root commands not working [Slackware, others?] #394

Closed
ghost opened this Issue Dec 1, 2013 · 33 comments

Comments

Projects
None yet
3 participants
@ghost

ghost commented Dec 1, 2013

Original Title: (spacefm:1258): WARNING : No root settings found in /etc/spacefm/ & No Icons 0.9.1

New to this issue? Jump here

SpaceFM 0.8.7 and 0.9.1 won't create a /etc/spacefm directory, I'm not sure why, would there be any particular system dependency it needs to create this /path?

The last time I used SpaceFM was 0.8.7 in Slackware 14 x86 and this worked perfectly, now I've just recently done a fresh install of Slackware 14.1 x64, so I'm not sure if there's some x64 bit issue going on here?

In the Advanced setting for the Root's Editor I've tried nano, and checking run root's editor in terminal, then I tried it as 'leafpad %f' and didn't check mark the box, either way this did not work.

I've tried everything I can think of and I cant get it to create the path /etc/spacefm

When I run it from the terminal this is the output I get below;

** (spacefm:1258): WARNING **: No root settings found in /etc/spacefm/ Setting a root editor in Preferences should remove this warning on startup. Otherwise commands run as root may present a security risk.

TASK_COMMAND=/usr/bin/xterm
SPAWN=/usr/bin/xterm -e /bin/su -s /bin/bash -c /bin/bash /usr/bin/spacefm-auth root /tmp/spacefm.tmp/062b1352-tmp.sh 2d91182cc25003626170e145a1f279039d6e72d475b60080c93c956a98fe27b5
pid = 1266

Also in 0.9.1 when you click, I"m not sure the name of this button, info or settings, and get the; 'Left Toolbar' & 'Right Toolbar' sections, now when I go to a name I could change an icon in previous versions, there is no name 'Icon' appearing in 0.9.1 to allow you to change as example 'Bookmarks'. The icon name no longer appears in the menu, it's gone, what happened to it?

-----> P.S. I went back and tested this over on another install of Slackware, this time more complete, so it appears I'm missing something but I really don't know what would be needed for SpaceFM to create the /etc/spacefm path

There was also no change in 0.9.1, the Icons is still not listed in the menu...

Owner

IgnorantGuru commented Dec 2, 2013

SpaceFM 0.8.7 and 0.9.1 won't create a /etc/spacefm directory, I'm not sure why, would there be any particular system dependency it needs to create this /path?

No, it uses basic bash commands to do so. There were no recent changes to that code, from well before 0.8.7. After setting or changing the root editor, you'll see a dialog explaining why you're about to be asked for the root password, then you'll be prompted for it. If it isn't creating /etc/spacefm, this indicates a likely problem with su front-end or your root password, or the terminal you have selected. I can't reproduce any problem there. You might verify that your su is working as expected. eg right-click on a device and select Root|Edit fstab.

The design menu's Properties dialog is now where you set a custom icon as of 0.9.1.

@ghost

ghost commented Dec 2, 2013

I went back as root and did ldd /bin/su and I have everything installed for su and my password works and echo $SHELL gives /bin/bash

I went back to test this doing a more full/complete install of Slackware and it worked, then I went back and did an install that was more minimual and it won't work, but when I look at what I left out I don't see how any of the packages would have an affect on this but something is, would you know what I might be missing?

If I right click to edit as root it keeps asking me for the password and I give it the correct password.

Something is missing and I'm lost as to what it is... hmm

I forgot to ask, what type of files are being created in /etc/spacefm? Are these plain text, encrypted, what?

SpaceFM needs some type of dependency to create these files and I haven't figured it out yet...

Owner

IgnorantGuru commented Dec 2, 2013

I forgot to ask, what type of files are being created in /etc/spacefm? Are these plain text, encrypted, what?

They are plain text files. As you said it worked on your full install, you can see them there.

SpaceFM needs some type of dependency to create these files and I haven't figured it out yet...

No, it simply uses echo, as you can see by opening the temporary script it creates. This allows you to view the exact commands its running as root, including the echo commands it uses to write to the /etc/spacefm files. Yet that won't help your problem - it sounds like the script is unable to run as root.

I've never seen su not work, though sudo can be more troublesome. I'm not familiar with Slackware.

