15:35:52 +0100 Message-ID: <87k1z04z3r.fsf@GlaDOS.home> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-Received-From: 2001:4830:134:3::11 X-Spam-Score: -4.0 (----) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -4.0 (----) Hello Guix, XLockMore (as invoked by the command `xlock') displays the wrong time on the lock screen. Instead of honouring the timezone set in `config.scm' (as do other programs e.g. the `date' command) it displays UTC. Greetings Diego From debbugs-submit-bounces@debbugs.gnu.org Wed Nov 08 15:57:48 2017 Received: (at 29212) by debbugs.gnu.org; 8 Nov 2017 20:57:48 +0000 Received: from localhost ([127.0.0.1]:58981 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1eCXPw-0005T9-Cr for submit@debbugs.gnu.org; Wed, 08 Nov 2017 15:57:48 -0500 Received: from hera.aquilenet.fr ([141.255.128.1]:43248) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1eCXPv-0005T2-F2 for 29212@debbugs.gnu.org; Wed, 08 Nov 2017 15:57:47 -0500 Received: from localhost (localhost [127.0.0.1]) by hera.aquilenet.fr (Postfix) with ESMTP id 81A52F8AF; Wed, 8 Nov 2017 21:57:48 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at aquilenet.fr Received: from hera.aquilenet.fr ([127.0.0.1]) by localhost (hera.aquilenet.fr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GpsWDQYpySkj; Wed, 8 Nov 2017 21:57:47 +0100 (CET) Received: from ribbon (unknown [IPv6:2a01:e0a:1d:7270:af76:b9b:ca24:c465]) by hera.aquilenet.fr (Postfix) with ESMTPSA id D49A7F88D; Wed, 8 Nov 2017 21:57:46 +0100 (CET) From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=) To: Diego Nicola Barbato Subject: Re: bug#29212: XLockMore displays wrong time References: <87k1z04z3r.fsf@GlaDOS.home> Date: Wed, 08 Nov 2017 21:57:44 +0100 In-Reply-To: <87k1z04z3r.fsf@GlaDOS.home> (Diego Nicola Barbato's message of "Wed, 08 Nov 2017 15:35:52 +0100") Message-ID: <87tvy4sd2v.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux) MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Spam-Score: 1.0 (+) X-Debbugs-Envelope-To: 29212 Cc: 29212@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 1.0 (+) --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hi, Diego Nicola Barbato skribis: > XLockMore (as invoked by the command `xlock') displays the wrong time on > the lock screen. Instead of honouring the timezone set in `config.scm' > (as do other programs e.g. the `date' command) it displays UTC. The problem is that setuid programs ignore $TZDIR; quoth =E2=80=98tzfile.c= =E2=80=99 in libc: /* We must not allow to read an arbitrary file in a setuid program. So we fail for any file which is not in the directory hierachy starting at TZDIR and which is not the system wide default TZDEFAULT. */ if (__libc_enable_secure && ((*file =3D=3D '/' && memcmp (file, TZDEFAULT, sizeof TZDEFAULT) && memcmp (file, default_tzdir, sizeof (default_tzdir) - 1)) || strstr (file, "../") !=3D NULL)) /* This test is certainly a bit too restrictive but it should catch all critical cases. */ goto ret_free_transitions; Thus, if I set TZ=3DEurope/Paris, I see that setuid binaries look for timezone data only under /gnu/store/3h31zsqxjjg52da5gp3qmhkh4x8klhah-glibc-2.25/share/zoneinfo/Europ= e/Paris, which doesn=E2=80=99t exist. Since GuixSD provides /etc/localtime already, we can actually unset TZ. And when we do so, setuid binaries simply honor /etc/localtime and don=E2= =80=99t go searching for timezone data elsewhere, and they see the right time. Can you confirm that: (unset