On Mon, Aug 03, 2015 at 11:11:12AM -0500, Bruce Dubbs wrote: > I've been looking at some permissions issues lately. It strikes me that the > Linux system has become much more complicated over the years. There are a > couple of issues. > > First there is Linux-PAM. This has been around for a long time. I often > wonder why it is needed. I used to try to ignore it, but there are just too > many applications that seem to require it for that. I do know that it can > be useful in a multi-user environment using ldap for logon credentials, but > how common is that? > I still ignore it - too much can go wrong, and I'm not motivated to learn how to fix it properly.
> Second is polkit. This is something that is only useful in a graphical > environment with multiple users. What is it's purpose on a laptop? On a > server without Xorg? Again, there are many apps that seem to demand it. > It supposedly eases suspend and poweroff/reboot _from_ a DM or DE. For a server, I cannot imagine any use. But people have been known to put Xorg on servers. Until last month, I only treated ConsoleKit, dbus, polkit as build dependencies. For sddm I need to understand them a bit better, and at the moment I'm still floundering. But if I get there I'll end up with a shiny greeter on a DM :) > A quick look for polkit dependencies in the book show hat it is needed for > upower, udisks/udisks2, colord, network-manager/network-manager-applet, > gconf, polkit-gnome, lxsession, consolekit, and thunar-volman. All of these > have polkit either required or recommended. > > Third is consolekit. The packages that use it are kde-workspace, > lxde-common, lxqt-common, pulseaudio, networkmanager, sddm, lxdm, and > xfce4-session. All of these except pulseaudio and xfce4-session have > consolekit required or recommended. Additionally ConsoleKit is not being > actively maintained. They now say to use systemd-logind. > > http://www.freedesktop.org/wiki/Software/ConsoleKit/ > One or more people have mentioned CK2. I'm not touching that until I understand my current problems, and then only if it seems useful to what I'm doing. > To make things worse, to implement this applications like upowerd, polkitd, > console-kit-daemon, etc are run as daemons even after a graphical session is > terminated. > Thanks. That "daemon still running" might give me a hint when I next try to understand my sddm problem. [...] > > What we are doing in BLFS is building these packages because upstream > developers have programmed them into useful applications, not because most > BLFS users need them. > Like many other packages which are not particularly useful in themselves, such as various obscure libraries and (more generally file managers) but are pulled in by something which _is_ useful. > What we are not doing is giving much advice on configuration. I found a > nice page on the Arch wiki that explains how to get around the unneeded > seat/session stuff for udisks: > > https://wiki.archlinux.org/index.php/Udisks#Configuration > > We might want to include this in the udisks sections and similar polkit > configuration instructions in other sections. > > -- Bruce > Configuration instructions, either in the book or else in the wiki, are always useful if they continue to work (e.g. the polkit rule changes now that mozjs is used). More generally. the arch and (sometimes) gentoo wikis are often useful. ĸen -- This one goes up to eleven: but only on a clear day, with the wind in the right direction. -- http://lists.linuxfromscratch.org/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
