Your message dated Mon, 01 Sep 2025 07:50:29 +0000
with message-id <[email protected]>
and subject line Bug#1094494: fixed in xorg 1:7.7+25
has caused the Debian Bug report #1094494,
regarding lightdm: /usr/share/xsessions/lightdm-autologin.desktop error in exec
statement
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1094494: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094494
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: lightdm
Version: 1.32.0-6+b1
Severity: grave
Justification: user security hole
X-Debbugs-Cc: [email protected]
dist-upgrading Feb 5 2025 using autologin with lightdm with the attached config
in particular setting
autologin-session=lightdm-autologin
in /etc/lightdm/lightdm.conf
we get the following error:
Xsession: unable to launch "env AUTOLOGIN=yes /etc/X11/Xsession" X session
---
"env AUTOLOGIN=yes /etc/X11/Xsession" not found; falling back to default
due to the Exec-statement in /usr/share/xsessions/lightdm-autologin.desktop
Exec=env AUTOLOGIN=yes /etc/X11/Xsession
However, /etc/X11/Xsession will be launced anyway wich is a user security
problem / hole
since AUTOLOGIN=yes is not set and the user will not know that it should take
height
for the session being an AUTOLOGIN session, e.g. by immediately locking the
screen
in case of unattended reboot / start-up, potentially leaving the session wide
open
giving access to everybody having physical access to the computer.
The soloution would be as simple as fixing
/usr/share/xsessions/lightdm-autologin.desktop
to actually exporting AUTOLOGIN=yes before launching /etc/X11/Xsession,
e.g. by an executable wrapper:
~~~ /etc/X11/Xsession-AUTOLOGIN ~~~
#!/bin/sh
AUTOLOGIN=yes
export AUTOLOGIN
exec /etc/X11/Xsession
~~~
Setting
Exec=/etc/X11/Xsession-AUTOLOGIN
in /usr/share/xsessions/lightdm-autologin.desktop
-- System Information:
Debian Release: trixie/sid
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500,
'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 6.12.11-amd64 (SMP w/16 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_WARN, TAINT_OOT_MODULE,
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=sv_SE.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages lightdm depends on:
ii adduser 3.137
ii dbus 1.16.0-1
ii debconf [debconf-2.0] 1.5.89
ii libaudit1 1:4.0.2-2+b1
ii libc6 2.40-6
ii libgcrypt20 1.11.0-7
ii libglib2.0-0t64 2.82.4-2
ii libpam-systemd [logind] 257.2-3
ii libpam0g 1.7.0-2
ii libxcb1 1.17.0-2+b1
ii libxdmcp6 1:1.1.5-1
ii lightdm-gtk-greeter [lightdm-greeter] 2.0.9-1
Versions of packages lightdm recommends:
ii xserver-xorg 1:7.7+24
Versions of packages lightdm suggests:
ii accountsservice 23.13.9-7
ii upower 1.90.7-1
ii xserver-xephyr 2:21.1.15-2
-- Configuration Files:
/etc/lightdm/lightdm.conf changed:
[LightDM]
[Seat:*]
greeter-hide-users=false
greeter-show-manual-login=false
greeter-show-remote-login=false
allow-user-switching=true
display-setup-script=/etc/lightdm/fraxdisplaysetup.sh
autologin-user=frax
autologin-user-timeout=0
autologin-session=lightdm-autologin
[XDMCPServer]
[VNCServer]
/etc/lightdm/users.conf changed:
[UserList]
minimum-uid=1366
hidden-users=nobody nobody4 noaccess
hidden-shells=/bin/false /usr/sbin/nologin
/etc/pam.d/lightdm changed:
auth requisite pam_nologin.so
session required pam_env.so readenv=1
session required pam_env.so readenv=1 envfile=/etc/default/locale
auth [success=1 default=ignore] pam_unix.so nullok try_first_pass
auth requisite pam_deny.so
auth required pam_permit.so
-auth optional pam_gnome_keyring.so
@include common-account
session [success=ok ignore=ignore module_unknown=ignore default=bad]
pam_selinux.so close
session required pam_limits.so
session required pam_loginuid.so
@include common-session
session [success=ok ignore=ignore module_unknown=ignore default=bad]
pam_selinux.so open
-session optional pam_gnome_keyring.so auto_start
@include common-password
-- debconf information:
* shared/default-x-display-manager: lightdm
lightdm/daemon_name: /usr/sbin/lightdm
--- End Message ---
--- Begin Message ---
Source: xorg
Source-Version: 1:7.7+25
Done: Timo Aaltonen <[email protected]>
We believe that the bug you reported is fixed in the latest version of
xorg, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Timo Aaltonen <[email protected]> (supplier of updated xorg package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 01 Sep 2025 10:07:30 +0300
Source: xorg
Built-For-Profiles: noudeb
Architecture: source
Version: 1:7.7+25
Distribution: unstable
Urgency: medium
Maintainer: Debian X Strike Force <[email protected]>
Changed-By: Timo Aaltonen <[email protected]>
Closes: 1094494
Changes:
xorg (1:7.7+25) unstable; urgency=medium
.
