Debian Bug report logs - #611487
xterm: immediately exits upon running: exec login USER

version graph

Package: xterm; Maintainer for xterm is Debian X Strike Force <debian-x@lists.debian.org>; Source for xterm is src:xterm.

Reported by: Jeffrey Sheinberg <jeff@bsrd.net>

Date: Sat, 29 Jan 2011 22:03:01 UTC

Severity: normal

Found in version xterm/261-1

Reply or subscribe to this bug.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, jeff@bsrd.net, Debian X Strike Force <debian-x@lists.debian.org>:
Bug#611487; Package xterm. (Sat, 29 Jan 2011 22:03:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Jeffrey Sheinberg <jeff@bsrd.net>:
New Bug report received and forwarded. Copy sent to jeff@bsrd.net, Debian X Strike Force <debian-x@lists.debian.org>. (Sat, 29 Jan 2011 22:03:04 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Jeffrey Sheinberg <jeff@bsrd.net>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: xterm: immediately exits upon running: exec login USER
Date: Sat, 29 Jan 2011 17:02:15 -0500
Package: xterm
Version: 261-1
Severity: normal

Hi,

First of all, please note that I currently have xterm Version: 235-2
installed.

With xterm Version: 261-1 installed, when I run this command,

    $ exec login USER

the xterm immediately exits.  This problem does not occur with prior
versions of xterm installed, eg, Version: 235-2.

Note that on my system, login is setuid root, thus enabling exec-ing
login from the base level shell, on e.g., tty1, pts/2, to work.

    $ ls -l /bin/login
    -rwsr-xr-x 1 root root 36896 Sep 25 18:05 /bin/login

Here is a typescript of the correct xterm behavior using Version: 235-2.

    $ id
    uid=1001(jeff) gid=1001(jeff) groups=1001(jeff),4(adm),20(dialout),24(cdrom),25(floppy),29(audio),30(dip),201(xlocal)

    $ exec login jss
    Password: 
    Last login: Sat Jan 22 16:57:50 EST 2011 on pts/6
    Linux l2 2.6.32-5-amd64 #1 SMP Wed Jan 12 05:14:59 UTC 2011 x86_64

    The programs included with the Debian GNU/Linux system are free software;
    the exact distribution terms for each program are described in the
    individual files in /usr/share/doc/*/copyright.

    Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
    permitted by applicable law.
    You have mail.

    $ id
    uid=1002(jss) gid=1002(jss) groups=1002(jss),4(adm),29(audio),201(xlocal)

    $ who
    jeff     tty1         Jan 29 16:11
    jeff     pts/1        Jan 29 16:13 (:0.0)
    jeff     pts/0        Jan 29 16:13 (:0.0)
    jsroot   pts/2        Jan 29 16:13 (:0.0)
    jss      pts/3        Jan 29 16:28 (:0.0)
    jsroot   pts/4        Jan 29 16:13 (:0.0)
    jeff     pts/5        Jan 29 16:16 (:0.0)

Thanks,

Jeffrey Sheinberg

-- System Information:
Debian Release: 6.0
  APT prefers testing-proposed-updates
  APT policy: (500, 'testing-proposed-updates'), (500, 'testing')
Architecture: i386 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash

Versions of packages xterm depends on:
ii  libc6                     2.11.2-9       Embedded GNU C Library: Shared lib
ii  libfontconfig1            2.8.0-2.1      generic font configuration library
ii  libice6                   2:1.0.6-2      X11 Inter-Client Exchange library
ii  libncurses5               5.7+20100313-5 shared libraries for terminal hand
ii  libsm6                    2:1.1.1-1      X11 Session Management library
ii  libx11-6                  2:1.3.3-4      X11 client-side library
ii  libxaw7                   2:1.0.7-1      X11 Athena Widget library
ii  libxext6                  2:1.1.2-1      X11 miscellaneous extension librar
ii  libxft2                   2.1.14-2       FreeType-based font drawing librar
ii  libxmu6                   2:1.0.5-2      X11 miscellaneous utility library
ii  libxt6                    1:1.0.7-1      X11 toolkit intrinsics library
ii  xbitmaps                  1.1.0-1        Base X bitmaps

Versions of packages xterm recommends:
ii  x11-utils                     7.5+4      X11 utilities
ii  xutils                        1:7.5+8    X Window System utility programs m

Versions of packages xterm suggests:
pn  xfonts-cyrillic               <none>     (no description available)

-- no debconf information




Information forwarded to debian-bugs-dist@lists.debian.org, Debian X Strike Force <debian-x@lists.debian.org>:
Bug#611487; Package xterm. (Sat, 29 Jan 2011 22:45:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Cyril Brulebois <kibi@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian X Strike Force <debian-x@lists.debian.org>. (Sat, 29 Jan 2011 22:45:03 GMT) Full text and rfc822 format available.

Message #10 received at 611487@bugs.debian.org (full text, mbox):

From: Cyril Brulebois <kibi@debian.org>
To: Jeffrey Sheinberg <jeff@bsrd.net>, 611487@bugs.debian.org
Subject: Re: Bug#611487: xterm: immediately exits upon running: exec login USER
Date: Sat, 29 Jan 2011 23:41:26 +0100
[Message part 1 (text/plain, inline)]
Hi Jeffrey.

Jeffrey Sheinberg <jeff@bsrd.net> (29/01/2011):
> With xterm Version: 261-1 installed, when I run this command,
> 
>     $ exec login USER
> 
> the xterm immediately exits.  This problem does not occur with prior
> versions of xterm installed, eg, Version: 235-2.
> 
> Note that on my system, login is setuid root, thus enabling exec-ing
> login from the base level shell, on e.g., tty1, pts/2, to work.

Trying that without exec:
| $ login USER
| No utmp entry.  You must exec "login" from the lowest level "sh"

Now, if you use “exec”, you're replacing xterm by the login binary,
which returns (due to wrong usage), meaning your (previously-xterm)
process returns, which isn't exactly a bug in xterm.

The same happens with e.g. xfce4-terminal, so I guess xterm isn't at
fault here.

Please note that I tried with the same permission as yours on login:
| $ ls -l /bin/login
| -rwsr-xr-x 1 root root 45384 Sep 26 15:59 /bin/login

Looks like notabug to me, but I'll wait a bit before closing it.

KiBi.
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian X Strike Force <debian-x@lists.debian.org>:
Bug#611487; Package xterm. (Sun, 30 Jan 2011 02:12:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to jeff@bsrd.net (Jeffrey Sheinberg):
Extra info received and forwarded to list. Copy sent to Debian X Strike Force <debian-x@lists.debian.org>. (Sun, 30 Jan 2011 02:12:03 GMT) Full text and rfc822 format available.

