From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-1.6 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, MAILING_LIST_MULTI,NICE_REPLY_A,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 29105 invoked from network); 15 May 2022 02:44:51 -0000 Received: from alyss.skarnet.org (95.142.172.232) by inbox.vuxu.org with ESMTPUTF8; 15 May 2022 02:44:51 -0000 Received: (qmail 29236 invoked by uid 89); 15 May 2022 02:45:15 -0000 Mailing-List: contact supervision-help@list.skarnet.org; run by ezmlm Sender: Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Received: (qmail 29229 invoked from network); 15 May 2022 02:45:14 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sholland.org; h= cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to; s=fm2; t=1652582684; x= 1652669084; bh=sAYg89GaVcmvASmY9mXDVC2Yn2KWuTHsfr18JantVjk=; b=d 4ssA1z7a0ooyvxMB2M74VXsBHTzp47AW41iWnGAey6jHwq5fjkHto3VlVmFUZeBE 7M0rjHXWFYiw0Mfuu/Sl1zDzwSDPPBfSvOIBl6e+pd5NwuGVjbC04w57pXiXhjm3 fZziv/Vh0Z2k+FbuLf6scvel96y7BkcZCJrB8cwAz2apyXqG4wNDqBYb1H8rt6Qb 0sZMqRfmb5vK4N+bpKbVhNxQ+KziAXrnAlQbA9OtIlQ8RgzCEeAbthnRyvqMU2zv lb3J6/sCze3YQWLqoRA+WgDdzQTpZpfEnu/hYLnUU6KvRgBOG355yxDGLCnbiyBU ztV6yWVyGLstx4Tk0Typw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:date:from:from:in-reply-to:in-reply-to:message-id :mime-version:references:reply-to:sender:subject:subject:to:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm1; t=1652582684; x=1652669084; bh=sAYg89GaVcmvASmY9mXDVC2Yn2KW uTHsfr18JantVjk=; b=nsOUoeQQb6jx8UoVi9bVINxck67uEcom0A11hRgTGW5C 3MeAcKBO+Jya6oR36TdRCNGDkO8Z6ww7fp1bCYU7K1CkUHtBkoDuz2ND0qbvDz3D eONcHNQres5xGzzgLupVgDLBEhqNy8dK0DBXPUXmnzULMYONxzSjAvj4qtqoixQD X6CEj6lcHjQFFjxlcndszgW7QQnn9Uf1NS37Ge3aywQA2r0mwOPMSPNU4ebaMp6J 13mb/IR1nIxZl8u9y7Kp8EGTt8MWUBigSp5bwczcT9ZZNv9jg0/5K3LqOeNHAVB3 wMN+gDDyRVfYkij9YBmYb8/eHyRX4XlRFcXDJnX5Cw== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrhedvgdehgecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepuffvfhfhkffffgggjggtgfesthekre dttdefjeenucfhrhhomhepufgrmhhuvghlucfjohhllhgrnhguuceoshgrmhhuvghlsehs hhholhhlrghnugdrohhrgheqnecuggftrfgrthhtvghrnhepueeugffggfdvkeekhfetud ejgfeitdeiteevueekvdelteduvdefvddvgfeugeetnecuffhomhgrihhnpehkvghrnhgv lhdrohhrghdpfhhrvggvuggvshhkthhophdrohhrghdpghhithhhuhgsrdgtohhmnecuve hluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepshgrmhhuvghl sehshhholhhlrghnugdrohhrgh X-ME-Proxy: Subject: Re: s6 xinit replacement? To: Guillermo , Supervision References: <3VJC4G8PXTKVS.3RQFDLXYQABMW@oak.localdomain> From: Samuel Holland Message-ID: <727c2c8b-2b5e-24b4-f9e5-17e651217cc9@sholland.org> Date: Sat, 14 May 2022 21:44:43 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit On 5/13/22 10:47 PM, Guillermo wrote: > Hello, > > El mié, 11 may 2022 a las 0:43, dallinjdahl escribió: >> >> I tried to run X under s6 with the following run file: >> >> ~~~ >> #!/usr/bin/execlineb >> [...] >> X :${screen} vt${screen} >> ~~~ >> [...] >> (WW) xf86OpenConsole: VT_ACTIVATE failed: Operation not permitted >> (EE) >> Fatal server error: >> (EE) xf86OpenConsole: Switching VT failed >> [...] >> Does anybody know anything about how s6-svscan and s6-supervise might >> change the environment so as to complicate running X? > > If the Xorg process does not run as root, the tty specified in the vt > argument must be its controlling terminal. Yes, this is effectively the requirement. You can override it with a capability, but doing so is not necessary (see below). Here is the relevant kernel source for reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/drivers/tty/vt/vt_ioctl.c?h=v5.17#n744 > It works if you run X from > an interactive shell (perhaps indirectly through 'startx'), because it > inherits the shell's controlling terminal. It doesn't when run by > s6-supervise, because s6-supervise executes the 'run' file in a new > session, so there is no controlling terminal. It also works if X has permission to open the tty device read/write. Opening a tty as a session leader without a controlling terminal will set the controlling terminal to that tty. Relevant kernel code: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/drivers/tty/tty_jobctrl.c?h=v5.17#n129 And X will try to do that at startup (after failing to play with process groups because it is already group leader): https://gitlab.freedesktop.org/xorg/xserver/-/blob/master/hw/xfree86/os-support/linux/lnx_init.c#L207 I use a udev rule to set the tty owner: $ cat /etc/udev/rules.d/99-tty.rules SUBSYSTEM=="tty", KERNEL=="tty1", OWNER="samuel", GROUP="samuel", MODE="0600" And everything Just Works. I am fine with hard coding the tty number because my systems are single-user. X is started at boot from my user supervision tree[1], which is started by the user-* services in my system supervision tree[2]. [1]: https://github.com/smaeul/rc-user [2]: https://github.com/smaeul/rc You could also set the tty permissions at login. Another option is to avoid the privileged IOCTLs by using the "-novtswitch" or "-sharevts" option. These set flags which affect the logic in the other file: https://gitlab.freedesktop.org/xorg/xserver/-/blob/master/hw/xfree86/common/xf86Init.c#L1168 Hope that helps, Samuel