[arch-general] ACL on /dev nodes (systemd, lightdm)
Hi all, I know systemd and lightdm are not exactly kosher on ArchLinux, but any help would be welcome. So, I just noticed that OpenGL is using llvmpipe on my laptop, and then I found out that the /dev/dri/card0 node doesn't have the proper ACL set to allow access to my user. Also my user is not in the video group - since I've learned that's not necesseary in "modern" Linux configurations. Considering that I'm running systemd and using lightdm as a login manager - my question is, what subsystem is responsible for settings the ACL: - ConsoleKit - PolicyKit - systemd - lightdm ? Is the proper setup to have pam_loginuid.so, pam_ck_connector.so and pam_systemd.so in the PAM configuration for lightdm? the output of ck-list-session is: Session2: unix-user = '1000' realname = '' seat = 'Seat1' session-type = '' active = TRUE x11-display = ':0' x11-display-device = '/dev/tty7' display-device = '' remote-host-name = '' is-local = TRUE on-since = '2011-12-02T18:23:04.193636Z' login-session-id = '' -- дамјан
On Fri, Dec 2, 2011 at 7:38 PM, Damjan <gdamjan@gmail.com> wrote:
Hi all, I know systemd and lightdm are not exactly kosher on ArchLinux, but any help would be welcome.
So, I just noticed that OpenGL is using llvmpipe on my laptop, and then I found out that the /dev/dri/card0 node doesn't have the proper ACL set to allow access to my user. Also my user is not in the video group - since I've learned that's not necesseary in "modern" Linux configurations.
Considering that I'm running systemd and using lightdm as a login manager - my question is, what subsystem is responsible for settings the ACL: - ConsoleKit - PolicyKit - systemd - lightdm ?
Is the proper setup to have pam_loginuid.so, pam_ck_connector.so and pam_systemd.so in the PAM configuration for lightdm?
the output of ck-list-session is: Session2: unix-user = '1000' realname = '' seat = 'Seat1' session-type = '' active = TRUE x11-display = ':0' x11-display-device = '/dev/tty7' display-device = '' remote-host-name = '' is-local = TRUE on-since = '2011-12-02T18:23:04.193636Z' login-session-id = ''
-- дамјан
With systemd running, it's responsible for setting the ACLs on the devices. Try "systemd-loginctl list-sessions" and "systemd-loginctl show-session X" (with X=session number). Your X11 session should be active.
With systemd running, it's responsible for setting the ACLs on the devices. Try "systemd-loginctl list-sessions" and "systemd-loginctl show-session X" (with X=session number). Your X11 session should be active.
Thanks for the hint. it didn't return any session, so in `/etc/pam.d/lightdm` I added:: session required pam_systemd.so and now all is good. Results posted below for completeness:: $ systemd-loginctl SESSION UID USER SEAT c2 1000 damjan seat0 $ systemd-loginctl show-session c2 Id=c2 Name=damjan Timestamp=Fri, 02 Dec 2011 21:36:34 +0100 TimestampMonotonic=8036244211 ControlGroupPath=/user/damjan/c2 VTNr=7 Display=:0 Remote=no Service=lightdm Leader=447 Audit=0 Type=x11 Active=yes KillProcesses=no IdleHint=no IdleSinceHint=0 IdleSinceHintMonotonic=0 $ getfacl /dev/dri/card0 getfacl: Removing leading '/' from absolute path names # file: dev/dri/card0 # owner: root # group: video user::rw- user:damjan:rw- group::rw- mask::rw- other::--- -- дамјан
participants (2)
-
Damjan
-
Jan Steffens