Message #15 received at 611487@bugs.debian.org (full text, mbox):

From: jeff@bsrd.net (Jeffrey Sheinberg)
To: Cyril Brulebois <kibi@debian.org>
Cc: Jeffrey Sheinberg <jeff@bsrd.net>, 611487@bugs.debian.org
Subject: Re: Bug#611487: xterm: immediately exits upon running: exec login USER
Date: Sat, 29 Jan 2011 21:10:24 -0500
On Sat, Jan 29, 2011 at 11:41:26PM +0100, Cyril Brulebois wrote:
> From: Cyril Brulebois <kibi@debian.org>
> To: Jeffrey Sheinberg <jeff@bsrd.net>, 611487@bugs.debian.org
> Date: Sat, 29 Jan 2011 23:41:26 +0100
> User-Agent: Mutt/1.5.20 (2009-06-14)
> Subject: Re: Bug#611487: xterm: immediately exits upon running: exec login
>  USER
> 
> Hi Jeffrey.
> 
> Jeffrey Sheinberg <jeff@bsrd.net> (29/01/2011):
> > With xterm Version: 261-1 installed, when I run this command,
> > 
> >     $ exec login USER
> > 
> > the xterm immediately exits.  This problem does not occur with prior
> > versions of xterm installed, eg, Version: 235-2.
> > 
> > Note that on my system, login is setuid root, thus enabling exec-ing
> > login from the base level shell, on e.g., tty1, pts/2, to work.
> 
> Trying that without exec:
> | $ login USER
> | No utmp entry.  You must exec "login" from the lowest level "sh"
> 
> Now, if you use ???exec???, you're replacing xterm by the login binary,
> which returns (due to wrong usage), meaning your (previously-xterm)
> process returns, which isn't exactly a bug in xterm.
> 

No - I am not replacing xterm with /bin/login, I am replacing the
(lowest level) shell with /bin/login.

In my original submission, I provided a typescript where xterm Version: 235-2
handles the exec of login without any problems.  Do you see how user
'jeff' becomes user 'jss' in that typescript? 

> The same happens with e.g. xfce4-terminal, so I guess xterm isn't at
> fault here.
> 
> Please note that I tried with the same permission as yours on login:
> | $ ls -l /bin/login
> | -rwsr-xr-x 1 root root 45384 Sep 26 15:59 /bin/login
> 
> Looks like notabug to me, but I'll wait a bit before closing it.
> 

This is a bug in xterm Version: 261-1 as I originally reported, please
see my above comments.

> KiBi.

I would guess that this bug was introduced into xterm Version: 261-1
with the new "utempter" library.

Thanks,
-- 
Jeffrey Sheinberg





Information forwarded to debian-bugs-dist@lists.debian.org, Debian X Strike Force <debian-x@lists.debian.org>:
Bug#611487; Package xterm. (Wed, 02 Feb 2011 10:30:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Thomas Dickey <dickey@his.com>:
Extra info received and forwarded to list. Copy sent to Debian X Strike Force <debian-x@lists.debian.org>. (Wed, 02 Feb 2011 10:30:03 GMT) Full text and rfc822 format available.

Message #20 received at 611487@bugs.debian.org (full text, mbox):

From: Thomas Dickey <dickey@his.com>
To: Jeffrey Sheinberg <jeff@bsrd.net>, 611487@bugs.debian.org
Cc: Cyril Brulebois <kibi@debian.org>, Debian X Strike Force <debian-x@lists.debian.org>
Subject: Re: Bug#611487: xterm: immediately exits upon running: exec login USER
Date: Wed, 2 Feb 2011 05:25:31 -0500 (EST)
On Sat, 29 Jan 2011, Jeffrey Sheinberg wrote:

> This is a bug in xterm Version: 261-1 as I originally reported, please
> see my above comments.

I can reproduce this difference without the utempter library (though it's 
possible that the problem is related to ifdef's for it).  I'll look for a 
solution and close out #268 "soon" (have been busy setting up new 
development machines).

-- 
Thomas E. Dickey
http://invisible-island.net
ftp://invisible-island.net




Information forwarded to debian-bugs-dist@lists.debian.org, Debian X Strike Force <debian-x@lists.debian.org>:
Bug#611487; Package xterm. (Thu, 03 Feb 2011 10:51:05 GMT) Full text and rfc822 format available.

Acknowledgement sent to Thomas Dickey <dickey@his.com>:
Extra info received and forwarded to list. Copy sent to Debian X Strike Force <debian-x@lists.debian.org>. (Thu, 03 Feb 2011 10:51:05 GMT) Full text and rfc822 format available.

Message #25 received at 611487@bugs.debian.org (full text, mbox):

From: Thomas Dickey <dickey@his.com>
To: Thomas Dickey <dickey@his.com>, 611487@bugs.debian.org
Cc: Jeffrey Sheinberg <jeff@bsrd.net>, Cyril Brulebois <kibi@debian.org>, debian-bugs-dist@lists.debian.org
Subject: Re: Bug#611487: xterm: immediately exits upon running: exec login USER
Date: Thu, 3 Feb 2011 05:47:46 -0500 (EST)
On Wed, 2 Feb 2011, Thomas Dickey wrote:

> On Sat, 29 Jan 2011, Jeffrey Sheinberg wrote:
>
>> This is a bug in xterm Version: 261-1 as I originally reported, please
>> see my above comments.
>
> I can reproduce this difference without the utempter library (though it's 
> possible that the problem is related to ifdef's for it).  I'll look for a 
> solution and close out #268 "soon" (have been busy setting up new development 
> machines).

hmm - my quick check "without" was also without setgid, so there was no
utmp entry.

Reading the source for login, I see that the error message comes from a 
check (a) not running as root and (b) no valid utmp entry found.

Given that, the likely explanation is that login is dropping the setuid 
itself.  I don't see that in the unpatched source, but see comments in the 
Debian patch which indicate that's intended behavior.

Looks like a possible workaround would be to use sudo or other wrapper 
that holds the setuid behavior.

-- 
Thomas E. Dickey
http://invisible-island.net
ftp://invisible-island.net




Information forwarded to debian-bugs-dist@lists.debian.org, Debian X Strike Force <debian-x@lists.debian.org>:
Bug#611487; Package xterm. (Fri, 04 Feb 2011 00:18:11 GMT) Full text and rfc822 format available.

Acknowledgement sent to jeff@bsrd.net (Jeffrey Sheinberg):
Extra info received and forwarded to list. Copy sent to Debian X Strike Force <debian-x@lists.debian.org>. (Fri, 04 Feb 2011 00:18:11 GMT) Full text and rfc822 format available.

Message #30 received at 611487@bugs.debian.org (full text, mbox):

From: jeff@bsrd.net (Jeffrey Sheinberg)
To: Thomas Dickey <dickey@his.com>
Cc: 611487@bugs.debian.org, Jeffrey Sheinberg <jeff@bsrd.net>, Cyril Brulebois <kibi@debian.org>, debian-bugs-dist@lists.debian.org
Subject: Re: Bug#611487: xterm: immediately exits upon running: exec login USER
Date: Thu, 3 Feb 2011 19:16:34 -0500
On Thu, Feb 03, 2011 at 05:47:46AM -0500, Thomas Dickey wrote:
> From: Thomas Dickey <dickey@his.com>
> To: Thomas Dickey <dickey@his.com>, 611487@bugs.debian.org
> Date: Thu, 3 Feb 2011 05:47:46 -0500 (EST)
> Subject: Re: Bug#611487: xterm: immediately exits upon running: exec login
>  USER
> X-Spam-Status: No, score=0.683 tagged_above=-99 required=5
>  tests=[AWL=-0.261,
>  BAYES_40=-0.185, DNS_FROM_OPENWHOIS=1.13, SPF_PASS=-0.001]
> 
> On Wed, 2 Feb 2011, Thomas Dickey wrote:
> 
> >On Sat, 29 Jan 2011, Jeffrey Sheinberg wrote:
> >
> >>This is a bug in xterm Version: 261-1 as I originally reported, please
> >>see my above comments.
> >
> >I can reproduce this difference without the utempter library
> >(though it's possible that the problem is related to ifdef's for
> >it).  I'll look for a solution and close out #268 "soon" (have
> >been busy setting up new development machines).
> 
> hmm - my quick check "without" was also without setgid, so there was no
> utmp entry.
> 
> Reading the source for login, I see that the error message comes
> from a check (a) not running as root and (b) no valid utmp entry
> found.
> 
> Given that, the likely explanation is that login is dropping the
> setuid itself.  I don't see that in the unpatched source, but see
> comments in the Debian patch which indicate that's intended
> behavior.
> 
> Looks like a possible workaround would be to use sudo or other
> wrapper that holds the setuid behavior.
> 

Hi Thomas,

1. As I originally wrote, I can "exec login" from xterm-235-2
successfully, but not from xterm-261-1, with no other changes to
my system.

