GNU bug report logs -
#37423
Changing the login service from GDM to SLiM and then back to GDM causes a really bad loop
Previous Next
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 37423 in the body.
You can then email your comments to 37423 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-guix <at> gnu.org:
bug#37423; Package
guix.
(Mon, 16 Sep 2019 10:17:01 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Jan <tona_kosmicznego_smiecia <at> interia.pl>:
New bug report received and forwarded. Copy sent to
bug-guix <at> gnu.org.
(Mon, 16 Sep 2019 10:17:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
Hi.
Changing the login service from GDM to SLiM and then back to GDM makes
GDM to loop like this:
"New session c1 of user gdm."
"Removed session c1."
"New session c2 of user gdm."
"Removed session c2."
...
And it continues like this to relatively high numbers like c167. Didn't
check how far it could go, but that's not important anyway.
Reverting to the previous definition of the system by using
"guix system switch-generation" or using grub menu entries doesn't help,
changing /etc/config.scm back to the default gdm configuration and
running
"guix system reconfigure" doesn't help either.
There's also one strange thing that have happened before rebooting -
when logging off, SLiM was running in a loop too - I couldn't turn off
the computer using it, I had to switch to another tty and run "shutdown"
manualy.
But reverting to a configuration with SLiM works - I can use the system
with it, but can't with GDM anymore.
---
Jan Wielkiewicz
Information forwarded
to
bug-guix <at> gnu.org:
bug#37423; Package
guix.
(Tue, 17 Sep 2019 04:47:02 GMT)
Full text and
rfc822 format available.
Message #8 received at 37423 <at> debbugs.gnu.org (full text, mbox):
Hi Jan,
Jan <tona_kosmicznego_smiecia <at> interia.pl> writes:
> Hi.
>
> Changing the login service from GDM to SLiM and then back to GDM makes
> GDM to loop like this:
> "New session c1 of user gdm."
> "Removed session c1."
> "New session c2 of user gdm."
> "Removed session c2."
> ...
>
> And it continues like this to relatively high numbers like c167. Didn't
> check how far it could go, but that's not important anyway.
> Reverting to the previous definition of the system by using
> "guix system switch-generation" or using grub menu entries doesn't help,
> changing /etc/config.scm back to the default gdm configuration and
> running
> "guix system reconfigure" doesn't help either.
Could this be the same issue as <https://bugs.gnu.org/36508>? In short,
Guix doesn’t guarantee that the “gdm” user will have the same UID if it
gets deleted and recreated (which happens when you remove the GDM
service and add it again). You can fix this by ensuring the owner of
the files under “/var/lib/gdm” is the current “gdm” user.
-- Tim
Information forwarded
to
bug-guix <at> gnu.org:
bug#37423; Package
guix.
(Tue, 17 Sep 2019 11:17:02 GMT)
Full text and
rfc822 format available.
Message #11 received at 37423 <at> debbugs.gnu.org (full text, mbox):
On Tue, 17 Sep 2019 00:45:58 -0400
Timothy Sample <samplet <at> ngyro.com> wrote:
> Could this be the same issue as <https://bugs.gnu.org/36508>? In
> short, Guix doesn’t guarantee that the “gdm” user will have the same
> UID if it gets deleted and recreated (which happens when you remove
> the GDM service and add it again). You can fix this by ensuring the
> owner of the files under “/var/lib/gdm” is the current “gdm” user.
>
>
> -- Tim
Yes, this seems to be the same issue. I'll try the solution, but it
needs to be fixed anyway. Hope someone works on that.
Thanks for help!
---
Jan
Information forwarded
to
bug-guix <at> gnu.org:
bug#37423; Package
guix.
(Thu, 19 Sep 2019 21:24:02 GMT)
Full text and
rfc822 format available.
Message #14 received at 37423 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Hello,
Timothy Sample <samplet <at> ngyro.com> skribis:
> Could this be the same issue as <https://bugs.gnu.org/36508>? In short,
> Guix doesn’t guarantee that the “gdm” user will have the same UID if it
> gets deleted and recreated (which happens when you remove the GDM
> service and add it again). You can fix this by ensuring the owner of
> the files under “/var/lib/gdm” is the current “gdm” user.
If you just (1) configure with GDM, (2) reconfigure without GDM, and (3)
reconfigure with GDM again, I would expect the original UID of ‘gdm’ to
be reused in step #3, as long as it has not been reallocated in the
meantime (for instance because the user created other accounts.)
We could address this by fixing the UID and GID of the ‘gdm’ user:
[Message part 2 (text/x-patch, inline)]
diff --git a/gnu/services/xorg.scm b/gnu/services/xorg.scm
index 06d72b5f60..e87cb4d845 100644
--- a/gnu/services/xorg.scm
+++ b/gnu/services/xorg.scm
@@ -764,9 +764,10 @@ the GNOME desktop environment.")
