Bug 222543 - 'su -l' seems to be littering /root with .xauth* files
'su -l' seems to be littering /root with .xauth* files
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: pam (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Tomas Mraz
: Reopened
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-01-13 13:35 EST by Tom London
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-03-19 15:14:45 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Tom London 2007-01-13 13:35:07 EST
Description of problem:
Each time I run 'su -l', a new '/root/.xauth*' file seems to be created.

This file seem never to be removed, even if I exit from the su-ed shell.

I now have over 400 such files in /root.  Here is a snippet from 'ls -lat
/root/.auth*':

-rw------- 1 root root 66 2007-01-13 10:23 /root/.xauthO0EsI4
-rw------- 1 root root 66 2007-01-13 10:10 /root/.xauthb0TFg7
-rw------- 1 root root 66 2007-01-13 10:00 /root/.xauthtEb6ek
-rw------- 1 root root 66 2007-01-13 09:28 /root/.xauthiMfByg
-rw------- 1 root root 66 2007-01-13 09:05 /root/.xauthgPgwCt
-rw------- 1 root root 66 2007-01-13 08:51 /root/.xauthXfHqPb
-rw------- 1 root root 66 2007-01-12 16:07 /root/.xauthkGktJY
-rw------- 1 root root 66 2007-01-12 15:05 /root/.xauthF4bCYn
-rw------- 1 root root 66 2007-01-12 09:16 /root/.xauthWZ8xsT
-rw------- 1 root root 66 2007-01-12 07:24 /root/.xauthEzxJHe
-rw------- 1 root root 66 2007-01-12 07:11 /root/.xauthH7s3TA
-rw------- 1 root root 66 2007-01-12 07:07 /root/.xauthZrt9Bp
-rw------- 1 root root 66 2007-01-12 06:28 /root/.xauthONpOPB

Oldest one I have is:
-rw------- 1 root root 66 2006-09-19 15:09 /root/.xauthRQ7SbM
-rw------- 1 root root 66 2006-09-19 07:04 /root/.xauthWwbY8z

That may be when I got this laptop.....


Version-Release number of selected component (if applicable):
coreutils-6.7-1.fc7

How reproducible:
Everytime

Steps to Reproduce:
1. run 'su -l'
2. run 'ls -la /root/.xauth*'
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 Tom London 2007-01-13 13:46:08 EST
Is this coming from /lib/security/pam_xauth.so ?
Comment 3 Tom London 2007-01-24 09:30:21 EST
Uhhh this seems fixed now.

pam-0.99.7.0-2.fc7 ?
Comment 4 Tomas Mraz 2007-01-24 09:44:25 EST
Yes it is. It was a bug in pam_keyinit.so module.
Comment 5 Tom London 2007-03-08 09:29:42 EST
This appears to have regressed, starting about 3 weeks ago.

Could this be a problem with pam-0.99.7.1-3.fc7 ?

[root@localhost ~]# ls -lat .xauth*
-rw------- 1 root root 66 2007-03-08 06:16 .xauthPnmTmI
-rw------- 1 root root 66 2007-03-06 14:09 .xauthgVJXtV
-rw------- 1 root root 66 2007-03-03 16:56 .xauth0djkLb
-rw------- 1 root root 66 2007-03-03 16:48 .xauth5Tr9fc
-rw------- 1 root root 66 2007-03-03 10:42 .xauthOpqrlL
-rw------- 1 root root 66 2007-03-02 15:20 .xauth6YIqeT
-rw------- 1 root root 66 2007-03-01 15:42 .xauthgcebzg
-rw------- 1 root root 66 2007-03-01 13:36 .xauthXlpiWJ
-rw------- 1 root root 66 2007-02-27 09:00 .xauthWeNUpB
-rw------- 1 root root 66 2007-02-25 14:33 .xauthlNgl6g
-rw------- 1 root root 66 2007-02-25 10:33 .xauthjteXA4
-rw------- 1 root root 66 2007-02-24 11:50 .xauthq2rR5k
-rw------- 1 root root 66 2007-02-23 08:47 .xauthDBPVPL
-rw------- 1 root root 66 2007-02-22 06:24 .xauthe3bItB
-rw------- 1 root root 66 2007-02-21 06:53 .xauthNVYo2x
-rw------- 1 root root 66 2007-02-21 06:52 .xauthfFgfMk
-rw------- 1 root root 66 2007-02-20 14:00 .xauthpNmM5W
-rw------- 1 root root 66 2007-02-20 10:32 .xauthn9dNDT
-rw------- 1 root root 66 2007-02-20 09:36 .xauthy3YTfa
-rw------- 1 root root 66 2007-02-19 17:17 .xauthNR3gOm
-rw------- 1 root root 66 2007-02-15 08:22 .xauth0nSCWj
Comment 6 Tomas Mraz 2007-03-19 13:38:15 EDT
Strange, I cannot reproduce the problem with latest rawhide. Can you strace
attach the su process before you log out of the 'su' session?


Comment 7 Tom London 2007-03-19 14:24:41 EDT
Below is the strace, but your request may clarify.....

I frequently reboot/shutdown without exiting from 'su -'. If these files are
removed only at normal exit, they would tend to linger on....

That possible?


