Re: [gentoo-user] Re: going from systemd to udev

[Canek Peláez Valdés]

On Feb 5, 2014 6:23 PM, "walt" <w41...@gmail.com> wrote:
[ snip ]
> I am seat0 (I forgot about loginctl, thanks) but I'm not sure what you
> mean by "enabled in /etc/pam.d".  Many months ago I remember being
confused
> by the last line of system-auth:
>
> #cat /etc/pam.d/system-auth
> auth            required        pam_env.so
> auth            sufficient      pam_ssh.so
> auth            required        pam_unix.so try_first_pass likeauth nullok
> auth            optional        pam_permit.so
>
> account         required        pam_unix.so
> account         optional        pam_permit.so
>
> password        required        pam_cracklib.so difok=2 minlen=8
dcredit=2 ocredit=2 retry=3
> password        required        pam_unix.so try_first_pass use_authtok
nullok sha512 shadow
> password        optional        pam_permit.so
>
> session         optional        pam_ssh.so
> session         required        pam_limits.so
> session         required        pam_env.so
> session         required        pam_unix.so
> session         optional        pam_permit.so
> -session        optional        pam_systemd.so
>
> I don't understand the meaning of the '-' in the last line.  I didn't
> put it there, except possibly by accident when falling asleep at the
> keyboard :)

The - is to make it optional; if the pam_systemd.so module is not
available, the - makes it so it is not a failure.

I'm more concerned about you being seat0, and you being asked for a
password. In theory that's what logind solves, and in a much more cleaner,
race-free and deterministic way than ConsoleKit.

Do you have systemd with the policykit USE flag? And polkit with the
systemd USE flag? (I suppose the later must have it).

If you do, can you please show us the output (make sure to do this inside
your DE session) from:

• loginctl seat-status

For example, mine shows:

seat0
        Sessions: *1
         Devices:
                  ├─/sys/devices/LNXSYSTM:00/LNXPWRBN:00/input/input5
                  │ input:input5 "Power Button"

├─/sys/devices/LNXSYSTM:00/device:00/PNP0A08:00/LNXVIDEO:01/input/input14
                  │ input:input14 "Video Bus"

├─/sys/devices/LNXSYSTM:00/device:00/PNP0C0C:00/input/input3
                  │ input:input3 "Power Button"

├─/sys/devices/LNXSYSTM:00/device:00/PNP0C0D:00/input/input4
                  │ input:input4 "Lid Switch"
                  ├─/sys/devices/pci0000:00/0000:00:02.0/drm/card0
                  │ drm:card0
                  ├─/sys/devices/pci0000:00/0000:00:02.0/graphics/fb0
                  │ [MASTER] graphics:fb0 "inteldrmfb"
                  etc.

As you can see, the seat0 owns the Power Button, the Video Bus, the Lid
Switch, etc. If you own them, then you don't need authentication to use
them.

Regards.
--
Canek Peláez Valdés
Posgrado en Ciencia en Ingeniería de la Computación
Universidad Nacional Autónoma de México