;;;
(define %gdm-accounts
- (list (user-group (name "gdm") (system? #t))
+ (list (user-group (name "gdm") (system? #t) (id 900))
(user-account
(name "gdm")
+ (uid 900)
(group "gdm")
(system? #t)
(comment "GNOME Display Manager user")
[Message part 3 (text/plain, inline)]
However, looking at the allocation routines in (gnu build accounts), I
think that this would forcefully set ‘gdm’ to 900/900 on existing
installations, even if 900 is already used by another account:
--8<---------------cut here---------------start------------->8---
scheme@(gnu build accounts)> (allocate-groups (list (user-group (name "foo")(id 10)))
vlist-null
(list (group-entry
(name "foo") (gid 20))))
$2 = (#<<group-entry> name: "foo" password: #f gid: 10 members: ()>)
--8<---------------cut here---------------end--------------->8---
That’s a valid policy (declaration prevails over state), but it does
mean that we can’t really apply the above patch.
(Or we could use much lower UID/GID numbers, which are less likely to be
taken…)
Thoughts?
Ludo’.
Information forwarded
to
bug-guix <at> gnu.org:
bug#37423; Package
guix.
(Thu, 19 Sep 2019 21:49:01 GMT)
Full text and
rfc822 format available.
Message #17 received at 37423 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Hello,
Ludovic Courtès <ludo <at> gnu.org> ezt írta (időpont: 2019. szept. 19., Cs,
23:24):
> Hello,
>
> Timothy Sample <samplet <at> ngyro.com> skribis:
>
> > Could this be the same issue as <https://bugs.gnu.org/36508>? In short,
> > Guix doesn’t guarantee that the “gdm” user will have the same UID if it
> > gets deleted and recreated (which happens when you remove the GDM
> > service and add it again). You can fix this by ensuring the owner of
> > the files under “/var/lib/gdm” is the current “gdm” user.
>
> If you just (1) configure with GDM, (2) reconfigure without GDM, and (3)
> reconfigure with GDM again, I would expect the original UID of ‘gdm’ to
> be reused in step #3, as long as it has not been reallocated in the
> meantime (for instance because the user created other accounts.)
>
> We could address this by fixing the UID and GID of the ‘gdm’ user:
>
>
> However, looking at the allocation routines in (gnu build accounts), I
> think that this would forcefully set ‘gdm’ to 900/900 on existing
> installations, even if 900 is already used by another account:
>
> --8<---------------cut here---------------start------------->8---
> scheme@(gnu build accounts)> (allocate-groups (list (user-group (name
> "foo")(id 10)))
> vlist-null
> (list (group-entry
> (name "foo") (gid
> 20))))
> $2 = (#<<group-entry> name: "foo" password: #f gid: 10 members: ()>)
> --8<---------------cut here---------------end--------------->8---
>
> That’s a valid policy (declaration prevails over state), but it does
> mean that we can’t really apply the above patch.
>
> (Or we could use much lower UID/GID numbers, which are less likely to be
> taken…)
>
> Thoughts?
>
>
Couldn't we simply do what the fix does: ensuring the owner of
the files under “/var/lib/gdm” is the current “gdm” user?
> Ludo’.
>
That would solve this issue, without actually fixing the UID and GID.
Best regards,
g_bor
--
OpenPGP Key Fingerprint: 7988:3B9F:7D6A:4DBF:3719:0367:2506:A96C:CF63:0B21
[Message part 2 (text/html, inline)]
Information forwarded
to
bug-guix <at> gnu.org:
bug#37423; Package
guix.
(Thu, 19 Sep 2019 22:01:02 GMT)
Full text and
rfc822 format available.
Message #20 received at 37423 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Hi Ludo'!
Ludovic Courtès 写道:
> However, looking at the allocation routines in (gnu build
> accounts), I
> think that this would forcefully set ‘gdm’ to 900/900 on
> existing
> installations, even if 900 is already used by another account:
I'm already using GID 900 (and others) for my own nefarious ends.
How would this even deal with that? Am I doomed to forever jump
around, dodging new hard-coded GIDs?
> (Or we could use much lower UID/GID numbers, which are less
> likely to be
> taken…)
‘Likely’, eek ;-)
So now you're coming after my ‘25’ vmail user, eh.
Kind regards,
T G-R
[signature.asc (application/pgp-signature, inline)]
Information forwarded
to
bug-guix <at> gnu.org:
bug#37423; Package
guix.
(Fri, 20 Sep 2019 09:41:02 GMT)
Full text and
rfc822 format available.
Message #23 received at 37423 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Hi Gábor,
Gábor Boskovits <boskovits <at> gmail.com> skribis:
> Couldn't we simply do what the fix does: ensuring the owner of
> the files under “/var/lib/gdm” is the current “gdm” user?
Hey you’re right, I was not approaching it from the right angle.
Here’s a patch that does that. Thoughts?
I’ll push it if there are no objections.
Thanks,
Ludo’.
[Message part 2 (text/x-patch, inline)]
diff --git a/gnu/services/xorg.scm b/gnu/services/xorg.scm
index 06d72b5f60..1d55e388a1 100644
--- a/gnu/services/xorg.scm
+++ b/gnu/services/xorg.scm
@@ -773,6 +773,27 @@ the GNOME desktop environment.")