2. Cyril noted in his reply that xfce4-terminal behaves similar to
xterm-261-1, so I checked this out, I also tried it for lxterminal - but
they have a different behavior than xterm-261-1,

    A. Xterm-261-1 seems to exit without ever invoking the login
    authentication process.

    B. Both xfce4-terminal and lxterminal invoke login and the
    authentication process is successful (it's in the syslog), and then
    they each exit.

So I still maintain that there is a bug in xterm-261-1 compared to
xterm-235-2.

Thanks,
-- 
Jeffrey Sheinberg





Information forwarded to debian-bugs-dist@lists.debian.org, Debian X Strike Force <debian-x@lists.debian.org>:
Bug#611487; Package xterm. (Fri, 04 Feb 2011 00:33:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Thomas Dickey <dickey@his.com>:
Extra info received and forwarded to list. Copy sent to Debian X Strike Force <debian-x@lists.debian.org>. (Fri, 04 Feb 2011 00:33:03 GMT) Full text and rfc822 format available.

Message #35 received at 611487@bugs.debian.org (full text, mbox):

From: Thomas Dickey <dickey@his.com>
To: Jeffrey Sheinberg <jeff@bsrd.net>
Cc: 611487@bugs.debian.org, Cyril Brulebois <kibi@debian.org>
Subject: Re: Bug#611487: xterm: immediately exits upon running: exec login USER
Date: Thu, 3 Feb 2011 19:27:43 -0500 (EST)
On Thu, 3 Feb 2011, Jeffrey Sheinberg wrote:

> On Thu, Feb 03, 2011 at 05:47:46AM -0500, Thomas Dickey wrote:
>> From: Thomas Dickey <dickey@his.com>
>> To: Thomas Dickey <dickey@his.com>, 611487@bugs.debian.org
>> Date: Thu, 3 Feb 2011 05:47:46 -0500 (EST)
>> Subject: Re: Bug#611487: xterm: immediately exits upon running: exec login
>>  USER
>> X-Spam-Status: No, score=0.683 tagged_above=-99 required=5
>>  tests=[AWL=-0.261,
>>  BAYES_40=-0.185, DNS_FROM_OPENWHOIS=1.13, SPF_PASS=-0.001]
>>
>> On Wed, 2 Feb 2011, Thomas Dickey wrote:
>>
>>> On Sat, 29 Jan 2011, Jeffrey Sheinberg wrote:
>>>
>>>> This is a bug in xterm Version: 261-1 as I originally reported, please
>>>> see my above comments.
>>>
>>> I can reproduce this difference without the utempter library
>>> (though it's possible that the problem is related to ifdef's for
>>> it).  I'll look for a solution and close out #268 "soon" (have
>>> been busy setting up new development machines).
>>
>> hmm - my quick check "without" was also without setgid, so there was no
>> utmp entry.
>>
>> Reading the source for login, I see that the error message comes
>> from a check (a) not running as root and (b) no valid utmp entry
>> found.
>>
>> Given that, the likely explanation is that login is dropping the
>> setuid itself.  I don't see that in the unpatched source, but see
>> comments in the Debian patch which indicate that's intended
>> behavior.
>>
>> Looks like a possible workaround would be to use sudo or other
>> wrapper that holds the setuid behavior.
>>
>
> Hi Thomas,
>
> 1. As I originally wrote, I can "exec login" from xterm-235-2
> successfully, but not from xterm-261-1, with no other changes to
> my system.

right - essentially that's because #235 is setgid to utmp,
and opens the utmp file directly.  With utempter, there's a
separate process that opens it.

> 2. Cyril noted in his reply that xfce4-terminal behaves similar to
> xterm-261-1, so I checked this out, I also tried it for lxterminal - but
> they have a different behavior than xterm-261-1,
>
>    A. Xterm-261-1 seems to exit without ever invoking the login
>    authentication process.
>
>    B. Both xfce4-terminal and lxterminal invoke login and the
>    authentication process is successful (it's in the syslog), and then
>    they each exit.

thanks - I'll look/see why they're different from xterm.  ldd tells me
they're not using utempter, for instance.

> So I still maintain that there is a bug in xterm-261-1 compared to
> xterm-235-2.
>
> Thanks,

no problem (will keep studying it)

-- 
Thomas E. Dickey
http://invisible-island.net
ftp://invisible-island.net




Information forwarded to debian-bugs-dist@lists.debian.org, Debian X Strike Force <debian-x@lists.debian.org>:
Bug#611487; Package xterm. (Tue, 08 Feb 2011 12:00:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Thomas Dickey <dickey@his.com>:
Extra info received and forwarded to list. Copy sent to Debian X Strike Force <debian-x@lists.debian.org>. (Tue, 08 Feb 2011 12:00:03 GMT) Full text and rfc822 format available.

Message #40 received at 611487@bugs.debian.org (full text, mbox):

From: Thomas Dickey <dickey@his.com>
To: Thomas Dickey <dickey@his.com>, 611487@bugs.debian.org
Cc: Jeffrey Sheinberg <jeff@bsrd.net>, Cyril Brulebois <kibi@debian.org>, Debian X Strike Force <debian-x@lists.debian.org>
Subject: Re: Bug#611487: xterm: immediately exits upon running: exec login USER
Date: Tue, 8 Feb 2011 06:55:42 -0500 (EST)
On Thu, 3 Feb 2011, Thomas Dickey wrote:

