Re: admin user (and ditto group member) no longer has the corresponding permissions?!
Re: admin user (and ditto group member) no longer has the corresponding permissions?!
- Subject: Re: admin user (and ditto group member) no longer has the corresponding permissions?!
- From: "Sankey, David \(STFC, RAL, PPD\) via X11-users" <email@hidden>
- Date: Tue, 28 Jul 2020 12:07:20 +0000
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=stfc.ac.uk; dmarc=pass action=none header.from=stfc.ac.uk; dkim=pass header.d=stfc.ac.uk; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=oGMXdI15pXKULFaEsXfo4na/HybL3u+L1jsA0quLwaQ=; b=XmpjUN/l06JYdDpUtXdp9FBIyQ6DtoX8g/Is/pknPLcr3+D7E5XYCJD5xarYmeWi60OmzHURv319Ql561mfCwl+xvFPjpQZWClPhLpsL4caT3zas9On4FpLrN0ldxGSeYr4QuCtbqSjj14edMuUFG7/fb4DIoFoyyFbq3emdmnuNWyRZ7dmWAy1Ci6aZv+iihmwuQ0uCR4lBIb07cGJTFbILjDRAbA//DY9VT/ZNh1zUYQBlQM+8AqTEyabZxqd4kz+qw7TlzVTaSuU6RqljpAcXE0gd1h950LOAifRV8UMallV+en2r3J0Psrh6XZWoppDh7iOAGrC91xAXtfDaqw==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=bMWtPfaD50/HmiAYjU9dpOt25AIV8d4jCbagMy6q7yxBdWpxpb8vrQJJaLXvBBFIB9YkG/yqJBEciA4XteFQS7zR79RZ8oYjze89jbsyGYyjhj5BKKiAy2iLAN0gSE1ixf1TuWpg369ReabGrJeLCER72uP9eBpEbfhpVmgsI8qOTG01Hc9Ludqr6Jsvb1LwPZ1H6aWHFv88f+4Pgjt21tTV/i6241uAG0Jz79jI0Ka0ETUlvljf6XRbx7rOGErCRv2WBRNvBfBipWfTjBGaPr570aZNd9O/C/zqWJv0WVn2Gg0OkyLqkzLowuScuzFwSt2/48BDwV1iJpQjIaZ3gA==
- Thread-topic: admin user (and ditto group member) no longer has the corresponding permissions?!
Sorry, what OS are you running?
I thought Catalina and this is an artefact of SIP. Terminal plays nicely, so
everything works, X11 doesn’t so you need to authorise the shell that launches
X11. In the stock X11 this is bash.
D
> On 28 Jul 2020, at 10:36, René J.V. Bertin <email@hidden> wrote:
>
> On Tuesday July 28 2020 08:18:00 Sankey, David wrote:
>> Internally X11 is launched from bash.
>>
>> You need to add /bin/bash to Full Disk Access in the Privacy tab in the
>> Security and Privacy Control Panel.
>>
>
> Thanks for the suggestion, but that option didn't yet exist in 10.9 (or it's
> so well hidden that I never noticed it)! Besides, if this were the
> explanation, then
> - any process launched through bash should be affected by the permission
> restrictions
> - every user (possibly even root) should be afflicted.
>
> Oh, and the bundle exec of MacPort's X11 uses $SHELL to launch the actual X11
> server binary. In my case that's tcsh.
>
> I've done some more digging. My X11 terminals (KDE5 konsole running with Qt's
> xcb QPA) were being launched through an *old* script of mine that was
> launched from .xinitrc using an xterm instead of simply as an executable
> script. I can't remember why I ever did that. I modified this aspect, and now
> my "konsoles" give me the expected, traditional Unix permissions.
>
> However, if I launch an xterm, or an mrxvt terminal, my permissions are
> crippled, no matter how I launch those terminals. It also happens when I ssh
> in from a Linux rig and use the remote X11 server. However, when I su to that
> other admin user permissions are again as they should be. I haven't yet tried
> to ssh from an xterm to my Linux rig and then back to the Mac (my UIDs are
> identical).
>
> So, to resume once more:
> - this issue is limited to certain applications, or applications that use (or
> don't use) certain library/ies (I've identified xterm and mrxvt for now)
> - this issue is limited to certain (admin) user accounts
>
> I can't think of any logical explanation for this and-and combination (I
> could understand an either-or). It seems more likely that something was
> changed to the settings of my account than to other settings. You'd almost
> think of a virus, except that the only thing it achieves by limiting admin
> file access is annoying me...
>
> FWIW, a while back I had an episode on this same Mac where the invocation of
> the libtool script would cause gatekeeper to burn a lot of CPU, slowing down
> autoconf-based builds to a crawl. I never understood what happened then and
> how it sorted itself, but there were log entries that made it very clear that
> gatekeeper was involved. I'm not seeing any of those here.
>
> R.
This email and any attachments are intended solely for the use of the named
recipients. If you are not the intended recipient you must not use, disclose,
copy or distribute this email or any of its attachments and should notify the
sender immediately and delete this email from your system. UK Research and
Innovation (UKRI) has taken every reasonable precaution to minimise risk of
this email or any attachments containing viruses or malware but the recipient
should carry out its own virus and malware checks before opening the
attachments. UKRI does not accept any liability for any losses or damages which
the recipient may sustain due to presence of any viruses. Opinions, conclusions
or other information in this message and attachments that are not related
directly to UKRI business are solely those of the author and do not represent
the views of UKRI.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
X11-users mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden