Gentoo Archives: gentoo-user

From: Ian Zimmerman <itz@×××××××.net>
To: gentoo-user@l.g.o
Subject: [gentoo-user] Re: X w/o suid root
Date: Mon, 19 Dec 2016 23:35:44
Message-Id: 20161219232252.15928.1F31F3FA@matica.foolinux.mooo.com
In Reply to: [gentoo-user] Re: X w/o suid root by Ian Zimmerman
1 On 2016-12-18 22:43, Ian Zimmerman wrote:
2
3 > But now I hit the error chronicled at [2]. A look at kernel source, in
4 > drivers/gpu/drm/drm_ioctl.c, shows that the relevant kernel ioctl is
5 > declared thus:
6 >
7 > DRM_IOCTL_DEF(DRM_IOCTL_SET_MASTER, drm_setmaster_ioctl, DRM_ROOT_ONLY),
8
9 And the answer is .. OF COURSE!! .. systemd.
10
11 With systemd integration, the get_drm_info() function in xorg source file
12 hw/xfree86/os-support/linux/lnx_platform.c sets the server_fd flag,
13 which makes it do this later:
14
15 if (server_fd)
16 xf86_platform_devices[delayed_index].flags |= XF86_PDEV_SERVER_FD;
17
18 .. which makes the radeon_set_drm_master() function in xf86-video-ati
19 file src/radeon_kms.c immediately return TRUE and bypass the failing
20 ioctl(DRM_IOCTL_SET_MASTER).
21
22 So now I know that my only way to non-suid (and anyone else with similar
23 hardware and without systemd) is to patch the X source, and/or the
24 kernel source. I'll probably take a few days break from this issue
25 pondering if it's worth it.
26
27 --
28 Please *no* private Cc: on mailing lists and newsgroups
29 Personal signed mail: please _encrypt_ and sign
30 Don't clear-text sign: http://cr.yp.to/smtp/8bitmime.html

Replies

Subject Author
Re: [gentoo-user] Re: X w/o suid root Michael Mol <mikemol@×××××.com>