On 21.1.2014 14:41, Thanos Baloukas wrote:
I setup systemd-208 with pam and polkit and user can shutdown, reboot
and has access to devices without being member of audio and video
groups. To have these rights in my xfce session started with
startxfce4 I needed to make it start on the same vt I login,
making ~/.xserverrc like
exec /usr/bin/X -nolisten tcp -layout "us,gr" vt01
I have two questions. Is autologin to virtual console possible
on this setup, and if it is how can this be done?
Has anyone installed a login/display manager on this setup?
I have never installed one, so some info would be helpful.
Thanks
I don't know about autologin, but I have installed and I'm currently
using lightdm display manager and it works fine.
The script in attachment will build and install lightdm using destdir
method to a DEST dir defined at the beginning of the file. It creates
INSTALL file in the DEST dir which you simply execute and environment
gets set up correctly.
Deps:
itstool, libxklavier, polkit
Maybe optional, look for switches - my script build all by default:
qt4, qt5, accountsservice (runtime), gobject-introspection
You also need a greeter. Default one is ligthdm-gtk-greeter, a GTK+3
variant but can be built as GTK+2 variant too, just look for the right
switch.
https://launchpad.net/lightdm-gtk-greeter
Install it in /usr, I forgot if it's cmake or autotools setup. I don't
have a script for it.
After everything is done, just run "systemctl enable lightdm"
Most of the files created by the script are taken from archlinux lightdm
package.
Note that lightdm uses even/odd stable/unstable versioning. Latest
lightdm stable is 1.8.x and latest lightdm-gtk-greeter stable is 1.6.x
There's also kde greeter, but that depends on KDE and Qt4 library from
lightdm.
#!/bin/bash -e
export VER=1.8.5
export DEST=/binary/lightdm-${VER}
pushd lightdm-${VER}
export MOC4=moc-qt4
export MOC5=moc-qt5
CFLAGS="-march=native -mtune=native -O3" \
CXXFLAGS="-march=native -mtune=native -O3" \
CPPLAGS="-march=native -mtune=native -O3" \
./configure --prefix=/usr \
--sysconfdir=/etc \
--localstatedir=/var \
--libexecdir=/usr/lib \
--with-greeter-user=lightdm \
--with-greeter-session=lightdm-gtk-greeter \
--disable-static \
--disable-tests
make -j4
make install DESTDIR=${DEST}
popd
rm -rf lightdm-${VER}
rm -rf ${DEST}/etc/apparmor.d ${DEST}/etc/init
find ${DEST} -name "*.la" -delete
install -dm770 ${DEST}/var/lib/lightdm
install -dm711 ${DEST}/var/log/lightdm
chmod +t ${DEST}/var/lib/lightdm
echo "GDK_CORE_DEVICE_EVENTS=true" > ${DEST}/var/lib/lightdm/.pam_environment
chmod 644 ${DEST}/var/lib/lightdm/.pam_environment
install -dm755 ${DEST}/etc/lightdm
cat > ${DEST}/etc/lightdm/lightdm.conf << "EOF"
#
# General configuration
#
# start-default-seat = True to always start one seat if none are defined in the
configuration
# greeter-user = User to run greeter as
# minimum-display-number = Minimum display number to use for X servers
# minimum-vt = First VT to run displays on
# lock-memory = True to prevent memory from being paged to disk
# user-authority-in-system-dir = True if session authority should be in the
system location
# guest-account-script = Script to be run to setup guest account
# log-directory = Directory to log information to
# run-directory = Directory to put running state in
# cache-directory = Directory to cache to
# sessions-directory = Directory to find sessions
# remote-sessions-directory = Directory to find remote sessions
# greeters-directory = Directory to find greeters
#
[LightDM]
#start-default-seat=true
greeter-user=lightdm
#minimum-display-number=0
minimum-vt=1
#lock-memory=true
#user-authority-in-system-dir=false
#guest-account-script=guest-account
log-directory=/var/log/lightdm
run-directory=/run/lightdm
#cache-directory=/var/cache/lightdm
#sessions-directory=/usr/share/lightdm/sessions:/usr/share/xsessions
#remote-sessions-directory=/usr/share/lightdm/remote-sessions
#greeters-directory=/usr/share/lightdm/greeters:/usr/share/xgreeters
#
# Seat defaults
#
# type = Seat type (xlocal, xremote)
# xdg-seat = Seat name to set pam_systemd XDG_SEAT variable and name to pass to
X server
# xserver-command = X server command to run (can also contain arguments e.g. X
-special-option)
# xserver-layout = Layout to pass to X server
# xserver-config = Config file to pass to X server
# xserver-allow-tcp = True if TCP/IP connections are allowed to this X server
# xserver-share = True if the X server is shared for both greeter and session
# xserver-hostname = Hostname of X server (only for type=xremote)
# xserver-display-number = Display number of X server (only for type=xremote)
# xdmcp-manager = XDMCP manager to connect to (implies xserver-allow-tcp=true)
# xdmcp-port = XDMCP UDP/IP port to communicate on
# xdmcp-key = Authentication key to use for XDM-AUTHENTICATION-1 (stored in
keys.conf)
