[arch-general] Non-root X on Arch Linux
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Salutations, Since Fedora 21 is working on dropping X root rights via systemd-logind. Does Arch intend to follow? From, Mark -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlNA23AACgkQZ/Z80n6+J/bnlQD+KXmYtkAySaraC+omwJb1x95q QUud8Ojbkv/zCg/06FsA/iNsJTBoU2A4KspFZv2LnUuinKxcC5VOy64xpgRJVkV4 =GXC+ -----END PGP SIGNATURE-----
On 04/06/14 at 12:43am, Mark Lee wrote:
Since Fedora 21 is working on dropping X root rights via systemd-logind. Does Arch intend to follow?
I imagine this will be the case eventually. But as far as I can tell, at the moment these features are not yet included in the stable packages of everything that is required. Though like all things with Arch, I also would have to guess that this would be an option for configuration and not something that would become a "default" in the same way as Fedora. -- Curtis Shimamoto
On 06/04/14 12:43 AM, Mark Lee wrote:
Salutations,
Since Fedora 21 is working on dropping X root rights via systemd-logind. Does Arch intend to follow?
From, Mark
Thanks to the work on logind, our Weston package already works as non-root if you launch it as `weston` instead of `weston-launch`. When xorg-server 1.16 is released, this will also work for X. I've been planning on splitting out `weston-launch` from the regular Weston package or simply removing it (unsure if there are any usable video drivers requiring it) and I assume the setuid binary for X will have a similar fate.
I'd expect the usual pioneering of Arch for giving the option. I guess it's up to the maintainers, but I don't see what could delay it in comparison to Fedora. Is any special building flag needed that could get in the way? 2014-04-06 21:44 GMT-03:00 Daniel Micay <danielmicay@gmail.com>:
On 06/04/14 12:43 AM, Mark Lee wrote:
Salutations,
Since Fedora 21 is working on dropping X root rights via systemd-logind. Does Arch intend to follow?
From, Mark
Thanks to the work on logind, our Weston package already works as non-root if you launch it as `weston` instead of `weston-launch`.
When xorg-server 1.16 is released, this will also work for X. I've been planning on splitting out `weston-launch` from the regular Weston package or simply removing it (unsure if there are any usable video drivers requiring it) and I assume the setuid binary for X will have a similar fate.
On 06/04/14 08:53 PM, Mario Rugiero wrote:
I'd expect the usual pioneering of Arch for giving the option. I guess it's up to the maintainers, but I don't see what could delay it in comparison to Fedora. Is any special building flag needed that could get in the way?
In order for a non-setuid binary to be a useful improvements, the maintainers need to actually get rid of the setuid binary by splitting it out and making it a dependency of packages like nvidia. A Red Hat developer proposed a patch adding a wrapper script for X so it can make use of a setuid binary if and only if the driver requires it - making it a fully transparent feature handled by the package manager via dependencies.
participants (4)
-
Curtis Shimamoto
-
Daniel Micay
-
Mario Rugiero
-
Mark Lee