On Sun, Aug 25, 2019 at 01:33:12AM +0000, DJ Lucas via blfs-dev wrote:
>
>
> On 8/24/2019 8:14 PM, Ken Moffat via blfs-dev wrote:
> > On Sun, Aug 25, 2019 at 12:42:12AM +0000, DJ Lucas via blfs-dev wrote:
> > > > At this point, I'm clearly out of my depth, and I will not be
> > > > updating further systems (nor reviewing if the kernel config for
> > > > elogind is adequate, nor if the mountcgroupfs and elogind
> > > > bootscripts are really needed) unless I can understand where my
> > > > build/usage of elogind is failing.
> > > >
> > > > ĸen
> > > The seat actions are at
> > > /usr/share/polkit-1/actions/org.freedesktop.login1.policy
> > >
> > > --DJ
> > >
> > Thanks, but not on this system :-(
> >
> > ken@plexi ~ $ls /usr/share/polkit-1/actions/
> > com.mesonbuild.install.policy
> > org.freedesktop.policykit.policy
> > org.freedesktop.color.policy
> > org.gtk.vfs.file-operations.policy
> > org.freedesktop.policykit.examples.pkexec.policy
> > org.x.xf86-video-intel.backlight-helper.policy
> >
> > ĸen
> But I do think we might be getting someplace. Did you log your elogind
> build? If so, what was the meson summary output? Here is what I had:
>
> Message: elogind 241.3
> split /usr: true
> split bin-sbin: true
> prefix directory: /usr
> rootprefix directory: /
> sysconf directory: /etc
> include directory: /usr/include
> lib directory: /usr/lib
> rootlib directory: /lib
> rootexeclib dir: /lib/elogind
> PAM modules directory: /lib/security
> PAM configuration directory: /etc/pam.d
> modprobe.d directory: /lib/modprobe.d
> D-Bus policy directory: /etc/dbus-1/system.d
> D-Bus session directory: /usr/share/dbus-1/services
> D-Bus system directory: /usr/share/dbus-1/system-services
> bash completions directory:
> /usr/share/bash-completion/completions
> zsh completions directory: /usr/share/zsh/site-functions
> TTY GID: 5
> maximum system UID: 999
> maximum system GID: 999
> /dev/kvm access mode: 0666
> render group access mode: 0666
> nobody user name: nobody
> nobody group name: nobody
> default KillUserProcesses setting: true
> enabled features: PAM, SMACK, ACL, polkit, dbus, man pages, utmp
> disabled features: AUDIT, SELinux, legacy pkla, glib, html pages,
> man page indices, debug elogind, debug hashmap, debug mmap cache, debug
> siphash, valgrind, trace logging
>
It agrees on all of those.
References to login1 are
Installing /scratch/working/elogind-241.3/src/login/org.freedesktop.login1.conf
to /etc/dbus-1/system.d
Installing
/scratch/working/elogind-241.3/build/src/login/org.freedesktop.login1.service
to /usr/share/dbus-1/system-services
Installing
/scratch/working/elogind-241.3/src/login/org.freedesktop.login1.policy to
/usr/share/polkit-1/actions
Oh, spit - I think I must have accidentally booted the system next
to it in grub's menu when I was taking it up and down. I'm now
definitely on 9.0:
ken@plexi ~ $cat /etc/lfs-release
LFS-9.0 (r11659, -rc1). BLFS r21977
DISTRIB_RELEASE="LFS-9.0"
DISTRIB_CODENAME="Llamedos"
DISTRIB_DESCRIPTION="Linux From Scratch"
and I _do_ have that file. Sorry for the noise.
I suppose the relevant part is:
<action id="org.freedesktop.login1.attach-device">
<description gettext-domain="systemd">Allow attaching devices
to seats</description>
<message gettext-domain="systemd">Authentication is required
for attaching a device to a seat.</message>
<defaults>
<allow_any>auth_admin_keep</allow_any>
<allow_inactive>auth_admin_keep</allow_inactive>
<allow_active>auth_admin_keep</allow_active>
</defaults>
<annotate
key="org.freedesktop.policykit.imply">org.freedesktop.login1.flush-devices</annotate>
</action>
From https://www.freedesktop.org/software/polkit/docs/latest/polkit.8.html
auth_admin
Authentication by an administrative user is required.
[...]
auth_admin_keep
Like auth_admin but the authorization is kept for a brief period (e.g. five
minutes).
Which I think means that a user who wants to use Xorg does need to be
in the wheel group?
I can't say that I like that, but since my groups seem to have
become totally banjaxed (and I've still no idea where that '7' came
from) I'm going to step away from the machines.
Thanks for your help, and sorry for the wrong answer earlier.
ĸen
--
Adopted by dwarfs, brought up by dwarfs. To dwarfs I'm a dwarf, sir.
I can do the rite of k'zakra, I know the secrets of h'ragna, I can
ha'lk my g'rakha correctly ... I am a dwarf
Captain Carrot Ironfoundersson (in The Fifth Elephant)
--
http://lists.linuxfromscratch.org/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
