[SOLVED] Getting Rootless Xorg Working in Slackware-current
SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
So a chmod and thats it? I am curious to try this, but I am running 14.2 (I did update the xorg security from the email list though) - If also thats all it takes, I hope maybe Pat has already or will plan on changing this soon on --Current? Unless there are still technical reasons to default as is and leave it up to the user...
-edit
On second thought, I think I won't try this on my machine, but I will on a VM (--Current) , I'll probably end up breaking X in 14.2.
AFAIK the only display manager that supports starting rootless Xorg is GDM.
I found this commit to add rootless Xorg support to sddm in their "develop" branch, but it doesn't seem to be in the sddm-0.19.0 version that was the last release. https://github.com/sddm/sddm/pull/13...d4f72edb86c655
Still running as non root, so far so good. Now I changed to inittab 4 (Also , both sddm and my user "slacker" is added to the video group...Err, but I got this now:
-edit
Quote:
Originally Posted by 0XBF
AFAIK the only display manager that supports starting rootless Xorg is GDM.
I found this commit to add rootless Xorg support to sddm in their "develop" branch, but it doesn't seem to be in the sddm-0.19.0 version that was the last release. https://github.com/sddm/sddm/pull/13...d4f72edb86c655
Well shit, I found that out the hard way
-edit2
I clicked ok, then got a login though:
-edit3
Checked and it shows I am running X (I didn't get a change to even choose XSession or Full Wayland)
Code:
slacker@vslack:~$ ps -af | grep X
slacker 1716 1713 0 22:12 pts/1 00:00:00 grep X
slacker@vslack:~$
So a chmod and thats it? I am curious to try this, but I am running 14.2 (I did update the xorg security from the email list though) - If also thats all it takes, I hope maybe Pat has already or will plan on changing this soon on --Current? Unless there are still technical reasons to default as is and leave it up to the user...
Will work ONLY on the latest updated -current.
Will NOT work on Slackware 14.2 because its Xorg server is built without logind support and, guess what? There is no such thing like a logind server.
Will NOT work on Slackware 14.2 because its Xorg server is built without logind support and, guess what? There is no such thing like a logind server.
I figured, but as also pointed out by others, in inittab 4 , sddm complains - and it doesn't seem to work. I have added my user in groups to the video group and sddm is also in the video group, but still nothing. I hope there is a solution - and again if possible - I hope this is by default in the NEXT release at least (15.1).
Well, I updated my xorg-server to the main repo ones, and after applying the chmod, rootless xorg still works! I feel like this should be added somewhere in the Slackware Wiki because unless someone read that changelog or was following this thread, they'll never figure that out, and it should also mention that SDDM doesn't support rootless and that, as of right now, you need to run your Xorg using startx to get it rootless.
I was looking at the changelog and noticed efforts to patch xorg and whatnot to achieve rootless with elogind. I am able to do that without any seat managers (elogind) or suid by applying the following steps:
- add your user to the following groups: video,input
- in /etc/X11/Xwrapper.config write: needs_root_rights = no
- enable DRM for your video driver
- chown youruser:tty /dev/tty1
- startx -- tty1
Not tested with desktop environments, only window managers.
I am on void linux awaiting slack 15 to try it out. Tell me if that works for you on current slack. If it does maybe Pat should be made aware that he does not need to do the extra work (nor use elogind).
Last edited by corvian; 12-17-2021 at 06:29 PM.
Reason: cleanup
I was looking at the changelog and noticed efforts to patch xorg and whatnot to achieve rootless with elogind. I am able to do that without any seat managers (elogind) or suid by applying the following steps:
- add your user in the following groups: video,input
- in /etc/X11/Xwrapper.config write: needs_root_rights = no
- enable DRM for your video driver
- chown youruser:youruser /dev/tty1
- startx -- tty1
Not tested with desktop environments, only window managers.
I am on void linux awaiting slack 15 to try it out. Tell me if that works for you on current slack. If it does maybe Pat should be made aware that he does not need to do the extra work (nor use elogind).
Wouldn't /dev/tty1 get overridden upon restart to not be owned by the user anymore? Also, adding yourself to video and input groups, as others have said is a bit of a security nightmare.
It does not get overwritten on my system, although I have seen that happen. I don't remember why, but it stopped in the end. I think I was using systemd distro at the time.
I can't comment on the security part, maybe someone else can.
It does not get overwritten on my system, although I have seen that happen. I don't remember why, but it stopped in the end. I think I was using systemd distro at the time.
I can't comment on the security part, maybe someone else can.
From my limited knowledge, the main issue with the video and input group is that it gives you full access to video and input system-wide. Which is pretty bad from what I know. While logind tries to make you access what you need and nothing more.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.