|
OpenBSD Installation and Upgrading Installing and upgrading OpenBSD. |
|
Thread Tools | Display Modes |
|
|
|||
OpenBSD 6.4 lost X windows for user
Just installed the latest version 6.4 on my Lenovo laptop. It was working absolutely perfectly for me using the Blackbox wm. I saw the latest patch 001 and did a syspatch. After that I can no longer get X11 to run for a user, only root.
This is what is in the Xorg.0.log file for the user: failed to open /dev/xf86 and /dev/mem, permission denied also: check that the /etc/sysctl.conf file has 'machdep.allowaperature=1' No screens found, server terminated. The /etc/sysctl.conf file didn't exist. I created it. and now when the system is booting up an error is displayed saying - machdep.allowaperature=1, second level name is invalid I still have root running X11, but not a user. Not sure if the patch killed X or not. Please help |
|
|||
Thanks a lot. I probably did misspell 'aperture'. I will make the change tomorrow and let you know. I still have no idea what 'machdep.allowaperture=1' means or does, and why now after a patch.
|
|
|||
I had some trouble with a video card not being detected, so I changed that value. I discussed it on the forums a while back, so if you search on it it might help you. There is a sample sysctl.conf file in the /etc/examples folder. If you look up machdep.allowaperture in that file there is a comment to read the man entry for xf86.
I wonder if the problem could be anything to do with this? http://daemonforums.org/showthread.php?t=10811 Last edited by Prevet; 26th October 2018 at 11:20 AM. |
|
||||
OK. I'm going to recommend the following steps for staus and bsd007.
First start X with xenodm(1) if you are not already doing so. If you are already doing so, please let us know.
Last edited by jggimi; 26th October 2018 at 01:35 PM. Reason: typos |
|
||||
The fallout of the setuid removal for the x server is starting to hit the mailing lists. Looks like jggimi's assessment is spot on, as usual:
Quote:
|
|
|||
I followed jggimi's advice, and I have been able to start X as a user again.
Thanks. |
|
|||
No Issues with xenodm(1) here after the patch (6.4).
When the news hit, I removed the setuid /usr/X11R6/bin/Xorg as soon as I read about it, late yesterday night I applied the patch. The interesting thing was the patch turned on the setiud (which I removed afterwards). I was thinking it would be removed by the patch, but I may have mis-read the lists Anyway, very impressed with the speed of the fix by the OpenBSD team Last edited by jmccue; 27th October 2018 at 02:28 PM. Reason: adjusted/spelling |
|
|||
Thanks, Iggimi, for the information about Xenodm. This certainly gets X working. But I'm left with some niggles which I'm still trying to resolve, and I have to admit to being sorely tempted to restore setuid to Xorg as I'm the only user with access to my desktop. Would thjs be very unwise?
|
|
||||
If you do that, someone who manages to compromise your box remotely by any 3rd party software, for instance browser, irc, anything networked etc. will have priviledge escalation presented on a silver platter.
Think of it this way: this was a bug in the base system. Who knows how many exploitable bugs (in one way or another) are lingering undetected somewhere in the ports tree? Your threat assesment probably depends on your level of paranoia. I know I wouldn't do it. EDIT: I just realised your system is in a post patch state, which means the dangerous option was removed IIRC. But still, you'd be giving a binary unnecessary priviledges which you don't really need. Last edited by fvgit; 28th October 2018 at 07:16 PM. |
|
||||
Yes, I believe it is unwise. True, you are the only user with physical access to your workstation. And yes, this is considered a local exploit. Unfortunately, physical access is not required to execute local programs. Consider:
|
|
|||
Thanks to both for replies. Makes sense. I hope the startx issue gets resolved later.