> On Thu, 3 Feb 2011, Jeffrey Sheinberg wrote:
>
>> On Thu, Feb 03, 2011 at 05:47:46AM -0500, Thomas Dickey wrote:
>>> From: Thomas Dickey <dickey@his.com>
>>> To: Thomas Dickey <dickey@his.com>, 611487@bugs.debian.org
>>> Date: Thu, 3 Feb 2011 05:47:46 -0500 (EST)
>>> Subject: Re: Bug#611487: xterm: immediately exits upon running: exec login
>>>  USER
>>> X-Spam-Status: No, score=0.683 tagged_above=-99 required=5
>>>  tests=[AWL=-0.261,
>>>  BAYES_40=-0.185, DNS_FROM_OPENWHOIS=1.13, SPF_PASS=-0.001]
>>> 
>>> On Wed, 2 Feb 2011, Thomas Dickey wrote:
>>> 
>>>> On Sat, 29 Jan 2011, Jeffrey Sheinberg wrote:
>>>> 
>>>>> This is a bug in xterm Version: 261-1 as I originally reported, please
>>>>> see my above comments.
>>>> 
>>>> I can reproduce this difference without the utempter library
>>>> (though it's possible that the problem is related to ifdef's for
>>>> it).  I'll look for a solution and close out #268 "soon" (have
>>>> been busy setting up new development machines).
>>> 
>>> hmm - my quick check "without" was also without setgid, so there was no
>>> utmp entry.
>>> 
>>> Reading the source for login, I see that the error message comes
>>> from a check (a) not running as root and (b) no valid utmp entry
>>> found.
>>> 
>>> Given that, the likely explanation is that login is dropping the
>>> setuid itself.  I don't see that in the unpatched source, but see
>>> comments in the Debian patch which indicate that's intended
>>> behavior.
>>> 
>>> Looks like a possible workaround would be to use sudo or other
>>> wrapper that holds the setuid behavior.
>>> 
>> 
>> Hi Thomas,
>> 
>> 1. As I originally wrote, I can "exec login" from xterm-235-2
>> successfully, but not from xterm-261-1, with no other changes to
>> my system.
>
> right - essentially that's because #235 is setgid to utmp,
> and opens the utmp file directly.  With utempter, there's a
> separate process that opens it.
>
>> 2. Cyril noted in his reply that xfce4-terminal behaves similar to
>> xterm-261-1, so I checked this out, I also tried it for lxterminal - but
>> they have a different behavior than xterm-261-1,
>>
>>    A. Xterm-261-1 seems to exit without ever invoking the login
>>    authentication process.
>>
>>    B. Both xfce4-terminal and lxterminal invoke login and the
>>    authentication process is successful (it's in the syslog), and then
>>    they each exit.
>
> thanks - I'll look/see why they're different from xterm.  ldd tells me
> they're not using utempter, for instance.
>
>> So I still maintain that there is a bug in xterm-261-1 compared to
>> xterm-235-2.
>> 
>> Thanks,
>
> no problem (will keep studying it)

looking at lxterminal now, and compiling the login program to add some
traces, I'm seeing _that_ fail at the same point, with the same cause.
(I'll compare with xfce4-terminal this evening, and investigate whether
one of the Debian packages might change this behavior).

-- 
Thomas E. Dickey
http://invisible-island.net
ftp://invisible-island.net




Information forwarded to debian-bugs-dist@lists.debian.org, Debian X Strike Force <debian-x@lists.debian.org>:
Bug#611487; Package xterm. (Sat, 12 Feb 2011 13:51:07 GMT) Full text and rfc822 format available.

Acknowledgement sent to Thomas Dickey <dickey@his.com>:
Extra info received and forwarded to list. Copy sent to Debian X Strike Force <debian-x@lists.debian.org>. (Sat, 12 Feb 2011 13:51:07 GMT) Full text and rfc822 format available.

Message #45 received at 611487@bugs.debian.org (full text, mbox):

From: Thomas Dickey <dickey@his.com>
To: Thomas Dickey <dickey@his.com>, 611487@bugs.debian.org
Cc: Jeffrey Sheinberg <jeff@bsrd.net>, Cyril Brulebois <kibi@debian.org>
Subject: Re: Bug#611487: xterm: immediately exits upon running: exec login USER
Date: Sat, 12 Feb 2011 08:46:00 -0500 (EST)
On Tue, 8 Feb 2011, Thomas Dickey wrote:

> On Thu, 3 Feb 2011, Thomas Dickey wrote:
>
>> On Thu, 3 Feb 2011, Jeffrey Sheinberg wrote:
>> 
>>> On Thu, Feb 03, 2011 at 05:47:46AM -0500, Thomas Dickey wrote:
>>>> From: Thomas Dickey <dickey@his.com>
>>>> To: Thomas Dickey <dickey@his.com>, 611487@bugs.debian.org
>>>> Date: Thu, 3 Feb 2011 05:47:46 -0500 (EST)
>>>> Subject: Re: Bug#611487: xterm: immediately exits upon running: exec 
>>>> login
>>>>  USER
>>>> X-Spam-Status: No, score=0.683 tagged_above=-99 required=5
>>>>  tests=[AWL=-0.261,
>>>>  BAYES_40=-0.185, DNS_FROM_OPENWHOIS=1.13, SPF_PASS=-0.001]
>>>> 
>>>> On Wed, 2 Feb 2011, Thomas Dickey wrote:
>>>> 
>>>>> On Sat, 29 Jan 2011, Jeffrey Sheinberg wrote:
>>>>> 
>>>>>> This is a bug in xterm Version: 261-1 as I originally reported, please
>>>>>> see my above comments.
>>>>> 
>>>>> I can reproduce this difference without the utempter library
>>>>> (though it's possible that the problem is related to ifdef's for
>>>>> it).  I'll look for a solution and close out #268 "soon" (have
>>>>> been busy setting up new development machines).
>>>> 
>>>> hmm - my quick check "without" was also without setgid, so there was no
>>>> utmp entry.
>>>> 
>>>> Reading the source for login, I see that the error message comes
>>>> from a check (a) not running as root and (b) no valid utmp entry
>>>> found.
>>>> 
>>>> Given that, the likely explanation is that login is dropping the
>>>> setuid itself.  I don't see that in the unpatched source, but see
>>>> comments in the Debian patch which indicate that's intended
>>>> behavior.
>>>> 
>>>> Looks like a possible workaround would be to use sudo or other
>>>> wrapper that holds the setuid behavior.
>>>> 
>>> 
>>> Hi Thomas,
>>> 
>>> 1. As I originally wrote, I can "exec login" from xterm-235-2
>>> successfully, but not from xterm-261-1, with no other changes to
>>> my system.
>> 
>> right - essentially that's because #235 is setgid to utmp,
>> and opens the utmp file directly.  With utempter, there's a
>> separate process that opens it.
>> 
>>> 2. Cyril noted in his reply that xfce4-terminal behaves similar to
>>> xterm-261-1, so I checked this out, I also tried it for lxterminal - but
>>> they have a different behavior than xterm-261-1,
>>>
>>>    A. Xterm-261-1 seems to exit without ever invoking the login
>>>    authentication process.
>>>
>>>    B. Both xfce4-terminal and lxterminal invoke login and the
>>>    authentication process is successful (it's in the syslog), and then
>>>    they each exit.
>> 
>> thanks - I'll look/see why they're different from xterm.  ldd tells me
>> they're not using utempter, for instance.
>> 
>>> So I still maintain that there is a bug in xterm-261-1 compared to
>>> xterm-235-2.
>>> 
>>> Thanks,
>> 
>> no problem (will keep studying it)
>
> looking at lxterminal now, and compiling the login program to add some
> traces, I'm seeing _that_ fail at the same point, with the same cause.
> (I'll compare with xfce4-terminal this evening, and investigate whether
> one of the Debian packages might change this behavior).

I did look further, found that in my configuration at least, that I was
unable to get a login prompt from the unmodified setuid-login program
for either lxterminal or xfce4-terminal (or even gnome-terminal).

I simply copied /bin/login to /usr/local/bin/root-login, making it setuid
and setgid to root:staff

Since that prompt is what I understood "authentication process" to
refer to above, I'm puzzled - need more info to reproduce the case where
I would be seeing the VTE-based terminals working as you describe.

