Date: Wed, 18 Apr 2007 11:56:51 +0100 From: Florent Thoumie <flz@FreeBSD.org> To: Dejan Lesjak <dejan.lesjak@ijs.si> Cc: Stefan `Sec` Zehl <sec@42.org>, freebsd-x11@freebsd.org Subject: Re: ports/109497: x11-servers/xorg-fontserver rc.d/xfs.sh script missing "-user" Message-ID: <4625F973.90002@FreeBSD.org> In-Reply-To: <200704181250.01295.dejan.lesjak@ijs.si> References: <200704161141.l3GBfrcY049525@freefall.freebsd.org> <46253C95.3030808@FreeBSD.org> <20070417220046.GC44061@ice.42.org> <200704181250.01295.dejan.lesjak@ijs.si>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig26EF9A4028CD3EF2981E012A Content-Type: text/plain; charset=ISO-8859-15 Content-Transfer-Encoding: quoted-printable Dejan Lesjak wrote: > On Wednesday 18 of April 2007, Stefan `Sec` Zehl wrote: >> On Tue, Apr 17, 2007 at 22:31 +0100, Florent Thoumie wrote: >>> Stefan `Sec` Zehl wrote: >>>> Hi, >>>> >>>> On Mon, Apr 16, 2007 at 11:41 +0000, Florent Thoumie wrote: >>>>> Synopsis: x11-servers/xorg-fontserver rc.d/xfs.sh script missing >>>>> "-user" >>>>> >>>>> State-Changed-From-To: open->closed >>>>> State-Changed-By: flz >>>>> State-Changed-When: Mon Apr 16 11:40:38 UTC 2007 >>>>> State-Changed-Why: >>>>> I just checked and other OS'es seem to run it as root as well. >>>>> >>>>> If this is a real concern to you, just set xfs_flags=3D"-user nobod= y" in >>>>> /etc/rc.conf. I think this is what you're looking for. >>>> Please note that if you set "xfs_user=3D" to something, the default >>>> rc.subr will already try to do something with it, and (silently) fai= l >>>> to start xfs at all. I do think fixing this would be more user frien= dly >>>> -- besides, its only a two-line patch anyway, and it doesn't even >>>> change the default of running as root. >>>> >>>> But if think it's important to refuse this change, I can certainly l= ive >>>> without that patch. >>> This is not what I said, please re-read my message. >> Ok. I did. >> >> As far as I can tell, your message had two points. >> >> 1: Others run it as root. >> 2: I can run it as non-root if I want to by using xfs_flags=3D... >> >> If that isn't what you said, please rephrase, as I must have >> misunderstood you. Please be patient, as english is not my native >> language. Therefore let me also rephrase my last answer. >> >> First regarding your two points: >> >> re 1: >> - I'm not asking to change the default. So what other OSs run it as is= >> not relevant. >> >> re 2: >> - If you still want to reject the patch I sent, I can live with it as >> users searching for it will hopefully find the workaround documented= >> in this PR. >> >> My additional points I was trying to make: >> >> - If someone currently sets "xfs_user=3D" in rc.conf, this makes xfs f= ail >> silently. I think it would be great if it instead would just work. >=20 > It certainly should not fail silently if someone has unsupported option= in=20 > rc.conf. If this is the case it should be fixed. But note that we are r= ather=20 > busy trying to get xorg 7.2 into ports so if you could try the script a= gain=20 > after the upgrade and if it fails bring it up again then, that would be= =20 > lovely. >=20 >> - It is only two lines, so no bloat, and it won't hurt anyone. >=20 > It's not so much the number of lines - it's rather that it seems this o= ption=20 > is not that commonly used and that there already is a mechanism to do t= hat=20 > with existing options (namely xfs_flags). >=20 >> Hope that clears it up, >=20 > Well, it rather confuses me :-) I didn't expect the thing to fail if yo= u set=20 > some option that the script does not even look at, but yes, it does cle= ar up=20 > your problem. Well I haven't checked for xfs case but if it needs root privileges at startup to drop them later then xfs_user indeed won't work, cause it uses 'su'. I tend to think that *_flags is there because we can't support any possible option. Anyway, I don't know if it indeed fails silently but I'll fix it in git so that it'll work after the merge. --=20 Florent Thoumie flz@FreeBSD.org FreeBSD Committer --------------enig26EF9A4028CD3EF2981E012A Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGJfl5MxEkbVFH3PQRCjTNAJ9xp+7fzBfQuYlioLBxsFJAmQF0UACgjQAQ Cfs9YZlnuD9PTeYuq+MCY6I= =dY5R -----END PGP SIGNATURE----- --------------enig26EF9A4028CD3EF2981E012A--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4625F973.90002>