subject:"Bug#1050417\: lightdm\-guest\-session support \(via Arctica Greeter\) takes a long time to startup X11 guest sessions"

Bug#1050417: lightdm-guest-session support (via Arctica Greeter) takes a long time to startup X11 guest sessions

2023-11-20 Thread Mike Gabriel


HI Yves-Alexis,

On  Mo 20 Nov 2023 21:39:54 CET, Yves-Alexis Perez wrote:


On Sun, 2023-11-19 at 10:07 +, Mike Gabriel wrote:

I just tested this once more: It needs to be

/run/user/*/ICEauthority-l l,

Without that line, guest login to a MATE desktop is slloo 
(with error dialog about /run/user/*/ICEauthority, without "-l").

With that line, login is smooth, no error dialog anymore.


Ok, that's confusing (unless there's a specific syntax weirdness?). I assume
you tested with:

/run/user/*/ICEauthority l,

and it didn't work?


Correct. To be fully sure, I tested again (Debian 12):

/run/user/*/ICEauthority l, -> long delay when logging into MATE (+  
dialog error)

/run/user/*/ICEauthority-l l, -> smoothly logging into MATE
no such line -> -> long delay when logging into MATE (+ dialog error)

Mike
--

mike gabriel aka sunweaver (Debian Developer)
mobile: +49 (1520) 1976 148
landline: +49 (4351) 486 14 27

GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22  0782 9AF4 6B30 2577 1B31
mail: sunwea...@debian.org, http://sunweavers.net



pgpWVzKc67i_T.pgp
Description: Digitale PGP-Signatur

Bug#1050417: lightdm-guest-session support (via Arctica Greeter) takes a long time to startup X11 guest sessions

2023-11-20 Thread Yves-Alexis Perez

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On Sun, 2023-11-19 at 10:07 +, Mike Gabriel wrote:
> I just tested this once more: It needs to be
> 
> /run/user/*/ICEauthority-l l,
> 
> Without that line, guest login to a MATE desktop is slloo  
> (with error dialog about /run/user/*/ICEauthority, without "-l").
> 
> With that line, login is smooth, no error dialog anymore.

Ok, that's confusing (unless there's a specific syntax weirdness?). I assume
you tested with:

/run/user/*/ICEauthority l,

and it didn't work?

Regards,
- -- 
Yves-Alexis
-BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAmVbxBsACgkQ3rYcyPpX
RFtyIQgA235A9IBEsi1H1NRl9VROuJSPFM8k4KTXrkbNMQ28pz+e24tnnfnbFXRa
55WnPtSzP96+420dKiUuYQgoL+BmZf4zQXT9o2YQDzdXVbFhtDpy+NW8B4rOQk0j
EuaSwNcAXrE/QJsGMt0JfX9vIm+X8cHorYupHEy61kIAyzpRgU5K8fAUclV6vs2L
RHbxja0HAXHCsoURKbVkEPJWo6LGX+fB7N1uJSGhFNfKJcYx1CDPJGgsGnuge7MV
JrjyFFrCeHyCK/zqxQZUvBKH5roI+EEoo+eHuADhCJAwqc4L/+aHa90e+on1Z8il
QEajGSWgyo3HGrymx2hCEHRVxolD9w==
=omCC
-END PGP SIGNATURE-

Bug#1050417: lightdm-guest-session support (via Arctica Greeter) takes a long time to startup X11 guest sessions

2023-11-19 Thread Mike Gabriel


Hi Yves-Alexis,

sorry for the delay...

On  Mi 15 Nov 2023 20:48:26 CET, Yves-Alexis Perez wrote:


On Thu, 2023-08-24 at 10:25 +, Mike Gabriel wrote:

+  /run/user/*/ICEauthority-l l,


Hi Mike,

are you sure about the `ICEauthority-l' filename (especially the -l part)? On
my system it's just ICEauthority apparently.

