rpm/xorg-x11-server
SHA256
1
0
Fork 0
forked from pool/xorg-x11-server
Code Pull Requests Activity

Accepting request 838746 from X11:XOrg

Browse Source 
- n_xorg-wrapper-anybody.patch
  * replace default config /etc/X11/Xwrapper, which allows
    anybody to use the wrapper, by a patch for the code, i.e.
      # rootonly, console, anybody
      allowed_users=anybody
      # yes, no, auto
      needs_root_rights=auto
    is now the default without any Xwrapper config
    (needs_root_rights=auto was already the default before)

- u_xorg-wrapper-Xserver-Options-Whitelist-Filter.patch
  * replaced by improved version written by Matthias Gerstner of
    our security team
    + simplified the option parsing code a bit
    + changed the "ignore forbidden argument" logic into an "abort
      on forbidden argument" logic. This is safer and avoids 
      surprises on the user's end that could occur if the desired
      command line arguments aren't effective but the Xorg server is
      still started.
    + tried to adjust to the coding style present in the file 
      (mostly the function name)
    + added some logic to apply the option filtering only to 
      non-root users when Xorg is actually started as root. This
      should allow for full flexibility if root calls the wrapper or
      if the Xorg server only runs with user privileges.

- U_Fix-segfault-on-probing-a-non-PCI-platform-device-on.patch,
  U_Revert-linux-Fix-platform-device-PCI-detection-for-c.patch,
  U_Revert-linux-Fix-platform-device-probe-for-DT-based-.patch,
  U_Revert-linux-Make-platform-device-probe-less-fragile.patch
  * fix Xserver startup on Raspberry Pi 3 (boo#1176203) 

- n_xorg-wrapper-rename-Xorg.patch
  * moved Xorg to Xorg.bin and Xorg.sh to Xorg (boo#1175867)
- change default for needs_root_rights to auto in Xwrapper.config
  (boo#1175867)

- reenabled SUID wrapper for TW (boo#1175867)
- u_xorg-wrapper-Xserver-Options-Whitelist-Filter.patch
  * Xserver option whitelist filter (boo#1175867)

OBS-URL: https://build.opensuse.org/request/show/838746
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xorg-x11-server?expand=0&rev=387
This commit is contained in:
Dominique Leuenberger 2020-10-07 12:16:27 +00:00 committed by Git OBS Bridge
commit 454b22727a
9 changed files with 479 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
U_Fix-segfault-on-probing-a-non-PCI-platform-device-on.patch Normal file
View File

@ -0,0 +1,31 @@
From e50c85f4ebf559a3bac4817b41074c43d4691779 Mon Sep 17 00:00:00 2001
From: Eric Anholt <eric@anholt.net>
Date: Fri, 26 Oct 2018 17:47:30 -0700
Subject: [PATCH] Fix segfault on probing a non-PCI platform device on a system
with PCI.
Some Broadcom set-top-box boards have PCI busses, but the GPU is still
probed through DT. We would dereference a null busid here in that
case.
Signed-off-by: Eric Anholt <eric@anholt.net>
---
hw/xfree86/common/xf86platformBus.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/xfree86/common/xf86platformBus.c b/hw/xfree86/common/xf86platformBus.c
index cef47da03..dadbac6c8 100644
--- a/hw/xfree86/common/xf86platformBus.c
+++ b/hw/xfree86/common/xf86platformBus.c
@@ -289,7 +289,7 @@ xf86platformProbe(void)
for (i = 0; i < xf86_num_platform_devices; i++) {
char *busid = xf86_platform_odev_attributes(i)->busid;
- if (pci && (strncmp(busid, "pci:", 4) == 0)) {
+ if (pci && busid && (strncmp(busid, "pci:", 4) == 0)) {
platform_find_pci_info(&xf86_platform_devices[i], busid);
}
--
2.16.4

