[PlanetCCRMA] Pam, Perms, a plan?

Matt Barber brbrofsvl@aol.com
Tue Oct 12 21:22:01 2004

Hi Fernando and list,

Relatively low-level question/bug here.  We have a set of problems that
seems to involve the same process, but I'm not sure what it is:

Right now we're not quite on the edge - we're currently using
2.6.7-1.437.1.ll.rhfc2.ccrmasmp, since cd burning generally hardlocks
our machine (dual-opteron, 32-bit fedora2) in the kernels after this one
(haven't tried the newest planetedge).  Sometimes when a user logs out
of Gnome, X sort of freezes.  It's not a hard freeze - you can move the
mouse cursor around, and click on things, but clicking does nothing. 
Right-clicking still opens up a menu.  It doesn't matter whether or not
there are running windows or processes - sometimes it happens and
sometimes it doesn't, and I can't find a way to reproduce the behavior
consistently.  We're using an nvidia video card, and I thought that
maybe the nvidia module was doing this, but it seems to be happening
with the xorg nv module.  When this happens, we have to
ctrl-alt-backspace to finish the logout and get back to the greeter. 
Most of the time when this happens (not every time, as far as I can
tell), gdm does not relinquish device ownership.  /var/run/console.lock
remains the same, and a file for the user in /var/run/console/ remains. 
An ssh login and running who shows the user still logged into :0, and
they still have ownership of /dev/console, and all of the console.perms
devices that get chowned to the owner.  Then, curiously, when someone
else logs in, pam_console.so does not give device ownership to the new
user.  Temporarily we changed console.perms to have write permissions to
important devices for our audio group, but this is a little too open
maybe.  As far as I know we are not running selinux
(/etc/sysconfig/selinux shows it as disabled).  I can't get xorg.conf to
keep the 'Load "dri" ' line to stay out, either.  Every time I take it
out or comment it out, something puts that line back in, and then I get
some errors in /var/log/gdm/\:0.log about dri not working right (as far
as I understand, you wnat to get rid of the dri stuff when using the
nvidia modules).  Another annoying problem:  most of the time, unless
gnome-terminal logins to pts/* are specifically exited with "exit," they
persist as long as the computer is running - according to "who" anyway. 
I remember once that `who` saw a week-old gnome-terminal login.  So I'm
wondering where to start troubleshooting.  I don't know the sequence of
events for a gdm login/logout, how much xdm is involved (if at all),
etc.  Often pam_console_apply is kaput as well - it won't reset
ownership on some of the things it should.  I don't know how
pam_console.so runs, and whether it runs a discrete chown process or
handles all of that in its binary process.  I notice a difference in
gdm.conf from my RH9 gdm.conf at home:  at home the "KillInitClients" is
on, and on the FC2 machine it is off.  I'm not quite sure what it does,
or if it's involved, but I thought I'd ask.

Any ideas?  Sorry for the density of the post.