GNU bug report logs - #57071
Xscreensaver not working since latest patch

Previous Next

Package: guix;

Reported by: Rick Huijzer <ikbenrickhuyzer <at> gmail.com>

Date: Tue, 9 Aug 2022 10:28:02 UTC

Severity: normal

Done: Andreas Enge <andreas <at> enge.fr>

Full log

View this message in rfc822 format

From: Ludovic Courtès <ludo <at> gnu.org>
To: Rick Huijzer <ikbenrickhuyzer <at> gmail.com>
Cc: r0man <roman <at> burningswell.com>, 57071 <at> debbugs.gnu.org
Subject: bug#57071: Xscreensaver not working since latest patch
Date: Tue, 09 Aug 2022 23:30:58 +0200

Hi Rick,

Rick Huijzer <ikbenrickhuyzer <at> gmail.com> skribis:

> The latest xscreensaver patch <https://issues.guix.gnu.org/56597> rendered
> xscreensaver unusable on my systems. When I try to unlock my screen I am
> greeted with the message 'xscreensaver: don't login as root', even though I
> don't invoke it as root.
>
>
> $xscreensaver-command -lock
> Aug  9 08:45:22 localhost shepherd[1]: [slim] xscreensaver-gfx: 08:45:22:
> 1: running as root: not launching hacks.
> Aug  9 09:10:29 localhost shepherd[1]: [slim] xscreensaver-command: locking
> Aug  9 09:10:32 localhost shepherd[1]: [slim] xscreensaver-gfx: 09:10:32:
> 0: running as root: not launching hacks.
>
> When I remove the
> (screen-locker-service xscreensaver)
> I run into all kinds of set-uid problems.

Sorry about that, I built it during review but did not actually run it.

One effect of ‘screen-locker-service’ is to make the program setuid-root
so that it can authenticate users.  It would seem that something changed
in xscreensaver in that area; quoth ‘driver/subprocs.c’:

--8<---------------cut here---------------start------------->8---
      if (getuid() == (uid_t) 0 || geteuid() == (uid_t) 0)
        /* Prior to XScreenSaver 6, if running as root, we would change the
           effective uid to the user "nobody" or "daemon" or "noaccess",
           but even that was just encouraging bad behavior.  Don't log in
           as root. */
        {
          fprintf (stderr, "%s: %d: running as root: not launching hacks.\n",
                   blurb(), ssi->number);
          screenhack_obituary (ssi, "", "XScreenSaver: Don't log in as root.");
          goto DONE;
        }
--8<---------------cut here---------------end--------------->8---

OTOH the ‘disavow_privileges’ function is supposed to drop root
privileges early on.

So I’m not sure how it’s supposed to be run.  R0man, ideas?

Thanks,
Ludo’.
This bug report was last modified 21 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.