Bug#1022781: Unable to lock an existing session

2022-10-26 Thread martin f krafft 

Regarding the following, written by "Antoni Villalonga" on 2022-10-26 at 01:04 
Uhr +:
I guess the exit value of your `xautolock -locknow` execution is 
not zero. At it's defined as EXIT_FAILURE (EXIT_FAILURE=1 in 
stdlib.c).


Yes, it's 1:

lotus:~% xautolock -locknow || echo $?
Could not locate a running xautolock.
1

The message "Could not locate a running xautolock." (src/message.c:286) only 
show up when `type` is not `XA_INTEGER` (19. Defined in 
/usr/include/X11/Xatom.h from x11proto-dev).


I don't know anything about x11proto, so I am not sure what the 
above means.


I've recompiled xautolock and if this happens again, I'll be able to 
provide an strace and the debug output.


Until then: thanks for your quick response!

--
 .''`.   martin f. krafft  @martinkrafft
: :'  :  proud Debian developer
`. `'`   http://people.debian.org/~madduck
  `-  Debian - when you have better things to do than fixing systems
 
stupidity management for the superuser

is a user space issue in unix systems.
 -- alan cox

Bug#1022781: Unable to lock an existing session

2022-10-25 Thread Antoni Villalonga 
Hi Martin,

Your bug report is appreciated.

On Tue, Oct 25, 2022 at 08:33:23PM +0200, martin f krafft wrote:
> Package: xautolock
> Version: 1:2.2-7
> Severity: critical
> Tags: security
> 
> This is not software you can rely on to lock your screen:

I guess the exit value of your `xautolock -locknow` execution is not zero. At
it's defined as EXIT_FAILURE (EXIT_FAILURE=1 in stdlib.c).

Check the exit value and you can relay again with this lovely ancient software
:)

> ```
> lotus:~% xautolock -locknow
> Could not locate a running xautolock.
> lotus:~% ps aux | grep '[x]autolo'
> madduck   172688  0.0  0.0   6584  2756 ?SOct23   0:34 xautolock 
> -time 3 -locker exec /usr/bin/xsecurelock -notify 30 -notifier notify-send 
> Locking the screen in 30 seconds
> ```

The message "Could not locate a running xautolock." (src/message.c:286) only
show up when `type` is not `XA_INTEGER` (19. Defined in
/usr/include/X11/Xatom.h from x11proto-dev).

I can't reproduce this situation even after testing on Bookworm and Sid.

Can you give us more details about your system setup?
It seems your system is based on Debian testing/unstable.
Are you using xorg locally using a single single logged in?



I'll appreciate if you can add the following line just before (
"if (type == XA_INTEGER)") and rebuild xautolock...
src/message.c:250:  printf("DEBUG checkConnectionAndSendMessage | 
XGetWindowProperty type: %d\n", type);

After that, run "xautolock -locknow" and you'll get a message with the `type`
value.

> Strace didn't disclose any file the process might be looking for.

My strace for 'xautolock -locknow' run looks like:
  | 122 socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC, 0) = 3
  | 123 connect(3, {sa_family=AF_UNIX, sun_path=@"/tmp/.X11-unix/X0"}, 20) = 0
  | [...]
  | 390 poll([{fd=3, events=POLLIN|POLLOUT}], 1, -1) = 1 ([{
  | 391 writev(3, [{iov_base="\22\0\7\0\1\0\200\0Y\1\0\0\37\
  | 392 poll([{fd=3, events=POLLIN}], 1, -1)= 1 ([{fd=3,
  | 393 recvmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{
  | 394 recvmsg(3, {msg_namelen=0}, 0)  = -1 EAGAIN 
  | 395 recvmsg(3, {msg_namelen=0}, 0)  = -1 EAGAIN 
  | 396 poll([{fd=3, events=POLLIN|POLLOUT}], 1, -1) = 1 ([{
  | 397 writev(3, [{iov_base="\20\0\7\0\21\0\200\0XAUTOLOCK_
  | 398 poll([{fd=3, events=POLLIN}], 1, -1)= 1 ([{fd=3,
  | 399 recvmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{
  | 400 recvmsg(3, {msg_namelen=0}, 0)  = -1 EAGAIN 
  | 401 recvmsg(3, {msg_namelen=0}, 0)  = -1 EAGAIN 
  | 402 poll([{fd=3, events=POLLIN|POLLOUT}], 1, -1) = 1 ([{
  | 403 writev(3, [{iov_base="\24\0\6\0g\7\0\0\227\1\0\0\0\0
  | 404 poll([{fd=3, events=POLLIN}], 1, -1)= 1 ([{fd=3,
  | 405 recvmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{
  | 406 recvmsg(3, {msg_namelen=0}, 0)  = -1 EAGAIN 
  | 407 recvmsg(3, {msg_namelen=0}, 0)  = -1 EAGAIN 
  | 408 kill(1234567, 0)= -1 ESRCH (

Around line 390 is where checkConnectionAndSendMessage() calls 
RootWindowOfScreen().
And at line 402 XGetWindowProperty() is called.
In my execution 'type'==19, so a kill(pid, 0) is called to check the pid is 
available.

I've run strace as:
  % strace -s 1000 --output=xautolock-strace.txt xautolock -locknow

Thanks again for your report.
Hope you can run an strace and give back more info about your system setup.

Best regards,

-- 
Antoni Villalonga
https://friki.cat/

Bug#1022781: Unable to lock an existing session

2022-10-25 Thread martin f krafft 
Package: xautolock
Version: 1:2.2-7
Severity: critical
Tags: security

This is not software you can rely on to lock your screen:

```
lotus:~% xautolock -locknow
Could not locate a running xautolock.
lotus:~% ps aux | grep '[x]autolo'
madduck   172688  0.0  0.0   6584  2756 ?SOct23   0:34 xautolock 
-time 3 -locker exec /usr/bin/xsecurelock -notify 30 -notifier notify-send 
Locking the screen in 30 seconds
```

Strace didn't disclose any file the process might be looking for.

-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.0.0-rc7-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=en_NZ, LC_CTYPE=en_NZ.UTF-8 (charmap=UTF-8), LANGUAGE=en_NZ:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages xautolock depends on:
ii  libc6 2.35-3
ii  libx11-6  2:1.8.1-2
ii  libxext6  2:1.3.4-1+b1
ii  libxss1   1:1.2.3-1

Versions of packages xautolock recommends:
pn  xtrlock | xscreensaver | i3lock | suckless-tools  

xautolock suggests no packages.

-- no debconf information


-- 
 .''`.   martin f. krafft  @martinkrafft
: :'  :  proud Debian developer
`. `'`   http://people.debian.org/~madduck
  `-  Debian - when you have better things to do than fixing systems