From: ludo@gnu.org (Ludovic Courtès)
To: Diego Nicola Barbato <dnbarbato@posteo.de>
Cc: 29212@debbugs.gnu.org
Subject: bug#29212: XLockMore displays wrong time
Date: Wed, 08 Nov 2017 21:57:44 +0100 [thread overview]
Message-ID: <87tvy4sd2v.fsf@gnu.org> (raw)
In-Reply-To: <87k1z04z3r.fsf@GlaDOS.home> (Diego Nicola Barbato's message of "Wed, 08 Nov 2017 15:35:52 +0100")
[-- Attachment #1: Type: text/plain, Size: 1501 bytes --]
Hi,
Diego Nicola Barbato <dnbarbato@posteo.de> skribis:
> XLockMore (as invoked by the command `xlock') displays the wrong time on
> the lock screen. Instead of honouring the timezone set in `config.scm'
> (as do other programs e.g. the `date' command) it displays UTC.
The problem is that setuid programs ignore $TZDIR; quoth ‘tzfile.c’ in
libc:
/* We must not allow to read an arbitrary file in a setuid
program. So we fail for any file which is not in the
directory hierachy starting at TZDIR
and which is not the system wide default TZDEFAULT. */
if (__libc_enable_secure
&& ((*file == '/'
&& memcmp (file, TZDEFAULT, sizeof TZDEFAULT)
&& memcmp (file, default_tzdir, sizeof (default_tzdir) - 1))
|| strstr (file, "../") != NULL))
/* This test is certainly a bit too restrictive but it should
catch all critical cases. */
goto ret_free_transitions;
Thus, if I set TZ=Europe/Paris, I see that setuid binaries look for
timezone data only under
/gnu/store/3h31zsqxjjg52da5gp3qmhkh4x8klhah-glibc-2.25/share/zoneinfo/Europe/Paris,
which doesn’t exist.
Since GuixSD provides /etc/localtime already, we can actually unset TZ.
And when we do so, setuid binaries simply honor /etc/localtime and don’t
go searching for timezone data elsewhere, and they see the right time.
Can you confirm that:
(unset TZ; xlock)
works for you?
I’ll commit the patch below if it does.
Thanks,
Ludo’.
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: Type: text/x-patch, Size: 737 bytes --]
diff --git a/gnu/system.scm b/gnu/system.scm
index 5f562b48b..ce2c05f4e 100644
--- a/gnu/system.scm
+++ b/gnu/system.scm
@@ -727,7 +727,8 @@ use 'plain-file' instead~%")
"Return the environment variables of OS for
@var{session-environment-service-type}, to be used in @file{/etc/environment}."
`(("LANG" . ,(operating-system-locale os))
- ("TZ" . ,(operating-system-timezone os))
+ ;; Note: No need to set 'TZ' since (1) we provide /etc/localtime, and (2)
+ ;; it doesn't work for setuid binaries. See <https://bugs.gnu.org/29212>.
("TZDIR" . ,(file-append tzdata "/share/zoneinfo"))
;; Tell 'modprobe' & co. where to look for modules.
("LINUX_MODULE_DIRECTORY" . "/run/booted-system/kernel/lib/modules")
next prev parent reply other threads:[~2017-11-08 20:58 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-11-08 14:35 bug#29212: XLockMore displays wrong time Diego Nicola Barbato
2017-11-08 20:57 ` Ludovic Courtès [this message]
2017-11-09 6:29 ` Diego Nicola Barbato
2017-11-09 9:06 ` Ludovic Courtès
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87tvy4sd2v.fsf@gnu.org \
--to=ludo@gnu.org \
--cc=29212@debbugs.gnu.org \
--cc=dnbarbato@posteo.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.