Xorg without setuid is a good thing for security. But it's still possible to manage without systemd-logind.
As outlined in http://hansdegoede.livejournal.com/14268.html, several privileges needed by xorg are moved to be managed in logind. Those privileges can be provided alternatively as follows: * Access to /dev/input/event* These are rw for input group by default. For security against keylogger, input group permission shouldn't be given to normal users. Therefore you can use setgid on /usr/lib/xorg/Xorg for input group. This is only intended for single-user scenario. * Access to /dev/dri/card* These are rw for video group by default. Add yourself to video group. * Privilege to drmSetMaster() If there is only one drm device no setup is needed. * Access to /dev/tty1 (for example) Need chown yourself /dev/tty1; first and startx with vt01 Also see the prior disscussion https://wiki.ubuntu.com/X/Rootless This is probably against the design goal of systemd and won't ever be supported. But my sysvinit setup with the above workarounds (not using xserver-xorg-legacy) is this: /etc/inittab: 1:2345:respawn:;chown xlz /dev/tty1;chgrp input /usr/lib/xorg/Xorg;chmod g+s /usr/lib/xorg/Xorg;exec su - xlz -c 'exec startx' ~/.xserverrc: #!/bin/sh exec /usr/bin/X -nolisten tcp "$@" vt01 which works fine. If you have multiple graphics cards or graphics driver does not support KMS then there will be more problems. Several annoyances in ~/.local/share/xorg/Xorg.0.log xf86EnableIOPorts: failed to set IOPL for I/O (Operation not permitted) This is a non-fatal error because "[KMS] drivers that don't need I/O access", and thus can be ignored. (EE) dbus-core: error connecting to system bus: org.freedesktop.DBus.Error.FileNotFound (Failed to connect to socket /var/run/dbus/system_bus_socket: No such file or directory) This spams Xorg.0.log every 10 seconds, and it is impossible to turn off without rebuilding xorg. Regards, Lingzhu