Github messages for voidlinux
 help / color / mirror / Atom feed
* [PR PATCH] xorg-server: enable privilege-less Xorg 
@ 2022-02-10 23:57 ArsenArsen
  2022-02-11 10:23 ` dkwo
                   ` (21 more replies)
  0 siblings, 22 replies; 23+ messages in thread
From: ArsenArsen @ 2022-02-10 23:57 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 769 bytes --]

There is a new pull request by ArsenArsen against master on the void-packages repository

https://github.com/ArsenArsen/void-packages privilegeless-xorg
https://github.com/void-linux/void-packages/pull/35522

xorg-server: enable privilege-less Xorg 
#### Testing the changes
- I tested the changes in this PR: **briefly**  
  I haven't daily driven these changes, but the affected areas I've tested, and I believe anyone who has the right group should be alright.

There's actually no dependency on any library but DBus when enabling elogind, so I removed that false dependency. Changing `Xwrapper.config` to have `auto` by default should  prevent breaking anyone's system.

A patch file from https://github.com/void-linux/void-packages/pull/35522.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-privilegeless-xorg-35522.patch --]
[-- Type: text/x-diff, Size: 2207 bytes --]

From 9e2b0e35904d4f446dc5ab29b523357a5d5c314c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Arsen=20Arsenovi=C4=87?= <arsen@aarsen.me>
Date: Fri, 11 Feb 2022 00:54:04 +0100
Subject: [PATCH] xorg-server: enable rootless Xorg by default

---
 srcpkgs/xorg-server/files/Xwrapper.config | 2 +-
 srcpkgs/xorg-server/template              | 5 +++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/srcpkgs/xorg-server/files/Xwrapper.config b/srcpkgs/xorg-server/files/Xwrapper.config
index 017105e31a7a..8a4b2d83da16 100644
--- a/srcpkgs/xorg-server/files/Xwrapper.config
+++ b/srcpkgs/xorg-server/files/Xwrapper.config
@@ -1 +1 @@
-needs_root_rights = yes
+needs_root_rights = auto
diff --git a/srcpkgs/xorg-server/template b/srcpkgs/xorg-server/template
index 171f39e41490..fd727aeb530f 100644
--- a/srcpkgs/xorg-server/template
+++ b/srcpkgs/xorg-server/template
@@ -8,7 +8,7 @@ configure_args="-Dipv6=true -Dxorg=true -Dxnest=true -Dxephyr=true
  -Dxkb_output_dir=/var/lib/xkb
  -Dlinux_acpi=true -Dlinux_apm=false -Dsuid_wrapper=true
  -Dxcsecurity=true -Dsystemd_logind=$(vopt_if elogind true false)
- -Dglamor=true -Ddri2=true -Ddri3=true -Dglx=true"
+ -Dglamor=true -Ddri2=true -Ddri3=true -Dglx=true -Ddrm=true"
 hostmakedepends="pkg-config xkbcomp flex"
 makedepends="MesaLib-devel libXaw-devel libXfont-devel libXfont2-devel
  libXrender-devel libXres-devel libXtst-devel libXv-devel libXxf86dga-devel
@@ -17,7 +17,7 @@ makedepends="MesaLib-devel libXaw-devel libXfont-devel libXfont2-devel
  xcb-util-keysyms-devel xcb-util-renderutil-devel xcb-util-wm-devel xkbcomp
  nettle-devel libxcvt-devel font-util $(vopt_if elogind 'dbus-devel')"
 # See hw/xfree86/common/xf86Module.h. Only care for the major version.
-depends="xkeyboard-config $(vopt_if elogind 'elogind') xorg-server-common"
+depends="xkeyboard-config xorg-server-common"
 checkdepends="xkeyboard-config"
 short_desc="X11 server from X.org"
 maintainer="Leah Neukirchen <leah@vuxu.org>"
@@ -33,6 +33,7 @@ conf_files="/etc/X11/Xwrapper.config"
 
 build_options="elogind"
 desc_option_elogind="Rootless Xorg support with elogind"
+build_options_default="elogind"
 
 # disable VBE on non-x86 systems
 case "$XBPS_TARGET_MACHINE" in

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: xorg-server: enable privilege-less Xorg 
  2022-02-10 23:57 [PR PATCH] xorg-server: enable privilege-less Xorg ArsenArsen
@ 2022-02-11 10:23 ` dkwo
  2022-02-11 11:12 ` ArsenArsen
                   ` (20 subsequent siblings)
  21 siblings, 0 replies; 23+ messages in thread
From: dkwo @ 2022-02-11 10:23 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 611 bytes --]

New comment by dkwo on void-packages repository

https://github.com/void-linux/void-packages/pull/35522#issuecomment-1036057846

Comment:
I've been using rootless xorg for months, so I like this.
But I do not like making `elogind` a default build option, which brings in dbus, elogind etc.
Why is this needed? For me, a simple rule like
`99-input.rules: KERNEL=="event*", NAME="input/%k", MODE="660", GROUP="input"`
works fine.

