Bug 25232 - [patch] "Could not open lock file"
[patch] "Could not open lock file"
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: kdebase (Show other bugs)
7.1
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Bernhard Rosenkraenzer
Aaron Brown
Florence Gold
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-01-29 17:46 EST by Tim Waugh
Modified: 2007-04-18 12:30 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-02-05 08:43:29 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
kdebase-pamexit.patch (700 bytes, patch)
2001-02-05 08:41 EST, Tim Waugh
no flags Details | Diff

  None (edit)
Description Tim Waugh 2001-01-29 17:46:46 EST
I'm getting these messages in /var/lock/secure, and console.perms is 
ineffective:

Jan 29 21:42:18 cyberelk pam_console[4273]: Could not open lock file 
/var/lock/console/tim, disallowing console access

drwxr-xr-x    2 root     root         1024 Jan 29 21:49 /var/lock/console

/var is in partition /, mounted rw, 13% used.

This is an upgrade from Red Hat Linux 7.  I haven't seen this on any 
other machines though.
Comment 1 Nalin Dahyabhai 2001-01-29 18:12:05 EST
Which service are you using to log in (login or kdm or gdm or xdm)?  Can you
strace the binary from another VT and determine what the error was?  If the file
exists, what are its permissions?
Comment 2 Glen Foster 2001-01-29 19:06:06 EST
This defect is considered MUST-FIX for Florence Gold release
Comment 3 Tim Waugh 2001-01-30 10:18:09 EST
This was just a stale /var/lock/console.lock file I think.  I removed that and
now it works.
Comment 4 Tim Waugh 2001-01-30 12:34:26 EST
Hmm, the same thing happened on another machine now. :-/
Comment 5 Tim Waugh 2001-01-30 12:50:29 EST
Okay, how-to-reproduce:

In /etc/sysconfig/desktop, use KDE.
Reboot the machine to clear out any old console.lock.
Go to runlevel 5.
Log in remotely to observe.
In the remote terminal, verify that (for example) /dev/dsp is owned by
root.root.
Log on as a non-root user.
Verify that /dev/dsp is owned by that user.
Log out.

/dev/dsp is still owned by the non-root user.

This is looking at lot like bug 25048 now actually.
Comment 6 Tim Waugh 2001-01-30 12:51:23 EST

*** This bug has been marked as a duplicate of 25048 ***
Comment 7 Tim Waugh 2001-02-04 14:16:01 EST
Okay, 25048 is fixed, but this bug remains.
Comment 8 Tim Waugh 2001-02-05 08:41:41 EST
Created attachment 9002 [details]
kdebase-pamexit.patch
Comment 9 Tim Waugh 2001-02-05 08:43:25 EST
The above patch fixes it for me.  kdm was calling pam_close_session and setuid
in the wrong order.

Someone should check that this patch doesn't introduce any extra security
problems, but I think it's fine (it's similar to what /bin/login does).
Comment 10 Bernhard Rosenkraenzer 2001-02-05 10:56:10 EST
Fixed, thanks for the patch.

Note You need to log in before you can comment on or make changes to this bug.