From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id E0CA4139085 for ; Mon, 19 Dec 2016 23:35:44 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 63B04E0DEC; Mon, 19 Dec 2016 23:35:28 +0000 (UTC) Received: from acedia.primate.net (disorder-1-pt.tunnel.tserv3.fmt2.ipv6.he.net [IPv6:2001:470:1f04:51a::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id ECBE2E0DE3 for ; Mon, 19 Dec 2016 23:35:27 +0000 (UTC) Received: from acedia.primate.net (localhost [127.0.0.1]) by acedia.primate.net (8.15.2/8.15.2/Debian-7) with ESMTPS id uBJNZQU5019478 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Mon, 19 Dec 2016 15:35:26 -0800 Received: (from itz@localhost) by acedia.primate.net (8.15.2/8.15.2/Submit) id uBJNZPew019471 for gentoo-user@lists.gentoo.org; Mon, 19 Dec 2016 15:35:25 -0800 X-Authentication-Warning: acedia.primate.net: itz set sender to itz@primate.net using -f Received: from [10.8.78.14] (helo=matica.foolinux.mooo.com) by ahiker.mooo.com with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1cJ7Sm-000324-B8 for gentoo-user@lists.gentoo.org; Mon, 19 Dec 2016 15:35:24 -0800 Received: from itz by matica.foolinux.mooo.com with local (Exim 4.87) (envelope-from ) id 1cJ7Sm-0004En-5u for gentoo-user@lists.gentoo.org; Mon, 19 Dec 2016 15:35:24 -0800 Date: Mon, 19 Dec 2016 15:35:24 -0800 From: Ian Zimmerman To: gentoo-user@lists.gentoo.org Subject: [gentoo-user] Re: X w/o suid root Message-ID: <20161219232252.15928.1F31F3FA@matica.foolinux.mooo.com> Mail-Followup-To: gentoo-user@lists.gentoo.org References: <20161216234309.29062.24B0C902@matica.foolinux.mooo.com> <20161217011230.GA2398@anonymous> <20161218052237.4387.3041200A@matica.foolinux.mooo.com> <20161219062842.9403.125F8924@matica.foolinux.mooo.com> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20161219062842.9403.125F8924@matica.foolinux.mooo.com> User-Agent: Mutt/1.5.24 (2015-08-30) X-Archives-Salt: 65995db2-f04b-4ede-9122-e9165ba60dcd X-Archives-Hash: 65d718009941406b04e40435c11154f1 On 2016-12-18 22:43, Ian Zimmerman wrote: > But now I hit the error chronicled at [2]. A look at kernel source, in > drivers/gpu/drm/drm_ioctl.c, shows that the relevant kernel ioctl is > declared thus: > > DRM_IOCTL_DEF(DRM_IOCTL_SET_MASTER, drm_setmaster_ioctl, DRM_ROOT_ONLY), And the answer is .. OF COURSE!! .. systemd. With systemd integration, the get_drm_info() function in xorg source file hw/xfree86/os-support/linux/lnx_platform.c sets the server_fd flag, which makes it do this later: if (server_fd) xf86_platform_devices[delayed_index].flags |= XF86_PDEV_SERVER_FD; .. which makes the radeon_set_drm_master() function in xf86-video-ati file src/radeon_kms.c immediately return TRUE and bypass the failing ioctl(DRM_IOCTL_SET_MASTER). So now I know that my only way to non-suid (and anyone else with similar hardware and without systemd) is to patch the X source, and/or the kernel source. I'll probably take a few days break from this issue pondering if it's worth it. -- Please *no* private Cc: on mailing lists and newsgroups Personal signed mail: please _encrypt_ and sign Don't clear-text sign: http://cr.yp.to/smtp/8bitmime.html