Btw, could you bump revision and perhaps include this patch from upstream?
https://gitlab.freedesktop.org/xorg/xserver/-/commit/0217cc6e0cf5013366105a90f5f91ccc4bab5425.patch

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: xorg-server: enable privilege-less Xorg 
  2022-02-10 23:57 [PR PATCH] xorg-server: enable privilege-less Xorg ArsenArsen
  2022-02-11 10:23 ` dkwo
@ 2022-02-11 11:12 ` ArsenArsen
  2022-02-11 11:14 ` ArsenArsen
                   ` (19 subsequent siblings)
  21 siblings, 0 replies; 23+ messages in thread
From: ArsenArsen @ 2022-02-11 11:12 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 420 bytes --]

New comment by ArsenArsen on void-packages repository

https://github.com/void-linux/void-packages/pull/35522#issuecomment-1036096299

Comment:
It does not bring elogind. The patch explicitly removes that dependency.

Such a rule gives any user right to access input devices. This distinction is why I specifically worded it as privilege-less rather than rootless.

This change brings along `dbus-libs`, not `dbus`.

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: xorg-server: enable privilege-less Xorg 
  2022-02-10 23:57 [PR PATCH] xorg-server: enable privilege-less Xorg ArsenArsen
  2022-02-11 10:23 ` dkwo
  2022-02-11 11:12 ` ArsenArsen
@ 2022-02-11 11:14 ` ArsenArsen
  2022-02-11 13:37 ` dkwo
                   ` (18 subsequent siblings)
  21 siblings, 0 replies; 23+ messages in thread
From: ArsenArsen @ 2022-02-11 11:14 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 519 bytes --]

New comment by ArsenArsen on void-packages repository

https://github.com/void-linux/void-packages/pull/35522#issuecomment-1036096299

Comment:
It does not bring elogind. The patch explicitly removes that dependency.

Such a rule gives any user right to access input devices. This distinction is why I specifically worded it as privilege-less rather than rootless.

This change brings along `dbus-libs`, not `dbus`.

EDIT: it does however add `libdrm`, as it's required for `Xwrapper` to use automatic detection.

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: xorg-server: enable privilege-less Xorg 
  2022-02-10 23:57 [PR PATCH] xorg-server: enable privilege-less Xorg ArsenArsen
                   ` (2 preceding siblings ...)
  2022-02-11 11:14 ` ArsenArsen
@ 2022-02-11 13:37 ` dkwo
  2022-02-11 13:46 ` ArsenArsen
                   ` (17 subsequent siblings)
  21 siblings, 0 replies; 23+ messages in thread
From: dkwo @ 2022-02-11 13:37 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 323 bytes --]

New comment by dkwo on void-packages repository

https://github.com/void-linux/void-packages/pull/35522#issuecomment-1036222177

Comment:
I see. The rule is not needed btw, just the user be part of input group works for me with this PR, or alternatively use elogind.
So it looks good to me.
Should you bump the revision?

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: xorg-server: enable privilege-less Xorg 
  2022-02-10 23:57 [PR PATCH] xorg-server: enable privilege-less Xorg ArsenArsen
                   ` (3 preceding siblings ...)
  2022-02-11 13:37 ` dkwo
@ 2022-02-11 13:46 ` ArsenArsen
  2022-02-11 13:46 ` [PR PATCH] [Updated] " ArsenArsen
                   ` (16 subsequent siblings)
  21 siblings, 0 replies; 23+ messages in thread
From: ArsenArsen @ 2022-02-11 13:46 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 296 bytes --]

New comment by ArsenArsen on void-packages repository

https://github.com/void-linux/void-packages/pull/35522#issuecomment-1036229608

Comment:
Ah, you're right, I missed the bump. My bad. As for the patch, not sure whether it should be included here or separately, so I'll leave it out for now.

