I have filed the following bug to track this issue:

Ticket #19647 Fedora: Removing suid root bit from VBoxDRMClient
https://www.virtualbox.org/ticket/19647

On Mon, 08 Jun 2020 17:46:58 +0200, Hans de Goede <hdego...@redhat.com> wrote:

Hi All,

While looking into upgrading the Fedora virtualbox-guest-additions packages to 6.0.10 I noticed that the "VBoxClient --vmsvga-x11" call in VBoxClient-all has been replaced with "VBoxClient --vmsvga" and that that one will either behave as the old --vmsvga-x11 version (when running under a X11 session) or it will start /usr/bin/VBoxDRMClient.

I added /usr/bin/VBoxDRMClient to the Fedora packages, but after that resizing of a GNOME3 as Wayland-compositor session inside the guest still did not work.

The issue seems to be that /usr/bin/VBoxDRMClient needs more rights, I guess that
the upstream version of the guest-additions installs it suid root ?

That is not necessary and since Fedora ships virtualbox-guest-additions as part of the default workstation install we would like to avoid adding another suid root binary
to the default install.

Instead I've written a udev rule + systemd service to replace the "VBoxClient --vmsvga" call inside VBoxClient-all. These config files will start /usr/bin/VBoxDRMClient when running inside a VBox VM with VMSVGA graphics. Note this will now run independent of the type of session (X11 or Wayland) running inside the VM. This means that X11 sessions now also use VBoxDRMClient rather then VBoxClient --vmsvga-x11 for resizing.

This works fine and if upstream adopts this, then the VBoxClient --vmsvga-x11
can be dropped.

The udev rule and systemd file can be found here. Feel free to use these under the
MIT license:

https://src.fedoraproject.org/rpms/virtualbox-guest-additions/blob/master/f/VirtualBox-60-vboxguest.rules
https://src.fedoraproject.org/rpms/virtualbox-guest-additions/blob/master/f/vboxclient.service

Regards,

Hans

_______________________________________________
vbox-dev mailing list
vbox-dev@virtualbox.org
https://www.virtualbox.org/mailman/listinfo/vbox-dev


--
frankB

Oracle Virtualbox Development
_______________________________________________
vbox-dev mailing list
vbox-dev@virtualbox.org
https://www.virtualbox.org/mailman/listinfo/vbox-dev

Reply via email to