Process 3698 attached - interrupt to quit
waitpid(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], WSTOPPED) = 3709
open("/etc/security/pam_env.conf", O_RDONLY|O_LARGEFILE) = 4
fstat64(4, {st_mode=S_IFREG|0644, st_size=2980, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0xb7f3c000
read(4, "#\n# This is the configuration fi"..., 4096) = 2980
read(4, "", 4096)                       = 0
close(4)                                = 0
munmap(0xb7f3c000, 4096)                = 0
open("/etc/environment", O_RDONLY|O_LARGEFILE) = 4
fstat64(4, {st_mode=S_IFREG|0644, st_size=0, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0xb7f3c000
read(4, "", 4096)                       = 0
close(4)                                = 0
munmap(0xb7f3c000, 4096)                = 0
socket(PF_NETLINK, SOCK_RAW, 9)         = 4
fcntl64(4, F_SETFD, FD_CLOEXEC)         = 0
readlink("/proc/self/exe", "/bin/su", 4095) = 7
sendto(4, "h\0\0\0P\4\5\0\5\0\0\0\0\0\0\0PAM: setcred acc"..., 104, 0,
{sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 104
poll([{fd=4, events=POLLIN, revents=POLLIN}], 1, 100) = 1
recvfrom(4, "$\0\0\0\2\0\0\0\5\0\0\0r\16\0\0\0\0\0\0h\0\0\0P\4\5\0\5"..., 8988,
MSG_PEEK|MSG_DONTWAIT, {sa_family=AF_NETLINK, pid=0, groups=00000000}, [12]) = 36
recvfrom(4, "$\0\0\0\2\0\0\0\5\0\0\0r\16\0\0\0\0\0\0h\0\0\0P\4\5\0\5"..., 8988,
MSG_DONTWAIT, {sa_family=AF_NETLINK, pid=0, groups=00000000}, [12]) = 36
close(4)                                = 0
geteuid32()                             = 0
getegid32()                             = 500
setregid32(-1, 0)                       = 0
keyctl(0x3, 0x6aae3bd, 0, 0, 0x1f4)     = 0
setregid32(-1, 500)                     = 0
getuid32()                              = 500
open("/etc/passwd", O_RDONLY)           = 4
fcntl64(4, F_GETFD)                     = 0
fcntl64(4, F_SETFD, FD_CLOEXEC)         = 0
fstat64(4, {st_mode=S_IFREG|0644, st_size=1899, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0xb7f3c000
read(4, "root:x:0:0:root:/root:/bin/bash\n"..., 4096) = 1899
close(4)                                = 0
munmap(0xb7f3c000, 4096)                = 0
getuid32()                              = 500
time(NULL)                              = 1174328410
stat64("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2819, ...}) = 0
stat64("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2819, ...}) = 0
stat64("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2819, ...}) = 0
send(3, "<86>Mar 19 11:20:10 su: pam_unix"..., 76, MSG_NOSIGNAL) = 76
unlink("/root/.xauthgOjo0T")            = 0
socket(PF_NETLINK, SOCK_RAW, 9)         = 4
fcntl64(4, F_SETFD, FD_CLOEXEC)         = 0
readlink("/proc/self/exe", "/bin/su", 4095) = 7
sendto(4, "p\0\0\0R\4\5\0\6\0\0\0\0\0\0\0PAM: session clo"..., 112, 0,
{sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 112
poll([{fd=4, events=POLLIN, revents=POLLIN}], 1, 100) = 1
recvfrom(4, "$\0\0\0\2\0\0\0\6\0\0\0r\16\0\0\0\0\0\0p\0\0\0R\4\5\0\6"..., 8988,
MSG_PEEK|MSG_DONTWAIT, {sa_family=AF_NETLINK, pid=0, groups=00000000}, [12]) = 36
recvfrom(4, "$\0\0\0\2\0\0\0\6\0\0\0r\16\0\0\0\0\0\0p\0\0\0R\4\5\0\6"..., 8988,
MSG_DONTWAIT, {sa_family=AF_NETLINK, pid=0, groups=00000000}, [12]) = 36
close(4)                                = 0
munmap(0x884000, 6124)                  = 0
munmap(0x7c9000, 13300)                 = 0
munmap(0xc3d000, 97476)                 = 0
munmap(0x4f74a000, 93012)               = 0
munmap(0x4f76e000, 285024)              = 0
munmap(0x4f7b6000, 96040)               = 0
munmap(0xe75000, 5856)                  = 0
munmap(0x121000, 14700)                 = 0
munmap(0x617000, 30464)                 = 0
munmap(0x110000, 46240)                 = 0
munmap(0x41172000, 184636)              = 0
munmap(0x2bd000, 4436)                  = 0
munmap(0xef0000, 14248)                 = 0
munmap(0x11c000, 15352)                 = 0
close(1)                                = 0
close(2)                                = 0
exit_group(0)                           = ?
Process 3698 detached
[root@localhost ~]# 
Comment 8 Tomas Mraz 2007-03-19 15:14:45 EDT
Yes, when not exited cleanly from su, these files will stay there - there is no
process which could remove them.
-> back to CLOSED-RAWHIDE as the original problem indeed is fixed.

Note You need to log in before you can comment on or make changes to this bug.