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: [PR PATCH] [Updated] xorg-server: enable privilege-less Xorg 
  2022-02-10 23:57 [PR PATCH] xorg-server: enable privilege-less Xorg ArsenArsen
                   ` (4 preceding siblings ...)
  2022-02-11 13:46 ` ArsenArsen
@ 2022-02-11 13:46 ` ArsenArsen
  2022-02-11 13:56 ` dkwo
                   ` (15 subsequent siblings)
  21 siblings, 0 replies; 23+ messages in thread
From: ArsenArsen @ 2022-02-11 13:46 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 775 bytes --]

There is an updated pull request by ArsenArsen against master on the void-packages repository

https://github.com/ArsenArsen/void-packages privilegeless-xorg
https://github.com/void-linux/void-packages/pull/35522

xorg-server: enable privilege-less Xorg 
#### Testing the changes
- I tested the changes in this PR: **briefly**  
  I haven't daily driven these changes, but the affected areas I've tested, and I believe anyone who has the right groups should be alright.

There's actually no dependency on any library but DBus when enabling elogind, so I removed that false dependency. Changing `Xwrapper.config` to have `auto` by default should  prevent breaking anyone's system.

A patch file from https://github.com/void-linux/void-packages/pull/35522.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-privilegeless-xorg-35522.patch --]
[-- Type: text/x-diff, Size: 2394 bytes --]

From 337932582df410936bfa896880df7849562125e4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Arsen=20Arsenovi=C4=87?= <arsen@aarsen.me>
Date: Fri, 11 Feb 2022 00:54:04 +0100
Subject: [PATCH] xorg-server: enable rootless Xorg by default

---
 srcpkgs/xorg-server/files/Xwrapper.config | 2 +-
 srcpkgs/xorg-server/template              | 7 ++++---
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/srcpkgs/xorg-server/files/Xwrapper.config b/srcpkgs/xorg-server/files/Xwrapper.config
index 017105e31a7a..8a4b2d83da16 100644
--- a/srcpkgs/xorg-server/files/Xwrapper.config
+++ b/srcpkgs/xorg-server/files/Xwrapper.config
@@ -1 +1 @@
-needs_root_rights = yes
+needs_root_rights = auto
diff --git a/srcpkgs/xorg-server/template b/srcpkgs/xorg-server/template
index 171f39e41490..f3361f517734 100644
--- a/srcpkgs/xorg-server/template
+++ b/srcpkgs/xorg-server/template
@@ -1,14 +1,14 @@
 # Template file for 'xorg-server'
 pkgname=xorg-server
 version=21.1.3
-revision=3
+revision=4
 build_style=meson
 configure_args="-Dipv6=true -Dxorg=true -Dxnest=true -Dxephyr=true
  -Dxvfb=true -Dhal=false -Dudev=true -Dxkb_dir=/usr/share/X11/xkb
  -Dxkb_output_dir=/var/lib/xkb
  -Dlinux_acpi=true -Dlinux_apm=false -Dsuid_wrapper=true
  -Dxcsecurity=true -Dsystemd_logind=$(vopt_if elogind true false)
- -Dglamor=true -Ddri2=true -Ddri3=true -Dglx=true"
+ -Dglamor=true -Ddri2=true -Ddri3=true -Dglx=true -Ddrm=true"
 hostmakedepends="pkg-config xkbcomp flex"
 makedepends="MesaLib-devel libXaw-devel libXfont-devel libXfont2-devel
  libXrender-devel libXres-devel libXtst-devel libXv-devel libXxf86dga-devel
@@ -17,7 +17,7 @@ makedepends="MesaLib-devel libXaw-devel libXfont-devel libXfont2-devel
  xcb-util-keysyms-devel xcb-util-renderutil-devel xcb-util-wm-devel xkbcomp
  nettle-devel libxcvt-devel font-util $(vopt_if elogind 'dbus-devel')"
 # See hw/xfree86/common/xf86Module.h. Only care for the major version.
-depends="xkeyboard-config $(vopt_if elogind 'elogind') xorg-server-common"
+depends="xkeyboard-config xorg-server-common"
 checkdepends="xkeyboard-config"
 short_desc="X11 server from X.org"
 maintainer="Leah Neukirchen <leah@vuxu.org>"
@@ -33,6 +33,7 @@ conf_files="/etc/X11/Xwrapper.config"
 
 build_options="elogind"
 desc_option_elogind="Rootless Xorg support with elogind"
+build_options_default="elogind"
 
