Package: fglrx-atieventsd
Version: 1:8-7-2
Severity: serious
Tags: patch
Justification: Policy 3.5
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The patched version of the authentication script we ship with the package uses
finger, without fglrx-atieventsd depending on it.
(Actually, I wrote that patch. Shame on me)
Moreover, the way it detects the X session owner has proved unreliable
(acpi-support-base used something similar, see bug #497220 for details), so I
rewrote the script using pinky (included in coreutils, which is required) and
taking care of avoiding the problems of the former approach.
I've been testing it for some days and it seems to work. It would be great if
you could test logging out and relogging in X, and restarting
/etc/init.d/atieventsd while running X, those were the problematic actions if I
recall well.
I've attached the modified script, to be diffed against the upstream one.
Cheers,
Luca
- -- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (98, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-1-686 (SMP w/2 CPU cores)
Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages fglrx-atieventsd depends on:
ii fglrx-glx 1:8-7-2 proprietary libGL for the non-free
ii libc6 2.7-15 GNU C Library: Shared libraries
ii libgl1-mesa-glx [libgl1] 7.0.3-6 A free implementation of the OpenG
ii libx11-6 2:1.1.5-2 X11 client-side library
ii libxext6 2:1.0.4-1 X11 miscellaneous extension librar
ii libxrandr2 2:1.2.3-1 X11 RandR extension library
ii libxrender1 1:0.9.4-2 X Rendering Extension client libra
ii xserver-xorg 1:7.3+18 the X.Org X server
Versions of packages fglrx-atieventsd recommends:
ii fglrx-driver 1:8-7-2 non-free AMD/ATI r5xx, r6xx displa
fglrx-atieventsd suggests no packages.
- -- no debconf information
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkkHnSwACgkQ4OR+1T4ba9gQ5gCeIgjXpe/P9UsI8IEWE9OmbtG1
n0oAn1Sb/g+r8ZN+xmteU9mqnVrjLk8D
=EkZj
-----END PGP SIGNATURE-----
#!/bin/sh
#
# Control script grant/revoke access to X for the ATI External Events Daemon
#
# Distro maintainers may modify this reference script as necessary to conform
# to their distribution policies.
#
# Copyright (c) 2006, ATI Technologies Inc. All rights reserved.
#
#
# Parameters:
# $1 is a keyword, either "grant" or "revoke"
# $2 is the display name
# $3 is the X authorization file to be authorized
#
# Returns:
# 0 if authorization was successfully granted/revoked
# nonzero on failure
#
# Note:
# The third parameter only makes sense if xauth is being used. If another
# mechanism such as xhost is being used it can be ignored. For setups that
# do not do any form of authentication(!) this script can be trimmed down
# to just "exit 0" and the daemon will assume that it is always authorized.
#
GetServerAuthFile()
{
# Determine where the authorization key may be hiding. The location will
# vary depending upon whether X was started via xdm/kdm, gdm or startx, so
# check each one in turn.
# Check xdm/kdm
XDM_AUTH_MASK=/var/lib/xdm/authdir/authfiles/A$1*
XDM_AUTH_FILE=`ls -t $XDM_AUTH_MASK 2>/dev/null | head -n 1` # Choose the newest file
if [ -n "$XDM_AUTH_FILE" ]; then
SERVER_AUTH_FILE=$XDM_AUTH_FILE
DISP_SEARCH_STRING="#ffff#"
return 0
fi
# Check for xauth
XAUTH_AUTH_MASK=/var/run/xauth/A$1*
XAUTH_AUTH_FILE=`ls -t $XAUTH_AUTH_MASK 2>/dev/null | head -n 1` # Choose the newest file
if [ -n "$XAUTH_AUTH_FILE" ]; then
SERVER_AUTH_FILE=$XAUTH_AUTH_FILE
DISP_SEARCH_STRING="#ffff#"
return 0
fi
# Check gdm
GDM_AUTH_FILE=/var/lib/gdm/$1.Xauth
if [ -e $GDM_AUTH_FILE ]; then
SERVER_AUTH_FILE=$GDM_AUTH_FILE
DISP_SEARCH_STRING="$1"
return 0
fi
# Finally, check for startx
for XPID in `pidof X`; do
TRIAL_XAUTH_FILE=`tr '\0' '\n' < /proc/$XPID/environ | grep -e "^XAUTHORITY=" | cut -d= -f2`
if [ -n "$TRIAL_XAUTH_FILE" ]; then
TRIAL_XAUTH_KEY=`xauth -f $TRIAL_XAUTH_FILE list | grep "unix$1"`
if [ -n "$TRIAL_XAUTH_KEY" ]; then
SERVER_AUTH_FILE=$TRIAL_XAUTH_FILE
DISP_SEARCH_STRING="unix$1"
return 0
fi
fi
done
# Couldn't find the key
return -1
}
# Main part of script
#
# Since the daemon is usually started during init time before X comes up,
# $PATH may not yet contain the paths to the X binaries, particularly xauth.
# Add the usual location for where xauth may live and fail out if we still
# can't find it.
#
PATH=$PATH:/usr/bin:/usr/X11R6/bin
which xauth > /dev/null || exit -1
case "$1" in
grant)
GetServerAuthFile $2 || exit -1
DISP_AUTH_KEY=`xauth -f $SERVER_AUTH_FILE list | grep $DISP_SEARCH_STRING | awk '{ print $3 }'`
if [ `pinky -fs | awk '{ if ($3 == "'$2'" || $(NF) == "'$2'" ) { print $1; exit; } }'` ]; then
user=`pinky -fs | awk '{ if ($3 == "'$2'" || $(NF) == "'$2'" ) { print $1; exit; } }'`
if [ -n "$DISP_AUTH_KEY" ]; then
su $user -c "xauth -f $3 add $2 . $DISP_AUTH_KEY" || exit -1
else
exit -1
fi
else
if [ -n "$DISP_AUTH_KEY" ]; then
xauth -f $3 add $2 . $DISP_AUTH_KEY || exit -1
else
exit -1
fi
fi
;;
revoke)
if [ `pinky -fs | awk '{ if ($3 == "'$2'" || $(NF) == "'$2'" ) { print $1; exit; } }'` ]; then
user=`pinky -fs | awk '{ if ($3 == "'$2'" || $(NF) == "'$2'" ) { print $1; exit; } }'`
su $user -c "xauth -f $3 remove $2" || exit -1
else
xauth -f $3 remove $2 || exit -1
fi
;;
*)
exit -1
;;
esac
exit 0
