FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > ArchLinux > ArchLinux General Discussion

 
 
LinkBack Thread Tools
 
Old 12-02-2011, 05:38 PM
Damjan
 
Default ACL on /dev nodes (systemd, lightdm)

Hi all,
I know systemd and lightdm are not exactly kosher on ArchLinux, but any
help would be welcome.

So, I just noticed that OpenGL is using llvmpipe on my laptop, and then
I found out that the /dev/dri/card0 node doesn't have the proper ACL set
to allow access to my user. Also my user is not in the video group -
since I've learned that's not necesseary in "modern" Linux configurations.

Considering that I'm running systemd and using lightdm as a login
manager - my question is, what subsystem is responsible for settings the
ACL:
- ConsoleKit
- PolicyKit
- systemd
- lightdm
?


Is the proper setup to have pam_loginuid.so, pam_ck_connector.so and
pam_systemd.so in the PAM configuration for lightdm?



the output of ck-list-session is:
Session2:
unix-user = '1000'
realname = '
seat = 'Seat1'
session-type = '
active = TRUE
x11-display = ':0'
x11-display-device = '/dev/tty7'
display-device = '
remote-host-name = '
is-local = TRUE
on-since = '2011-12-02T18:23:04.193636Z'
login-session-id = '


--
дамјан
 
Old 12-02-2011, 06:56 PM
Jan Steffens
 
Default ACL on /dev nodes (systemd, lightdm)

On Fri, Dec 2, 2011 at 7:38 PM, Damjan <gdamjan@gmail.com> wrote:
> Hi all,
> I know systemd and lightdm are not exactly kosher on ArchLinux, but any
> help would be welcome.
>
> So, I just noticed that OpenGL is using llvmpipe on my laptop, and then
> I found out that the /dev/dri/card0 node doesn't have the proper ACL set
> to allow access to my user. Also my user is not in the video group -
> since I've learned that's not necesseary in "modern" Linux configurations.
>
> Considering that I'm running systemd and using lightdm as a login
> manager - my question is, what subsystem is responsible for settings the
> ACL:
> - ConsoleKit
> - PolicyKit
> - systemd
> - lightdm
> ?
>
>
> Is the proper setup to have pam_loginuid.so, pam_ck_connector.so and
> pam_systemd.so in the PAM configuration for lightdm?
>
>
>
> the output of ck-list-session is:
> Session2:
> * * * *unix-user = '1000'
> * * * *realname = '
> * * * *seat = 'Seat1'
> * * * *session-type = '
> * * * *active = TRUE
> * * * *x11-display = ':0'
> * * * *x11-display-device = '/dev/tty7'
> * * * *display-device = '
> * * * *remote-host-name = '
> * * * *is-local = TRUE
> * * * *on-since = '2011-12-02T18:23:04.193636Z'
> * * * *login-session-id = '
>
>
> --
> дамјан

With systemd running, it's responsible for setting the ACLs on the devices.
Try "systemd-loginctl list-sessions" and "systemd-loginctl
show-session X" (with X=session number). Your X11 session should be
active.
 
Old 12-02-2011, 07:45 PM
Damjan
 
Default ACL on /dev nodes (systemd, lightdm)

> With systemd running, it's responsible for setting the ACLs on the devices.
> Try "systemd-loginctl list-sessions" and "systemd-loginctl
> show-session X" (with X=session number). Your X11 session should be
> active.

Thanks for the hint.

it didn't return any session, so in `/etc/pam.d/lightdm` I added::

session required pam_systemd.so

and now all is good.

Results posted below for completeness::


$ systemd-loginctl
SESSION UID USER SEAT
c2 1000 damjan seat0


$ systemd-loginctl show-session c2
Id=c2
Name=damjan
Timestamp=Fri, 02 Dec 2011 21:36:34 +0100
TimestampMonotonic=8036244211
ControlGroupPath=/user/damjan/c2
VTNr=7
Display=:0
Remote=no
Service=lightdm
Leader=447
Audit=0
Type=x11
Active=yes
KillProcesses=no
IdleHint=no
IdleSinceHint=0
IdleSinceHintMonotonic=0


$ getfacl /dev/dri/card0
getfacl: Removing leading '/' from absolute path names
# file: dev/dri/card0
# owner: root
# group: video
user::rw-
user:damjan:rw-
group::rw-
mask::rw-
other::---



--
дамјан
 

Thread Tools




All times are GMT. The time now is 06:54 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org