[EN] Potential bug? su-to-root using user's HOME instead of root

[piper]

Code: [Select]

piper@x1:~$ su-to-root -X -c '/usr/bin/env; sleep 10'
kdesu(16080)/kdesu (kdelibs) KDESu::PtyProcess::exec: [ ../../kdesu/process.cpp : 293 ]  Running "/bin/su"
kdesu(16080)/kdesu (kdelibs) KDESu::SuProcess::ConverseSU: [ ../../kdesu/su.cpp : 259 ]  Read line "Password: "
kdesu(16080)/kdesu (kdelibs) KDESu::PtyProcess::exec: [ ../../kdesu/process.cpp : 293 ]  Running "/bin/su"
kdesu(16080)/kdesu (kdelibs) KDESu::SuProcess::ConverseSU: [ ../../kdesu/su.cpp : 259 ]  Read line "Password: "
kdesu(16080)/kdesu (kdelibs) KDESu::PtyProcess::WaitSlave: [ ../../kdesu/process.cpp : 379 ]  Child pid 16129
kdesu(16080)/kdesu (kdelibs) KDESu::SuProcess::ConverseSU: [ ../../kdesu/su.cpp : 259 ]  Read line ""
kdesu(16080)/kdesu (kdelibs) KDESu::SuProcess::ConverseSU: [ ../../kdesu/su.cpp : 259 ]  Read line "kdesu_stub"
kdesu(16080)/kdesu (kdelibs) KDESu::PtyProcess::exec: [ ../../kdesu/process.cpp : 293 ]  Running "/bin/su"
kdesu(16080)/kdesu (kdelibs) KDESu::SuProcess::ConverseSU: [ ../../kdesu/su.cpp : 259 ]  Read line "Password: "
kdesu(16080)/kdesu (kdelibs) KDESu::PtyProcess::WaitSlave: [ ../../kdesu/process.cpp : 379 ]  Child pid 16132
kdesu(16080)/kdesu (kdelibs) KDESu::SuProcess::ConverseSU: [ ../../kdesu/su.cpp : 259 ]  Read line ""
kdesu(16080)/kdesu (kdelibs) KDESu::SuProcess::ConverseSU: [ ../../kdesu/su.cpp : 259 ]  Read line "kdesu_stub"
piper@x1:~$


[braveheartleo]

What is the output of

Code: [Select]

$ cat /etc/su-to-rootrc on your system?

It seems you didn't properly read my post . By your terminal output, The su-like program that 'su-to-root -X' calls is kdesu and _not_ sux, where the bug manifests.

It is _important_ that you

Code: [Select]

# echo 'SU_TO_ROOT_X=sux' > /etc/su-to-rootrc before you run the

Code: [Select]

$ su-to-rootrc -X -c '/usr/bin/env; sleep 10' Of course it goes without saying that you should verify that you have sux installed before trying to replicate the bug

Code: [Select]

# apt-get install sux

[braveheartleo]

To give further clarification this bug most probably will be of concern to those who use Xfce or LXDE, or other lightweight DE/WM. GNOME uses gksu while KDE uses kdesu. Gksu on the otherhand may be used by Gtk-based environments. Sux is for the minimalistic and terminal-inclined .

By having _only_ sux installed, without the presence of its alternatives like gksu, kdesu, ktsuss, etc., 'su-to-root -X' will use sux, and you will know this when you're presented with a terminal asking for root password before running an app from the menu that requires root privilege.

Moreover, the bug seems to only manifest to applications that are run from /usr/bin, such as GSmartControl (/usr/bin/gsmartcontrol). Applications that run from /usr/sbin, such as Synaptic (/usr/sbin/synaptic) are not affected.

[piper]

I build my own customized version of siduction with pyfll, sux is already installed and is by default for siduction

Code: [Select]

located at /pyfll/packages/packages.d/pyfll-x-debian

To use sux at terminial type sux instead of su, give password

sux is just a wrapper to su to transfer your X credentials to the target user

example

Code: [Select]

sux
password
dbus-launch systemsettings
or

Code: [Select]

sux -l systemsettings
or

Code: [Select]

sux -l synaptic

[piper]

by the way

Code: [Select]

piper@x1:~$ cat /etc/su-to-rootrc
SU_TO_ROOT_X=sux
piper@x1:~$

[piper]

and please look at your bug report

OK, I see what you report: by setting SU_TO_ROOT_SU=su,
you force su-to-root to use su instead of sux, so you
are actually using su, so you are bypassing the bug with su-to-root.

Probably this is not the expected behaviour, though it is pointless to
set SU_TO_ROOT_SU to su since it is the default value anyway.

Now to your report, it seems the su behaviour is correct, see the bug reports
#246886 and #150314. Basically, if su reset $HOME, then X programs will fail to
find the .Xauthority file.

[reddark]

Code: [Select]

su-to-root -X -c systemsettings