# unity-compositor-command = Unity compositor command to run (can also contain
arguments e.g. unity-system-compositor -special-option)
# unity-compositor-timeout = Number of seconds to wait for compositor to start
# greeter-session = Session to load for greeter
# greeter-hide-users = True to hide the user list
# greeter-allow-guest = True if the greeter should show a guest login option
# greeter-show-manual-login = True if the greeter should offer a manual login
option
# greeter-show-remote-login = True if the greeter should offer a remote login
option
# user-session = Session to load for users
# allow-guest = True if guest login is allowed
# guest-session = Session to load for guests (overrides user-session)
# session-wrapper = Wrapper script to run session with
# greeter-wrapper = Wrapper script to run greeter with
# guest-wrapper = Wrapper script to run guest sessions with
# display-setup-script = Script to run when starting a greeter session (runs as
root)
# greeter-setup-script = Script to run when starting a greeter (runs as root)
# session-setup-script = Script to run when starting a user session (runs as
root)
# session-cleanup-script = Script to run when quitting a user session (runs as
root)
# autologin-guest = True to log in as guest by default
# autologin-user = User to log in with by default (overrides autologin-guest)
# autologin-user-timeout = Number of seconds to wait before loading default user
# autologin-session = Session to load for automatic login (overrides
user-session)
# autologin-in-background = True if autologin session should not be immediately
activated
# exit-on-failure = True if the daemon should exit if this seat fails
#
[SeatDefaults]
#type=xlocal
#xdg-seat=seat0
#xserver-command=X
#xserver-layout=
#xserver-config=
#xserver-allow-tcp=false
#xserver-share=true
#xserver-hostname=
#xserver-display-number=
#xdmcp-manager=
#xdmcp-port=177
#xdmcp-key=
#unity-compositor-command=unity-system-compositor
#unity-compositor-timeout=60
greeter-session=lightdm-gtk-greeter
#greeter-hide-users=false
#greeter-allow-guest=true
#greeter-show-manual-login=false
#greeter-show-remote-login=true
#user-session=default
#allow-guest=true
#guest-session=UNIMPLEMENTED
session-wrapper=/etc/lightdm/Xsession
#greeter-wrapper=
#guest-wrapper=
#display-setup-script=
#greeter-setup-script=
#session-setup-script=
#session-cleanup-script=
#autologin-guest=false
#autologin-user=
#autologin-user-timeout=0
#autologin-in-background=false
#autologin-session=UNIMPLEMENTED
pam-service=lightdm-autologin
#exit-on-failure=false
#
# Seat configuration
#
# Each seat must start with "Seat:".
# Uses settings from [SeatDefaults], any of these can be overriden by setting
them in this section.
#
#[Seat:0]
#
# XDMCP Server configuration
#
# enabled = True if XDMCP connections should be allowed
# port = UDP/IP port to listen for connections on
# key = Authentication key to use for XDM-AUTHENTICATION-1 or blank to not use
authentication (stored in keys.conf)
#
# The authentication key is a 56 bit DES key specified in hex as
0xnnnnnnnnnnnnnn. Alternatively
# it can be a word and the first 7 characters are used as the key.
#
[XDMCPServer]
#enabled=false
#port=177
#key=
#
# VNC Server configuration
#
# enabled = True if VNC connections should be allowed
# command = Command to run Xvnc server with
# port = TCP/IP port to listen for connections on
# width = Width of display to use
# height = Height of display to use
# depth = Color depth of display to use
#
[VNCServer]
#enabled=false
#command=Xvnc
#port=5900
#width=1024
#height=768
#depth=8
EOF
cat > ${DEST}/etc/lightdm/users.conf << "EOF"
#
# User accounts configuration
#
# NOTE: If you have AccountsService installed on your system, then LightDM will
# use this instead and these settings will be ignored
#
# minimum-uid = Minimum UID required to be shown in greeter
# hidden-users = Users that are not shown to the user
# hidden-shells = Shells that indicate a user cannot login
#
[UserAccounts]
minimum-uid=1000
hidden-users=nobody nobody4 noaccess
hidden-shells=/bin/false /sbin/nologin
EOF
cat > ${DEST}/etc/lightdm/Xsession << "EOF"
#!/bin/sh
#
# LightDM wrapper to run around X sessions.
echo "Running X session wrapper"
# Load profile
for file in "/etc/profile" "$HOME/.profile" "/etc/xprofile" "$HOME/.xprofile";
do
if [ -f "$file" ]; then
echo "Loading profile from $file";
. "$file"
fi
done
# Load resources
for file in "/etc/X11/Xresources" "$HOME/.Xresources"; do
if [ -f "$file" ]; then
echo "Loading resource: $file"
xrdb -nocpp -merge "$file"
fi
done
# Load keymaps
for file in "/etc/X11/Xkbmap" "$HOME/.Xkbmap"; do
if [ -f "$file" ]; then
echo "Loading keymap: $file"
setxkbmap `cat "$file"`
XKB_IN_USE=yes
fi
done
# Load xmodmap if not using XKB
if [ -z "$XKB_IN_USE" ]; then
for file in "/etc/X11/Xmodmap" "$HOME/.Xmodmap"; do
if [ -f "$file" ]; then
echo "Loading modmap: $file"
xmodmap "$file"