TZ; xlock) works for you? I=E2=80=99ll commit the patch below if it does. Thanks, Ludo=E2=80=99. --=-=-= Content-Type: text/x-patch Content-Disposition: inline diff --git a/gnu/system.scm b/gnu/system.scm index 5f562b48b..ce2c05f4e 100644 --- a/gnu/system.scm +++ b/gnu/system.scm @@ -727,7 +727,8 @@ use 'plain-file' instead~%") "Return the environment variables of OS for @var{session-environment-service-type}, to be used in @file{/etc/environment}." `(("LANG" . ,(operating-system-locale os)) - ("TZ" . ,(operating-system-timezone os)) + ;; Note: No need to set 'TZ' since (1) we provide /etc/localtime, and (2) + ;; it doesn't work for setuid binaries. See . ("TZDIR" . ,(file-append tzdata "/share/zoneinfo")) ;; Tell 'modprobe' & co. where to look for modules. ("LINUX_MODULE_DIRECTORY" . "/run/booted-system/kernel/lib/modules") --=-=-=-- From debbugs-submit-bounces@debbugs.gnu.org Wed Nov 08 15:58:21 2017 Received: (at control) by debbugs.gnu.org; 8 Nov 2017 20:58:21 +0000 Received: from localhost ([127.0.0.1]:58989 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1eCXQS-0005Us-Vb for submit@debbugs.gnu.org; Wed, 08 Nov 2017 15:58:21 -0500 Received: from hera.aquilenet.fr ([141.255.128.1]:43251) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1eCXQR-0005Uk-2C for control@debbugs.gnu.org; Wed, 08 Nov 2017 15:58:19 -0500 Received: from localhost (localhost [127.0.0.1]) by hera.aquilenet.fr (Postfix) with ESMTP id 33783F8AF for ; Wed, 8 Nov 2017 21:58:20 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at aquilenet.fr Received: from hera.aquilenet.fr ([127.0.0.1]) by localhost (hera.aquilenet.fr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QqAnMmqEd2eT for ; Wed, 8 Nov 2017 21:58:19 +0100 (CET) Received: from ribbon (unknown [IPv6:2a01:e0a:1d:7270:af76:b9b:ca24:c465]) by hera.aquilenet.fr (Postfix) with ESMTPSA id 82363F88D for ; Wed, 8 Nov 2017 21:58:19 +0100 (CET) Date: Wed, 08 Nov 2017 21:58:16 +0100 Message-Id: <87shdosd1z.fsf@gnu.org> To: control@debbugs.gnu.org From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=) Subject: control message for bug #29212 MIME-version: 1.0 Content-type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Spam-Score: 1.0 (+) X-Debbugs-Envelope-To: control X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 1.0 (+) retitle 29212 Setuid programs don't honor the system's timezone From debbugs-submit-bounces@debbugs.gnu.org Thu Nov 09 01:30:08 2017 Received: (at 29212) by debbugs.gnu.org; 9 Nov 2017 06:30:08 +0000 Received: from localhost ([127.0.0.1]:59339 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1eCgLn-0006hh-EZ for submit@debbugs.gnu.org; Thu, 09 Nov 2017 01:30:07 -0500 Received: from mout02.posteo.de ([185.67.36.66]:40797) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1eCgLl-0006fl-7T for 29212@debbugs.gnu.org; Thu, 09 Nov 2017 01:30:05 -0500 Received: from submission (posteo.de [89.146.220.130]) by mout02.posteo.de (Postfix) with ESMTPS id 2236920A0F for <29212@debbugs.gnu.org>; Thu, 9 Nov 2017 07:29:56 +0100 (CET) Received: from customer (localhost [127.0.0.1]) by submission (posteo.de) with ESMTPSA id 3yXYDg5scjzypX; Thu, 9 Nov 2017 07:29:55 +0100 (CET) From: Diego Nicola Barbato To: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=) Subject: Re: bug#29212: XLockMore displays wrong time References: <87k1z04z3r.fsf@GlaDOS.home> <87tvy4sd2v.fsf@gnu.org> Date: Thu, 09 Nov 2017 07:29:52 +0100 In-Reply-To: <87tvy4sd2v.fsf@gnu.org> ("Ludovic \=\?utf-8\?Q\?Court\=C3\=A8s\=22'\?