Bug 503181 - /tmp/.X11-unix /tmp/.X0-lock FHS violation / pam_namespace conflict
/tmp/.X11-unix /tmp/.X0-lock FHS violation / pam_namespace conflict
Status: CLOSED WONTFIX
Product: Fedora
Classification: Fedora
Component: xorg-x11-server (Show other bugs)
19
All Linux
medium Severity medium
: ---
: ---
Assigned To: Adam Jackson
Fedora Extras Quality Assurance
: Triaged
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2009-05-29 09:18 EDT by Till Maas
Modified: 2014-09-12 07:10 EDT (History)
7 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-09-12 07:10:47 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Till Maas 2009-05-29 09:18:37 EDT
Description of problem:
The xserver maintains persistent sockets in /tmp/.X11-unix which is a violation of the FHS:
http://www.pathname.com/fhs/pub/fhs-2.3.html#REQUIREMENTS14

| /var/run : Run-time variable data
[...]
| System programs that maintain transient UNIX-domain sockets must place them in this directory.

/tmp/.X0-lock should probably be placed in /var/lock:
| /var/lock : Lock files
| Purpose
| Lock files should be stored within the /var/lock directory structure.


Using /tmp isntead of the right directories also conflicts with using pam_namespace to polyinstantiate /tmp to give every user his own /tmp directory. Here is the Feature page for this:

https://fedoraproject.org/wiki/Features/Polyinstantiated_Temporary_Directories


Additional info:
Currently /tmp/.X0-lock is created by initscripts. Once this bug is fixed, initscripts should be adjusted, too.
Comment 1 Tomas Mraz 2009-05-29 12:02:02 EDT
Yes, although there are attempts to workaround this issue in pam_namespace, it would be better if the workaround was not necessary (and I think there were already attempts to fix it some time ago).
Comment 2 Till Maas 2009-05-29 17:05:15 EDT
Here is another candidate for cleanup according to man Xserver:
/tmp/rcXn - Kerberos 5 replay cache for display number n

(In reply to comment #1)
> Yes, although there are attempts to workaround this issue in pam_namespace, it
> would be better if the workaround was not necessary (and I think there were
> already attempts to fix it some time ago).  

It seems to be possible to work around /tmp/.X11-unix, but a short search did not yield any information about how to do this for the lock files properly if one does not use only one Xserver.
Comment 3 Bug Zapper 2009-06-09 12:47:14 EDT
This bug appears to have been reported against 'rawhide' during the Fedora 11 development cycle.
Changing version to '11'.

More information and reason for this action is here:
http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Comment 4 Adam Jackson 2009-06-19 16:45:51 EDT
The replay cache isn't a real thing anymore, we haven't had working krb5 auth in ages.

The lock file I'm pretty sure is just garbage.  bind() will fail anyway.  And as for the X socket, I'm not going to move it, because there _is_ software that expects it to be there (buggy, but), and that expectation predates the FHS by years.  However, X works just fine with /tmp polyinstantiated, because we also listen on an abstract namespace socket.
Comment 5 Matěj Cepl 2009-11-05 13:30:14 EST
Since this bugzilla report was filed, there have been several major updates in various components of the Xorg system, which may have resolved this issue. Users who have experienced this problem are encouraged to upgrade their system to the latest version of their packages. For packages from updates-testing repository you can use command

yum upgrade --enablerepo='*-updates-testing'

Alternatively, you can also try to test whether this bug is reproducible with the upcoming Fedora 12 distribution by downloading LiveMedia of F12 Beta available at http://alt.fedoraproject.org/pub/alt/nightly-composes/ . By using that you get all the latest packages without need to install anything on your computer. For more information on using LiveMedia take a look at https://fedoraproject.org/wiki/FedoraLiveCD .

Please, if you experience this problem on the up-to-date system, let us now in the comment for this bug, or whether the upgraded system works for you.

If you won't be able to reply in one month, I will have to close this bug as INSUFFICIENT_DATA. Thank you.

[This is a bulk message for all open Fedora Rawhide Xorg-related bugs. I'm adding myself to the CC list for each bug, so I'll see any comments you make after this and do my best to make sure every issue gets proper attention.]
Comment 6 Till Maas 2009-11-19 06:06:15 EST
The /tmp/.X0-lock and /tmp/.X11-unix files are still there in F12.
Comment 8 Fedora End Of Life 2013-04-03 15:51:11 EDT
This bug appears to have been reported against 'rawhide' during the Fedora 19 development cycle.
Changing version to '19'.

(As we did not run this process for some time, it could affect also pre-Fedora 19 development
cycle bugs. We are very sorry. It will help us with cleanup during Fedora 19 End Of Life. Thank you.)

More information and reason for this action is here:
https://fedoraproject.org/wiki/BugZappers/HouseKeeping/Fedora19
Comment 9 Hans de Goede 2014-09-12 07:10:47 EDT
Given that as Adam explains in comment 4 we've no intention to move the socket, and that this has seen no real activity since it was first filed in 2009, I'm going to close this one.

Note You need to log in before you can comment on or make changes to this bug.