40
U_Revert-linux-Fix-platform-device-PCI-detection-for-c.patch Normal file
View File

@ -0,0 +1,40 @@
From 39cb95e959fab97a7e255dda1a1599b096fb0f7e Mon Sep 17 00:00:00 2001
From: Olivier Fourdan <ofourdan@redhat.com>
Date: Tue, 8 Sep 2020 10:03:11 +0200
Subject: [PATCH] Revert "linux: Fix platform device PCI detection for complex
bus topologies"
This reverts commit 5c96eb5f44e62a4cfe835023cde304eb5795b8fd.
https://gitlab.freedesktop.org/xorg/xserver/-/issues/1068
---
config/udev.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/config/udev.c b/config/udev.c
index 14409549b..8c6c4b666 100644
--- a/config/udev.c
+++ b/config/udev.c
@@ -470,7 +470,7 @@ config_udev_odev_setup_attribs(struct udev_device *udev_device, const char *path
config_odev_probe_proc_ptr probe_callback)
{
struct OdevAttributes *attribs = config_odev_allocate_attributes();
- const char *value, *str;
+ const char *value;
attribs->path = XNFstrdup(path);
attribs->syspath = XNFstrdup(syspath);
@@ -478,8 +478,8 @@ config_udev_odev_setup_attribs(struct udev_device *udev_device, const char *path
attribs->minor = minor;
value = udev_device_get_property_value(udev_device, "ID_PATH");
- if (value && (str = strstr(value, "pci-"))) {
- attribs->busid = XNFstrdup(str);
+ if (value && !strncmp(value, "pci-", 4)) {
+ attribs->busid = XNFstrdup(value);
attribs->busid[3] = ':';
}
--
2.16.4

60
U_Revert-linux-Fix-platform-device-probe-for-DT-based-.patch Normal file
View File

@ -0,0 +1,60 @@
From 4b6fce5975c2f931a0478cf4deeec97529b05eb6 Mon Sep 17 00:00:00 2001
From: Olivier Fourdan <ofourdan@redhat.com>
Date: Tue, 8 Sep 2020 10:01:55 +0200
Subject: [PATCH] Revert "linux: Fix platform device probe for DT-based PCI"
This reverts commit 249a12c54a9316b089bd22683c011519348496df.
https://gitlab.freedesktop.org/xorg/xserver/-/issues/1068
---
config/udev.c | 27 +--------------------------
1 file changed, 1 insertion(+), 26 deletions(-)
diff --git a/config/udev.c b/config/udev.c
index b00d90237..14409549b 100644
--- a/config/udev.c
+++ b/config/udev.c
@@ -464,31 +464,6 @@ config_udev_fini(void)
#ifdef CONFIG_UDEV_KMS
-/* Find the last occurrence of the needle in haystack */
-static char *strrstr(const char *haystack, const char *needle)
-{
- char *prev, *last, *tmp;
-
- prev = strstr(haystack, needle);
- if (!prev)
- return NULL;
-
- last = prev;
- tmp = prev + 1;
-
- while (tmp) {
- last = strstr(tmp, needle);
- if (!last)
- return prev;
- else {
- prev = last;
- tmp = prev + 1;
- }
- }
-
- return last;
-}
-
static void
config_udev_odev_setup_attribs(struct udev_device *udev_device, const char *path, const char *syspath,
int major, int minor,
@@ -503,7 +478,7 @@ config_udev_odev_setup_attribs(struct udev_device *udev_device, const char *path
attribs->minor = minor;
value = udev_device_get_property_value(udev_device, "ID_PATH");
- if (value && (str = strrstr(value, "pci-"))) {
+ if (value && (str = strstr(value, "pci-"))) {
attribs->busid = XNFstrdup(str);
attribs->busid[3] = ':';
}
--
2.16.4

