DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Installation and Upgrading

OpenBSD Installation and Upgrading Installing and upgrading OpenBSD.

Reply
 
Thread Tools Display Modes
Old 2nd November 2018
TheTKS TheTKS is offline
Port Guard
 
Join Date: Sep 2018
Location: Canada
Posts: 42
Default

Quote:
Originally Posted by jggimi View Post
This is a $PATH problem.

In /home/root/.xsession, try using the fully qualified executable: exec /usr/local/bin/startxfce4

If that fails to function properly, you could add /usr/local/bin to root's $PATH if it is not already there.
Thanks, jggimi, the first didn’t work, I will give the second a shot at some point. Those suggestions and a bit of reading point me to the next topic I should spend some time learning - environment variables.

TKS
Reply With Quote
Old 3rd November 2018
hitest's Avatar
hitest hitest is offline
Real Name: George Nielsen
VPN Cryptographer
 
Join Date: Sep 2008
Location: B.C., Canada
Posts: 373
Default

Quote:
Originally Posted by TheTKS View Post
OpenBSDE 6.4 + XFCE, X wouldn't start for users but did for root after xserver patch - mostly recovered
I have XFCE4 working for a regular user with xenodm, all patches applied. I installed consolekit2 which I found from a how to on the web.

Here's my /etc/rc.conf.local:

Code:
bsd$ cat /etc/rc.conf.local
xenodm_flags=""
pkg_scripts="messagebus"
ntpd_flags="-s"
Here's my .xession file:

Code:
bsd$ cat .xsession
exec ck-launch-session startxfce4
I also don't like that xconsole popping up all the time so I commented it out:

Code:
bsd$ cat /etc/X11/xenodm/Xsetup_0
#!/bin/sh
# $OpenBSD: Xsetup_0,v 1.5 2018/07/17 11:52:12 matthieu Exp $

#xconsole -geometry 480x130-0-0 -daemon -notify -verbose -fn fixed 
-exitOnFail

# sxpm OpenBSD.xpm &
__________________
hitest
Reply With Quote
Old 3rd November 2018
TheTKS TheTKS is offline
Port Guard
 
Join Date: Sep 2018
Location: Canada
Posts: 42
Default

Quote:
Originally Posted by hitest View Post
I have XFCE4 working for a regular user with xenodm, all patches applied. I installed consolekit2 which I found from a how to on the web.

Here's my /etc/rc.conf.local:

Code:
bsd$ cat /etc/rc.conf.local
xenodm_flags=""
pkg_scripts="messagebus"
ntpd_flags="-s"
Here's my .xession file:

Code:
bsd$ cat .xsession
exec ck-launch-session startxfce4
I also don't like that xconsole popping up all the time so I commented it out:

Code:
bsd$ cat /etc/X11/xenodm/Xsetup_0
#!/bin/sh
# $OpenBSD: Xsetup_0,v 1.5 2018/07/17 11:52:12 matthieu Exp $

#xconsole -geometry 480x130-0-0 -daemon -notify -verbose -fn fixed 
-exitOnFail

# sxpm OpenBSD.xpm &


As of today:

- Both syspatches applied

- My /etc/rc.conf.local contains
Code:
xenodm_flags=""
- My two user .xsessions contain only
Code:
exec startxfce4
I will look into what your extra term does

... and XFCE launches for both regular users. None of the X error messages showed up that other people have been reporting after syspatch 2 (which Theo has said in the mailing lists not to worry about.)

hitest, thanks for the tip on getting rid of xconsole. Not a big deal for me, but it is distracting and I haven't yet seen it display any useful info, which if there were, I expect will be in a log.


TKS
Reply With Quote
Old 3rd November 2018
hitest's Avatar
hitest hitest is offline
Real Name: George Nielsen
VPN Cryptographer
 
Join Date: Sep 2008
Location: B.C., Canada
Posts: 373
Default

Quote:
Originally Posted by TheTKS View Post
- My two user .xsessions contain only
Code:
exec startxfce4
I will look into what your extra term does
I can shutdown my computer by clicking on my name and clicking on shutdown. I don't need a terminal prompt to shutdown XFCE.
__________________
hitest

Last edited by hitest; 3rd November 2018 at 05:59 PM. Reason: Spelling error
Reply With Quote
Old 10th November 2018
TheTKS TheTKS is offline
Port Guard
 
Join Date: Sep 2018
Location: Canada
Posts: 42
Default

Quote:
Originally Posted by jggimi View Post
This is a $PATH problem.

In /home/root/.xsession, try using the fully qualified executable: exec /usr/local/bin/startxfce4

If that fails to function properly, you could add /usr/local/bin to root's $PATH if it is not already there.
Now also checked the second, and
Code:
/usr/local/bin
was already in root's $PATH.