(home-directory "/var/lib/gdm")
(shell (file-append shadow "/sbin/nologin")))))
+(define %gdm-activation
+ ;; Ensure /var/lib/gdm is owned by the "gdm" user. This is normally the
+ ;; case but could be wrong if the "gdm" user was created, then removed, and
+ ;; then recreated under a different UID/GID: <https://bugs.gnu.org/37423>.
+ (with-imported-modules '((guix build utils))
+ #~(begin
+ (use-modules (guix build utils))
+
+ (let* ((gdm (getpwnam "gdm"))
+ (uid (passwd:uid gdm))
+ (gid (passwd:gid gdm))
+ (st (stat "/var/lib/gdm" #f)))
+ ;; Recurse into /var/lib/gdm only if it has wrong ownership.
+ (when (and st
+ (or (not (= uid (stat:uid st)))
+ (not (= gid (stat:gid st)))))
+ (for-each (lambda (file)
+ (chown file uid gid))
+ (find-files "/var/lib/gdm"
+ #:directories? #t)))))))
+
(define dbus-daemon-wrapper
(program-file
"gdm-dbus-wrapper"
@@ -915,6 +936,8 @@ the GNOME desktop environment.")
(extensions
(list (service-extension shepherd-root-service-type
gdm-shepherd-service)
+ (service-extension activation-service-type
+ (const %gdm-activation))
(service-extension account-service-type
(const %gdm-accounts))
(service-extension pam-root-service-type
Information forwarded
to
bug-guix <at> gnu.org:
bug#37423; Package
guix.
(Fri, 20 Sep 2019 11:04:01 GMT)
Full text and
rfc822 format available.
Message #26 received at submit <at> debbugs.gnu.org (full text, mbox):
Le 20 septembre 2019 11:40:43 GMT+02:00, "Ludovic Courtès" <ludo <at> gnu.org> a écrit :
>Hi Gábor,
>
>Gábor Boskovits <boskovits <at> gmail.com> skribis:
>
>> Couldn't we simply do what the fix does: ensuring the owner of
>> the files under “/var/lib/gdm” is the current “gdm” user?
>
>Hey you’re right, I was not approaching it from the right angle.
>
>Here’s a patch that does that. Thoughts?
>
>I’ll push it if there are no objections.
>
>Thanks,
>Ludo’.
Looks good :)
Information forwarded
to
bug-guix <at> gnu.org:
bug#37423; Package
guix.
(Fri, 20 Sep 2019 11:04:02 GMT)
Full text and
rfc822 format available.
Information forwarded
to
bug-guix <at> gnu.org:
bug#37423; Package
guix.
(Fri, 20 Sep 2019 13:27:02 GMT)
Full text and
rfc822 format available.
Message #32 received at 37423 <at> debbugs.gnu.org (full text, mbox):
Hi Ludo and Gábor,
Ludovic Courtès <ludo <at> gnu.org> writes:
> Hi Gábor,
>
> Gábor Boskovits <boskovits <at> gmail.com> skribis:
>
>> Couldn't we simply do what the fix does: ensuring the owner of
>> the files under “/var/lib/gdm” is the current “gdm” user?
>
> Hey you’re right, I was not approaching it from the right angle.
>
> Here’s a patch that does that. Thoughts?
LGTM! Though I don’t have a chance to test it at the moment, so all I
can really say is that it makes sense and I didn’t see any typos. :)
-- Tim
Reply sent
to
Ludovic Courtès <ludo <at> gnu.org>:
You have taken responsibility.
(Fri, 20 Sep 2019 21:11:02 GMT)
Full text and
rfc822 format available.
Notification sent
to
Jan <tona_kosmicznego_smiecia <at> interia.pl>:
bug acknowledged by developer.
(Fri, 20 Sep 2019 21:11:02 GMT)
Full text and
rfc822 format available.
Message #37 received at 37423-done <at> debbugs.gnu.org (full text, mbox):
Hello,
Timothy Sample <samplet <at> ngyro.com> skribis:
> Ludovic Courtès <ludo <at> gnu.org> writes:
>
>> Hi Gábor,
>>
>> Gábor Boskovits <boskovits <at> gmail.com> skribis:
>>
>>> Couldn't we simply do what the fix does: ensuring the owner of
>>> the files under “/var/lib/gdm” is the current “gdm” user?
>>
>> Hey you’re right, I was not approaching it from the right angle.
>>
>> Here’s a patch that does that. Thoughts?
>
> LGTM! Though I don’t have a chance to test it at the moment, so all I
> can really say is that it makes sense and I didn’t see any typos. :)
I tested in a VM and it’s all good. Pushed as
f817901ee74fbc2f3c3322d473ad4c72b052499c.
Thanks,
Ludo’.
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org.
(Sat, 19 Oct 2019 11:24:06 GMT)
Full text and
rfc822 format available.
This bug report was last modified 4 years and 190 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.