-- 
Thomas E. Dickey
http://invisible-island.net
ftp://invisible-island.net




Information forwarded to debian-bugs-dist@lists.debian.org, Debian X Strike Force <debian-x@lists.debian.org>:
Bug#611487; Package xterm. (Mon, 14 Feb 2011 00:54:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to jeff@bsrd.net (Jeffrey Sheinberg):
Extra info received and forwarded to list. Copy sent to Debian X Strike Force <debian-x@lists.debian.org>. (Mon, 14 Feb 2011 00:54:03 GMT) Full text and rfc822 format available.

Message #50 received at 611487@bugs.debian.org (full text, mbox):

From: jeff@bsrd.net (Jeffrey Sheinberg)
To: Thomas Dickey <dickey@his.com>
Cc: 611487@bugs.debian.org, Jeffrey Sheinberg <jeff@bsrd.net>, Cyril Brulebois <kibi@debian.org>
Subject: Re: Bug#611487: xterm: immediately exits upon running: exec login USER
Date: Sun, 13 Feb 2011 19:51:24 -0500
On Sat, Feb 12, 2011 at 08:46:00AM -0500, Thomas Dickey wrote:

> >looking at lxterminal now, and compiling the login program to add some
> >traces, I'm seeing _that_ fail at the same point, with the same cause.
> >(I'll compare with xfce4-terminal this evening, and investigate whether
> >one of the Debian packages might change this behavior).
> 
> I did look further, found that in my configuration at least, that I was
> unable to get a login prompt from the unmodified setuid-login program
> for either lxterminal or xfce4-terminal (or even gnome-terminal).
> 
> I simply copied /bin/login to /usr/local/bin/root-login, making it setuid
> and setgid to root:staff
> 
> Since that prompt is what I understood "authentication process" to
> refer to above, I'm puzzled - need more info to reproduce the case where
> I would be seeing the VTE-based terminals working as you describe.
> 
> -- 
> Thomas E. Dickey

Hi Thomas,

Here are some details on my setup,

# dpkg-query -l login xterm lxterminal xfce4-terminal
ii  login          1:4.1.4.2+svn3 system login tools
hi  xterm          235-2          X terminal emulator
ii  lxterminal     0.1.8-2        desktop independent vte-based terminal emula
ii  xfce4-terminal 0.4.5-1 Xfce   terminal emulator

# type login
login is /bin/login

# ls -l /bin/login
-rwsr-xr-x 1 root root 36896 Sep 25 18:05 /bin/login
; Notice that login is setuid to root, and is not setgid.

;-----------------------------------------------------------------------
; Now I login from user jeff on pts/2 to user jsroot on same pts/2.
$ exec login jsroot
Password: 
Last login: Fri Feb 11 08:42:34 EST 2011 on pts/3
...
# grep 'Feb 13 14:52:34 l2 login' /var/log/syslog
Feb 13 14:52:34 l2 login[6460]: pam_sm_authenticate: Called
Feb 13 14:52:34 l2 login[6460]: pam_sm_authenticate: username = [jsroot]
Feb 13 14:52:34 l2 login[6460]: pam_unix(login:session): session opened for user jsroot by jeff(uid=1001)
Feb 13 14:52:34 l2 login[6605]: ROOT LOGIN  on '/dev/pts/2' from ':0.0'

; So the above is successful using xterm 235-2.  Note that the above xterm has
; a PPID of 1 (init), since it was run from my $xclient, while the following
; VTEs have a PPID of 6461, which is the PID of the bash process that launched
; the VTE from pts/3.

;-----------------------------------------------------------------------
; Now startup xfce4-terminal (run from pts/3).
$ xfce4-terminal &
[1] 9545
    ; At this point an xfce4-terminal pops up, let $$ be its prompt.
    $$ exec login jsroot
    ; The xfce4-terminal now disappears, and there was no Password: prompt,
    ; and there was nothing in /var/log/syslog from login at this time.
$  
[1]+  Done                    xfce4-terminal

; Now I startup lxterminal just like xfce4-terminal, and I get the same
; results as for xfce4-terminal - immediate exit on 'exec login jsroot',
; no Password: prompt, and nothing from login in the syslog.

;-----------------------------------------------------------------------
; Now I just before install xterm 261-1, I try the same xfce4-terminal and
; lxterminal scenarios using instead xterm 235-2.
$ xterm &
[1] 10080
    ; At this point an xterm pops up, let $$ be its prompt
    $$ exec login jsroot
    Password: 
    Last login: Sun Feb 13 17:20:51 EST 2011 on pts/6
; Back at the xterm on pts/3 where I just ran 'xterm &'.
$
    ; Now I exit from the xterm where I successfully logged in as jsroot
    $$
; Back again at the xterm  on pts/3 where I just ran 'xterm &'
$ Cannot chmod /dev/pts/6 to 666 currently 620: Operation not permitted
; Why does the above error message get output to pts/3?
;
; Here are the syslog entries for this last login to jsroot,
Feb 13 17:26:17 l2 login[10081]: pam_sm_authenticate: Called
Feb 13 17:26:17 l2 login[10081]: pam_sm_authenticate: username = [jsroot]
Feb 13 17:26:17 l2 login[10081]: pam_unix(login:session): session opened for user jsroot by jeff(uid=1001)
Feb 13 17:26:17 l2 login[10153]: ROOT LOGIN  on '/dev/pts/6' from ':0.0'
Feb 13 17:29:22 l2 login[10081]: pam_unix(login:session): session closed for user jsroot

;-----------------------------------------------------------------------
; Now I install xterm 261-1.
# apt-get install xterm=261-1
...
Setting up xterm (261-1) ...
...
; Switch to pts/3, where I'll launch an xterm (261-1) in the background.
$ dpkg-query -l xterm
hi  xterm          261-1          X terminal emulator

$ who
jeff     tty1         Feb 13 14:37
jeff     pts/0        Feb 13 14:52 (:0.0)
jeff     pts/1        Feb 13 14:52 (:0.0)
jsroot   pts/2        Feb 13 14:52 (:0.0)
jeff     pts/3        Feb 13 14:52 (:0.0)
jsroot   pts/4        Feb 13 14:52 (:0.0)
jeff     pts/5        Feb 13 14:59 (:0.0)
$ xterm &
[1] 11422
    ; At this point an xterm pops up, let $$ be its prompt

    ; Switch to pts/6, where [1] 11422 is running in the background.
    $$ tty
    /dev/pts/6
    $$ logname
    jsroot
    ; Why is logname jsroot on pts/6?  May have something to do with having
    ; successfully done 'exec login jsroot' from xterm 235-2 on pts/6 in the
    ; first example above.
    $$ who
    jeff     tty1         Feb 13 14:37
    jeff     pts/0        Feb 13 14:52 (:0.0)
    jeff     pts/1        Feb 13 14:52 (:0.0)
    jsroot   pts/2        Feb 13 14:52 (:0.0)
    jeff     pts/3        Feb 13 14:52 (:0.0)
    jsroot   pts/4        Feb 13 14:52 (:0.0)
    jeff     pts/5        Feb 13 14:59 (:0.0)
    jeff     pts/6        Feb 13 19:05 (:0.0)

    $$ exec login jsroot
    ; Xterm process on pts/6 exits, no login prompt, no entry in syslog,
    ; just like with xfce4-terminal and lxterminal.     

