Announcement

Collapse
No announcement yet.

Fedora Rawhide Can Now Run The X.Org Server Without Root Rights

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Fedora Rawhide Can Now Run The X.Org Server Without Root Rights

    Phoronix: Fedora Rawhide Can Now Run The X.Org Server Without Root Rights

    Following a lot of work by Hans de Goede at Red Hat, Fedora Rawhide now supports running the X.Org Server without root rights...

    http://www.phoronix.com/vr.php?view=MTcyMTE

  • #2
    Following a lot of work by Hans de Goede at Red Hat, Fedora Rawhide now supports running the X.Org Server without root rights.

    Hans de Goede has worked out a suid root wrapper script followed by making the Intel and Radeon and Nouveau DDX along with xf86-video-modesetting work with server-managed file descriptors for allowing the X.Org Server not running with root rights.

    In order to run the X.Org Server without root rights, a kernel mode-setting (KMS) driver has to be used but any driver still doing user-space mode-setting will fall back to running the xorg-server with root privileges.

    Those wishing to learn more about this X.Org Server work that's making its way into Fedora 21, read this blog post with information to test it out.p

    For some reason the linked blog refuses to load for me; keeps getting timeouts.

    Is this fallback done automatically, like a simple

    Code:
    if (driver == i915 || radeon || radeonsi || nouveau || <insert KMS-capable driver>)
    runRootless;
    
    else
    runWithRoot
    or does it require the user to tell X to run root or rootless?

    Comment


    • #3
      Yes, if using "needs_root_rights = auto" /etc/X11/Xwrapper.config. But this only works for non-graphical login and is thus not enabled by default yet - so this new article is a bit early. It only works in the case you manually configure it, then run startx in a VT...

      Comment


      • #4
        Originally posted by Sonadow View Post
        For some reason the linked blog refuses to load for me; keeps getting timeouts.

        Is this fallback done automatically, like a simple

        Code:
        if (driver == i915 || radeon || radeonsi || nouveau || <insert KMS-capable driver>)
        runRootless;
        
        else
        runWithRoot
        or does it require the user to tell X to run root or rootless?
        What @jonnor already said.

        That code require display managers to handle some tasks, which where handled by X thus fur. So there is more development needed for it to work in graphical mode.

        Comment


        • #5
          Finally

          Finally! About time!
          I wish this was made a decade or two ago!
          Quite embarrassing that we got this so late.

          I hope other distributions follow up on this too!

          Comment


          • #6
            Can run without root rights from command line in Ubuntu

            Can run without root rights from command line in Ubuntu, but hardware acceleration in r600 does not work due to a libGL permissions issue. Still, I can use startx from a user login on the console and get to an LLVMpipe Cinnamon session in my normal user account, which is a real gamechanger in recovering from a problem with Lightdm.

            Comment


            • #7
              Originally posted by Luke View Post
              Can run without root rights from command line in Ubuntu, but hardware acceleration in r600 does not work due to a libGL permissions issue. Still, I can use startx from a user login on the console and get to an LLVMpipe Cinnamon session in my normal user account, which is a real gamechanger in recovering from a problem with Lightdm.
              at least on fedora, you need to add that user to group video.

              i was testing standalone sandoboxed xbmc session and noticed that if user is not in video group, driver reverts to unaccelerated

              as far as rootless x.org. Awesome!!! ... ??? ... ohhh, wait we're past 1999. now all i wait is wayland

              Comment


              • #8
                Awesome.
                Now having nVidia drivers with KMS support really becomes pressing. Even without Wayland, running X in user space is a real security progress.

                Comment


                • #9
                  Video group works in Ubuntu too, but can't find sound card

                  Originally posted by justmy2cents View Post
                  at least on fedora, you need to add that user to group video.

                  i was testing standalone sandoboxed xbmc session and noticed that if user is not in video group, driver reverts to unaccelerated

                  as far as rootless x.org. Awesome!!! ... ??? ... ohhh, wait we're past 1999. now all i wait is wayland
                  OK, that worked and I can now use HW acceleration in a user X session. Two bugs remain: the sound card is not found, and Nemo loses track of where desktop icons belong. I haven't tried moving those icons back to their normal positions yet, as a write of those changes might kill whatever file their positions are stored in when using lightdm, a common bug after things like recovering from a late mount of /home/. If I can fix the sound issue and get those icon positions remembered, I will seek a way to routinely run the X session as a normal user. Possibly an autologin on console and a script as a display manager? These are single-user machines with only one user account plus root, so the security issues of multi-user machines do not apply. Would be really funny if some online attacker tried to use a browser exploit to get the priviliges X is running under, only to find those to be normal user priviliges...

                  Comment


                  • #10
                    Originally posted by przemoli View Post
                    What @jonnor already said.

                    That code require display managers to handle some tasks, which where handled by X thus fur. So there is more development needed for it to work in graphical mode.
                    It's not clear why the display manager would need to be root in order to be session controller. It seems as though this would all be arbitrated by logind (as the device nodes are).
                    Yeah, the display managers need to grow the code to hook into loginds new api, but once that happens why would *dm need to be root?

                    Comment

                    Working...
                    X