132
U_Revert-linux-Make-platform-device-probe-less-fragile.patch Normal file
View File

@ -0,0 +1,132 @@
From af4c84ce8855e84c0ad89b929bc972e884f0b8e3 Mon Sep 17 00:00:00 2001
From: Olivier Fourdan <ofourdan@redhat.com>
Date: Tue, 8 Sep 2020 10:03:33 +0200
Subject: [PATCH] Revert "linux: Make platform device probe less fragile"
This reverts commit 74b7427c41b4e4104af7abf70a996c086d3d7628.
https://gitlab.freedesktop.org/xorg/xserver/-/issues/1068
---
config/udev.c | 17 +++++------------
hw/xfree86/os-support/linux/lnx_platform.c | 20 ++++++++++++++++++--
2 files changed, 23 insertions(+), 14 deletions(-)
diff --git a/config/udev.c b/config/udev.c
index 8c6c4b666..3a73189e2 100644
--- a/config/udev.c
+++ b/config/udev.c
@@ -56,7 +56,7 @@ static struct udev_monitor *udev_monitor;
#ifdef CONFIG_UDEV_KMS
static void
-config_udev_odev_setup_attribs(struct udev_device *udev_device, const char *path, const char *syspath,
+config_udev_odev_setup_attribs(const char *path, const char *syspath,
int major, int minor,
config_odev_probe_proc_ptr probe_callback);
#endif
@@ -128,7 +128,7 @@ device_added(struct udev_device *udev_device)
LogMessage(X_INFO, "config/udev: Adding drm device (%s)\n", path);
- config_udev_odev_setup_attribs(udev_device, path, syspath, major(devnum),
+ config_udev_odev_setup_attribs(path, syspath, major(devnum),
minor(devnum), NewGPUDeviceRequest);
return;
}
@@ -322,7 +322,7 @@ device_removed(struct udev_device *device)
LogMessage(X_INFO, "config/udev: removing GPU device %s %s\n",
syspath, path);
- config_udev_odev_setup_attribs(device, path, syspath, major(devnum),
+ config_udev_odev_setup_attribs(path, syspath, major(devnum),
minor(devnum), DeleteGPUDeviceRequest);
/* Retry vtenter after a drm node removal */
systemd_logind_vtenter();
@@ -465,24 +465,17 @@ config_udev_fini(void)
#ifdef CONFIG_UDEV_KMS
static void
-config_udev_odev_setup_attribs(struct udev_device *udev_device, const char *path, const char *syspath,
+config_udev_odev_setup_attribs(const char *path, const char *syspath,
int major, int minor,
config_odev_probe_proc_ptr probe_callback)
{
struct OdevAttributes *attribs = config_odev_allocate_attributes();
- const char *value;
attribs->path = XNFstrdup(path);
attribs->syspath = XNFstrdup(syspath);
attribs->major = major;
attribs->minor = minor;
- value = udev_device_get_property_value(udev_device, "ID_PATH");
- if (value && !strncmp(value, "pci-", 4)) {
- attribs->busid = XNFstrdup(value);
- attribs->busid[3] = ':';
- }
-
/* ownership of attribs is passed to probe layer */
probe_callback(attribs);
}
@@ -523,7 +516,7 @@ config_udev_odev_probe(config_odev_probe_proc_ptr probe_callback)
else if (!check_seat(udev_device))
goto no_probe;
- config_udev_odev_setup_attribs(udev_device, path, syspath, major(devnum),
+ config_udev_odev_setup_attribs(path, syspath, major(devnum),
minor(devnum), probe_callback);
no_probe:
udev_device_unref(udev_device);
diff --git a/hw/xfree86/os-support/linux/lnx_platform.c b/hw/xfree86/os-support/linux/lnx_platform.c
index e62306219..70374ace8 100644
--- a/hw/xfree86/os-support/linux/lnx_platform.c
+++ b/hw/xfree86/os-support/linux/lnx_platform.c
@@ -23,13 +23,13 @@
static Bool
get_drm_info(struct OdevAttributes *attribs, char *path, int delayed_index)
{
+ drmSetVersion sv;
drmVersionPtr v;
+ char *buf;
int fd;
int err = 0;
Bool paused, server_fd = FALSE;
- LogMessage(X_INFO, "Platform probe for %s\n", attribs->syspath);
-
fd = systemd_logind_take_fd(attribs->major, attribs->minor, path, &paused);
if (fd != -1) {
if (paused) {
@@ -48,6 +48,18 @@ get_drm_info(struct OdevAttributes *attribs, char *path, int delayed_index)
if (fd == -1)
return FALSE;
+ sv.drm_di_major = 1;
+ sv.drm_di_minor = 4;
+ sv.drm_dd_major = -1; /* Don't care */
+ sv.drm_dd_minor = -1; /* Don't care */
+
+ err = drmSetInterfaceVersion(fd, &sv);
+ if (err) {
+ xf86Msg(X_ERROR, "%s: failed to set DRM interface version 1.4: %s\n",
+ path, strerror(-err));
+ goto out;
+ }
+
/* for a delayed probe we've already added the device */
if (delayed_index == -1) {
xf86_add_platform_device(attribs, FALSE);
@@ -57,6 +69,10 @@ get_drm_info(struct OdevAttributes *attribs, char *path, int delayed_index)
if (server_fd)
xf86_platform_devices[delayed_index].flags |= XF86_PDEV_SERVER_FD;
+ buf = drmGetBusid(fd);
+ xf86_platform_odev_attributes(delayed_index)->busid = XNFstrdup(buf);
+ drmFreeBusid(buf);
+
v = drmGetVersion(fd);
if (!v) {
xf86Msg(X_ERROR, "%s: failed to query DRM version\n", path);
--
2.16.4

