Hi Martin,
Your bug report is appreciated.
On Tue, Oct 25, 2022 at 08:33:23PM +0200, martin f krafft wrote:
> Package: xautolock
> Version: 1:2.2-7
> Severity: critical
> Tags: security
>
> This is not software you can rely on to lock your screen:
I guess the exit value of your `xautolock -locknow` execution is not zero. At
it's defined as EXIT_FAILURE (EXIT_FAILURE=1 in stdlib.c).
Check the exit value and you can relay again with this lovely ancient software
:)
> ```
> lotus:~% xautolock -locknow
> Could not locate a running xautolock.
> lotus:~% ps aux | grep '[x]autolo'
> madduck 172688 0.0 0.0 6584 2756 ? S Oct23 0:34 xautolock
> -time 3 -locker exec /usr/bin/xsecurelock -notify 30 -notifier notify-send
> Locking the screen in 30 seconds
> ```
The message "Could not locate a running xautolock." (src/message.c:286) only
show up when `type` is not `XA_INTEGER` (19. Defined in
/usr/include/X11/Xatom.h from x11proto-dev).
I can't reproduce this situation even after testing on Bookworm and Sid.
Can you give us more details about your system setup?
It seems your system is based on Debian testing/unstable.
Are you using xorg locally using a single single logged in?
I'll appreciate if you can add the following line just before (
"if (type == XA_INTEGER)") and rebuild xautolock...
src/message.c:250: printf("DEBUG checkConnectionAndSendMessage |
XGetWindowProperty type: %d\n", type);
After that, run "xautolock -locknow" and you'll get a message with the `type`
value.
> Strace didn't disclose any file the process might be looking for.
My strace for 'xautolock -locknow' run looks like:
| 122 socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC, 0) = 3
| 123 connect(3, {sa_family=AF_UNIX, sun_path=@"/tmp/.X11-unix/X0"}, 20) = 0
| [...]
| 390 poll([{fd=3, events=POLLIN|POLLOUT}], 1, -1) = 1 ([{
| 391 writev(3, [{iov_base="\22\0\7\0\1\0\200\0Y\1\0\0\37\
| 392 poll([{fd=3, events=POLLIN}], 1, -1) = 1 ([{fd=3,
| 393 recvmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{
| 394 recvmsg(3, {msg_namelen=0}, 0) = -1 EAGAIN
| 395 recvmsg(3, {msg_namelen=0}, 0) = -1 EAGAIN
| 396 poll([{fd=3, events=POLLIN|POLLOUT}], 1, -1) = 1 ([{
| 397 writev(3, [{iov_base="\20\0\7\0\21\0\200\0XAUTOLOCK_
| 398 poll([{fd=3, events=POLLIN}], 1, -1) = 1 ([{fd=3,
| 399 recvmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{
| 400 recvmsg(3, {msg_namelen=0}, 0) = -1 EAGAIN
| 401 recvmsg(3, {msg_namelen=0}, 0) = -1 EAGAIN
| 402 poll([{fd=3, events=POLLIN|POLLOUT}], 1, -1) = 1 ([{
| 403 writev(3, [{iov_base="\24\0\6\0g\7\0\0\227\1\0\0\0\0
| 404 poll([{fd=3, events=POLLIN}], 1, -1) = 1 ([{fd=3,
| 405 recvmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{
| 406 recvmsg(3, {msg_namelen=0}, 0) = -1 EAGAIN
| 407 recvmsg(3, {msg_namelen=0}, 0) = -1 EAGAIN
| 408 kill(1234567, 0) = -1 ESRCH (
Around line 390 is where checkConnectionAndSendMessage() calls
RootWindowOfScreen().
And at line 402 XGetWindowProperty() is called.
In my execution 'type'==19, so a kill(pid, 0) is called to check the pid is
available.
I've run strace as:
% strace -s 1000 --output=xautolock-strace.txt xautolock -locknow
Thanks again for your report.
Hope you can run an strace and give back more info about your system setup.
Best regards,
--
Antoni Villalonga
https://friki.cat/