 # disable VBE on non-x86 systems
 case "$XBPS_TARGET_MACHINE" in

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: xorg-server: enable privilege-less Xorg 
  2022-02-10 23:57 [PR PATCH] xorg-server: enable privilege-less Xorg ArsenArsen
                   ` (5 preceding siblings ...)
  2022-02-11 13:46 ` [PR PATCH] [Updated] " ArsenArsen
@ 2022-02-11 13:56 ` dkwo
  2022-02-11 22:09 ` leahneukirchen
                   ` (14 subsequent siblings)
  21 siblings, 0 replies; 23+ messages in thread
From: dkwo @ 2022-02-11 13:56 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 189 bytes --]

New comment by dkwo on void-packages repository

https://github.com/void-linux/void-packages/pull/35522#issuecomment-1036238826

Comment:
No worries, it can always be added later.
Thanks.


^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: xorg-server: enable privilege-less Xorg 
  2022-02-10 23:57 [PR PATCH] xorg-server: enable privilege-less Xorg ArsenArsen
                   ` (6 preceding siblings ...)
  2022-02-11 13:56 ` dkwo
@ 2022-02-11 22:09 ` leahneukirchen
  2022-02-11 22:34 ` ArsenArsen
                   ` (13 subsequent siblings)
  21 siblings, 0 replies; 23+ messages in thread
From: leahneukirchen @ 2022-02-11 22:09 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 186 bytes --]

New comment by leahneukirchen on void-packages repository

https://github.com/void-linux/void-packages/pull/35522#issuecomment-1036673487

Comment:
How is drm pulled in as a dependency?

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: xorg-server: enable privilege-less Xorg 
  2022-02-10 23:57 [PR PATCH] xorg-server: enable privilege-less Xorg ArsenArsen
                   ` (7 preceding siblings ...)
  2022-02-11 22:09 ` leahneukirchen
@ 2022-02-11 22:34 ` ArsenArsen
  2022-02-11 22:42 ` leahneukirchen
                   ` (12 subsequent siblings)
  21 siblings, 0 replies; 23+ messages in thread
From: ArsenArsen @ 2022-02-11 22:34 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 327 bytes --]

New comment by ArsenArsen on void-packages repository

https://github.com/void-linux/void-packages/pull/35522#issuecomment-1036696755

Comment:
Due to this mechanism: https://github.com/freedesktop/xorg-xserver/blob/master/hw/xfree86/xorg-wrapper.c#L233-L252

`libdrm` shouldn't be particularly problematic given the context

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: xorg-server: enable privilege-less Xorg 
  2022-02-10 23:57 [PR PATCH] xorg-server: enable privilege-less Xorg ArsenArsen
                   ` (8 preceding siblings ...)
  2022-02-11 22:34 ` ArsenArsen
@ 2022-02-11 22:42 ` leahneukirchen
  2022-02-22 14:23 ` dkwo
                   ` (11 subsequent siblings)
  21 siblings, 0 replies; 23+ messages in thread
From: leahneukirchen @ 2022-02-11 22:42 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 195 bytes --]

New comment by leahneukirchen on void-packages repository

https://github.com/void-linux/void-packages/pull/35522#issuecomment-1036702387

Comment:
Ah, it's pulled in via MesaLib-devel.

LGTM.

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: xorg-server: enable privilege-less Xorg 
  2022-02-10 23:57 [PR PATCH] xorg-server: enable privilege-less Xorg ArsenArsen
                   ` (9 preceding siblings ...)
  2022-02-11 22:42 ` leahneukirchen
@ 2022-02-22 14:23 ` dkwo
  2022-02-22 15:42 ` dkwo
                   ` (10 subsequent siblings)
  21 siblings, 0 replies; 23+ messages in thread
From: dkwo @ 2022-02-22 14:23 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 425 bytes --]

New comment by dkwo on void-packages repository

https://github.com/void-linux/void-packages/pull/35522#issuecomment-1047848705

Comment:
Btw, I've noticed that xorg now runs for me as `Xorg :0 vt1 -keeptty -auth /tmp/serv..` without the flag `-nolisten tcp`, which was present previously.
I've also checked with `ss` that it is _not_ listening on tcp, so the nolisten perhaps is now default?

@leahneukirchen merge this?