; Back to pts/3.
$ 
[1]+  Done                    xterm
$ who
jeff     tty1         Feb 13 14:37
jeff     pts/0        Feb 13 14:52 (:0.0)
jeff     pts/1        Feb 13 14:52 (:0.0)
jsroot   pts/2        Feb 13 14:52 (:0.0)
jeff     pts/3        Feb 13 14:52 (:0.0)
jsroot   pts/4        Feb 13 14:52 (:0.0)
jeff     pts/5        Feb 13 14:59 (:0.0)

;-----------------------------------------------------------------------

If you can think of any other scenarios that you would like me to try,
I will be happy to do so.

Thanks,
-- 
Jeffrey Sheinberg





Information forwarded to debian-bugs-dist@lists.debian.org, Debian X Strike Force <debian-x@lists.debian.org>:
Bug#611487; Package xterm. (Mon, 14 Feb 2011 01:51:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Thomas Dickey <dickey@his.com>:
Extra info received and forwarded to list. Copy sent to Debian X Strike Force <debian-x@lists.debian.org>. (Mon, 14 Feb 2011 01:51:03 GMT) Full text and rfc822 format available.

Message #55 received at 611487@bugs.debian.org (full text, mbox):

From: Thomas Dickey <dickey@his.com>
To: Jeffrey Sheinberg <jeff@bsrd.net>, 611487@bugs.debian.org
Cc: Cyril Brulebois <kibi@debian.org>, Debian X Strike Force <debian-x@lists.debian.org>
Subject: Re: Bug#611487: xterm: immediately exits upon running: exec login USER
Date: Sun, 13 Feb 2011 20:46:58 -0500 (EST)
On Sun, 13 Feb 2011, Jeffrey Sheinberg wrote:

> Hi Thomas,
>
> Here are some details on my setup,
>
> # dpkg-query -l login xterm lxterminal xfce4-terminal
> ii  login          1:4.1.4.2+svn3 system login tools
> hi  xterm          235-2          X terminal emulator
> ii  lxterminal     0.1.8-2        desktop independent vte-based terminal emula
> ii  xfce4-terminal 0.4.5-1 Xfce   terminal emulator

aside from the xterm, I have the same versions here (of course I can
modify xterm).

>
> # type login
> login is /bin/login
>
> # ls -l /bin/login
> -rwsr-xr-x 1 root root 36896 Sep 25 18:05 /bin/login
> ; Notice that login is setuid to root, and is not setgid.

ok - shouldn't make much difference (I think).

> ;-----------------------------------------------------------------------
> ; Now I login from user jeff on pts/2 to user jsroot on same pts/2.
> $ exec login jsroot
> Password:
> Last login: Fri Feb 11 08:42:34 EST 2011 on pts/3
> ....
> # grep 'Feb 13 14:52:34 l2 login' /var/log/syslog
> Feb 13 14:52:34 l2 login[6460]: pam_sm_authenticate: Called
> Feb 13 14:52:34 l2 login[6460]: pam_sm_authenticate: username = [jsroot]
> Feb 13 14:52:34 l2 login[6460]: pam_unix(login:session): session opened for user jsroot by jeff(uid=1001)
> Feb 13 14:52:34 l2 login[6605]: ROOT LOGIN  on '/dev/pts/2' from ':0.0'
>
> ; So the above is successful using xterm 235-2.  Note that the above xterm has
> ; a PPID of 1 (init), since it was run from my $xclient, while the following
> ; VTEs have a PPID of 6461, which is the PID of the bash process that launched
> ; the VTE from pts/3.

ok (I'd be generally running all of those from the command-line, to 
simplify comparison).

on the machine I'm comparing at the moment, the pam messages are going to 
auth.log

syslog is only getting unrelated messages (including a 
bunch of segfaults from the kernel - that's 2.6.32-5-686, from an install 
of Debian/testing about a month ago).

> ;-----------------------------------------------------------------------
> ; Now startup xfce4-terminal (run from pts/3).
> $ xfce4-terminal &
> [1] 9545
>    ; At this point an xfce4-terminal pops up, let $$ be its prompt.
>    $$ exec login jsroot
>    ; The xfce4-terminal now disappears, and there was no Password: prompt,
>    ; and there was nothing in /var/log/syslog from login at this time.
> $
> [1]+  Done                    xfce4-terminal
>
> ; Now I startup lxterminal just like xfce4-terminal, and I get the same
> ; results as for xfce4-terminal - immediate exit on 'exec login jsroot',
> ; no Password: prompt, and nothing from login in the syslog.

That's consistent with what I was seeing.  But your comment in message #30
seemed to be saying that you got a prompt then.  I see the comment about
about the authentication messages from pam in the log - will check on 
that.

> ;-----------------------------------------------------------------------
> ; Now I just before install xterm 261-1, I try the same xfce4-terminal and
> ; lxterminal scenarios using instead xterm 235-2.
> $ xterm &
> [1] 10080
>    ; At this point an xterm pops up, let $$ be its prompt
>    $$ exec login jsroot
>    Password:
>    Last login: Sun Feb 13 17:20:51 EST 2011 on pts/6
> ; Back at the xterm on pts/3 where I just ran 'xterm &'.
> $
>    ; Now I exit from the xterm where I successfully logged in as jsroot
>    $$
> ; Back again at the xterm  on pts/3 where I just ran 'xterm &'
> $ Cannot chmod /dev/pts/6 to 666 currently 620: Operation not permitted
> ; Why does the above error message get output to pts/3?

The error message is written to xterm's stderr, which would be in the
shell from where it was launched.  The 666 would be when xterm's trying
to cleanup the pty permissions, and may be failing since the ownership
changed unexpectedly (from xterm's viewpoint, since it doesn't know about
login being setuid to root).

> ;
> ; Here are the syslog entries for this last login to jsroot,
> Feb 13 17:26:17 l2 login[10081]: pam_sm_authenticate: Called
> Feb 13 17:26:17 l2 login[10081]: pam_sm_authenticate: username = [jsroot]
> Feb 13 17:26:17 l2 login[10081]: pam_unix(login:session): session opened for user jsroot by jeff(uid=1001)
> Feb 13 17:26:17 l2 login[10153]: ROOT LOGIN  on '/dev/pts/6' from ':0.0'
> Feb 13 17:29:22 l2 login[10081]: pam_unix(login:session): session closed for user jsroot
>
> ;-----------------------------------------------------------------------
> ; Now I install xterm 261-1.
> # apt-get install xterm=261-1
> ....
> Setting up xterm (261-1) ...
> ....
> ; Switch to pts/3, where I'll launch an xterm (261-1) in the background.
> $ dpkg-query -l xterm
> hi  xterm          261-1          X terminal emulator
>
> $ who
> jeff     tty1         Feb 13 14:37
> jeff     pts/0        Feb 13 14:52 (:0.0)
> jeff     pts/1        Feb 13 14:52 (:0.0)
> jsroot   pts/2        Feb 13 14:52 (:0.0)
> jeff     pts/3        Feb 13 14:52 (:0.0)
> jsroot   pts/4        Feb 13 14:52 (:0.0)
> jeff     pts/5        Feb 13 14:59 (:0.0)
> $ xterm &
> [1] 11422
>    ; At this point an xterm pops up, let $$ be its prompt
>
>    ; Switch to pts/6, where [1] 11422 is running in the background.
>    $$ tty
>    /dev/pts/6
>    $$ logname
>    jsroot
>    ; Why is logname jsroot on pts/6?  May have something to do with having
>    ; successfully done 'exec login jsroot' from xterm 235-2 on pts/6 in the
>    ; first example above.

