On Wed, Jul 22, 2020 at 02:29:48AM -0000, Grant Edwards wrote > On 2020-07-22, Walter Dnes <[email protected]> wrote: > > > > According to news item > > https://www.gentoo.org/support/news-items/2020-06-24-xorg-server-dropping-default-suid.html > > > > * xorg-server will no longer be "suid" *BY DEFAULT* > > * that means *THE DEFAULT* is to require a logind server like systemd > > or elogind > > > > The news item also says... > > > >> Users who do not wish to use logind interface or have rare hardware > >> that does not use KMS and because of that, require root privileges > >> to operate, can manually re-enable 'suid' and disable 'elogind' USE > >> flags in order to preserve the previous behavior. > > Yes, that's what I did months ago, and everything worked fine with > Xorg using the "suid" flag and without consolekit or elogind -- until > this morning, when pam refused to upgrade unless I set the elogind USE > flag.
The news item said that to retain old behaviour you need to do *BOTH* - set x11-base/xorg-server suid (which I did in package.use) - set "-elogind" (which I did in USE in make.conf) BTW, I have pam totally masked out... [i660][root][~] cat /etc/portage/package.mask/package.mask sys-apps/pv sys-auth/pambase sys-libs/pam virtual/pam Years ago, back when pam was default on the Gentoo install, it was to many users what HAL was to Dale, causing problems galore. The root of the problem was that pam provided "enhanced security" for some apps by changing to a different config file for the app, using different config specs. You could run "man <appname>" and do all the Google searches you wanted, but you always ended up with instructions for configuring the "un-pam-ified" version, not the "pam-ified" version. "Everything you know is wrong". So I fell into the habit of removing pam right after installation. And the reason I mask out "sys-apps/pv" is because too many times when I want to run "emerge -pv <appname>" I did "emerge pv <appname>" which has a *TOTALLY* different meaning. -- Walter Dnes <[email protected]> I don't run "desktop environments"; I run useful applications