Regards,
- --
Yves-Alexis



I just tested this once more: It needs to be

/run/user/*/ICEauthority-l l,

Without that line, guest login to a MATE desktop is slloo  
(with error dialog about /run/user/*/ICEauthority, without "-l").


With that line, login is smooth, no error dialog anymore.

Greets,
Mike
--

mike gabriel aka sunweaver (Debian Developer)
mobile: +49 (1520) 1976 148
landline: +49 (4351) 486 14 27

GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22  0782 9AF4 6B30 2577 1B31
mail: sunwea...@debian.org, http://sunweavers.net



pgpt27RDHwe6X.pgp
Description: Digitale PGP-Signatur

Bug#1050417: lightdm-guest-session support (via Arctica Greeter) takes a long time to startup X11 guest sessions

2023-11-15 Thread Yves-Alexis Perez

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On Thu, 2023-08-24 at 10:25 +, Mike Gabriel wrote:
> +  /run/user/*/ICEauthority-l l,

Hi Mike,

are you sure about the `ICEauthority-l' filename (especially the -l part)? On
my system it's just ICEauthority apparently.

Regards,
- -- 
Yves-Alexis
-BEGIN PGP SIGNATURE-

iQEyBAEBCAAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAmVVIIoACgkQ3rYcyPpX
RFvRNQf4nVUolt6huD76ZT4EcpvIDVyX4VJjZ3v5tMIxdnzWZMmSQpxsAQcgfljm
zUzweJw0HczdKAbiP/0f9qDKWTEDUZ7IG7ORYz4S7V7ZCFz5IWt5x6V1styNWnlp
wXFXTm7BG7tzM8efXIaW3OANyWg3ewBnLzeqW4hSjOccB14VHqioP++sHOXG9w0b
ChWxCmR5jfd+wIPpluxvOVTcmMWZlirfTnc/nbUtUTa3LeBlBG+0butRQS+DrDjz
ZYFVPpo0rT37WoX+Ll49kyXGDMg2J22yQS4obdS1D/7ltcVZYtcec/w9gf+5B89s
1pC8mvbWE4zYhA94YmqzYarjb9Pa
=S4WQ
-END PGP SIGNATURE-

Bug#1050417: lightdm-guest-session support (via Arctica Greeter) takes a long time to startup X11 guest sessions

2023-08-24 Thread Mike Gabriel


Package: src:lightdm
Severity: normal
Version: 1.32.0-3
Tags: patch
Forwarded: https://github.com/canonical/lightdm/pull/319


For Debian Edu 12, I tested the various features of Arctica Greeter  
(arctica-greeter src:pkg in Debian). The Arctica Greeter provides a  
feature called guest session login. With this, users can log into a  
host using one-time sessions. The guest user accounts gets created on  
the fly on login and gets removed after the session. A password is not  
required for guest session login.


In Debian 12, the login into an X11 desktop (such as MATE or Xfce4)  
takes a long time to bring up the session. This delay is caused by a  
missing apparmor rule in light.


diff --git a/data/apparmor/lightdm-guest-session.in  
b/data/apparmor/lightdm-guest-session.in

index 3239c54b..f4938c7c 100644
--- a/data/apparmor/lightdm-guest-session.in
+++ b/data/apparmor/lightdm-guest-session.in
@@ -18,6 +18,7 @@
   /usr/bin/sogou-qimpanel-watchdog ix,
   /usr/bin/sogou-sys-notify ix,
   /tmp/sogou-qimpanel:* rwl,
+  /run/user/*/ICEauthority-l l,

   # Allow ibus
   unix (bind, listen) type=stream addr="@tmp/ibus/*",

Here comes the description of the proposed patch:

data/apparmor/lightdm-guest-session.in: Allow l operation on  
/run/user/*/ICEauthority-l.


 This resolves long login delays into X11 guest sessions when using
 Arctica Greeter (forked from Unity Greeter). While waiting for the
 desktop to appear, the screen stays black and a non-WM'ed dialog box
 appears on screen, saying: "Could not update ICEauthority file
 /run/user//ICEauthority".

