|
OpenBSD Installation and Upgrading Installing and upgrading OpenBSD. |
|
Thread Tools | Display Modes |
|
|||
OpenBSD 6.4 lost X windows for user
Just installed the latest version 6.4 on my Lenovo laptop. It was working absolutely perfectly for me using the Blackbox wm. I saw the latest patch 001 and did a syspatch. After that I can no longer get X11 to run for a user, only root.
This is what is in the Xorg.0.log file for the user: failed to open /dev/xf86 and /dev/mem, permission denied also: check that the /etc/sysctl.conf file has 'machdep.allowaperature=1' No screens found, server terminated. The /etc/sysctl.conf file didn't exist. I created it. and now when the system is booting up an error is displayed saying - machdep.allowaperature=1, second level name is invalid I still have root running X11, but not a user. Not sure if the patch killed X or not. Please help |
|
|||
Thanks a lot. I probably did misspell 'aperture'. I will make the change tomorrow and let you know. I still have no idea what 'machdep.allowaperture=1' means or does, and why now after a patch.
|
|
|||
I had some trouble with a video card not being detected, so I changed that value. I discussed it on the forums a while back, so if you search on it it might help you. There is a sample sysctl.conf file in the /etc/examples folder. If you look up machdep.allowaperture in that file there is a comment to read the man entry for xf86.
I wonder if the problem could be anything to do with this? http://daemonforums.org/showthread.php?t=10811 Last edited by Prevet; 26th October 2018 at 11:20 AM. |
|
||||
OK. I'm going to recommend the following steps for staus and bsd007.
First start X with xenodm(1) if you are not already doing so. If you are already doing so, please let us know.
Last edited by jggimi; 26th October 2018 at 01:35 PM. Reason: typos |
|
||||
The fallout of the setuid removal for the x server is starting to hit the mailing lists. Looks like jggimi's assessment is spot on, as usual:
Quote:
|
|
|||
I followed jggimi's advice, and I have been able to start X as a user again.
Thanks. |
|
|||
No Issues with xenodm(1) here after the patch (6.4).
When the news hit, I removed the setuid /usr/X11R6/bin/Xorg as soon as I read about it, late yesterday night I applied the patch. The interesting thing was the patch turned on the setiud (which I removed afterwards). I was thinking it would be removed by the patch, but I may have mis-read the lists Anyway, very impressed with the speed of the fix by the OpenBSD team Last edited by jmccue; 27th October 2018 at 02:28 PM. Reason: adjusted/spelling |
|
|||
Thanks, Iggimi, for the information about Xenodm. This certainly gets X working. But I'm left with some niggles which I'm still trying to resolve, and I have to admit to being sorely tempted to restore setuid to Xorg as I'm the only user with access to my desktop. Would thjs be very unwise?
|
|
||||
If you do that, someone who manages to compromise your box remotely by any 3rd party software, for instance browser, irc, anything networked etc. will have priviledge escalation presented on a silver platter.
Think of it this way: this was a bug in the base system. Who knows how many exploitable bugs (in one way or another) are lingering undetected somewhere in the ports tree? Your threat assesment probably depends on your level of paranoia. I know I wouldn't do it. EDIT: I just realised your system is in a post patch state, which means the dangerous option was removed IIRC. But still, you'd be giving a binary unnecessary priviledges which you don't really need. Last edited by fvgit; 28th October 2018 at 07:16 PM. |
|
||||
Yes, I believe it is unwise. True, you are the only user with physical access to your workstation. And yes, this is considered a local exploit. Unfortunately, physical access is not required to execute local programs. Consider:
|
|
|||
Thanks to both for replies. Makes sense. I hope the startx issue gets resolved later.