SpaceFM requires a working su front-end for this function (su, sudo, gksu, etc.) Closing this as your problem does not appear to be in SpaceFM but in your system config. Feel free to add any additional info below if you resolve the Slackware problem - might be helpful to others.

@ghost

ghost commented Dec 3, 2013

Hi IgnorantGuru,

Oh this echo cmd, there must be a way for me to run it manually at the terminal to test it's output?

How would you determine a working su front-end for this to work? The only understanding I have is to check;

ldd /bin/su

Can you shed some light on this? Because using su at the terminal and sudo everything appears to be ok.

Do you also have a Search Application in SpaceFM? Because when I installed KDE with SpaceFM it showed a menu entry called 'SpaceFM Search'...

thank you

P.S. Ok I see the script in /tmp I'll investigate this and get back to you...

Owner

IgnorantGuru commented Dec 3, 2013

Can't help you much. sudo is configured via /etc/sudoers. Sometimes security policies can prevent it from running, etc. I've never had su not work unless something like selinux stops it by policy.

SpaceFM is completely transparent in the commands it runs. As you saw, you can run it in a terminal to see these commands, open the temporary scripts, etc. You can see the exact su command it is executing. Why it would work from a terminal but not from SpaceFM I can't say - something about the environment must differ.

Do you also have a Search Application in SpaceFM?

That menu entry is equivalent to SpaceFM's File|File Search.

@ghost

ghost commented Dec 3, 2013

Hi,

mkdir -p /etc/spacefm from a terminal works and I was able to echo the cmd below and that works too, i looked and saw the directory and the file with the contents it created;

echo -e '# SpaceFM As-Root Session File\n\n# THIS FILE IS NOT DESIGNED TO BE EDITED\n\n' > '/etc/spacefm/sar-as-root'

So now I'm saying this works from a terminal, so now I'm not sure why these don't run from the script...

Is there a way to see what cmds it's trying to run and where it's failing, what's stopping it, because I'm looking at the first cmd; mkdir and this is not even being done and I know the box isn't broke, it has all the necessary things installed to run the terminal and commands.

VastOne commented Dec 3, 2013

Stepping in here because I have 'tried' to help out on the #spacefm IRC channel...

You have stated that SpaceFM works on a full install of slackware, but not on your chopped down build

This is clearly a build and dependency issue from slackware and nothing to do with SpaceFM. I would compare what you have built to a complete slack build and see what is missing. I do not believe there is anything that can help other than having someone with knowledge of slack assisting that can spot these errors and point out what is missing

@ghost

ghost commented Dec 3, 2013

Yes I do agree something is missing on my end, but when I consider what IG is saying this is only bash, echo and su, and I can use all these at the terminal manually. Now I'm thinking is my envrioment really broke or SpaceFM is wanting something outside the normal build dependencies that aren't listed?

I was told in the script 'run' has to be appeneded to the script in order to run it and that possibly this is the issue, for whatever reason the run cmd is not getting appended to the script.

Does SpaceFM have any debugging methods I can compile as a debug mode so I can run this over and this time it will show us why it's failing?

thanks again

P.S. Would I do this below for trying to find out this issue?

Build & Install

    CFLAGS='-ggdb3 -O1' STRIP='!strip' ./configure  # pass any options here
    make -s
    sudo make install
    sudo update-mime-database /usr/local/share/mime > /dev/null
    sudo update-desktop-database -q
    sudo gtk-update-icon-cache -q -t -f /usr/local/share/icons/hicolor
    sudo gtk-update-icon-cache -q -t -f /usr/local/share/icons/Faenza
    # Remove Temporary Files
    cd / && rm -rf /tmp/spacefm-build
  1. Run spacefm with the debugger:
    gdb /usr/local/bin/spacefm
@ghost

ghost commented Dec 3, 2013

Ok maybe I'm making progress I think. I copied the script to my /root then I ran it this way and it did not work at the terminal as;

./3bcb13d9-tm.sh

But if I ran it like this is WORKS!

