#4 After logout user cannot login again. It is not fixed yet

v1.0_(example)
closed-invalid
dgod.osa
None
5
2014-05-12
2010-09-28
Anonymous
No

See fragment of gtkmain.c - version 2.20.1.
After logout, gtk-greeter write to stderr that warning and exit.
I added setuid(0) before g_spawn_"something" in lxdm's ui.c, but I'm not sure if it is safe.

static gboolean
check_setugid (void)
{
/* this isn't at all relevant on MS Windows and doesn't compile ... --hb */
#ifndef G_OS_WIN32
uid_t ruid, euid, suid; /* Real, effective and saved user ID's */
gid_t rgid, egid, sgid; /* Real, effective and saved group ID's */

#ifdef HAVE_GETRESUID
/* These aren't in the header files, so we prototype them here.
*/
int getresuid(uid_t *ruid, uid_t *euid, uid_t *suid);
int getresgid(gid_t *rgid, gid_t *egid, gid_t *sgid);

if (getresuid (&ruid, &euid, &suid) != 0 ||
getresgid (&rgid, &egid, &sgid) != 0)
#endif /* HAVE_GETRESUID */
{
suid = ruid = getuid ();
sgid = rgid = getgid ();
euid = geteuid ();
egid = getegid ();
}

if (ruid != euid || ruid != suid ||
rgid != egid || rgid != sgid)
{
g_warning ("This process is currently running setuid or setgid.\n"
"This is not a supported use of GTK+. You must create a helper\n"
"program instead. For further details, see:\n\n"
" http://www.gtk.org/setuid.html\n\n"
"Refusing to initialize GTK+.");
exit (1);
}
#endif
return TRUE;
}

Discussion

  • dgod.osa

    dgod.osa - 2010-09-29

    you should not setuid(0) here, as default lxdm-binary is spawned as root, and lxdm-binary should not change the uid in runtime.
    if you just want to change the greeter uid, you should do it at greeter_setup, but greeter default is root too, so not neccesary.

    I'm now on Fedora14, it's gtk-2.21, I don't have problem like this. Do you run lxdm-binary as root?

    There's another bug that when logou, user can't type in greeter, which is fixed.

     
  • dgod.osa

    dgod.osa - 2014-05-12
    • status: open --> closed-invalid
    • assigned_to: dgod.osa
    • Group: --> v1.0_(example)