Meanwhile, I'll fiddle some more with Xenodm and if I can't find a solution I'll start a new thread as suggested. |
|
|||
OpenBSDE 6.4 + XFCE, X wouldn't start for users but did for root after xserver patch - mostly recovered
Here's how I installed 6.4 with XFCE and mostly recovered after the xserver patch broke a few things - Installed OpenBSD 6.4 with XFCE late this past week, not using xenodm, starting XFCE via command startxfce4, two local users (one in wheel group, one not - I'm using this installation to learn OpenBSD) - XFCE started from console via startxfce4 command and worked as expected for root and each user, installed a few packages - After patch, XFCE opened and worked as expected only for root. For both wheel and non-wheel users, XFCE and wm's would not launch as described in OpenBSD Misc mailing list thread titled "can't start X in 6.4" - Enabled and started xenodm, rebooted - XFCE still launched and ran normally for root, signing in from xenodm sign in page - Users launched in fvwm from xenodm sign in page. From console, if I ran startxfce4, panels would appear, but XFCE wallpaper didn't and windows were fvwm - To each of /root, /home/UserInWheelGroup and /home/UserNotInWheelGroup, I used nano to create .xsession with command *startxfce4 [edited] exec startxfce4*, rebooted - Now XFCE launches and runs normally for wheel and non-wheel users from xenodm sign in page - Now can't sign in as root from xenodm sign in page. Is this normal? If so, fine (but how do I sign in as root, if I want to?) If not, then I still have to figure this bit out. TKS Sources - RibaLinux instructions to install 6.0 with XFCE (but skipping some steps and adapting instructions to 6.4) - OpenBSD Misc mailing list, thread titled "can't start X in 6.4". Theo said switch to xenodm. - https://www.openbsd.org/faq/faq11.html "The X Window system" - Posts in this thread earlier than this one. Special thanks to jggimi in post 7. Last edited by TheTKS; 29th October 2018 at 03:10 AM. Reason: Typo, clarification, correction |
|
|||
Quote:
<Ctrl>+<Alt>+<F3> will bring up the 3rd Virtual terminal and you can login as root or a user. |
|
||||
Quote:
It is possible to prevent root login through setting the Authentication Widget xlogin.Login.allowRootLogin to false, but this would have been something you would have been aware of doing. |
|
|||
@shep, @jggimi, thanks, I will use Ctrl Alt F3 if needed until I figure out how to fix this, and I will look at /var/log/xenodm.log and look again at /root/.xsession. I might just delete root's .xsession so the rare time I do sign in as root, it will always be very obvious, and I would learn how to work in a wm.
Also, I can su or su - from wheel user, so nothing is stopping me from becoming root as needed, but I'd still like to sort this out. TKS |
|
|||
Lost x in 6.4 - Solved for my needs
First of all, thanks to Theo De Raadt, jggimi and shep for advice on the OpenBSD Misc mailing list and in posts above:
- I had a working 6.4 with XFCE, with wheel and non-wheel users, launching XFCE on each sign in from console with "startxfce4". I had not enabled xenodm and hadn't added .xinitrc - After applying the xserver patch, I lost the ability to start x and xfce4 for users but could still launch xfce as root (same error reported by others) - I enabled xenodm and added .xsessions to my users and to root to exec startxfce4. Then from xenodm sign in screen, users could then sign in with XFCE launching, but root couldn't sign in at all. - I deleted the .xsession with exec startxfce4 I had just created - Now I can sign in from xenodm sign in screen as non-wheel or as wheel user with a working XFCE session, and as root with fvwm A bit more detail (for more background, see my earlier posts and responses here by jggimi and shep, and the OpenBSD Misc mailing list): - Specifically, the behaviour I encountered after enabling xenodm and adding .xsession files to my two users and to root, with the single instruction exec startxfce4 in each .xsession, was that after trying to sign in from xenodm as root, I would momentarily get a black screen then be brought back to the xenodm signin screen. Both users could sign in from xenodm and be brought into XFCE - root's .xsession-errors showed something like "can't find startxfce4". I also tried just xfce4 and just xfce, with same behaviour. These did not appear in the .xsession-errors of the two users. - I will assume one of: I missed or incorrectly configured something in the XFCE DE installation; it's an XFCE bug; it's an XFCE feature. TKS |
|
||||
Quote:
In /home/root/.xsession, try using the fully qualified executable: exec /usr/local/bin/startxfce4 If that fails to function properly, you could add /usr/local/bin to root's $PATH if it is not already there. Last edited by jggimi; 29th October 2018 at 04:28 PM. Reason: clarity |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Hosting a Windows VM on OpenBSD | girarde | OpenBSD Packages and Ports | 2 | 27th December 2015 12:42 AM |
User Store, Auth, VPN and Multi-user apps/software | montie | OpenBSD Packages and Ports | 9 | 9th January 2015 09:51 PM |
New OpenBSD installation on HDD with Windows | cableguy | OpenBSD Installation and Upgrading | 8 | 3rd April 2014 10:57 PM |
WOL windows 7 from openbsd | sputnik | General software and network | 0 | 9th April 2013 08:18 AM |
New OpenBSD User | codeFreak | OpenBSD General | 3 | 18th February 2011 02:43 AM |