./3bcb13d9-tm.sh run

Hmmm

VastOne commented Dec 3, 2013

As stated on the IRC channel, this sounds like you are lacking the necessary build dependencies needed to build packages on slack. run would be a common environment variable setup by build dependencies

@ghost

ghost commented Dec 3, 2013

This command it runs to the script;

SPAWN=/usr/bin/xterm -e /bin/su -s /bin/bash -c /bin/bash /usr/bin/spacefm-auth root /tmp/spacefm.tmp/062b1352-tmp.sh 2d91182cc25003626170e145a1f279039d6e72d475b60080c93c956a98fe27b5
pid = 1266

Is the long set of numbers at the end becoming the 'first argument' to run the script? Because I'm being told this is and it should be 'run' instead, so I'm still digging and researching this...

My understanding is it should be running it like this;

SPAWN=/usr/bin/xterm -e /bin/su -s /bin/bash -c /bin/bash /usr/bin/spacefm-auth root /tmp/spacefm.tmp/062b1352-tmp.sh run
pid = 1266

@ghost

ghost commented Dec 3, 2013

VastOne was helping me and then yelled out this is starting to sound like troll bait because I was trying to let him know there is no Official packaging of SpaceFM for Slackware and the only way we are going to know what it needs to compile it and have it working properly is through the developer for what it needs to work.

Sorry VastOne no one is trolling here, this is the only place as I mentioned in IRC you can find out anything about SpaceFM for Slackware;

http://slackbuilds.org/repository/14.1/system/spacefm/

Slackware does not have any Official packages for this, you have to compile it yourself, therefore the end-user needs to know from the developer what dependencies are needed to make this work.

Granted we all now realize I'm missing something but whatever that missing package is, by not having this my system environment, nothing is broken that I can tell. This is only something that SpaceFM wants to make it work.

All the missing packages I did not install are not related to the system OS, that's what makes it even harder for me to understand what this is...

thanks

VastOne commented Dec 3, 2013

I do not recall yelling anything, I simply stated that blaming IgnorantGuru for everything that is not working on a substandard system is not conducive to getting the issue solved. I am on the IRC as a courtesy to IgnorantGuru to help out... I do not expect to be sent the exact same content that is here on the IRC duplicating everything, I have my own users to support as well and will not be bled out by a help-vampire

I do not know slackware from Adam, but I do know that if it looks like a duck and quacks like a duck, it is most likely a duck

You are trying to build something and the build is failing. If I try to build something in debian and do not have the build-dependencies, it is going to quack like a duck and fail

NOTE - build-dependencies in debian is a set of tools needed to compile applications. It is NOT su, bash, sudo etc etc etc. I am stating that a similar package is WHAT is missing in your chopped version of slackware

To IgnorantGuru, I apologize for any inappropriateness I have caused, it was not my intent

@ghost

ghost commented Dec 3, 2013

I'm not blaming IgnorantGuru for anything you made an incorrect assumptiion. I only stated that Slackware does not have any Official support for SpaceFM and the only place to learn about it is at slackbuilds.org which lists nothing in the way of dependencies, and that I also stated most of the src I've compiled a devloper lists what is needed this is all I've said, as well as listing what is needed to run an application...

But I can build SpaceFM so I'm not seeing any issues with build dependencies, all I've been saying is the cmds the way they are being run aren't working which do work from the terminal manually, unless I find this so called missing package...

So the cmds work manually from the command line, then why not through SpaceFM, that seems like SpaceFM is calling something in a different way, needing something else to help in this situatiion possibly?

Also shouldn't SpaceFM be calling the cmd like this instead?

SPAWN=/usr/bin/xterm -e /bin/su -s /bin/bash -c /bin/bash /usr/bin/spacefm-auth root /tmp/spacefm.tmp/062b1352-tmp.sh run

thanks

@ghost

ghost commented Dec 3, 2013

Ok I went back and did two FULL System installs, one with XFce & the other with KDE...

This is only working in 14.1 x64 with KDE installed, and I'll make a bet you don't even need a full install of Slackware 14.1 x64 just the basics with KDE.

I can't believe in Slackware that the su system is hosed, because I can tell you for a fact I've done this in three different versions of Slackware without any problems till I tried 14.1 x64, I'm going to report a bug report to Pat at Slackware and point him to this Git to see what he can make of this, because a full install of Slackware with XFce should work and it's not...

thanks guy....

@ghost

ghost commented Dec 3, 2013

IgnorantGuru I hope you'll please reopen this, it could be a bug in the code that is not working with the latest versions of su, bash and anything else it needs to run this with and it's not compatible with newer versions, or I don't know if this could be an issue on the x64 arch.