 When testing with MATE desktop, apparmor denies esp. creating this link
 operation:
 operation="link" class="file" profile="/lightdm-guest-session"
 name="/run/user/997/ICEauthority-l" pid= comm="mate-session"
 requested_mask="l" denied_mask="l" fsuid= ouid=
 target="/run/user//ICEauthority-c"

 Similar in Xfce4:
 operation="link" class="file" profile="/lightdm-guest-session"
 name="/run/user/997/ICEauthority-l" pid= comm="iceauth"
 requested_mask="l" denied_mask="l" fsuid= ouid=
 target="/run/user//ICEauthority-c"


It would be awesome if this could get resolved in the near future in  
Debian unstable and Debian bookworm. I can provide some help with  
these uploads if wanted by the maintainers.


Thanks+Greets,
Mike

--

mike gabriel aka sunweaver (Debian Developer)
mobile: +49 (1520) 1976 148
landline: +49 (4351) 486 14 27

GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22  0782 9AF4 6B30 2577 1B31
mail: sunwea...@debian.org, http://sunweavers.net

>From 206320128f9636b814af76230ad64ed3b5e36fb8 Mon Sep 17 00:00:00 2001
From: Mike Gabriel 
Date: Thu, 24 Aug 2023 11:19:02 +0200
Subject: [PATCH] data/apparmor/lightdm-guest-session.in: Allow l operation on
 /run/user/*/ICEauthority-l.

 This resolves long login delays into X11 guest sessions when using
 Arctica Greeter (forked from Unity Greeter). While waiting for the
 desktop to appear, the screen stays black and a non-WM'ed dialog box
 appears on screen, saying: "Could not update ICEauthority file
 /run/user//ICEauthority".

 When testing with MATE desktop, apparmor denies esp. creating this link
 operation:
 operation="link" class="file" profile="/lightdm-guest-session"
 name="/run/user/997/ICEauthority-l" pid= comm="mate-session"
 requested_mask="l" denied_mask="l" fsuid= ouid=
 target="/run/user//ICEauthority-c"

 Similar in Xfce4:
 operation="link" class="file" profile="/lightdm-guest-session"
 name="/run/user/997/ICEauthority-l" pid= comm="iceauth"
 requested_mask="l" denied_mask="l" fsuid= ouid=
 target="/run/user//ICEauthority-c"

Signed-off-by: Mike Gabriel 
---
 data/apparmor/lightdm-guest-session.in | 1 +
 1 file changed, 1 insertion(+)

diff --git a/data/apparmor/lightdm-guest-session.in 
b/data/apparmor/lightdm-guest-session.in
index 3239c54b..f4938c7c 100644
--- a/data/apparmor/lightdm-guest-session.in
+++ b/data/apparmor/lightdm-guest-session.in
@@ -18,6 +18,7 @@
   /usr/bin/sogou-qimpanel-watchdog ix,
   /usr/bin/sogou-sys-notify ix,
   /tmp/sogou-qimpanel:* rwl,
+  /run/user/*/ICEauthority-l l,
 
   # Allow ibus
   unix (bind, listen) type=stream addr="@tmp/ibus/*",
-- 
2.39.2



pgpAEOPV7tXt8.pgp
Description: Digitale PGP-Signatur

Bug#1050417: lightdm-guest-session support (via Arctica Greeter) takes a long time to startup X11 guest sessions

Bug#1050417: lightdm-guest-session support (via Arctica Greeter) takes a long time to startup X11 guest sessions

Bug#1050417: lightdm-guest-session support (via Arctica Greeter) takes a long time to startup X11 guest sessions

Bug#1050417: lightdm-guest-session support (via Arctica Greeter) takes a long time to startup X11 guest sessions

Bug#1050417: lightdm-guest-session support (via Arctica Greeter) takes a long time to startup X11 guest sessions

5 matches

Site Navigation

Mail list logo

Footer information