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: xorg-server: enable privilege-less Xorg 
  2022-02-10 23:57 [PR PATCH] xorg-server: enable privilege-less Xorg ArsenArsen
                   ` (10 preceding siblings ...)
  2022-02-22 14:23 ` dkwo
@ 2022-02-22 15:42 ` dkwo
  2022-02-26 20:37 ` ahesford
                   ` (9 subsequent siblings)
  21 siblings, 0 replies; 23+ messages in thread
From: dkwo @ 2022-02-22 15:42 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 238 bytes --]

New comment by dkwo on void-packages repository

https://github.com/void-linux/void-packages/pull/35522#issuecomment-1047927380

Comment:
Ok, that was because there was no /etc/X11/xinit/xserverrc file, only .new.. ones, do not know why.

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: xorg-server: enable privilege-less Xorg 
  2022-02-10 23:57 [PR PATCH] xorg-server: enable privilege-less Xorg ArsenArsen
                   ` (11 preceding siblings ...)
  2022-02-22 15:42 ` dkwo
@ 2022-02-26 20:37 ` ahesford
  2022-02-26 20:38 ` ahesford
                   ` (8 subsequent siblings)
  21 siblings, 0 replies; 23+ messages in thread
From: ahesford @ 2022-02-26 20:37 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 813 bytes --]

New comment by ahesford on void-packages repository

https://github.com/void-linux/void-packages/pull/35522#issuecomment-1052581088

Comment:
I built this PR (after dropping the `elogind` option altogether) and the server starts with `needs_root_rights = auto`, but my input devices don't work. Reverting the `Xwrapper.config` change makes everything work as expected. I recommend the following:
- Do not change `needs_root_rights = yes` in `Xwrapper.config`. We can't afford to break people's setups on that scale, and peopel interested in rootless X can edit the wrapper config themselves.
- Drop the `elogind` option, just hard-depend on `dbus-devel` and set `-Dsystemd_logind=true`. People who *really* care about avoding the `dbus` dependency can make a case for restoring the build option after the fact.

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: xorg-server: enable privilege-less Xorg 
  2022-02-10 23:57 [PR PATCH] xorg-server: enable privilege-less Xorg ArsenArsen
                   ` (12 preceding siblings ...)
  2022-02-26 20:37 ` ahesford
@ 2022-02-26 20:38 ` ahesford
  2022-02-26 21:01 ` [PR PATCH] [Updated] " ArsenArsen
                   ` (7 subsequent siblings)
  21 siblings, 0 replies; 23+ messages in thread
From: ahesford @ 2022-02-26 20:38 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 813 bytes --]

New comment by ahesford on void-packages repository

https://github.com/void-linux/void-packages/pull/35522#issuecomment-1052581088

Comment:
I built this PR (after dropping the `elogind` option altogether) and the server starts with `needs_root_rights = auto`, but my input devices don't work. Reverting the `Xwrapper.config` change makes everything work as expected. I recommend the following:
- Do not change `needs_root_rights = yes` in `Xwrapper.config`. We can't afford to break people's setups on that scale, and people interested in rootless X can edit the wrapper config themselves.
- Drop the `elogind` option, just hard-depend on `dbus-devel` and set `-Dsystemd_logind=true`. People who *really* care about avoding the `dbus` dependency can make a case for restoring the build option after the fact.

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: [PR PATCH] [Updated] xorg-server: enable privilege-less Xorg 
  2022-02-10 23:57 [PR PATCH] xorg-server: enable privilege-less Xorg ArsenArsen
                   ` (13 preceding siblings ...)
  2022-02-26 20:38 ` ahesford
@ 2022-02-26 21:01 ` ArsenArsen
  2022-02-26 21:04 ` dkwo
                   ` (6 subsequent siblings)
  21 siblings, 0 replies; 23+ messages in thread
From: ArsenArsen @ 2022-02-26 21:01 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 775 bytes --]

There is an updated pull request by ArsenArsen against master on the void-packages repository

https://github.com/ArsenArsen/void-packages privilegeless-xorg
https://github.com/void-linux/void-packages/pull/35522

xorg-server: enable privilege-less Xorg 
#### Testing the changes
- I tested the changes in this PR: **briefly**  
  I haven't daily driven these changes, but the affected areas I've tested, and I believe anyone who has the right groups should be alright.

There's actually no dependency on any library but DBus when enabling elogind, so I removed that false dependency. Changing `Xwrapper.config` to have `auto` by default should  prevent breaking anyone's system.

