From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 77810138334 for ; Thu, 21 Mar 2019 19:40:00 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 98780E09BB; Thu, 21 Mar 2019 19:39:59 +0000 (UTC) Received: from smtp.gentoo.org (woodpecker.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 4A7C9E09BB for ; Thu, 21 Mar 2019 19:39:59 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id BB2A1335CEF for ; Thu, 21 Mar 2019 19:39:57 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 15B5156A for ; Thu, 21 Mar 2019 19:39:56 +0000 (UTC) From: "Piotr Karbowski" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Piotr Karbowski" Message-ID: <1553197149.bdd4b3309fef4c58066f9a5f88b4db448be19dfe.slashbeast@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: x11-base/xorg-server/ X-VCS-Repository: repo/gentoo X-VCS-Files: x11-base/xorg-server/metadata.xml x11-base/xorg-server/xorg-server-1.20.4.ebuild x11-base/xorg-server/xorg-server-9999.ebuild X-VCS-Directories: x11-base/xorg-server/ X-VCS-Committer: slashbeast X-VCS-Committer-Name: Piotr Karbowski X-VCS-Revision: bdd4b3309fef4c58066f9a5f88b4db448be19dfe X-VCS-Branch: master Date: Thu, 21 Mar 2019 19:39:56 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: 3a799128-0eb0-4897-bbb4-ca3eeba8973e X-Archives-Hash: 79843fb6dd9002bcc5d6fa650b7a7d3d commit: bdd4b3309fef4c58066f9a5f88b4db448be19dfe Author: Piotr Karbowski gentoo org> AuthorDate: Thu Mar 21 19:39:09 2019 +0000 Commit: Piotr Karbowski gentoo org> CommitDate: Thu Mar 21 19:39:09 2019 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bdd4b330 x11-base/xorg-server: elogind integration, -suid by default. This enables users that does not run systemd to have suid-less Xorg. A privileged entity is required for SETMASTER and DROPMASTER calls to get control over framebuffer. Additionally elogind with udev grant user access to input device nodes and elogind alone interfaces the SETMASTER/DROPMASTER calls. Xorg-server will do keeptty automatically, meaning one does not need to pass any extra parameters to `startx` to get things working, It does take adventage of $XDG_SEAT and $XDG_VTNR set by pam_elogind upon login. Although it's possible to run rootless without udev (with any /dev manager, like mdev of busybox), the configure flag that USE=elogind enables (--enable-systemd-logind) checks if udev toggle is also enabled. This leads to a situation where udev needs to be present on user system while building, however, udev does not needs to be running, as long as user is in video and input system groups, elogind is running and user logged in when pam_elogind.so was enabled Xorg will start as regular user. Closes: https://bugs.gentoo.org/670930 Ack-by: Matt Turner gentoo.org> Package-Manager: Portage-2.3.62, Repoman-2.3.12 Signed-off-by: Piotr Karbowski gentoo.org> x11-base/xorg-server/metadata.xml | 1 + x11-base/xorg-server/xorg-server-1.20.4.ebuild | 14 +++++++++++--- x11-base/xorg-server/xorg-server-9999.ebuild | 14 +++++++++++--- 3 files changed, 23 insertions(+), 6 deletions(-) diff --git a/x11-base/xorg-server/metadata.xml b/x11-base/xorg-server/metadata.xml index 74e52195b25..5c14eec54c8 100644 --- a/x11-base/xorg-server/metadata.xml +++ b/x11-base/xorg-server/metadata.xml @@ -7,6 +7,7 @@ Build the Distributed Multiheaded X server + Use elogind to get control over framebuffer when running as regular user Enable Glamor OpenGL 2D acceleration Build the kdrive X servers Enable libunwind usage for backtraces diff --git a/x11-base/xorg-server/xorg-server-1.20.4.ebuild b/x11-base/xorg-server/xorg-server-1.20.4.ebuild index 6a9a3eb1cea..e5f0a8e00ee 100644 --- a/x11-base/xorg-server/xorg-server-1.20.4.ebuild +++ b/x11-base/xorg-server/xorg-server-1.20.4.ebuild @@ -15,7 +15,7 @@ if [[ ${PV} != 9999* ]]; then fi IUSE_SERVERS="dmx kdrive wayland xephyr xnest xorg xvfb" -IUSE="${IUSE_SERVERS} debug +glamor ipv6 libressl minimal selinux +suid systemd +udev unwind xcsecurity" +IUSE="${IUSE_SERVERS} debug elogind +glamor ipv6 libressl minimal selinux suid systemd +udev unwind xcsecurity" CDEPEND=">=app-eselect/eselect-opengl-1.3.0 !libressl? ( dev-libs/openssl:0= ) @@ -81,7 +81,13 @@ CDEPEND=">=app-eselect/eselect-opengl-1.3.0 systemd? ( sys-apps/dbus sys-apps/systemd - )" + ) + elogind? ( + sys-apps/dbus + sys-auth/elogind + sys-auth/pambase[elogind] + ) + " DEPEND="${CDEPEND} sys-devel/flex @@ -107,6 +113,8 @@ PDEPEND=" REQUIRED_USE="!minimal? ( || ( ${IUSE_SERVERS} ) ) + elogind? ( udev ) + !suid? ( ^^ ( elogind systemd ) ) minimal? ( !glamor !wayland ) xephyr? ( kdrive )" @@ -156,8 +164,8 @@ pkg_setup() { $(use_enable udev config-udev) $(use_with doc doxygen) $(use_with doc xmlto) + $(usex !elogind $(use_enable systemd systemd-logind) '--enable-systemd-logind') $(use_with systemd systemd-daemon) - $(use_enable systemd systemd-logind) $(usex suid $(use_enable systemd suid-wrapper) '--disable-suid-wrapper') $(usex suid $(use_enable !systemd install-setuid) '--disable-install-setuid') --enable-libdrm diff --git a/x11-base/xorg-server/xorg-server-9999.ebuild b/x11-base/xorg-server/xorg-server-9999.ebuild index 187e506211e..37a69179370 100644 --- a/x11-base/xorg-server/xorg-server-9999.ebuild +++ b/x11-base/xorg-server/xorg-server-9999.ebuild @@ -14,7 +14,7 @@ if [[ ${PV} != 9999* ]]; then fi IUSE_SERVERS="dmx kdrive wayland xephyr xnest xorg xvfb" -IUSE="${IUSE_SERVERS} debug +glamor ipv6 libressl minimal selinux +suid systemd +udev unwind xcsecurity" +IUSE="${IUSE_SERVERS} debug elogind +glamor ipv6 libressl minimal selinux suid systemd +udev unwind xcsecurity" CDEPEND=">=app-eselect/eselect-opengl-1.3.0 !libressl? ( dev-libs/openssl:0= ) @@ -80,7 +80,13 @@ CDEPEND=">=app-eselect/eselect-opengl-1.3.0 systemd? ( sys-apps/dbus sys-apps/systemd - )" + ) + elogind? ( + sys-apps/dbus + sys-auth/elogind + sys-auth/pambase[elogind] + ) + " DEPEND="${CDEPEND} sys-devel/flex @@ -106,6 +112,8 @@ PDEPEND=" REQUIRED_USE="!minimal? ( || ( ${IUSE_SERVERS} ) ) + elogind? ( udev ) + !suid? ( ^^ ( elogind systemd ) ) minimal? ( !glamor !wayland ) xephyr? ( kdrive )" @@ -152,8 +160,8 @@ pkg_setup() { $(use_enable udev config-udev) $(use_with doc doxygen) $(use_with doc xmlto) + $(usex !elogind $(use_enable systemd systemd-logind) '--enable-systemd-logind') $(use_with systemd systemd-daemon) - $(use_enable systemd systemd-logind) $(usex suid $(use_enable systemd suid-wrapper) '--disable-suid-wrapper') $(usex suid $(use_enable !systemd install-setuid) '--disable-install-setuid') --enable-libdrm