I'd assume it's looking at the pty and seeing the utmp record that was 
updated.  But the "who" below should be using the same info (not sure 
yet).

>    $$ who
>    jeff     tty1         Feb 13 14:37
>    jeff     pts/0        Feb 13 14:52 (:0.0)
>    jeff     pts/1        Feb 13 14:52 (:0.0)
>    jsroot   pts/2        Feb 13 14:52 (:0.0)
>    jeff     pts/3        Feb 13 14:52 (:0.0)
>    jsroot   pts/4        Feb 13 14:52 (:0.0)
>    jeff     pts/5        Feb 13 14:59 (:0.0)
>    jeff     pts/6        Feb 13 19:05 (:0.0)
>
>    $$ exec login jsroot
>    ; Xterm process on pts/6 exits, no login prompt, no entry in syslog,
>    ; just like with xfce4-terminal and lxterminal.
>
> ; Back to pts/3.
> $
> [1]+  Done                    xterm
> $ who
> jeff     tty1         Feb 13 14:37
> jeff     pts/0        Feb 13 14:52 (:0.0)
> jeff     pts/1        Feb 13 14:52 (:0.0)
> jsroot   pts/2        Feb 13 14:52 (:0.0)
> jeff     pts/3        Feb 13 14:52 (:0.0)
> jsroot   pts/4        Feb 13 14:52 (:0.0)
> jeff     pts/5        Feb 13 14:59 (:0.0)
>
> ;-----------------------------------------------------------------------
>
> If you can think of any other scenarios that you would like me to try,
> I will be happy to do so.

I'll see what I can digest from this - thanks

-- 
Thomas E. Dickey
http://invisible-island.net
ftp://invisible-island.net




Information forwarded to debian-bugs-dist@lists.debian.org, Debian X Strike Force <debian-x@lists.debian.org>:
Bug#611487; Package xterm. (Mon, 26 Mar 2012 22:30:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to jeff@bsrd.net (Jeffrey Sheinberg):
Extra info received and forwarded to list. Copy sent to Debian X Strike Force <debian-x@lists.debian.org>. (Mon, 26 Mar 2012 22:30:02 GMT) Full text and rfc822 format available.

Message #60 received at 611487@bugs.debian.org (full text, mbox):

From: jeff@bsrd.net (Jeffrey Sheinberg)
To: Thomas Dickey <dickey@his.com>
Cc: 611487@bugs.debian.org, Jeffrey Sheinberg <jeff@bsrd.net>, Cyril Brulebois <kibi@debian.org>, debian-bugs-dist@lists.debian.org
Subject: Re: Bug#611487: xterm: immediately exits upon running: exec login USER
Date: Mon, 26 Mar 2012 18:27:47 -0400
On Thu, Feb 03, 2011 at 05:47:46AM -0500, Thomas Dickey wrote:

> Looks like a possible workaround would be to use sudo or other
> wrapper that holds the setuid behavior.

Hi Thomas,

I tried your above suggestion, in my case I used su like this,

    $ su -l jsroot

to get a user "jsroot" login shell.

I have decided it is not appropriate to expect "exec login jsroot" to work,
even though it seemed to work when /bin/login is setuid 0 and xterm 235-2 was
installed.  I say seemed to work because, actually, the count of logged in
users on my system was always off by +1 when I used this technique.

Now, when I get a "jsroot" login shell via "su -l jsroot", the following
situation exists,

    # tty
    /dev/pts/2

    # logname
    jeff

    # var user logname
    export USER='jsroot'
    export LOGNAME='jsroot'

    # who | grep pts/2
    jeff     pts/2        Mar 26 09:18 (:0.0)

And when I then launch an xterm from this "jsroot" login shell on pts/2,
I have problems with xterm 261-1 & 276-2, like this,

    # tty
    /dev/pts/6

    # logname
    root

    # var user logname
    export USER='jsroot'
    export LOGNAME='root'

    # who | grep pts/6
    root     pts/6        Mar 26 16:12 (:0.0)

while xterm 235-2 works correctly, like this,

    # tty
    /dev/pts/6

    # logname
    jsroot

    # var user logname
    export USER='jsroot'
    export LOGNAME='jsroot'

    # who | grep pts/6
    jsroot   pts/6        Mar 26 16:02 (:0.0)

Note that both lxterminal 0.1.8-2 and xfce4-terminal 0.4.5-1 exibit the same
(IMO, correct) behavior as xterm 235-2 in this case.

I believe that the behavior exhibited by xterm 235-2, lxterminal 0.1.8-2, and
xfce4-terminal 0.4.5-1, in the above typescripts, is in accordance with the use
of "su -l USER", while the behavior of xterm 261-1 and xterm 276-2 is not in
accordance with "su -l USER", because I have previously su-ed to a login
sub-shell as user "jsroot", not as user "root".

Here is what POSIX $xcu/getlogin.html says,

    ...
    The login name shall be the string that would be returned by the getlogin()
    function defined in the System Interfaces volume of POSIX.1-2008.

and POSIX $xsh/getlogin.html says,

    ...
    Three names associated with the current process can be determined: getpwuid
    ( geteuid()) shall return the name associated with the effective user ID of
    the process; getlogin() shall return the name associated with the current
    login activity; and getpwuid( getuid()) shall return the name associated
    with the real user ID of the process.

    ...
    The getlogin() function returns a pointer to the user's login name. The
    same user ID may be shared by several login names. If it is desired to get
    the user database entry that is used during login, the result of getlogin()
    should be used to provide the argument to the getpwnam() function. (This
    might be used to determine the user's login shell, particularly where a
    single user has multiple login shells with distinct login names, but the
    same user ID.)

In other words, xterm 261-1 and xterm 276-2 should set the utmp entry for the
newly launched xterm so that getlogin() works properly.  As long as the uid of
the user database entry for the USER environmental variable is the same as the
value returned by getuid(), then USER should be set in the utmp entry for the
xterm.  Otherwise, the same logic would apply for the LOGNAME variable.  Only
when both of these alternatives fail, then xterm should fallback to setting the
utmp entry to getpwuid( getuid()).

Thanks,
-- 
Jeffrey Sheinberg





Information forwarded to debian-bugs-dist@lists.debian.org, Debian X Strike Force <debian-x@lists.debian.org>:
Bug#611487; Package xterm. (Tue, 27 Mar 2012 11:03:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to dickey@his.com:
Extra info received and forwarded to list. Copy sent to Debian X Strike Force <debian-x@lists.debian.org>. (Tue, 27 Mar 2012 11:03:07 GMT) Full text and rfc822 format available.

Message #65 received at 611487@bugs.debian.org (full text, mbox):

From: Thomas Dickey <dickey@his.com>
To: Jeffrey Sheinberg <jeff@bsrd.net>
Cc: 611487@bugs.debian.org, 611487-submitter@bugs.debian.org, Cyril Brulebois <kibi@debian.org>
Subject: Re: Bug#611487: xterm: immediately exits upon running: exec login USER
Date: Tue, 27 Mar 2012 06:59:46 -0400
[Message part 1 (text/plain, inline)]
On Mon, Mar 26, 2012 at 06:27:47PM -0400, Jeffrey Sheinberg wrote:
> On Thu, Feb 03, 2011 at 05:47:46AM -0500, Thomas Dickey wrote:
> 
> > Looks like a possible workaround would be to use sudo or other
> > wrapper that holds the setuid behavior.
> 
> Hi Thomas,
> 
> I tried your above suggestion, in my case I used su like this,
> 
>     $ su -l jsroot
> 
> to get a user "jsroot" login shell.
> 
> I have decided it is not appropriate to expect "exec login jsroot" to work,
> even though it seemed to work when /bin/login is setuid 0 and xterm 235-2 was
> installed.  I say seemed to work because, actually, the count of logged in
> users on my system was always off by +1 when I used this technique.

sounds good (I wasn't getting far with this, last year, though I'd not
given up).
 