A patch file from https://github.com/void-linux/void-packages/pull/35522.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-privilegeless-xorg-35522.patch --]
[-- Type: text/x-diff, Size: 2032 bytes --]

From a3d8713eb4a2e720111f962aa413c1850be5abe4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Arsen=20Arsenovi=C4=87?= <arsen@aarsen.me>
Date: Fri, 11 Feb 2022 00:54:04 +0100
Subject: [PATCH] xorg-server: enable rootless Xorg by default

---
 srcpkgs/xorg-server/template | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/srcpkgs/xorg-server/template b/srcpkgs/xorg-server/template
index 171f39e41490..f3361f517734 100644
--- a/srcpkgs/xorg-server/template
+++ b/srcpkgs/xorg-server/template
@@ -1,14 +1,14 @@
 # Template file for 'xorg-server'
 pkgname=xorg-server
 version=21.1.3
-revision=3
+revision=4
 build_style=meson
 configure_args="-Dipv6=true -Dxorg=true -Dxnest=true -Dxephyr=true
  -Dxvfb=true -Dhal=false -Dudev=true -Dxkb_dir=/usr/share/X11/xkb
  -Dxkb_output_dir=/var/lib/xkb
  -Dlinux_acpi=true -Dlinux_apm=false -Dsuid_wrapper=true
  -Dxcsecurity=true -Dsystemd_logind=$(vopt_if elogind true false)
- -Dglamor=true -Ddri2=true -Ddri3=true -Dglx=true"
+ -Dglamor=true -Ddri2=true -Ddri3=true -Dglx=true -Ddrm=true"
 hostmakedepends="pkg-config xkbcomp flex"
 makedepends="MesaLib-devel libXaw-devel libXfont-devel libXfont2-devel
  libXrender-devel libXres-devel libXtst-devel libXv-devel libXxf86dga-devel
@@ -17,7 +17,7 @@ makedepends="MesaLib-devel libXaw-devel libXfont-devel libXfont2-devel
  xcb-util-keysyms-devel xcb-util-renderutil-devel xcb-util-wm-devel xkbcomp
  nettle-devel libxcvt-devel font-util $(vopt_if elogind 'dbus-devel')"
 # See hw/xfree86/common/xf86Module.h. Only care for the major version.
-depends="xkeyboard-config $(vopt_if elogind 'elogind') xorg-server-common"
+depends="xkeyboard-config xorg-server-common"
 checkdepends="xkeyboard-config"
 short_desc="X11 server from X.org"
 maintainer="Leah Neukirchen <leah@vuxu.org>"
@@ -33,6 +33,7 @@ conf_files="/etc/X11/Xwrapper.config"
 
 build_options="elogind"
 desc_option_elogind="Rootless Xorg support with elogind"
+build_options_default="elogind"
 
 # disable VBE on non-x86 systems
 case "$XBPS_TARGET_MACHINE" in

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: xorg-server: enable privilege-less Xorg 
  2022-02-10 23:57 [PR PATCH] xorg-server: enable privilege-less Xorg ArsenArsen
                   ` (14 preceding siblings ...)
  2022-02-26 21:01 ` [PR PATCH] [Updated] " ArsenArsen
@ 2022-02-26 21:04 ` dkwo
  2022-02-26 21:08 ` ahesford
                   ` (5 subsequent siblings)
  21 siblings, 0 replies; 23+ messages in thread
From: dkwo @ 2022-02-26 21:04 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 360 bytes --]

New comment by dkwo on void-packages repository

https://github.com/void-linux/void-packages/pull/35522#issuecomment-1052612357

Comment:
> my input devices don't work.

That's expected: are you using elogind,
or alternatively a member of input group?

> - Do not change `needs_root_rights = yes` in `Xwrapper.config`.

But then what is the point of this PR?


^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: xorg-server: enable privilege-less Xorg 
  2022-02-10 23:57 [PR PATCH] xorg-server: enable privilege-less Xorg ArsenArsen
                   ` (15 preceding siblings ...)
  2022-02-26 21:04 ` dkwo
@ 2022-02-26 21:08 ` ahesford
  2022-02-26 21:54 ` ArsenArsen
                   ` (4 subsequent siblings)
  21 siblings, 0 replies; 23+ messages in thread
From: ahesford @ 2022-02-26 21:08 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 846 bytes --]

New comment by ahesford on void-packages repository

https://github.com/void-linux/void-packages/pull/35522#issuecomment-1052617335

Comment:
The point of the PR is to leave `xorg-server` in a state that *can* be configured to run rootless without requiring a custom build of the package. The point of my complaints was that
1. I don't want `elogind` to make X work;
2. Adding users to `input` is not generally advisable;
3. Because `xorg-server` works by default (with root privileges) *without* `elogind` and `input` group membership, we can't change `Xwrapper.config` and break people's currently working setups.

