Xpra: Ticket #1394: XDG_RUNTIME_DIR should not contain executable scripts

In short, getting this:

sh: 1: /run/user/1000/xpra/run-xpra: Permission denied

on Ubuntu 12.04, where /run is mounted by default as:

tmpfs on /run type tmpfs (rw,'''noexec''',nosuid,size=10%,mode=0755)

I can of course modify this in fstab, but filing ticket as this is the default on Ubuntu. Either run-xpra should remain in $HOME, or some test should be done to check whether $XDG_RUNTIME_DIR is mounted noexec.

Fri, 30 Dec 2016 20:52:09 GMT - Todd Vierling:

(Note that /run is mounted in the initramfs, so a hack in fstab to change this actually requires an entry containing "remount" in its options, since /run is not listed in fstab normally at all.)

Fri, 30 Dec 2016 20:52:32 GMT - Todd Vierling: summary changed

Sat, 31 Dec 2016 07:25:14 GMT - Antoine Martin: owner, description changed

Original feature ticket: #1129

I've re-tested 1.0 on all those distributions to verify:

So the only problem that I can see is with 14.04, not 12.04, and it isn't a huge problem since we try to execute ~/.xpra/run-xpra first. What is the problem you're seeing?

Sat, 31 Dec 2016 18:15:05 GMT - Todd Vierling:

Sorry, it was a typo; I am in fact on 14.04 (trusty).

The problem is occurring when there is neither a ~/.xpra or $XDG_RUNTIME_DIR/xpra directory yet existing on the destination host. The autogenerated run-xpra script gets created in $XDG_RUNTIME_DIR in this case.

Looks like changing 'bind' from 'auto' to '~/.xpra/' makes the script appear in ~/.xpra as with previous versions. I suppose the least overhead solution to this issue would be a documentation note, or comment in the shipped 50_server_network.conf, that Ubuntu 14.04 systems should use that setting.

Sun, 01 Jan 2017 05:13:40 GMT - Antoine Martin: attachment set

don't use XDG_RUNTIME_DIR for run-xpra script on Ubuntu 14.04

Sun, 01 Jan 2017 05:13:58 GMT - Antoine Martin: version changed

Forgive me if I am being thick but I still fail to reproduce any kind of showstopper problem on 14.04:

rm -fr ~/.xpra ${XDG_RUNTIME_DIR}/xpra

Resets things for testing, then I can use any xpra command I like and when the "run-xpra" scripts get created (xpra start, xpra shadow, etc), they are created in both locations.

If I use a command that relies on those scripts (ie: xpra start ssh:HOST --start=xterm), then it finds the one in "~/.xpra" first and the command runs without problems. What exact commands are you using to get a failure?

Does the patch attached above fix things?

Tue, 21 Feb 2017 12:47:43 GMT - Antoine Martin: status changed; resolution set

Not heard back, closing.

Sat, 23 Jan 2021 05:23:04 GMT - migration script:

this ticket has been moved to: https://github.com/Xpra-org/xpra/issues/1394