mounting /proc with hidepid causes: Fatal server error: (EE) xf86OpenConsole: Cannot open virtual console 1 (Permission denied)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
X.Org X server |
Unknown
|
Medium
|
|||
xorg-server (Ubuntu) |
Triaged
|
Low
|
Unassigned |
Bug Description
I don't what changed but today, my Artful laptop refuses to start a graphical session. The last update seems entirely unrelated:
# /var/log/
Start-Date: 2018-03-06 15:50:35
Commandline: apt-get dist-upgrade
Requested-By: simon (1000)
Upgrade: libpq5:amd64 (9.6.7-
End-Date: 2018-03-06 15:50:39
I tried linux-image-
ProblemType: Bug
DistroRelease: Ubuntu 17.10
Package: gdm3 3.26.1-3ubuntu3
ProcVersionSign
Uname: Linux 4.13.0-36-generic x86_64
ApportVersion: 2.20.7-0ubuntu3.7
Architecture: amd64
Date: Thu Mar 8 11:08:35 2018
InstallationDate: Installed on 2017-10-21 (137 days ago)
InstallationMedia: Ubuntu 17.10 "Artful Aardvark" - Release amd64 (20171018)
SourcePackage: gdm3
UpgradeStatus: No upgrade log present (probably fresh install)
summary: |
- gdm-x-session xf86OpenConsole: Cannot open virtual console 1 (Permission - denied) + Fatal server error: (EE) xf86OpenConsole: Cannot open virtual console 1 + (Permission denied) |
summary: |
- Fatal server error: (EE) xf86OpenConsole: Cannot open virtual console 1 - (Permission denied) + mounting /proc with hidepid causes: Fatal server error: (EE) + xf86OpenConsole: Cannot open virtual console 1 (Permission denied) |
Changed in xorg-server: | |
importance: | Unknown → Medium |
status: | Unknown → Confirmed |
Changed in xorg-server: | |
status: | Confirmed → Incomplete |
Changed in xorg-server: | |
status: | Incomplete → Unknown |
Finally found what changed. I updated /etc/fstab to have /proc mounted with hidepid=2,gid=sudo for added security. This works perfectly on 16.04 but totally breaks on 17.10.
To recap: mounting /proc with "nodev, noexec, nosuid" works but adding "hidepid= 2,gid=sudo" breaks.