Re: [gentoo-user] xorg-server without suid still runs as root?
How are you starting X in the first place? Are you using a display manager? Are you running startx? In the former case, this is perfectly normal for many display managers, including SDDM. GDM, if I'm not mistaken, can and does run X as a regular user if possible. Upstream has been talking about adding this functionality to SDDM for a while, but so far it still hasn't been merged.
Re: [gentoo-user] xorg-server without suid still runs as root?
On Thu, 25 Jun 2020 08:58:30 -0400, Nikos Chantziaras wrote: > > There's a news item about disabling the "suid" use flag on > x11-base/xorg-server, which makes it runs as a normal user rather > than root. Version 1.20.8-r1 of the ebuild disables "suid" by > default. After updating to that and rebooting, X still runs as > root though: > > $ ps aux | grep X > root 270 1.7 0.6 226892 107052 tty1 Ssl+ 13:52 2:08 /usr/bin/X > > $ emerge --info xorg-server > [...] > x11-base/xorg-server-1.20.8-r1::gentoo was built with the following: > USE="ipv6 libglvnd systemd udev xorg -debug -dmx -doc (-elogind) > -kdrive -libressl -minimal (-selinux) -static-libs -suid -unwind > -wayland -xcsecurity -xephyr -xnest -xvfb" ABI_X86="(64)" > > Am I missing something? I'm using systemd. If it matters, the > "kms" use flag in x11-drivers/nvidia-drivers is enabled. If I do ls -l /proc/ both of them are not root, 1 as gdm and the other as me which got created after I logged in. Try doing that and see what you see. -- Your life is like a penny. You're going to lose it. The question is: How do you spend it? John Covici wb2una cov...@ccs.covici.com
[gentoo-user] xorg-server without suid still runs as root?
There's a news item about disabling the "suid" use flag on x11-base/xorg-server, which makes it runs as a normal user rather than root. Version 1.20.8-r1 of the ebuild disables "suid" by default. After updating to that and rebooting, X still runs as root though: $ ps aux | grep X root 270 1.7 0.6 226892 107052 tty1 Ssl+ 13:52 2:08 /usr/bin/X $ emerge --info xorg-server [...] x11-base/xorg-server-1.20.8-r1::gentoo was built with the following: USE="ipv6 libglvnd systemd udev xorg -debug -dmx -doc (-elogind) -kdrive -libressl -minimal (-selinux) -static-libs -suid -unwind -wayland -xcsecurity -xephyr -xnest -xvfb" ABI_X86="(64)" Am I missing something? I'm using systemd. If it matters, the "kms" use flag in x11-drivers/nvidia-drivers is enabled.