\= \=\?utf-8\?Q\?s\?\= message of "Wed, 08 Nov 2017 21:57:44 +0100") Message-ID: <87vaik2cdb.fsf@GlaDOS.home> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -5.1 (-----) X-Debbugs-Envelope-To: 29212 Cc: 29212@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -5.1 (-----) Hello Ludo, ludo@gnu.org (Ludovic Court=C3=A8s) writes: > Since GuixSD provides /etc/localtime already, we can actually unset TZ. > And when we do so, setuid binaries simply honor /etc/localtime and don=E2= =80=99t > go searching for timezone data elsewhere, and they see the right time. > > Can you confirm that: > > (unset TZ; xlock) > > works for you? Yes, it displays the correct time. Thanks, Diego From debbugs-submit-bounces@debbugs.gnu.org Thu Nov 09 04:06:32 2017 Received: (at 29212-done) by debbugs.gnu.org; 9 Nov 2017 09:06:32 +0000 Received: from localhost ([127.0.0.1]:59432 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1eCinA-0002Dr-CX for submit@debbugs.gnu.org; Thu, 09 Nov 2017 04:06:32 -0500 Received: from hera.aquilenet.fr ([141.255.128.1]:45200) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1eCin7-0002Dg-Cp for 29212-done@debbugs.gnu.org; Thu, 09 Nov 2017 04:06:29 -0500 Received: from localhost (localhost [127.0.0.1]) by hera.aquilenet.fr (Postfix) with ESMTP id AD666FCAA; Thu, 9 Nov 2017 10:06:30 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at aquilenet.fr Received: from hera.aquilenet.fr ([127.0.0.1]) by localhost (hera.aquilenet.fr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UxE_ufha6S0b; Thu, 9 Nov 2017 10:06:28 +0100 (CET) Received: from ribbon (unknown [193.50.110.150]) by hera.aquilenet.fr (Postfix) with ESMTPSA id 55CA7F7E2; Thu, 9 Nov 2017 10:06:28 +0100 (CET) From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=) To: Diego Nicola Barbato Subject: Re: bug#29212: XLockMore displays wrong time References: <87k1z04z3r.fsf@GlaDOS.home> <87tvy4sd2v.fsf@gnu.org> <87vaik2cdb.fsf@GlaDOS.home> X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: 19 Brumaire an 226 de la =?utf-8?Q?R=C3=A9volution?= X-PGP-Key-ID: 0x090B11993D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-pc-linux-gnu Date: Thu, 09 Nov 2017 10:06:26 +0100 In-Reply-To: <87vaik2cdb.fsf@GlaDOS.home> (Diego Nicola Barbato's message of "Thu, 09 Nov 2017 07:29:52 +0100") Message-ID: <87mv3vq0rx.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 1.0 (+) X-Debbugs-Envelope-To: 29212-done Cc: 29212-done@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 1.0 (+) Diego Nicola Barbato skribis: > Hello Ludo, > > ludo@gnu.org (Ludovic Court=C3=A8s) writes: > >> Since GuixSD provides /etc/localtime already, we can actually unset TZ. >> And when we do so, setuid binaries simply honor /etc/localtime and don= =E2=80=99t >> go searching for timezone data elsewhere, and they see the right time. >> >> Can you confirm that: >> >> (unset TZ; xlock) >> >> works for you? > > Yes, it displays the correct time. Awesome, pushed as 5475749960d44163a4c6c4d1d1cb1be9872b861e. Thanks, Ludo=E2=80=99. From unknown Mon Aug 18 02:37:03 2025 Received: (at fakecontrol) by fakecontrolmessage; To: internal_control@debbugs.gnu.org From: Debbugs Internal Request Subject: Internal Control Message-Id: bug archived. Date: Thu, 07 Dec 2017 12:24:03 +0000 User-Agent: Fakemail v42.6.9 # This is a fake control message. # # The action: # bug archived. thanks # This fakemail brought to you by your local debbugs # administrator