11
n_xorg-wrapper-anybody.patch Normal file
View File

@ -0,0 +1,11 @@
--- xserver-1.20.9/hw/xfree86/xorg-wrapper.c.old 2020-09-30 12:25:12.757532000 +0200
+++ xserver-1.20.9/hw/xfree86/xorg-wrapper.c 2020-09-30 12:27:12.809554000 +0200
@@ -254,7 +254,7 @@ int main(int argc, char *argv[])
int i, r, fd;
int kms_cards = 0;
int total_cards = 0;
- int allowed = CONSOLE_ONLY;
+ int allowed = ANYBODY;
int needs_root_rights = -1;
char *const empty_envp[1] = { NULL, };

20
n_xorg-wrapper-rename-Xorg.patch Normal file
View File

@ -0,0 +1,20 @@
--- xserver-1.20.9/hw/xfree86/xorg-wrapper.c.old 2020-09-24 03:16:27.270885000 +0200
+++ xserver-1.20.9/hw/xfree86/xorg-wrapper.c 2020-09-24 03:18:42.047597000 +0200
@@ -375,7 +375,7 @@ int main(int argc, char *argv[])
}
}
- snprintf(buf, sizeof(buf), "%s/Xorg", SUID_WRAPPER_DIR);
+ snprintf(buf, sizeof(buf), "%s/Xorg.bin", SUID_WRAPPER_DIR);
/* Check if the server is executable by our real uid */
if (access(buf, X_OK) != 0) {
--- xserver-1.20.9/hw/xfree86/Xorg.sh.in.orig 2020-09-24 03:36:20.690412000 +0200
+++ xserver-1.20.9/hw/xfree86/Xorg.sh.in 2020-09-24 03:36:37.594497000 +0200
@@ -7,5 +7,5 @@
if [ -x "$basedir"/Xorg.wrap ]; then
exec "$basedir"/Xorg.wrap "$@"
else
- exec "$basedir"/Xorg "$@"
+ exec "$basedir"/Xorg.bin "$@"
fi

96
u_xorg-wrapper-Xserver-Options-Whitelist-Filter.patch Normal file
View File

@ -0,0 +1,96 @@
--- xserver-1.20.9/hw/xfree86/xorg-wrapper.c
+++ xserver-1.20.9/hw/xfree86/xorg-wrapper.c 2020-09-29 12:52:59.256970275 +0200
@@ -191,6 +191,60 @@
return 0;
}
+static int check_vt_range(long int vt)
+{
+ if (vt >= 2 && vt <= 7 ) {
+ return 1;
+ }
+
+ return 0;
+}
+
+/* Xserver option whitelist filter (boo#1175867) */
+static int option_filter(int argc, char* argv[]){
+
+ for(int pos=1; pos<argc; pos++) {
+ const char *arg = argv[pos];
+
+ if (strlen(arg) == 3 && !strncmp(arg,"vt", 2) && check_vt_range(strtol(arg+2, NULL, 10)) == 1) {
+ /* vtX (vt2-vt7) */
+ continue;
+ } else if(!strcmp(arg,"-displayfd") ||
+ !strcmp(arg,"-auth") ||
+ !strcmp(arg,"-background") ||
+ !strcmp(arg,"-verbose") ||
+ !strcmp(arg,"-listen")) {
+ /* -displayfd x
+ -auth xxxx
+ -backgound none
+ -verbose 7 (7 or 3)
+ -listen tcp
+ */
+ if ((pos+1) < argc) {
+ pos++;
+ } else {
+ fprintf(stderr, "%s: Missing argument for Xserver option \"%s\". Aborting.\n",
+ progname, arg);
+ return 0;
+ }
+ } else if (!strcmp(arg,"-noreset") ||
+ !strcmp(arg,"-keeptty") ||
+ !strcmp(arg,"-core")) {
+ /* -noreset
+ -keeptty
+ -core
+ */
+ continue;
+ } else {
+ fprintf(stderr, "%s: Xserver option \"%s\" invalid or not in whitelist. Aborting.\n",
+ progname, arg);
+ return 0;
+ }
+ }
+
+ return 1;
+}
+
int main(int argc, char *argv[])
{
#ifdef WITH_LIBDRM
@@ -250,11 +304,14 @@
close(fd);
}
+ /* If we've found cards, and all cards support kms, drop root rights */
+ if (total_cards && kms_cards == total_cards) {
+ needs_root_rights = 0;
+ }
}
#endif
- /* If we've found cards, and all cards support kms, drop root rights */
- if (needs_root_rights == 0 || (total_cards && kms_cards == total_cards)) {
+ if (needs_root_rights == 0) {
gid_t realgid = getgid();
uid_t realuid = getuid();
int ngroups = 0;
@@ -326,6 +383,15 @@
}
argv[0] = buf;
+
+ if (needs_root_rights == 1 && getuid() != 0)
+ {
+ /* Xserver option whitelist filter (boo#1175867) */
+ if (option_filter(argc, argv) == 0) {
+ exit(1);
+ }
+ }
+
if (getuid() == geteuid())
(void) execv(argv[0], argv);
else

