Date: Sat, 19 Jul 2014 14:05:41 +0200
From: Paul Onyschuk <blink@bojary.koba.pl>
To: alpine-devel@lists.alpinelinux.org
Subject: Re: [alpine-devel] Firefox not starting for normal user after Xorg
 update
Message-Id: <20140719140541.dfcee7a97457e56d133c91bc@bojary.koba.pl>
In-Reply-To: <20140719143135.53ab1d17@vostro>
References: <20140719121811.b5989b5aa59ffcac0a40333b@bojary.koba.pl>
	<20140719143135.53ab1d17@vostro>
Precedence: list
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

On Sat, 19 Jul 2014 14:31:35 +0300
Timo Teras wrote:

> I bumped into this exact same issue just yesterday. It seems to be
> grsec preventing access to /sys (by modifying the default
> permissions). And apparently the new i915 module wants to open stuff
> there. Not sure if we should patch grsec, the driver, or somehow
> adjust the /sys permissions. Should probably ask from grsec people
> what to do.

Looking at source code of xf86-video-intel [1] functions accessing
sysfs are guarded by #ifdef __linux__ in intel_device.c (for other
system lacking sysfs e.g. *BSD).  Otherwise this happens:

#else
static int __intel_open_device__pci(const struct pci_device *pci)
{ return -1; }
#endif

And it falls back to legacy method:

fd = __intel_open_device__pci(pci);
if (fd == -1)
	fd = __intel_open_device__legacy(pci);

Dirty workaround for time being could be just changing "#ifdef
__linux__" to "#if 0" in intel_device.c (or I'm missing something?),
before clearing this out with grsec people.


[1]
http://cgit.freedesktop.org/xorg/driver/xf86-video-intel/tree/src/intel_device.c

-- 
Paul Onyschuk


---
Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
Help:         alpine-devel+help@lists.alpinelinux.org
---