Michael Biebl <bi...@debian.org> writes: > Am 11.06.2021 um 11:58 schrieb Michael Biebl: >> Am 11.06.2021 um 11:49 schrieb Punit Agrawal: >>> Michael Biebl <bi...@debian.org> writes: >>> >>>> Am 11.06.2021 um 11:07 schrieb Michael Biebl: >>>>> Am 11.06.2021 um 10:55 schrieb Punit Agrawal: >>>>>> Package: systemd >>>>>> Version: 247.3-5 >>>>>> Severity: important >>>>>> X-Debbugs-Cc: punit1.agra...@toshiba.co.jp >>>>>> >>>>>> systemd 245 introduced a bug[0][1] that prevents activating virtual >>>>>> terminal without CAP_SYS_ADMIN when polkit is disabled (as is the case >>>>>> on many embedded systems). One consequence of this is that it prevents >>>>>> running weston from a service as a non-root user. >>>>> But in Debian, PolicyKit support is enabled? >>>>> Can you elaborate why this issue is relevant for Debian? >>>> >>>> To be more specific: >>>> We never reach >>>> https://github.com/systemd/systemd/blob/main/src/login/logind-polkit.c#L19 >>>> as this is a compile time switch and the "return 1" is only relevant >>>> for distros which build systemd without PolicyKit support. But Debian >>>> *does* build with PolicyKit support (i.e. ENABLE_POLKIT will be set). >>>> >>>> So, I don't see how this pull request makes any functional difference >>>> for Debian. >>> >>> Without the commit, policykit-1 needs to be installed - as this would be >>> the only reason >> This is a compile time check though (the commit you linked). >> I don't see how this is going to make a difference > > Is it correct that you didn't test the patch?
I've not tested systemd with the patch. Though I did carry out the below sanity checks before filing the request. After upgrading a test system (from buster), I noticed that weston failed to launch on startup. After a lot of head scratching and looking at upstream bug reports, I came across the linked thread - the symptoms and work around (using root) matched the behaviour I was seeing. Since then, I've also verified that installing policykit-1 brings back the old behaviour, i.e., not requiring root.