I would have hoped that `needs_root_rights = auto` would do the right thing by detecting that `elogind` was not available on my system and decide that root privileges were still needed, but it seems it makes the wrong call.

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: xorg-server: enable privilege-less Xorg 
  2022-02-10 23:57 [PR PATCH] xorg-server: enable privilege-less Xorg ArsenArsen
                   ` (16 preceding siblings ...)
  2022-02-26 21:08 ` ahesford
@ 2022-02-26 21:54 ` ArsenArsen
  2022-02-26 22:00 ` [PR PATCH] [Updated] " ArsenArsen
                   ` (3 subsequent siblings)
  21 siblings, 0 replies; 23+ messages in thread
From: ArsenArsen @ 2022-02-26 21:54 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 491 bytes --]

New comment by ArsenArsen on void-packages repository

https://github.com/void-linux/void-packages/pull/35522#issuecomment-1052672530

Comment:
> my input devices don't work.
> That's expected: are you using elogind, or alternatively a member of input group?

The SUID wrapper is a bit better than using `video` + `input` groups. It works without either. I'd like to preserve that behavior.

This still allows the option of disabling it, and I'll make a section in the docs about that.

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: [PR PATCH] [Updated] xorg-server: enable privilege-less Xorg 
  2022-02-10 23:57 [PR PATCH] xorg-server: enable privilege-less Xorg ArsenArsen
                   ` (17 preceding siblings ...)
  2022-02-26 21:54 ` ArsenArsen
@ 2022-02-26 22:00 ` ArsenArsen
  2022-02-28 15:07 ` dkwo
                   ` (2 subsequent siblings)
  21 siblings, 0 replies; 23+ messages in thread
From: ArsenArsen @ 2022-02-26 22:00 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 775 bytes --]

There is an updated pull request by ArsenArsen against master on the void-packages repository

https://github.com/ArsenArsen/void-packages privilegeless-xorg
https://github.com/void-linux/void-packages/pull/35522

xorg-server: enable privilege-less Xorg 
#### Testing the changes
- I tested the changes in this PR: **briefly**  
  I haven't daily driven these changes, but the affected areas I've tested, and I believe anyone who has the right groups should be alright.

There's actually no dependency on any library but DBus when enabling elogind, so I removed that false dependency. Changing `Xwrapper.config` to have `auto` by default should  prevent breaking anyone's system.

A patch file from https://github.com/void-linux/void-packages/pull/35522.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-privilegeless-xorg-35522.patch --]
[-- Type: text/x-diff, Size: 2032 bytes --]

From 79ab08e587bd588964d090a15f5940147fd39051 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Arsen=20Arsenovi=C4=87?= <arsen@aarsen.me>
Date: Fri, 11 Feb 2022 00:54:04 +0100
Subject: [PATCH] xorg-server: enable rootless Xorg by default

---
 srcpkgs/xorg-server/template | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/srcpkgs/xorg-server/template b/srcpkgs/xorg-server/template
index 171f39e41490..f3361f517734 100644
--- a/srcpkgs/xorg-server/template
+++ b/srcpkgs/xorg-server/template
@@ -1,14 +1,14 @@
 # Template file for 'xorg-server'
 pkgname=xorg-server
 version=21.1.3
-revision=3
+revision=4
 build_style=meson
 configure_args="-Dipv6=true -Dxorg=true -Dxnest=true -Dxephyr=true
  -Dxvfb=true -Dhal=false -Dudev=true -Dxkb_dir=/usr/share/X11/xkb
  -Dxkb_output_dir=/var/lib/xkb
  -Dlinux_acpi=true -Dlinux_apm=false -Dsuid_wrapper=true
  -Dxcsecurity=true -Dsystemd_logind=$(vopt_if elogind true false)
- -Dglamor=true -Ddri2=true -Ddri3=true -Dglx=true"
+ -Dglamor=true -Ddri2=true -Ddri3=true -Dglx=true -Ddrm=true"
 hostmakedepends="pkg-config xkbcomp flex"
 makedepends="MesaLib-devel libXaw-devel libXfont-devel libXfont2-devel
  libXrender-devel libXres-devel libXtst-devel libXv-devel libXxf86dga-devel
@@ -17,7 +17,7 @@ makedepends="MesaLib-devel libXaw-devel libXfont-devel libXfont2-devel
  xcb-util-keysyms-devel xcb-util-renderutil-devel xcb-util-wm-devel xkbcomp
  nettle-devel libxcvt-devel font-util $(vopt_if elogind 'dbus-devel')"
 # See hw/xfree86/common/xf86Module.h. Only care for the major version.
-depends="xkeyboard-config $(vopt_if elogind 'elogind') xorg-server-common"
+depends="xkeyboard-config xorg-server-common"
 checkdepends="xkeyboard-config"
 short_desc="X11 server from X.org"
 maintainer="Leah Neukirchen <leah@vuxu.org>"
@@ -33,6 +33,7 @@ conf_files="/etc/X11/Xwrapper.config"
 
