Slow "su - user" under X11 (pam, xauth)

[Radoslaw Zielinski]

The problem: "su - user" under X is slow.


The background: I've added an user, now I'm trying to "sudo su - ..." to
it.  I'm doing this from an X session, so pam has decided to use
pam_xauth.so:

  $ sudo grep xauth /etc/pam.d/su
  session   optional  pam_xauth.so

pam_xauth calls xauth (as the destination user):

  /usr/bin/xauth -f /home/users/radek/.Xauthority nlist :0.0

...and the reason for the delay is here (strace -p):

  open("/home/users/radek/.Xauthority-c", O_WRONLY|O_CREAT|O_EXCL, 0600) = -1 EACCES (Permission denied)
  rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
  rt_sigaction(SIGCHLD, NULL, {SIG_DFL, [], 0}, 8) = 0
  rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
  nanosleep({2, 0}, {2, 0})               = 0
  [... this repeats several times ...]
  write(2, "/usr/bin/xauth:  timeout in locki"..., 81) = -1 EBADF (Bad file descriptor)


The code comes from xorg-lib-libXau; function XauLockAuth().  Now, what I don't
understand is this snippet:

    while (retries > 0) {
        if (creat_fd == -1) {
            creat_fd = open (creat_name, O_WRONLY | O_CREAT | O_EXCL, 0600);
            if (creat_fd == -1) {
                if (errno != EACCES)
                    return LOCK_ERROR;

So, it will ignore EACCES and just happily keep trying.  Why; what's the point,
what's the purpose, wtf?

-- 
Radosław Zieliński <radek at pld-linux.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
Url : /mailman/pipermail/pld-devel-en/attachments/20090222/f907acb5/attachment.sig