Meanwhile, I'll fiddle some more with Xenodm and if I can't find a solution I'll start a new thread as suggested. |
|
|||
OpenBSDE 6.4 + XFCE, X wouldn't start for users but did for root after xserver patch - mostly recovered
Here's how I installed 6.4 with XFCE and mostly recovered after the xserver patch broke a few things - Installed OpenBSD 6.4 with XFCE late this past week, not using xenodm, starting XFCE via command startxfce4, two local users (one in wheel group, one not - I'm using this installation to learn OpenBSD) - XFCE started from console via startxfce4 command and worked as expected for root and each user, installed a few packages - After patch, XFCE opened and worked as expected only for root. For both wheel and non-wheel users, XFCE and wm's would not launch as described in OpenBSD Misc mailing list thread titled "can't start X in 6.4" - Enabled and started xenodm, rebooted - XFCE still launched and ran normally for root, signing in from xenodm sign in page - Users launched in fvwm from xenodm sign in page. From console, if I ran startxfce4, panels would appear, but XFCE wallpaper didn't and windows were fvwm - To each of /root, /home/UserInWheelGroup and /home/UserNotInWheelGroup, I used nano to create .xsession with command *startxfce4 [edited] exec startxfce4*, rebooted - Now XFCE launches and runs normally for wheel and non-wheel users from xenodm sign in page - Now can't sign in as root from xenodm sign in page. Is this normal? If so, fine (but how do I sign in as root, if I want to?) If not, then I still have to figure this bit out. TKS Sources - RibaLinux instructions to install 6.0 with XFCE (but skipping some steps and adapting instructions to 6.4) - OpenBSD Misc mailing list, thread titled "can't start X in 6.4". Theo said switch to xenodm. - https://www.openbsd.org/faq/faq11.html "The X Window system" - Posts in this thread earlier than this one. Special thanks to jggimi in post 7. Last edited by TheTKS; 29th October 2018 at 03:10 AM. Reason: Typo, clarification, correction |
|
|||
Quote:
<Ctrl>+<Alt>+<F3> will bring up the 3rd Virtual terminal and you can login as root or a user. |
|
||||
Quote:
It is possible to prevent root login through setting the Authentication Widget xlogin.Login.allowRootLogin to false, but this would have been something you would have been aware of doing. |
|
||||
Quote:
Here's my /etc/rc.conf.local: Code:
bsd$ cat /etc/rc.conf.local xenodm_flags="" pkg_scripts="messagebus" ntpd_flags="-s" Code:
bsd$ cat .xsession exec ck-launch-session startxfce4 Code:
bsd$ cat /etc/X11/xenodm/Xsetup_0 #!/bin/sh # $OpenBSD: Xsetup_0,v 1.5 2018/07/17 11:52:12 matthieu Exp $ #xconsole -geometry 480x130-0-0 -daemon -notify -verbose -fn fixed -exitOnFail # sxpm OpenBSD.xpm &
__________________
hitest |
|
|||
Quote:
As of today: - Both syspatches applied - My /etc/rc.conf.local contains Code:
xenodm_flags="" Code:
exec startxfce4 ... and XFCE launches for both regular users. None of the X error messages showed up that other people have been reporting after syspatch 2 (which Theo has said in the mailing lists not to worry about.) hitest, thanks for the tip on getting rid of xconsole. Not a big deal for me, but it is distracting and I haven't yet seen it display any useful info, which if there were, I expect will be in a log. TKS |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Hosting a Windows VM on OpenBSD | girarde | OpenBSD Packages and Ports | 2 | 27th December 2015 12:42 AM |
User Store, Auth, VPN and Multi-user apps/software | montie | OpenBSD Packages and Ports | 9 | 9th January 2015 09:51 PM |
New OpenBSD installation on HDD with Windows | cableguy | OpenBSD Installation and Upgrading | 8 | 3rd April 2014 10:57 PM |
WOL windows 7 from openbsd | sputnik | General software and network | 0 | 9th April 2013 08:18 AM |
New OpenBSD User | codeFreak | OpenBSD General | 3 | 18th February 2011 02:43 AM |