'Twas brillig, and Mike Kazantsev at 28/08/12 00:55 did gyre and gimble:
> On Tue, 28 Aug 2012 00:32:47 +0100
> Colin Guthrie <gm...@colin.guthr.ie> wrote:
> 
>>
>> It's not really as simple as that these days. In order to do things
>> cleanly (and from what I understand the CK way was certainly far from
>> clean), you really need to use some kind of login agent. Typically this
>> would be the job of the DM, but as you are not using one, it's obviously
>> not going to work.
>>
>> So in theory you need to spawn something that acts as a proper login
>> agent, has a real PAM conversation and then starts X for you. That's the
>> only real way to do the proper user registration (for the simply fact
>> that it's not really possible to start a session from a session.
>>
> ...
>>
>> Looking forward a simple "autologin" system could get around this. e.g.
>> gdm has autologin support. Say it was modified to take the autologin
>> user as an argument. You could have a small setuid binary wrapper that
>> started gdm for you and passes your user as the autologin user when it
>> execs the main gdm process. This would mean all the proper PAM
>> conversations happen as expected and everything should be fine.
>>
>> I only use gdm as an example here as it's got (AFAIUI) good PAM code. A
>> standalone autologin system that does PAM well would be fine too (tho' I
>> believe it's quite easy to write bad PAM code...)
>>
> 
> Just to be clear, there's nothing wrong with "login" establishing the
> PAM session and doing startx without changing vt from there, right?

Nothing too wrong. As highlighted by the patch to startx I linked, this
is indeed how I do it.

The only "issue" with it is that a "loginctl show-session n" will show:
  Type=tty
rather than:
  Type=x11

(NB: I'm not sure if we'll see a Type=wayland in the future or if "x11"
should really just be a generic "graphical" term instead?)

This doesn't necessarily have a huge bearing right now, but because this
is useful metadata it may start to get used more in the future.

If/when this becomes a problem, then the "fuller" solution of some real
pam+autologin type agent thing is probably the way to go.


> Wanted to ask, because it seem to me that gdm with autologin seem to be
> unnecessary if just startx works, and OP seemed to be logging into a
> text vt explicitly anyway, so I can assume gdm does something more
> (PAM-wise?) than login(1) does?

Not specifically, it's more the metadata about the session type that
might be useful data to some higher level processes as mentioned above.

gdm, but it's nature will register sessions with type=x11 and login with
type=tty - that's the only reason I suggested gdm as a basis here..
arguably it would make more sense to tweak login (or perhaps agetty as
it already has autologin options etc?) to do this task.

HTHs

Col

-- 

Colin Guthrie
gmane(at)colin.guthr.ie
http://colin.guthr.ie/

Day Job:
  Tribalogic Limited http://www.tribalogic.net/
Open Source:
  Mageia Contributor http://www.mageia.org/
  PulseAudio Hacker http://www.pulseaudio.org/
  Trac Hacker http://trac.edgewall.org/
_______________________________________________
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Reply via email to