[PATCH v2 10/14] systemd-logind: Add systemd-logind "core"
Hans de Goede
hdegoede at redhat.com
Mon Feb 10 22:54:00 CET 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
On 02/10/2014 10:49 PM, David Herrmann wrote:
> Hi
>
> On Mon, Feb 10, 2014 at 10:48 PM, Hans de Goede <hdegoede at redhat.com> wrote:
>> Hi,
>>
>> On 02/10/2014 09:58 PM, Jasper St. Pierre wrote:
>>> Something I noticed here is that you use GetSessionByPID(). This works right now, but with systemd user sessions, the display server will run outside of a session. We have to decide what to do in this case.
>>
>> AFAIK that won't work, the display server must be inside the pam login session of the user, otherwise logind will refuse to give access to any of the devices belonging to the seat.
>>
>> To be precise, logind will only give access to a process which is inside the user-session which is the active session on a certain head, and then only to devices which belong to said head.
>
> To be precise, only processes with the uid of the user or root can call TakeControl(), no other restrictions are enforced. So the process does not have to be in the session.
Ah right, so I guess it could be outside the user session, as long
as it gets started with the uid of the user, however I think that starting
user processes without them being inside a properly setup pam login session
is very ugly.
So it would be greatly preferable and more simple IMHO to just start it
inside the user-session, and AFAIK Ray Strode is working on doing exactly
that in gdm.
If we go this route calling GetSessionByPID() should not be a problem
at all.
Regards,
Hans
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlL5SnIACgkQF3VEtJrzE/uPCACfUneP1X6T/nKzBo/ZNqIE5XGV
AeEAnjVXI5BlrBAV4YCkwmcgCRhzdRFR
=lEt3
-----END PGP SIGNATURE-----
More information about the xorg-devel
mailing list