> Now, when I get a "jsroot" login shell via "su -l jsroot", the following
> situation exists,
> 
>     # tty
>     /dev/pts/2
> 
>     # logname
>     jeff
> 
>     # var user logname
>     export USER='jsroot'
>     export LOGNAME='jsroot'
> 
>     # who | grep pts/2
>     jeff     pts/2        Mar 26 09:18 (:0.0)
> 
> And when I then launch an xterm from this "jsroot" login shell on pts/2,
> I have problems with xterm 261-1 & 276-2, like this,
> 
>     # tty
>     /dev/pts/6
> 
>     # logname
>     root
> 
>     # var user logname
>     export USER='jsroot'
>     export LOGNAME='root'
> 
>     # who | grep pts/6
>     root     pts/6        Mar 26 16:12 (:0.0)
> 
> while xterm 235-2 works correctly, like this,
> 
>     # tty
>     /dev/pts/6
> 
>     # logname
>     jsroot
> 
>     # var user logname
>     export USER='jsroot'
>     export LOGNAME='jsroot'
> 
>     # who | grep pts/6
>     jsroot   pts/6        Mar 26 16:02 (:0.0)
> 
> Note that both lxterminal 0.1.8-2 and xfce4-terminal 0.4.5-1 exibit the same
> (IMO, correct) behavior as xterm 235-2 in this case.

hmm - I'll have to investigate this.  It sounds as if you're referring
to the effect of this chunk in main.c:

	    login_name = NULL;
	    if (x_getpwuid(screen->uid, &pw)) {
		login_name = x_getlogin(screen->uid, &pw);
	    }

which (is supposed to follow this guideline):

    /*
     * If the logon-name differs from the value we get by looking in the
     * password file, check if it does correspond to the same uid.  If so,
     * allow that as an alias for the uid.
     */
 
...so perhaps there's some information that I've discarded before that
point.

-- 
Thomas E. Dickey <dickey@invisible-island.net>
http://invisible-island.net
ftp://invisible-island.net
[signature.asc (application/pgp-signature, inline)]

Message sent on to Jeffrey Sheinberg <jeff@bsrd.net>:
Bug#611487. (Tue, 27 Mar 2012 11:03:16 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Debian X Strike Force <debian-x@lists.debian.org>:
Bug#611487; Package xterm. (Fri, 30 Mar 2012 10:57:07 GMT) Full text and rfc822 format available.

Acknowledgement sent to dickey@his.com:
Extra info received and forwarded to list. Copy sent to Debian X Strike Force <debian-x@lists.debian.org>. (Fri, 30 Mar 2012 10:57:13 GMT) Full text and rfc822 format available.

Message #73 received at 611487@bugs.debian.org (full text, mbox):

From: Thomas Dickey <dickey@his.com>
To: dickey@his.com, 611487-quiet@bugs.debian.org
Cc: Jeffrey Sheinberg <jeff@bsrd.net>, 611487@bugs.debian.org, 611487-submitter@bugs.debian.org, Cyril Brulebois <kibi@debian.org>
Subject: Re: Bug#611487: xterm: immediately exits upon running: exec login USER
Date: Fri, 30 Mar 2012 06:53:59 -0400
[Message part 1 (text/plain, inline)]
On Tue, Mar 27, 2012 at 06:59:46AM -0400, Thomas Dickey wrote:
> On Mon, Mar 26, 2012 at 06:27:47PM -0400, Jeffrey Sheinberg wrote:
> > Now, when I get a "jsroot" login shell via "su -l jsroot", the following
> > situation exists,
> > 
> >     # tty
> >     /dev/pts/2
> > 
> >     # logname
> >     jeff
> > 
> >     # var user logname
> >     export USER='jsroot'
> >     export LOGNAME='jsroot'
> > 
> >     # who | grep pts/2
> >     jeff     pts/2        Mar 26 09:18 (:0.0)
> > 
> > And when I then launch an xterm from this "jsroot" login shell on pts/2,
> > I have problems with xterm 261-1 & 276-2, like this,
> > 
> >     # tty
> >     /dev/pts/6
> > 
> >     # logname
> >     root
> > 
> >     # var user logname
> >     export USER='jsroot'
> >     export LOGNAME='root'
> > 
> >     # who | grep pts/6
> >     root     pts/6        Mar 26 16:12 (:0.0)
> > 
> > while xterm 235-2 works correctly, like this,
> > 
> >     # tty
> >     /dev/pts/6
> > 
> >     # logname
> >     jsroot
> > 
> >     # var user logname
> >     export USER='jsroot'
> >     export LOGNAME='jsroot'
> > 
> >     # who | grep pts/6
> >     jsroot   pts/6        Mar 26 16:02 (:0.0)

I can make $USER and $LOGNAME the same in the xterm as in its parent,
but utempter doesn't provide a way to set the user's name which would
show up in "who".  It only has parameters for hostname and pty name.
It fills in the user and date by itself.

-- 
Thomas E. Dickey <dickey@invisible-island.net>
http://invisible-island.net
ftp://invisible-island.net
[signature.asc (application/pgp-signature, inline)]

Information stored :
Bug#611487; Package xterm. (Fri, 30 Mar 2012 10:57:22 GMT) Full text and rfc822 format available.

Acknowledgement sent to dickey@his.com:
Extra info received and filed, but not forwarded. (Fri, 30 Mar 2012 10:57:22 GMT) Full text and rfc822 format available.

Message sent on to Jeffrey Sheinberg <jeff@bsrd.net>:
Bug#611487. (Fri, 30 Mar 2012 10:57:38 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Debian X Strike Force <debian-x@lists.debian.org>:
Bug#611487; Package xterm. (Fri, 11 May 2012 09:00:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to dickey@his.com:
Extra info received and forwarded to list. Copy sent to Debian X Strike Force <debian-x@lists.debian.org>. (Fri, 11 May 2012 09:00:03 GMT) Full text and rfc822 format available.

Message #86 received at 611487@bugs.debian.org (full text, mbox):

From: Thomas Dickey <dickey@his.com>
To: 611487@bugs.debian.org
Cc: 611487-submitter@bugs.debian.org
Subject: re: #611487 xterm: immediately exits upon running: exec login USER
Date: Fri, 11 May 2012 04:58:02 -0400
[Message part 1 (text/plain, inline)]
xterm patch #279 implements the improvement I suggested.  To actually fix
the problem reported will take further changes, to libutempter itself.
(I might do that, though iirc libutempter lacks a maintainer...).

-- 
Thomas E. Dickey <dickey@invisible-island.net>
http://invisible-island.net
ftp://invisible-island.net
[signature.asc (application/pgp-signature, inline)]

Message sent on to Jeffrey Sheinberg <jeff@bsrd.net>:
Bug#611487. (Fri, 11 May 2012 09:00:14 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Mon Apr 21 16:58:11 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.