56
xorg-x11-server.changes
View File

@ -1,3 +1,59 @@
-------------------------------------------------------------------
Wed Sep 30 10:30:06 UTC 2020 - Stefan Dirsch <sndirsch@suse.com>
- n_xorg-wrapper-anybody.patch
* replace default config /etc/X11/Xwrapper, which allows
anybody to use the wrapper, by a patch for the code, i.e.
# rootonly, console, anybody
allowed_users=anybody
# yes, no, auto
needs_root_rights=auto
is now the default without any Xwrapper config
(needs_root_rights=auto was already the default before)
-------------------------------------------------------------------
Tue Sep 29 14:47:48 UTC 2020 - Stefan Dirsch <sndirsch@suse.com>
- u_xorg-wrapper-Xserver-Options-Whitelist-Filter.patch
* replaced by improved version written by Matthias Gerstner of
our security team
+ simplified the option parsing code a bit
+ changed the "ignore forbidden argument" logic into an "abort
on forbidden argument" logic. This is safer and avoids
surprises on the user's end that could occur if the desired
command line arguments aren't effective but the Xorg server is
still started.
+ tried to adjust to the coding style present in the file
(mostly the function name)
+ added some logic to apply the option filtering only to
non-root users when Xorg is actually started as root. This
should allow for full flexibility if root calls the wrapper or
if the Xorg server only runs with user privileges.
-------------------------------------------------------------------
Mon Sep 28 10:29:23 UTC 2020 - Stefan Dirsch <sndirsch@suse.com>
- U_Fix-segfault-on-probing-a-non-PCI-platform-device-on.patch,
U_Revert-linux-Fix-platform-device-PCI-detection-for-c.patch,
U_Revert-linux-Fix-platform-device-probe-for-DT-based-.patch,
U_Revert-linux-Make-platform-device-probe-less-fragile.patch
* fix Xserver startup on Raspberry Pi 3 (boo#1176203)
-------------------------------------------------------------------
Thu Sep 24 01:40:17 UTC 2020 - Stefan Dirsch <sndirsch@suse.com>
- n_xorg-wrapper-rename-Xorg.patch
* moved Xorg to Xorg.bin and Xorg.sh to Xorg (boo#1175867)
- change default for needs_root_rights to auto in Xwrapper.config
(boo#1175867)
-------------------------------------------------------------------
Wed Sep 16 10:54:32 UTC 2020 - Stefan Dirsch <sndirsch@suse.com>
- reenabled SUID wrapper for TW (boo#1175867)
- u_xorg-wrapper-Xserver-Options-Whitelist-Filter.patch
* Xserver option whitelist filter (boo#1175867)
-------------------------------------------------------------------
Wed Sep 9 18:50:37 UTC 2020 - Michael Gorse <mgorse@suse.com>

