I would like to propose that we make the following change to the
GNOME CDE login integration scripts. Note the attached patch simply
causes /usr/dt/config/Xsession.jds to start /usr/dt/bin/Xsession via
/bin/sh -c rather than via an exec call.
I have not yet made this change in spec-files. I wanted to first
explain the situation and the fix. If I don't hear any issues with
this fix in the next day or so, then I will go ahead and make this
change to our dtlogin-integration module and get this fix into
spec-files.
This fixes bug #6577979, which causes gnome-settings-daemon to be unable
to communicate with D-Bus and exit when the user has been given all
privileges via RBAC. For example, when the user has the following line
in /etc/user_attr:
username::::type=normal;defaultpriv=all
This problem only happens with CDE login (not GDM).
How we need to start dbus-launch on Solaris is a bit complicated:
1) We can't start dbus-launch in any script that is launched from
/usr/dt/bin/Xsession because this script uses sdt_shell to
launch these scripts. dbus-launch listens for a Control-D
and if it receives one, it thinks the session has ended and
immediately exits. The sdt_shell script sends such a Control-D.
So if you run dbus-launch in Xsession2.jds or Xinitrc.jds, it will
always exit immediately. You can refer to
/usr/dt/config/sys.dtprofile for information about why
sdt_shell does this Control-D stuff.
Therefore, we need to start dbus-launch in
/usr/dt/config/Xsession.jds before /usr/dt/bin/Xsession is
called.
2) In the case where the user has been given all priveleges via RBAC,
the /usr/dt/config/Xsession.jds script is called by dtlogin via
execve with seteid of 0. When we start dbus-launch this way, it
is unable to communicate with the user session.
So, the fix is to launch "dbus-launch --exit-with-session
/usr/dt/bin/Xsession" via "/bin/sh -c" rather than exec, this causes
dbus-launch and the Xsession script to lose euid and run properly
with user permissions. This fixes the problem where
gnome-settings-daemon can't talk with D-Bus.
There was some talk that it might be better to just fix CDE login to
not run the session script with effective uid set. However, the CDE
team is unwilling to change their code since they can't be sure that
fixing the problem this way won't introduce other undesirable side
effects.
Note that this problem only happens with CDE login. GDM always runs
the user session script as the real user without euid set, even when
the user has all permissions set via RBAC.
Brian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: xsession-jds.diff
Type: text/x-patch
Size: 283 bytes
Desc: not available
URL:
<http://mail.opensolaris.org/pipermail/jds-review/attachments/20071206/315b958c/attachment.bin>