[ Jochen Sprickerhof ]
* 20x11-common_process-args: Only use the first word for command -v
(Closes: #1094494)
Checksums-Sha1:
3cfe52b5c3af3136c26783de65085f4b744eab07 1970 xorg_7.7+25.dsc
e76f56ae159d534f75f2076845e9774a20ef8614 234264 xorg_7.7+25.tar.xz
d118368f4a0853c256074b85e2522e57226ac4fc 7287 xorg_7.7+25_source.buildinfo
Checksums-Sha256:
db706e466582d2b2573fe3fcec7e1bf43fb47b7ddd3bd552e85a67c27b66190c 1970
xorg_7.7+25.dsc
3c14a64b4f419e250c2ef34e197b2e0ea3c6c5e5037d7939ddeb4437471be0f6 234264
xorg_7.7+25.tar.xz
0c49033592f186c06f2100d5bc602872555f74b988909e4c3b297e1b5aa4b798 7287
xorg_7.7+25_source.buildinfo
Files:
794094d527f8cfe8a601a39869776a7c 1970 x11 optional xorg_7.7+25.dsc
7d8a707829972ac434f50020ab1cf7ba 234264 x11 optional xorg_7.7+25.tar.xz
6f561aa604025dc25765f738c1ca0080 7287 x11 optional xorg_7.7+25_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEdS3ifE3rFwGbS2Yjy3AxZaiJhNwFAmi1SoYACgkQy3AxZaiJ
hNwZFxAAhRyBBxmf5ICeSXfGMeX4El3hQ11LU49CkR5bVhb7fiHv5UcfJQ8YMWLO
It39aWBQNfVy5MSiztxTMmG43zCKGkFU4b6RVohJprWa9fBC4KmnTHMJBMFhqe09
qfgQKIcrtIpzdway2vU9u57gts8A/UuuLvdGk3HnrQpGcKx9bPKqN2P7bZ7nhA9t
QGMANeBc1y0qQ2+2HmX1dIhB5SihzpApse5qyeP1KvLG8DA1XoDeByirTuDbKR4P
JzRwQMK/FvtnfEDnk8eoJzqJwVa/YQYyDmmZkh30wi7kSRWCBXk9dMsJ+cPFPoo1
3txHgpB/1Ux58DWaj18LYhkZ7JM4SOfK9MmLXDhjn2/AF96CLXLPXxiThXQQ/nb4
YH7JpmC2rid/zyKDL9NtR4YnxKrdLKX9zEnDAr7KzYmE2GLAL+D1Bvmf+3DOJ2uY
dEjvl/7F9XGx3QuCV8sKXEWeD57R547xJdQD/VSsUndPlM6Uue+BIH34Hb+m5IXA
6E59YCPnegBoM16SwI33wFaTi/GBieLGnvzzYp99a5z2+5Yv+k80v9OyPiL6lJWX
ak+2ifGe33zWepKVdXnuW6XTEzsPCf4ZeDFn0sM5hYT7tE7k8YVeRSVeWZgqwlQq
3TydyRAnccy+ZvYgMYuGs+STGqtJsWzV0E1fWqiWGWNRdd44bUM=
=+ow9
-----END PGP SIGNATURE-----
pgpy5FBR9Rfq3.pgp
Description: PGP signature
--- End Message ---