I would like at some point to figure out why I can't get XFCE to launch automatically for root, but since the setup works for me - XFCE for users, and fvwm for root - I will leave it for now (or maybe even until I install 6.5) and move on to things that are higher priority for me ex. setting up printer/scanners.

Thanks for the help getting me this far.

TKS
Reply With Quote
Old 10th November 2018
TheTKS TheTKS is offline
Port Guard
 
Join Date: Sep 2018
Location: Canada
Posts: 42
Default

Quote:
Originally Posted by hitest View Post
I can shutdown my computer by clicking on my name and clicking on shutdown. I don't need a terminal prompt to shutdown XFCE.
Tried changing
Code:
exec startxfce4
to
Code:
exec ck-launch-session startxfce4
and I'm still unable to shutdown from XFCE, having to go to terminal as root to shutdown with
Code:
halt -p
Not a huge bother, but just inconvenient enough that I would like to get there, eventually.

TKS
Reply With Quote
Old 10th November 2018
shep shep is offline
Real Name: Scott
Arp Constable
 
Join Date: May 2008
Location: Dry and Dusty
Posts: 1,503
Default

The xfce pkg-readme has specific instructions on user shutdown/reboot which may help sort out the problem. At least it will let you know what the pkg maintainer intended.

http://cvsweb.openbsd.org/cgi-bin/cv...ype=text/plain

Last edited by shep; 10th November 2018 at 07:58 PM.
Reply With Quote
Old 10th November 2018
hitest's Avatar
hitest hitest is offline
Real Name: George Nielsen
VPN Cryptographer
 
Join Date: Sep 2008
Location: B.C., Canada
Posts: 373
Default

Quote:
Originally Posted by TheTKS View Post
T
to
Code:
exec ck-launch-session startxfce4
and I'm still unable to shutdown from XFCE
Did you install consolekit2 and modify /etc/rc.conf.local as I specified?
__________________
hitest
Reply With Quote
Old 10th November 2018
TheTKS TheTKS is offline
Port Guard
 
Join Date: Sep 2018
Location: Canada
Posts: 42
Default

Quote:
Originally Posted by hitest View Post
Did you install consolekit2 and modify /etc/rc.conf.local as I specified?
hitest, no and no, hence why it didn't work. Duh. I'll go do those next.

Quote:
Originally Posted by shep View Post
The xfce pkg-readme has specific instructions on user shutdown/reboot which may help sort out the problem. At least it will let you know what the pkg maintainer intended.

http://cvsweb.openbsd.org/cgi-bin/cv...ype=text/plain
shep, thanks for the reference. These instructions are starting to make some sense to me with the extra instructions and context.

TKS
Reply With Quote
Old 12th November 2018
TheTKS TheTKS is offline
Port Guard
 
Join Date: Sep 2018
Location: Canada
Posts: 42
Default

Now I can shut down directly from Xfce, per hitest's instructions and link provided by shep. Thank you, both.

Installed consolekit2 and polkit
http://cvsweb.openbsd.org/cgi-bin/cv...ype=text/plain

To /etc/rc.conf.local, added
Code:
pkg_scripts="messagebus"
Then to both regular users' .xsessions, added
Code:
exec ck-launch-session startxfce4
TKS
Reply With Quote
Old 12th November 2018
gpatrick gpatrick is offline
Spam Deminer
 
Join Date: Nov 2009
Posts: 245
Default

I was running 6.3 on a Lenovo N580 which worked great using Mate. Upgraded to 6.4 and no more working X. Tried the suggestions in this thread and nothing worked.
Code:
xenodm_flags=""
Left me with a black screen on reboot. Gave up and since I already had a FreeBSD 12.0-BETA-3 image downloaded, I reinstalled with that.

Being told to run xenodm is unacceptable as a solution.
Reply With Quote
Old 12th November 2018
fvgit's Avatar
fvgit fvgit is offline
Spikes in tights
 
Join Date: May 2016
Location: perl -MMIME::Base64 -le 'print decode_base64("U2hlcndvb2QgRm9yZXN0")'
Posts: 314
Default

Quote:
Originally Posted by gpatrick View Post
Being told to run xenodm is unacceptable as a solution.
You are aware that xenodm is actually part of the priviledge separation model in OpenBSD? With xenodm the X server runs as the _x11 user and not the user account. This is not the case with startx.
Reply With Quote
Old 12th November 2018
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,977
Default

Quote:
Originally Posted by gpatrick View Post
Gave up...
I'm sorry that you had trouble. If you still had the OS installed, CTRL-ALT-F1 would have taken you to the console, where the contents of /var/log/xenodm.log would have been available for review and analysis.
Reply With Quote
Old 12th November 2018
PapaParrot's Avatar
PapaParrot PapaParrot is offline
parrot
 
