Bug 13307
| Summary: | When exiting the console tty, device permissions revert even if an X session still needs them. | ||
|---|---|---|---|
| Product: | [Retired] Red Hat Linux | Reporter: | madings |
| Component: | pam | Assignee: | Nalin Dahyabhai <nalin> |
| Status: | CLOSED NOTABUG | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 6.2 | ||
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | i386 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2000-08-07 05:52:17 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
The problem with leaving devices ownership of console devices alone when you log out is that the next user logging in won't be able to use them. I suspect what you really want to do is "exec startx" at your console prompt. |
If I log into a console tty, run this command, startx & to run X11 in the background, and then log out of the console tty, then in the X session I no longer have the access I need for device files such as /dev/cdrom and /dev/kbd. It seems that when logging out of the tty console, if there are no other tty consoles left with me logged in, it reverts ownership of /dev/cdrom and /dev/kbd back to root again instead of leaving them in my name for the sake of the X session. The upshot of this is that when this happens I cannot run any CD player, I cannot mount CD-ROMs, and I cannot adjust the keyboard repeat rate. If I log back in to one of the console tty's and just leave it at the prompt, then these things work again in X. This may be affecting more than just /dev/cdrom and /dev/kbd. Those are just the files where I noticed the problem. I think it likely that there is a set of device files that are re-assigned when a user logs in and logs out, and they are probabably all affected by this, but I don't know enough details to tell if this is the case. This is a security problem because it means I have to leave a console logged in to make X work properly, and when I do that, even with the screen xlocked someone can still come by and hit ctrl-alt-F1 and get to my logged-in prompt. I suspect that this isn't a problem for people who run X11 via an xdm login, but I don't always want X running at all times, so I don't do that.