GNU bug report logs -
#56971
greeter user permissions are not enough to talk with seatd
Previous Next
Reported by: muradm <mail <at> muradm.net>
Date: Thu, 4 Aug 2022 10:04:01 UTC
Severity: normal
Done: Liliana Marie Prikler <liliana.prikler <at> gmail.com>
Bug is archived. No further changes may be made.
Full log
Message #10 received at control <at> debbugs.gnu.org (full text, mbox):
block 56971 by 56690 56699
thanks
Hi muradm,
Am Donnerstag, dem 04.08.2022 um 12:45 +0300 schrieb muradm:
> [...] greeter (e.g. gtkgreet) requiring communication
> with seatd is failing to start, causing "black screen"
> behavior on active terminal (switching to the other non seatd
> related terminal is possible, for manual permissions
> adjustment as workaround).
>
> To address this issue, we need more flexible control over
> seatd user/group, which creates seatd.sock, and greeter user
> which connects to seatd.sock.
Okay.
> However, not all greeters require that, so I decided to make
> more flexible.
Flexibility for its own sake is not always the right solution. On the
other hand, looking at the two patches, it appears they are to be used
in combination?
> Propsed solutions consists of:
>
> * 56690 - gnu: seatd-service-type: Should use seat group.
> With this change, if seatd-service-type is present in the
> system configuration, "seat" group will be added, and seatd
> will run as root/seat. Group is configurable, but default is
> "seat".
Why just the group and no user? Is it not possible to launch seatd as
non-root?
> * 56699 - gnu: greetd-service-type: Add greeter-extra-groups
> config field.
> With this change, if user wants to use seatd-service-type with
> greeter requiring seatd.sock, he can add "seat" group to
> greeter-extra-groups field.
Note that you still have a TODO on that patch.
Cheers
This bug report was last modified 2 years and 325 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.