1. Forum
  2. Usenet
  3. LINUX.GENTOO.USER

  • [gentoo-user] Rootless X without elogind

    From =?UTF-8?Q?Bj=c3=b6rn_Fischer?=@21:1/5 to All on Wed Feb 16 20:10:01 2022
    Hi folks,

    on my laptops and other private computers I normally just login on the
    virtual console and "startx" or "xinit" -- no fancy stuff like display managers.

    Recently I switched to rootless X (finally, after gentoo dropped "suid"
    by default on Xorg long ago). But I did not want to bloat my system with elogind (not to mention systemd), so I came up with a much less complex solution:

    I created a small PAM module "pam_tty.so", which simply chowns the corresponding /dev/ttyN on a successful login on a virtual console. All
    other privileges can be granted by Unix groups. So yes, rootless X
    without elogind is possible.

    pam_tty.so is available on github:

    https://github.com/bjorn-fischer/pam_tty

    Any thoughts on this?


    Cheers,
    Björn

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Matt Connell (Gmail)@21:1/5 to All on Wed Feb 16 21:20:01 2022
    On Wed, 2022-02-16 at 20:05 +0100, Björn Fischer wrote:
    But I did not want to bloat my system with
    elogind (not to mention systemd)

    For the sake of the argument, elogind is a standalone package. systemd provides 'logind'. I run all my systems without systemd with lightdm
    as a display manager happily.

    I created a small PAM module "pam_tty.so", which simply chowns the corresponding /dev/ttyN on a successful login on a virtual console.
    All other privileges can be granted by Unix groups.

    A novel solution. Without reviewing the code, I like the idea.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Anna =?utf-8?B?4oCcQ3liZXJUYWlsb3Li@21:1/5 to All on Thu Feb 17 00:10:01 2022
    OpenBSD maintains its own Xorg patchset called Xenocara. It runs as _x11
    user without logind or suid.

    http://xenocara.org/


    Hyperbola GNU/Linux-libre is the only distro that uses it.

    https://www.hyperbola.info/news/end-of-xorg-support/

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)