fi
done
fi
unset XKB_IN_USE
# Run all system xinitrc shell scripts.
xinitdir="/etc/X11/xinit/xinitrc.d"
if [ -d "$xinitdir" ]; then
for script in $xinitdir/*; do
echo "Loading xinit script $script"
if [ -x "$script" -a ! -d "$script" ]; then
. "$script"
fi
done
fi
echo "X session wrapper complete, running session $@"
exec $@
EOF
chmod 755 ${DEST}/etc/lightdm/Xsession
install -dm755 ${DEST}/etc/pam.d
cat > ${DEST}/etc/pam.d/lightdm << "EOF"
# Begin /etc/pam.d/lightdm
auth requisite pam_nologin.so
auth required pam_env.so
auth required pam_succeed_if.so uid >= 1000 quiet
auth include system-auth
auth optional pam_gnome_keyring.so
account include system-account
password include system-password
session required pam_limits.so
session include system-session
session optional pam_gnome_keyring.so auto_start
# End /etc/pam.d/lightdm
EOF
cat > ${DEST}/etc/pam.d/lightdm-autologin << "EOF"
# Begin /etc/pam.d/lightdm-autologin
auth requisite pam_nologin.so
auth required pam_env.so
auth required pam_succeed_if.so uid >= 1000 quiet
auth required pam_permit.so
account include system-account
password required pam_deny.so
session required pam_limits.so
session include system-session
# End /etc/pam.d/lightdm-autologin
EOF
cat > ${DEST}/etc/pam.d/lightdm-greeter << "EOF"
# Begin /etc/pam.d/lightdm-greeter
auth required pam_env.so
auth required pam_permit.so
account required pam_permit.so
password required pam_deny.so
session required pam_unix.so
# End /etc/pam.d/lightdm-greeter
EOF
install -dm700 ${DEST}/usr/share/polkit-1/rules.d
cat > ${DEST}/usr/share/polkit-1/rules.d/lightdm.rules << "EOF"
polkit.addRule(function(action, subject) {
if (subject.user == "lightdm") {
polkit.log("action=" + action);
polkit.log("subject=" + subject);
if (action.id.indexOf("org.freedesktop.login1.") == 0) {
return polkit.Result.YES;
}
if (action.id.indexOf("org.freedesktop.consolekit.system.") == 0) {
return polkit.Result.YES;
}
if (action.id.indexOf("org.freedesktop.upower.") == 0) {
return polkit.Result.YES;
}
}
});
EOF
chmod 600 ${DEST}/usr/share/polkit-1/rules.d/lightdm.rules
install -dm755 ${DEST}/etc/tmpfiles.d ${DEST}/lib/systemd/system
cat > ${DEST}/etc/tmpfiles.d/lightdm.conf << "EOF"
d /run/lightdm 0711 lightdm lightdm
EOF
cat > ${DEST}/lib/systemd/system/lightdm.service << "EOF"
[Unit]
Description=Light Display Manager
Documentation=man:lightdm(1)
[email protected]
After=systemd-user-sessions.service [email protected] plymouth-quit.service
[Service]
ExecStart=/usr/sbin/lightdm
Restart=always
IgnoreSIGPIPE=no
BusName=org.freedesktop.DisplayManager
[Install]
Alias=display-manager.service
EOF
cat > ${DEST}/INSTALL << "EOF"
#!/bin/bash
for dir in etc lib usr var ; do cp -rf --remove-destination $dir / ; done
getent group lightdm > /dev/null || groupadd -g 63 lightdm
getent passwd lightdm > /dev/null || useradd -c "Light Display Manager" -u 63
-g lightdm -d /var/lib/lightdm -s /sbin/nologin lightdm
chown -R lightdm:lightdm /var/lib/lightdm /var/log/lightdm
chmod 700 /usr/share/polkit-1/rules.d
chmod 600 /usr/share/polkit-1/rules.d/*
chown -R polkitd:polkitd /usr/share/polkit-1/rules.d
[ -x /usr/bin/mandb ] && echo "Processing triggers for man-db" &&
/usr/bin/mandb -q
[ -x /sbin/ldconfig ] && echo "Processing triggers for glibc" && /sbin/ldconfig
EOF
chmod 755 ${DEST}/INSTALL
pushd ${DEST}
find * -type f 2>/dev/null | while read BUILD_BINARY ; do
case "$(file -bi "${BUILD_BINARY}")" in *application/x-sharedlib* |
*application/x-executable*)
strip --strip-unneeded ${BUILD_BINARY}
esac
done
popd
unset VER DEST
--
http://linuxfromscratch.org/mailman/listinfo/blfs-support
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
