Bug#915950: workaround (dconf-service: /var/run/user/<UID>/dconf/user switches ownership to root:root)

Dr. A. Stammler dr_a_stammler at online.de
Tue Dec 25 19:53:54 GMT 2018 

Problems can be reduced by running a script to check and reset file ownerships every minute (/etc/crontab). Some processes (like ‘mate-panel’, ‘mate-settings-demon’) still need to be killed, though.
-------------- next part --------------
#!/bin/bash

LOGTAG="$(basename $0)"

RUN_USER_DIR="/var/run/user"

#PROCESSES_TO_RESTART='mate-panel'

EXITVALUE=0

function test_D_Conf_user_file_permissions {
 DUFLISTING=$(ls -n "$DCONF_USER_FILE")

 #echo "$DUFLISTING"
 read DUFPERMISSIONS DUFLINKS DUFUID DUFGID DUFDETAILS <<<$(echo "$DUFLISTING")
 #echo "user & group: $RUN_UID:$RUN_GID; D Conf file: $DUFUID:$DUFGID"
 logger --tag "$LOGTAG" -p 'user.debug' "user & group: $RUN_UID:$RUN_GID; D Conf file: $DUFUID:$DUFGID"

 test "$DUFUID" == "$RUN_UID" -a "$DUFGID" == "$RUN_GID"
} # function test_D_Conf_user_file_permissions

function show_situation {
 top -b -n 1 | sed -e '12,$d'
 free
} # function show_situation

cd "$RUN_USER_DIR"
for RUN_UID in *
do
 if
  #test "$RUN_UID" != '0'
  test $RUN_UID -ge 1000
 then
  RUN_GID="$(id -g $RUN_UID)"
  DCONF_USER_DIR="$RUN_USER_DIR/$RUN_UID/dconf"
  DCONF_USER_FILE="$DCONF_USER_DIR/user"
  
  #ls -al "$DCONF_USER_DIR"

  if
   ! test_D_Conf_user_file_permissions
  then
   #echo -n "→ Permissions seem wrong. "
   #echo "→ Permissions seem wrong; processes accessing $DCONF_USER_DIR:"
   #fuser -v "$DCONF_USER_DIR"

   #echo "→ Trying to reset ownership of $DCONF_USER_FILE…"
   logger --tag "$LOGTAG" -p 'user.notice' "→ Trying to reset ownership of $DCONF_USER_FILE…"
   #chown -v "$RUN_UID:$RUN_GID" "$DCONF_USER_FILE"
   chown "$RUN_UID:$RUN_GID" "$DCONF_USER_FILE"

   #echo '→'
   #killall -v -SIGHUP $PROCESSES_TO_RESTART

   if
    ! test_D_Conf_user_file_permissions
   then
    #echo '* ERROR: could not reset ownership.'
    logger --tag "$LOGTAG" -p 'user.crit' '* could not reset ownership.'
    EXITVALUE=1
   fi
  #else
   #echo '→ Permissions seem fine; no action taken.'
  fi
 #else
  ##echo "Super user (UID $RUN_UID) ignored."
  #echo "System user (UID $RUN_UID) ignored."
 fi
 #echo
done

#echo '⇒'
#show_situation
#echo

exit $EXITVALUE
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-gnome-maintainers/attachments/20181225/e683d69f/attachment.sig>

More information about the pkg-gnome-maintainers mailing list