[Dev] Remove root privileges from daemons. - weston case

Jussi Laako jussi.laako at linux.intel.com
Tue Apr 15 14:13:39 GMT 2014


On 15.4.2014 11:51, Stéphane Desneux wrote:
> In the recent Tizen:Common wayland images (for example here [1]), we run
> weston in the following conditions:
> - started by systemd (system) outside user sessions
> - with a system user 'display' and system group 'display' (no root)
> - on tty7 (X nostalgia :-) but also to see messages on tty1!) - of
> course, we can revert to tty1...
> - without weston-launch (no step as root, no pending
> process, no extra PAM session)
> - the compositor is shared by multiple users
> - thus any user or daemon being in the group 'display' can be a weston
> client and show something on the screen. The trick is to do a symbolic
> link into the user's XDG_RUNTIME_DIR to the real weston socket (in
> /run/display/) Also, weston could be modified to handle this without tricks.

Looks good, I got it running. I will now try to replace 
user-session-launch with tlm and still keep the same functionality 
otherwise.

Then you can trigger user switches per seat using tlm. (and would also 
get default/guest user home directory cleanups)

There's also small EFL GUI for controlling tlm.



More information about the Dev mailing list