Bug 13307

Summary: When exiting the console tty, device permissions revert even if an X session still needs them.
Product: [Retired] Red Hat Linux Reporter: madings
Component: pamAssignee: Nalin Dahyabhai <nalin>
Status: CLOSED NOTABUG QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 6.2   
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2000-08-07 05:52:17 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description madings 2000-07-01 05:32:05 UTC
If I log into a console tty, run this command,
    startx &
to run X11 in the background, and then log out of
the console tty,  then in the X session I no longer
have the access I need for device files such as
/dev/cdrom and /dev/kbd.

It seems that when logging out of the tty console,
if there are no other tty consoles left with me
logged in, it reverts ownership of /dev/cdrom and
/dev/kbd back to root again instead of leaving them
in my name for the sake of the X session.

The upshot of this is that when this happens I cannot
run any CD player, I cannot mount CD-ROMs, and I cannot
adjust the keyboard repeat rate.  If I log back in to
one of the console tty's and just leave it at the prompt,
then these things work again in X.

This may be affecting more than just /dev/cdrom and /dev/kbd.
Those are just the files where I noticed the problem.  I
think it likely that there is a set of device files that are
re-assigned when a user logs in and logs out, and they are
probabably all affected by this, but I don't know enough
details to tell if this is the case.

This is a security problem because it means I have to leave a
console logged in to make X work properly, and when I do
that, even with the screen xlocked someone can still come
by and hit ctrl-alt-F1 and get to my logged-in prompt.

I suspect that this isn't a problem for people who run
X11 via an xdm login, but I don't always want X running
at all times, so I don't do that.

Comment 1 Nalin Dahyabhai 2000-07-03 07:46:27 UTC
The problem with leaving devices ownership of console devices alone when you
log out is that the next user logging in won't be able to use them.  I suspect
what you really want to do is "exec startx" at your console prompt.