Liliana Marie Prikler writes: > block 56971 by 56690 56699 > thanks > > Hi muradm, Hi Liliana, > Am Donnerstag, dem 04.08.2022 um 12:45 +0300 schrieb muradm: >> [...] greeter (e.g. gtkgreet) requiring communication >> with seatd is failing to start, causing "black screen" >> behavior on active terminal (switching to the other non seatd >> related terminal is possible, for manual permissions >> adjustment as workaround). >> >> To address this issue, we need more flexible control over >> seatd user/group, which creates seatd.sock, and greeter user >> which connects to seatd.sock. > Okay. > >> However, not all greeters require that, so I decided to make >> more flexible. > Flexibility for its own sake is not always the right solution. > On the > other hand, looking at the two patches, it appears they are to > be used > in combination? > No, technically they are not strongly dependent on each other, could be applied one after another in no particular order. After both are applied, in cooperation they address this issue. >> Propsed solutions consists of: >> >> * 56690 - gnu: seatd-service-type: Should use seat group. >> With this change, if seatd-service-type is present in the >> system configuration, "seat" group will be added, and seatd >> will run as root/seat. Group is configurable, but default is >> "seat". > Why just the group and no user? Is it not possible to launch > seatd as > non-root? seatd provides a way for display servers to access input/output devices without having to be root. So seatd it self has to run as root. When seatd opening socket as root/seat, all members of seat would be able to communicate with it. Also socket could be opened with seat/seat for instance, but there is no specific point in doing so. Will be one more unused system user around. Arch seems to follow similar way, root/seat is ok for socket. Also will signal that seatd is running as root. >> * 56699 - gnu: greetd-service-type: Add greeter-extra-groups >>   config field. >> With this change, if user wants to use seatd-service-type with >> greeter requiring seatd.sock, he can add "seat" group to >> greeter-extra-groups field. > Note that you still have a TODO on that patch. That TODO is from the initial commit, it is about cgroup file system mounting, and totally out of scope of this issue. > Cheers Thanks in advance