 build_options="elogind"
 desc_option_elogind="Rootless Xorg support with elogind"
+build_options_default="elogind"
 
 # disable VBE on non-x86 systems
 case "$XBPS_TARGET_MACHINE" in

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: xorg-server: enable privilege-less Xorg 
  2022-02-10 23:57 [PR PATCH] xorg-server: enable privilege-less Xorg ArsenArsen
                   ` (18 preceding siblings ...)
  2022-02-26 22:00 ` [PR PATCH] [Updated] " ArsenArsen
@ 2022-02-28 15:07 ` dkwo
  2022-02-28 15:21 ` ArsenArsen
  2022-06-23  2:15 ` github-actions
  21 siblings, 0 replies; 23+ messages in thread
From: dkwo @ 2022-02-28 15:07 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 190 bytes --]

New comment by dkwo on void-packages repository

https://github.com/void-linux/void-packages/pull/35522#issuecomment-1054350266

Comment:
Is it possible to make this work with `seatd` only?

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: xorg-server: enable privilege-less Xorg 
  2022-02-10 23:57 [PR PATCH] xorg-server: enable privilege-less Xorg ArsenArsen
                   ` (19 preceding siblings ...)
  2022-02-28 15:07 ` dkwo
@ 2022-02-28 15:21 ` ArsenArsen
  2022-06-23  2:15 ` github-actions
  21 siblings, 0 replies; 23+ messages in thread
From: ArsenArsen @ 2022-02-28 15:21 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 258 bytes --]

New comment by ArsenArsen on void-packages repository

https://github.com/void-linux/void-packages/pull/35522#issuecomment-1054365671

Comment:
Not without upstream support by X. It's possible to write that.

I'm going to have to pass on doing that, though.

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: xorg-server: enable privilege-less Xorg 
  2022-02-10 23:57 [PR PATCH] xorg-server: enable privilege-less Xorg ArsenArsen
                   ` (20 preceding siblings ...)
  2022-02-28 15:21 ` ArsenArsen
@ 2022-06-23  2:15 ` github-actions
  21 siblings, 0 replies; 23+ messages in thread
From: github-actions @ 2022-06-23  2:15 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 305 bytes --]

New comment by github-actions[bot] on void-packages repository

https://github.com/void-linux/void-packages/pull/35522#issuecomment-1163847400

Comment:
Pull Requests become stale 90 days after last activity and are closed 14 days after that.  If this pull request is still relevant bump it or assign it.

^ permalink raw reply	[flat|nested] 23+ messages in thread

end of thread, other threads:[~2022-06-23  2:15 UTC | newest]

Thread overview: 23+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-02-10 23:57 [PR PATCH] xorg-server: enable privilege-less Xorg ArsenArsen
2022-02-11 10:23 ` dkwo
2022-02-11 11:12 ` ArsenArsen
2022-02-11 11:14 ` ArsenArsen
2022-02-11 13:37 ` dkwo
2022-02-11 13:46 ` ArsenArsen
2022-02-11 13:46 ` [PR PATCH] [Updated] " ArsenArsen
2022-02-11 13:56 ` dkwo
2022-02-11 22:09 ` leahneukirchen
2022-02-11 22:34 ` ArsenArsen
2022-02-11 22:42 ` leahneukirchen
2022-02-22 14:23 ` dkwo
2022-02-22 15:42 ` dkwo
2022-02-26 20:37 ` ahesford
2022-02-26 20:38 ` ahesford
2022-02-26 21:01 ` [PR PATCH] [Updated] " ArsenArsen
2022-02-26 21:04 ` dkwo
2022-02-26 21:08 ` ahesford
2022-02-26 21:54 ` ArsenArsen
2022-02-26 22:00 ` [PR PATCH] [Updated] " ArsenArsen
2022-02-28 15:07 ` dkwo
2022-02-28 15:21 ` ArsenArsen
2022-06-23  2:15 ` github-actions

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).