Bug 53447 - console.perms trashes the nVidia driver
console.perms trashes the nVidia driver
Status: CLOSED NOTABUG
Product: Red Hat Linux
Classification: Retired
Component: pam (Show other bugs)
7.1
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
Aaron Brown
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-09-09 00:34 EDT by Florin Andrei
Modified: 2007-04-18 12:36 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-10-31 15:41:31 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Florin Andrei 2001-09-09 00:34:18 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux 2.4.9 i686; en-US; rv:0.9.1)
Gecko/20010622

Description of problem:
The nVidia drivers (downloaded from nVidia) require 666 perms on
/dev/nvidia* in order to work correctly. But /etc/security/console.perms
set 600 on those files.
As a result, after several login/logout to/from my account (i use runlevel
5), or after several CTRL-ALT-F1/F7, X Window is frozen, no keyboard, no
mouse, i have to use the magic SysRq to reboot the computer.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1.Install RH7.1 and Ximian Gnome
2.Install nVidia drivers
3.Login/logout from your X sessions several times
	

Actual Results:  The display is frozen, i have to reboot the machine.

Expected Results:  X Window should work normally.

Additional info:

My system:
- Red Hat 7.1
- Ximian Gnome 1.4
- kernel 2.4.9 compiled by myself
- nVidia GeForce2 MX-400 32 MB RAM
- latest nVidia drivers (1512, but the problem was the same with the older
ones)
- motherboard i815

I managed to fix the problem by replacing this line in
/etc/security/console.perms:

<xconsole> 0600 <dri>        0600 root

with this line:

<xconsole> 0666 <dri>        0666 root

(it's actually the last line in the file)
I don't know the possible security implications of this change. But as soon
as i did it, the bug was fixed. Now my system works soooo nice!
And the change is right in the opinion of the guys from nVidia; here's what
Andy Ritger <ARitger@nvidia.com> says:

Thanks for reporting your problem.  We've not actually seen this in house,
but have had several similar reports.  Here are several things to check
(though I doubt any of them are the culprit):

o The permissions on the /dev/nvidia* files should be 0666 (some
distributions have been changing permissions on our device files and
causing all sorts of foolishness).
Comment 1 Nalin Dahyabhai 2001-10-31 15:34:23 EST
I don't understand how permissions would affect this.  If the server is running
either as the console user or the superuser (and on my system it runs as the
superuser when I log in as myself), the permissions on the device shouldn't make
any difference, and non-console users should have no use for the device anyway.
 I'd like some more information before making this change.
Comment 2 Florin Andrei 2001-10-31 15:41:26 EST
That's actually very simple: get a PC, put an nVidia card on it, install RH 7.1,
install nVidia drivers. Then play with it, especially with switching between
plain text mode and X Window. It will crash, more like sooner than later. :-)
If you look at the permissions on /dev/nvidia* they are 0600.
For a reason that i cannot understand, once you make the changes to
console.perms so that the permissions are setup to 0666, the crashes disappear
without ever returning.
This has been seen by many other people (it's been a huge thread on our local
LUG's mailing list), with a lot of "geezus, thanks!" once the solution was posted.
It's 100% reproducible on all my systems.
Comment 3 Mike A. Harris 2001-12-01 08:51:00 EST
I have been contacted by Nvidia about this also.  This is NOT
a bug in pam, or XFree86.  It is a bug in the Nvidia drivers
themselves.  With DRI, the X server creates the device files
in /dev with the permissions specified.  The Nvidia driver does
not do this properly with their /dev/nvidia driver, and as such,
the problem manifests itself.

Changing this creates a potential security problem, and Nvidia
should know how to properly fix it in their driver.  If not,
they have several DRI drivers open source source code that they
can look at to see how it is done.

Note You need to log in before you can comment on or make changes to this bug.