I personally can't believe that Slackware has a broken system envriornent here.

Another user also tested this on their system and it won't work unless KDE is installed in 14.1 x64

thanks

Owner

IgnorantGuru commented Dec 3, 2013

SpaceFM knows how to run its temporary scripts, and it knows how to run su. If you're receiving a password prompt, then su is being run successfully. su simply thinks you're entering the wrong password, and is thus refusing to run the command. It's probably printing "su: Authentication failure" in the xterm just before it closes, too quickly to see. That's also why you reported another su front-end kept repeating the password prompt. (if you want to see su's error message, use a terminal that allows you to set a permanent 'keep terminal open when command finishes' option, such as Roxterm, instead of xterm.)

Why does su think you're entering the wrong password? Because when su is run by the spacefm process (a spawn), password authentication is failing. This is almost certainly due to a missing or misconfigured system component. I don't know off-hand how you would get more debug info on su or why authentication is failing under these circumstances - perhaps a system log, etc. would show it. I suggest you take this to a Slackware forum where someone can help you debug your system problem. That's how this will be solved, because SpaceFM runs su in a simple way - there is nothing to debug there.

In general, Slackware users often report broken system behavior. As I said above, for this function, SpaceFM requires a working su or su front-end.

VastOne: Much thanks for your input as always, and for helping on the channel!

VastOne commented Dec 3, 2013

Thanks IgnorantGuru.

I have a slacker buddy and he installed 14.1 and spacefm with no issues... until he tried su/root access and it fails with nothing happening.

He is a xnomad hard core user

He can open spacefm as su (su spacefm) with no issues and is reporting that that is 'good enough' for him but is also continuing to investigate why the standard su for root terminal and root windows is failing ... It's a niggle for both of us now as to why it is not working

I'll report back his findings

Owner

IgnorantGuru commented Dec 3, 2013

Yes it's an odd thing. I will be interested to see what causes it too. My bet is on PAM, but that's just a shot in the dark.

@ghost

ghost commented Dec 3, 2013

Hi Guys,

So we're all clear here, this is not just a single incidence only on my system, this happens for other Slackware users on 14.1 x64 that do not have KDE installed.

I did a full install of Slackware using XFce with everything needed to have the system properly installed and running, hey I'm a hardcore Slackware user too, been using Slack since version 7x.. :)

If this was just a single incidence on only my computer then I would not be able to run this on other versions of Slackware because I as the end-user would still be screwing something up, but I can run SpaceFM on Slackware 13.37 and 14.0x both x86 Arch, on a very small minimal install with only Openbox...

I've also used SpaceFM since the project started 2 years ago, I've used every version since the beginning starting out in Slackware 13.37 for 2 years now. This is the only time I've ever had this issue, so I guess something could be possibly wrong in 14.1 x64, I'm not sure...

Believe me guys when I say this, I know how to run Slackware and Linux, there's a bug here and I don't know what, or where.

By the way Roxterm doesn't help if you mean for when it opens to ask you for a password and after entering it and then hitting enter on the keyboard it's going to stay open for you to see any errors, it closes too, so I'm not seeing anything since it doesn't stay open either...

Owner

IgnorantGuru commented Dec 4, 2013

By the way Roxterm doesn't help if you mean for when it opens to ask you for a password and after entering it and then hitting enter on the keyboard it's going to stay open for you to see any errors, it closes too, so I'm not seeing anything since it doesn't stay open either...

Recall that I mentioned an option for this in Roxterm. Change "When command exits - Exit Terminal" to "When command exits - Hold Terminal open".

@ghost

ghost commented Dec 4, 2013

Ok got it...

And roxterm doesn't show any messages, it just sits there at the password prompt is all after entering it...

Owner

IgnorantGuru commented Dec 4, 2013

And roxterm doesn't show any messages, it just sits there at the password prompt is all after entering it...

su is not showing an error, nor is the command it's running. This and no result indicates that the command isn't being run, yet su is producing no error. It's broken su behavior.

@ghost

ghost commented Dec 4, 2013

AS far as the command running I'm starting spacefm from roxterm so I see this below but that's all;

** (spacefm:20936): WARNING **: No root settings found in /etc/spacefm/ Setting a root editor in Preferences should remove this warning on startup. Otherwise commands run as root may present a security risk.

