Bug#732209: dconf-CRITICAL **: unable to create file '/run/user/1000/dconf/user': Permission denied.

Martin Pitt mpitt at debian.org
Fri Jun 10 15:03:58 BST 2016 

Control: tag -1 -moreinfo -unreproducible +wontfix

Vlad Orlov [2016-04-20 17:00 +0300]:
> You can check [1] to get some info about libpam-systemd doing
> something wrong here.
> [1] https://bugzilla.redhat.com/show_bug.cgi?id=753882

This was fixed up to the extent possible in
https://github.com/systemd/systemd/commit/baae0358f, i. e. 2.5 years
ago.

> Also we had this issue for months in Linux Mint before Clement Lefebvre
> made a patch [2] that fixed it. After the patched libpam-systemd had been
> released for Mint, the problem was gone. That was it. No patching gksu,
> no patching dconf.

That's a very optimistic. Sure, we could (partially) clean up after
su's brokenness forever, but (1) this makes the fundamental problem
only a bit smaller, but not go away, and (2) we would then have to
maintain this wrong patch forever and taking the blame for it instead
of fixing it at the root cause.

The problem is not "gone" in any sense of the word -- which of the
leaked environment variables do you want libpam-systemd to unset in
su's stead? XDG_RUNTIME_DIR? DBUS_SESSION_BUS_ADDRESS?
DESKTOP_SESSION? MAIL? XDG_CONFIG_DIRS? SSH_AUTH_SOCK? GPG_AGENT_INFO?

The fundamental problem is that it's not at all defined what "su"
without -l actually wants to be: Switching to a different user like a
suid program? Then you need the *entire* environment and not change a
few selected variables like $HOME only. Or be like "login"? Then you
need to clean the env like su -l or sudo. Both of the latter have
well-defined behaviour, whereas the current "su" has no conceptual or
consistent (or safe) behaviour at all.

> Ok, so maybe it's time to remove 'moreinfo' and 'unreproducible' tags?

Yes, I agree about that. But libpam-systemd is still neither the
correct nor even a possible place to fix this.

AFAICS, the behaviour of "su" without -l either needs to be properly
defined and fixed, or it should be completely deprecated, perhaps
making it do the same thing as -l.

Thanks,

Martin

-- 
Martin Pitt                        | http://www.piware.de
Ubuntu Developer (www.ubuntu.com)  | Debian Developer  (www.debian.org)

More information about the Pkg-systemd-maintainers mailing list