48
xorg-x11-server.spec
View File

@ -26,19 +26,18 @@
%define have_wayland 1
%endif
%define build_suid_wrapper 0
%if 0%{!?build_suid_wrapper:1}
%ifarch s390 s390x
%define build_suid_wrapper 0
%else
%if 0%{?suse_version} >= 1330
%define build_suid_wrapper 1
%define suid_wrapper_dir %{_libexecdir}
%else
%define build_suid_wrapper 0
%endif
%endif
%if 0%{?build_suid_wrapper:1}
%ifarch s390 s390x
%define build_suid_wrapper 0
%else
%if 0%{?suse_version} >= 1550
%define suid_wrapper_dir %{_bindir}
%else
%define build_suid_wrapper 0
%endif
%endif
%endif
Name: xorg-x11-server
@ -213,6 +212,9 @@ Patch6: N_fix-dpi-values.diff
Patch7: N_Install-Avoid-failure-on-wrapper-installation.patch
Patch8: u_xorg-wrapper-Drop-supplemental-group-IDs.patch
Patch9: u_xorg-wrapper-build-Build-position-independent-code.patch
Patch10: u_xorg-wrapper-Xserver-Options-Whitelist-Filter.patch
Patch11: n_xorg-wrapper-rename-Xorg.patch
Patch12: n_xorg-wrapper-anybody.patch
Patch100: u_01-Improved-ConfineToShape.patch
Patch101: u_02-DIX-ConfineTo-Don-t-bother-about-the-bounding-box-when-grabbing-a-shaped-window.patch
# PATCH-FIX-UPSTREAM u_x86emu-include-order.patch schwab@suse.de -- Change include order to avoid conflict with system header, remove duplicate definitions
@ -251,6 +253,11 @@ Patch1505: U_xwayland-Allow-passing-a-fd.patch
Patch1600: U_glamor_egl-Reject-OpenGL-2.1-early-on.patch
Patch1700: U_xfree86_take_second_ref_for_xcursor.patch
Patch1801: U_Fix-segfault-on-probing-a-non-PCI-platform-device-on.patch
Patch1802: U_Revert-linux-Fix-platform-device-probe-for-DT-based-.patch
Patch1803: U_Revert-linux-Fix-platform-device-PCI-detection-for-c.patch
Patch1804: U_Revert-linux-Make-platform-device-probe-less-fragile.patch
%description
This package contains the X.Org Server.
@ -300,8 +307,6 @@ Summary: Xserver SUID Wrapper
Group: System/X11/Servers/XF86_4
PreReq: permissions
Requires: xorg-x11-server == %{version}
Provides: xorg-x11-server-wayland = 7.6_%{version}
Obsoletes: xorg-x11-server-wayland < 7.6_%{version}
%description wrapper
This package contains an SUID wrapper for the Xserver.
@ -372,6 +377,9 @@ sh %{SOURCE92} --verify . %{SOURCE91}
%patch7 -p1
%patch8 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
#
%patch100 -p1
#%patch101 -p1
@ -400,6 +408,10 @@ sh %{SOURCE92} --verify . %{SOURCE91}
%patch1505 -p1
%patch1600 -p1
%patch1700 -p1
%patch1801 -p1
%patch1802 -p1
%patch1803 -p1
%patch1804 -p1
%build
%define _lto_cflags %{nil}
@ -484,6 +496,12 @@ chmod u-s %{buildroot}%{_bindir}/Xorg
%__mkdir_p %{buildroot}%{pci_ids_dir}
install -m 644 %{S:6} %{buildroot}%{pci_ids_dir}
%endif
%if 0%{?build_suid_wrapper} == 1
mv %{buildroot}%{_bindir}/Xorg \
%{buildroot}%{_bindir}/Xorg.bin
mv %{buildroot}%{_bindir}/Xorg.sh \
%{buildroot}%{_bindir}/Xorg
%endif
ln -snf Xorg %{buildroot}%{_bindir}/X
%if 0%{?suse_version} > 1120
%{__install} -m 644 %{S:5} %{buildroot}%{_datadir}/X11/xorg.conf.d
@ -607,7 +625,7 @@ fi
%ifnarch s390 s390x
%{_bindir}/Xorg
%if 0%{?build_suid_wrapper} == 1
%{suid_wrapper_dir}/Xorg
%{_bindir}/Xorg.bin
%endif
%{_bindir}/X