Join Date: Jul 2015
Location: Durango, Mx.
Posts: 472
Default

Quote:
Being told to run xenodm is unacceptable as a solution.
I wonder, did you @gpatrick, run the 2 syspatches, ? When I upgraded from 6.3 to 6.4 , just about 2 day ago, I had no problem continuing using startx as I have been , I am not familiar with using xendom, and it is not enabled on my system.
How ever, also I am not using any DE's, just a window manager, but don't see how that would make any difference.
Any way, I was under the impression , having to use xendom was a temporary option, but now with the 2nd syspatch, it is not required, one can still safely use startx ?
That is to say, the 1st patch fixed the xorg security issue, but it was at that point ,when people ran the patch they found they could not use startx anymore, and needed to make some configuration changes to start using xendom. So I decided to hold off for a little while and not upgrade.Later, I read about the 2nd patch,
https://www.openbsd.org/errata64.html
Quote:
002: RELIABILITY FIX: November 2, 2018 i386, amd64, arm64
The syspatch utility incorrectly handles symbolic links.
A source code patch exists which remedies this problem.
If I am wrong, then I will enable xendom, and start using it,...but from what I have read I don't think it is necessary. Same on a fresh install I did, I suppose if I had not run the syspatches, there would have been problems with startx, but I did run the patches first, and it all went smoothly.
I was impressed as to how quickly both patches were done, after I read about the 2nd one, I went ahead and upgraded.
__________________
My best friends are parrots

Last edited by PapaParrot; 12th November 2018 at 03:29 PM.
Reply With Quote
Old 12th November 2018
blackhole's Avatar
blackhole blackhole is offline
Spam Deminer
 
Join Date: Mar 2014
Posts: 316
Default

https://www.openbsd.org/faq/current.html
Quote:
2018/10/26 - setuid bit removed from /usr/X11R6/bin/Xorg

The Xorg binary is no longer installed setuid. So startx(1) can no longer be used by non-root users. The xenodm(1) display manager has to be used. To set it up:

GarryR, the 002 patch is for syspatch(8).

(I have used xenodm(1) for years, so no idea if startx works or not.)
Reply With Quote
Old 12th November 2018
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,977
Default

Quote:
Originally Posted by GarryR View Post
...I was under the impression , having to use xendom was a temporary option...
No, the temporary fix was to disable Xorg setuid if the patch could not be immediately installed. This would effectively disable X. This was the statement from http://www.openbsd.org/errata64.html:
Quote:
As an immediate (temporary) workaround, the Xorg binary can be disabled by running: chmod u-s /usr/X11R6/bin/Xorg
Reply With Quote
Old 12th November 2018
blackhole's Avatar
blackhole blackhole is offline
Spam Deminer
 
Join Date: Mar 2014
Posts: 316
Default

I just upgraded a 6.3-release install, which I have running in a VM, to 6.4-release.

Ran syspatch, stopped xenodm and issued startx as a user.
Code:
# syspatch -l
001_xserver
002_syspatch
X starts up normally...?
Reply With Quote
Old 12th November 2018
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,977
Default

  • The patch to 6.4-release corrects checks for privilege escalation activity, it does not eliminate it.
  • -current eliminates setuid, and requires xenodm(1).
Reply With Quote
Old 12th November 2018
PapaParrot's Avatar
PapaParrot PapaParrot is offline
parrot
 
Join Date: Jul 2015
Location: Durango, Mx.
Posts: 472
Default

Now I am some what confused, and maybe it would be a different topic, But any way, Is it ok to be using startx, or no ? Are there still security issues with that, if we use startx to start the Window Manager ?
==== edited ===
Quote:
Being told to run xenodm is unacceptable as a solution.
I don't have any problem with this, if the only solution is to use xenodm, then, I will follow the documentation, and start using it. It is just that I am accustomed to using startx.
When I boot , I do not start any display managers, WM, etc, I just log in to the console, sometimes, like now if and when I want to use a browser or anything that requires a display manager, I simply type 'startx', and open the xwindows, then I have FVWM as my wm, from there, if I want I may or may not use openbox,... thanks
__________________
My best friends are parrots

Last edited by PapaParrot; 12th November 2018 at 04:39 PM. Reason: additional note
Reply With Quote
Old 12th November 2018
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,977
Default

The security improvements made to -current go beyond what may deployed as a patch to 6.4-release. However, using xenodm() is recommended, as it will separate privileges that startx() does not.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Hosting a Windows VM on OpenBSD girarde OpenBSD Packages and Ports 2 27th December 2015 12:42 AM
User Store, Auth, VPN and Multi-user apps/software montie OpenBSD Packages and Ports 9 9th January 2015 09:51 PM
New OpenBSD installation on HDD with Windows cableguy OpenBSD Installation and Upgrading 8 3rd April 2014 10:57 PM
WOL windows 7 from openbsd sputnik General software and network 0 9th April 2013 08:18 AM
New OpenBSD User codeFreak OpenBSD General 3 18th February 2011 02:43 AM


All times are GMT. The time now is 12:00 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick