bug#37423: Changing the login service from GDM to SLiM and then back to GDM causes a really bad loop

unofficial mirror of bug-guix@gnu.org 
 help / color / mirror / code / Atom feed

From: "Ludovic Courtès" <ludo@gnu.org>
To: Timothy Sample <samplet@ngyro.com>
Cc: 37423@debbugs.gnu.org
Subject: bug#37423: Changing the login service from GDM to SLiM and then back to GDM causes a really bad loop
Date: Thu, 19 Sep 2019 23:22:57 +0200	[thread overview]
Message-ID: <87ftksvv4e.fsf@gnu.org> (raw)
In-Reply-To: <871rwf5y49.fsf@ngyro.com> (Timothy Sample's message of "Tue, 17 Sep 2019 00:45:58 -0400")

[-- Attachment #1: Type: text/plain, Size: 789 bytes --]

Hello,

Timothy Sample <samplet@ngyro.com> skribis:

> Could this be the same issue as <https://bugs.gnu.org/36508>?  In short,
> Guix doesn’t guarantee that the “gdm” user will have the same UID if it
> gets deleted and recreated (which happens when you remove the GDM
> service and add it again).  You can fix this by ensuring the owner of
> the files under “/var/lib/gdm” is the current “gdm” user.

If you just (1) configure with GDM, (2) reconfigure without GDM, and (3)
reconfigure with GDM again, I would expect the original UID of ‘gdm’ to
be reused in step #3, as long as it has not been reallocated in the
meantime (for instance because the user created other accounts.)

We could address this by fixing the UID and GID of the ‘gdm’ user:


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: Type: text/x-patch, Size: 502 bytes --]

diff --git a/gnu/services/xorg.scm b/gnu/services/xorg.scm
index 06d72b5f60..e87cb4d845 100644
--- a/gnu/services/xorg.scm
+++ b/gnu/services/xorg.scm
@@ -764,9 +764,10 @@ the GNOME desktop environment.")
 ;;;
 
 (define %gdm-accounts
-  (list (user-group (name "gdm") (system? #t))
+  (list (user-group (name "gdm") (system? #t) (id 900))
         (user-account
          (name "gdm")
+         (uid 900)
          (group "gdm")
          (system? #t)
          (comment "GNOME Display Manager user")

[-- Attachment #3: Type: text/plain, Size: 832 bytes --]


However, looking at the allocation routines in (gnu build accounts), I
think that this would forcefully set ‘gdm’ to 900/900 on existing
installations, even if 900 is already used by another account:

--8<---------------cut here---------------start------------->8---
scheme@(gnu build accounts)> (allocate-groups (list (user-group (name "foo")(id 10)))
					      vlist-null
					      (list (group-entry
						     (name "foo")  (gid 20))))
$2 = (#<<group-entry> name: "foo" password: #f gid: 10 members: ()>)
--8<---------------cut here---------------end--------------->8---

That’s a valid policy (declaration prevails over state), but it does
mean that we can’t really apply the above patch.

(Or we could use much lower UID/GID numbers, which are less likely to be
taken…)

Thoughts?

Ludo’.

next prev parent reply	other threads:[~2019-09-19 21:24 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-09-15 22:51 bug#37423: Changing the login service from GDM to SLiM and then back to GDM causes a really bad loop Jan
2019-09-17  4:45 ` Timothy Sample
2019-09-17 11:16   ` Jan
2019-09-19 21:22   ` Ludovic Courtès [this message]
2019-09-19 21:47     ` Gábor Boskovits
2019-09-20  9:40       ` Ludovic Courtès
2019-09-20 11:03         ` Julien Lepiller
2019-09-20 13:25         ` Timothy Sample
2019-09-20 21:10           ` Ludovic Courtès
2019-09-19 22:00     ` Tobias Geerinckx-Rice via Bug reports for GNU Guix

find likely ancestor, descendant, or conflicting patches for this message:
dfblob:06d72b5f6 dfblob:e87cb4d84
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://guix.gnu.org/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87ftksvv4e.fsf@gnu.org \
    --to=ludo@gnu.org \
    --cc=37423@debbugs.gnu.org \
    --cc=samplet@ngyro.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).