TASK_COMMAND=echo
SPAWN=/usr/bin/roxterm --disable-sm --separate -e /bin/su -s /bin/bash -c /bin/bash /usr/bin/spacefm-auth root /tmp/spacefm.tmp/67d78bb9-tmp.sh d47a6f0a164104ce2952e3a1d52662095bff8e42e02f71f9a6f8f28dabe3a28d
pid = 20943

mancha1 commented Dec 5, 2013

Hello.

I came across this issue quite by chance after searching for "slackware". Now that I'm here, however, let me shed some light on the matter.

It was discovered some time ago "su -c" was vulnerable to tty-hijacking (CVE-2005-4890) because it gave the command a controlling tty. Shadow 4.1.5 addressed this by detaching the controlling terminal via a TIOCNOTTY request when invoking "su -c" when built without PAM support (Slackware doesn't ship PAM).

Slackware 14.1 upgraded to shadow 4.1.5.1 (from 4.1.4.3) which explains the behavior the reporter is observing.

FYI, I am going to propose the Slackware maintainer consider a patch I detailed at http://seclists.org/oss-sec/2013/q2/374. There's no guarantee my suggestion will be adopted but the reporter can always re-build shadow locally after applying my patch to solve the spacefm/su issue.

--mancha

Owner

IgnorantGuru commented Dec 5, 2013

mancha1: Thanks for the info on this! I agree with you that their alleged 'solution' of crippling su is not appropriate - typical Red Hat approach to anything is to break it. I just added a note to the debian bug here fwiw. There seems to be a trend in Linux to cripple the user's ability to use root, via all kinds of broken mechanisms (eg consolekit) that is turning Linux into Windows. I suspect this was more driven by a Red Hat agenda somewhere more than someone happening upon it. We all (should) know that using su involves some risk - hardly news. They won't be happy until all of Linux is broken and you need to call Red Hat to administer your system.

Reopening this for now to make it more visible, as more than Slackware may be affected, but this is not something that can be corrected in SpaceFM. It probably affects all su front-ends. IOW in these cases (no PAM?) there is now no way to run commands as root. Welcome to the new Linux.

IgnorantGuru reopened this Dec 5, 2013

@ghost

ghost commented Dec 9, 2013

Glad you reopened this, I knew Slackware wasn't the issue...

Oh well I tossed out 14.1 and went back to 14.0 :)

By the way IgnorantGuru when I was asking about the icons before I want to change the 'Bookmarks' in the 'Left Toolbar' & 'Right Toolbar' and you can't do this anymore... :(

Can you please change this behaviour because you have it called 'gtk-jmup-to' and most icon sets I've seen have the name as 'bookmarks', I hope you'll please make it so we can edit this like it was in previous version.

Thanks

Owner

IgnorantGuru commented Dec 10, 2013

Actually, this is precisely a Slackware issue, because Slackware is shipping with a broken su setup.

@ghost

ghost commented Dec 13, 2013

It's shadow that has the issue not Slackware, because Slackware only uses what comes from upstream by the developer(s), and doesn't patch, so of course other distros can be using the same version of shadow and it works, that's because they patched it.

But then again, they don't have to patch if they just used gksudo or ksudo, but that still doesn't mean shadow does not have an issue it does.

Remember Slackware never patches, it has to come from upstream to be fixed, or the end-user.

Getting back to the bookmarks icons can you please change it back so we can change these?

Thanks IgnorantGuru

@ghost

ghost commented Dec 24, 2013

Hi IgnorantGuru,

You changed the title of my post because it was also about the Bookmark icons and I wanted to know if you will please change it back to the old behaviour so we can change the icon?

Cheers

Owner

IgnorantGuru commented Dec 24, 2013

I couldn't easily follow what bookmark icon you're talking about, and one topic per issue please. I suggest you ask your question clearly on a general forum or on the SpaceFM forum. I don't recall any bookmark icon setting changing.

mancha1 commented Mar 7, 2014

Hi IgnorantGuru.

Thought you might be interested to know Slackware 14.1 released an updated shadow package that no longer detaches TTY when "su -c"-ing root. Users current with all upgrades should not experience the issue reported here.

--mancha

VastOne commented Mar 7, 2014

Good to know mancha, thanks for that update

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment