Ubuntu
lightdm package

[enhancement] Please move /tmp/mir_socket to /run/mir_socket (or similar)

Bug #1322300 reported by Jamie Strandboge
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Light Display Manager
Fix Released
Medium
Unassigned
Light Display Manager 1.11.3
lightdm (Ubuntu)
Fix Released
High
Chris Halse Rogers

Bug Description

/tmp/mir_socket is created by unity-system-compositor. It is easy to prevent mir from starting by creating this file before hand. Eg:

# stop lightdm ; touch /tmp/mir_socket ; start lightdm

lightdm fails to start. It would be better if /run/mir_socket (or some other root-owned directory) were used.

Tags: enhancement

Related branches

lp:~raof/lightdm/run-is-the-new-tmp
Robert Ancell: Approve
PS Jenkins bot: Needs Fixing (continuous-integration)
Diff: 329 lines (+26/-26)
25 files modified
src/seat-xlocal.c (+1/-1)
src/unity-system-compositor.c (+1/-1)
tests/scripts/mir-autologin.conf (+1/-1)
tests/scripts/mir-greeter.conf (+1/-1)
tests/scripts/mir-session-compositor-crash.conf (+1/-1)
tests/scripts/mir-session-crash.conf (+1/-1)
tests/scripts/mir-session.conf (+1/-1)
tests/scripts/unity-autologin.conf (+1/-1)
tests/scripts/unity-compositor-command.conf (+1/-1)
tests/scripts/unity-compositor-crash.conf (+1/-1)
tests/scripts/unity-compositor-fail-ready.conf (+1/-1)
tests/scripts/unity-compositor-fail-start.conf (+1/-1)
tests/scripts/unity-compositor-fallback.conf (+2/-2)
tests/scripts/unity-compositor-mir-next-session.conf (+1/-1)
tests/scripts/unity-compositor-next-session.conf (+1/-1)
tests/scripts/unity-login.conf (+1/-1)
tests/scripts/unity-mir-autologin.conf (+1/-1)
tests/scripts/unity-mir-greeter-mir-session.conf (+1/-1)
tests/scripts/unity-mir-greeter-x-session.conf (+1/-1)
tests/scripts/unity-mir-lock-seat.conf (+1/-1)
tests/scripts/unity-mir-session-x-greeter.conf (+1/-1)
tests/scripts/unity-mir-switch-to-user-resettable.conf (+1/-1)
tests/scripts/unity-plymouth.conf (+1/-1)
tests/scripts/unity-switch.conf (+1/-1)
tests/scripts/unity-xdg-seat.conf (+1/-1)
kevin gunn (kgunn72)
Changed in mir:
status: New → Opinion
kevin gunn (kgunn72)
Changed in unity-system-compositor (Ubuntu):
status: New → Triaged
importance: Undecided → High
Changed in mir:
milestone: none → 0.2.0
Changed in unity-system-compositor (Ubuntu):
milestone: none → ubuntu-14.05
Daniel van Vugt (vanvugt)
tags: added: enhancement
summary: - Please move /tmp/mir_socket to /run/mir_socket (or similar)
+ [enhancement] Please move /tmp/mir_socket to /run/mir_socket (or
+ similar)
Revision history for this message
Alan Griffiths (alan-griffiths) wrote :

An exposed endpoint allowing "anyone" to connect to the system compositor is a bad idea wherever it.

It has been the plan for the system compositor not to create an endpoint on the filesystem and instead to pass a connection FD to the session compositors and clients. (Although we could specify a file to create on the command-line for debugging purposes.)

I think Robert Ansell started work on the system compositor code to pass the FD via dbus.

Surely not creating the FD at all is a better fix than just moving the fallback location? (/tmp is only used if =$XDG_RUNTIME_DIR is not set)

Notes:

A suitable FD can be created using connector->client_socket_fd() - there's been an an example in <mir>/examples/basic_server_configuration.cpp for over a year.

We are also using this approach with "trust sessions" (to allocate sockets before launching new participants in the trust session).

kevin gunn (kgunn72)
Changed in mir:
importance: Undecided → High
kevin gunn (kgunn72)
Changed in mir:
assignee: nobody → Chris Halse Rogers (raof)
Changed in unity-system-compositor (Ubuntu):
assignee: nobody → Chris Halse Rogers (raof)
Revision history for this message
Chris Halse Rogers (raof) wrote :

…cue lots of discussion…

Unless we change the way we start Unity8 (which I've yet to convince people we should), we - tragically - can't pass an fd to unity on startup.

What we *can* do is hand off an FD to logind, and have unity8 pull it from there. Keeping that fd away from non-Unity processes is then left as an exercise for AppArmour confinement profiles written by the security team.

Adding appropriate tasks.

Revision history for this message
Chris Halse Rogers (raof) wrote :

Actually, those tasks are really for a separate bug. It's trivial to fix this issue, so I'll do so. And then open a separate bug.

no longer affects: systemd (Ubuntu)
no longer affects: unity8 (Ubuntu)
no longer affects: unity-system-compositor (Ubuntu)
Changed in lightdm (Ubuntu):
status: New → Triaged
assignee: nobody → Chris Halse Rogers (raof)
Chris Halse Rogers (raof)
Changed in lightdm (Ubuntu):
importance: Undecided → High
no longer affects: mir
Robert Ancell (robert-ancell)
Changed in lightdm:
importance: Undecided → Medium
status: New → Triaged
Robert Ancell (robert-ancell)
Changed in lightdm:
milestone: none → 1.11.3
Chris Halse Rogers (raof)
Changed in lightdm:
status: Triaged → Fix Committed
Robert Ancell (robert-ancell)
Changed in lightdm:
status: Fix Committed → Fix Released
Robert Ancell (robert-ancell)
Changed in lightdm (Ubuntu):
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.