Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 17 submissions in the queue.

systemd Free Linux Distro Devuan Releases Second Beta

posted by janrinok on Saturday December 03 2016, @07:54PM   Printer-friendly
from the fight-fight-fight! dept.

"exec" writes:

Greybeard-built Debian fork bringing init freedom on track for early 2017 release

The self-proclaimed "Veteran Unix Admins" forking Debian in the name of init freedom have released Beta 2 of their "Devuan" Linux distribution.

Devuan came about after some users felt it had become too desktop-friendly. The change the greybeards objected to most was the decision to replace sysvinit init with systemd, a move felt to betray core Unix principles of user choice and keeping bloat to a bare minimum.

Supporters of init freedom also dispute assertions that systemd is in all ways superior to sysvinit init, arguing that Debian ignored viable alternatives like sinit, openrc, runit, s6 and shepherd. All are therefore included in Devuan.

-- submitted from IRC

Original Submission

 
This discussion has been archived. No new comments can be posted.
systemd Free Linux Distro Devuan Releases Second Beta | Log In/Create an Account | Top | 82 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Sunday December 04 2016, @09:35AM

    by Anonymous Coward on Sunday December 04 2016, @09:35AM (#436840)

    Xorg requires +s/suid on systems where either init is used or the systemd configuration is broken (mine is the latter, since it was an older system upgraded from init, apparently without distro provisions to handle that migration outside of an upgrade cd/program instead of a package manager.)

    The infuriating part about it is that X doesn't have error messages which make it clear what the failure is when the Display Manager triggers the user change and attempts to log in. I finally after a few hours found a forum post mentioning the error being the permissions shortcomings of X when run without suid or logind. Upon setuid, X login worked as expected.

    Much like my complaint about Linus elsewhere, the X.org guys have been phoning it in for years on the features they should fix in X, similiar to issues with the kernel and the missing features in sysvinit/alternatives compared to systemd. And *NONE* of these groups of developers are bothering to make clear and concise new documention covering the features, errata, and known gotchas of interaction with common applications that would help reduce debugging burden due to insufficient error messages, common configuration issues. :(

  • (Score: 2) by butthurt on Sunday December 04 2016, @08:43PM

    by butthurt (6141) on Sunday December 04 2016, @08:43PM (#436971) Journal

    "The wrapper is loosely modelled after the existing Debian Xwrapper," says the Xorg commit log.

    https://github.com/mirror/xserver/commit/e7b84ca46944895971a8f048c7e34869b7de01c0 [github.com]

    Running a non-suid X server was not just possible, but was the default, with XFreee86 in 1999:

    https://groups.google.com/forum/?_escaped_fragment_=topic/comp.windows.x.i386unix/7QOVG3xanSM#!topic/comp.windows.x.i386unix/7QOVG3xanSM [google.com]

    From a better-formatted copy of the same text:

    Q.E14- What is Xwrapper and why can't startx or xinit find it?

    The XFree86 X servers require root privileges to access the video hardware. In releases prior to 3.3.2 the X servers were installed set-uid root so that normal users could run them with the required privileges. This is a potential security problem, especially given how large and complex the X servers are. One class of such security problems is exploiting the set-uid program with carefully crafted user-supplied data (either on the command line or in the environment). Starting with the 3.3.2 release the XFree86 X servers are installed without the set-uid bit set, and a small wrapper program ``Xwrapper'' which is installed set-uid root is used to start the X server after checking the command line and environment. This does not provide a 100% guarantee that the X servers are not vulnerable to such exploits, but it does reduce the chances of such exploits succeeding. Also, if vulnerabilities are found in the future that the current Xwrapper doesn't catch, we can easily supply an updated version. It is much easier to do that than to provide updated versions of all the X server binaries.

    The xinit command (which startx runs) provided with XFree86 3.3.2 and later has been modified to look for an X server called ``Xwrapper'' instead of ``X''. If you don't have Xwrapper installed, you will get an error message from xinit/startx when it tries to start the non-set-uid X server without using the wrapper. The same thing will happen if you do have Xwrapper installed but you have an xserverrc file (usually $HOME/.xserverrc, but it can be any file pointed to by your XSERVERRC environment variable) that references ``X'' instead of ``Xwrapper''. To fix that, edit your xserverrc file and replace ``X'' with ``Xwrapper''. If instead of X you have some other X server name (eg, XF86_SVGA) in your xserverrc file, you will need to create a symbolic link from it to /usr/X11R6/bin/X and replace it with ``Xwrapper'' in your xserverrc file.

    We strongly recommend against making the X servers set-uid root because of the potential security implications of doing so. We also recommend running xdm at boot time to handle starting the X server on a multi user system.

    -- http://www.fifi.org/doc/xfree86-common/XFree86-FAQ.html#Xwrapper [fifi.org]