[systemd-devel] Running pam-enabled /bin/login sessions in unprivileged terminal emulators
nerdopolis
bluescreen_avenger at verizon.net
Sat May 22 13:04:42 UTC 2021
On Saturday, May 22, 2021 6:50:09 AM EDT Pekka Paalanen wrote:
> On Fri, 21 May 2021 21:29:09 -0400
> nerdopolis <bluescreen_avenger at verizon.net> wrote:
>
> > Sorry, I got the terminology mixed up again. I am still using TTYs to run the
> > instances of `cage`. It's the kernel mode VT emulators I am replacing with the
> > user mode terminal emulators (running under a fullscreen Wayland compositor)
>
> Hi,
>
> I'm trying to clarify things for everyone here, since I think I can
> guess what you want to achieve, but you have a hard time explaining
> your original goal. I hope you don't mind.
>
>
That's fine. Thanks!
> Starting from the outermost "layer" and going inwards:
>
> 1.a Have a system service, that takes over VT 1, changes user to
> 'vtty', and runs 'cage' which is a Wayland compositor, mostly
> unprivileged.
>
> OR
>
> 1.b Have a system service, that takes over a seat directly, as the
> kernel has the VT system disabled (or the seat is not seat0).
> Changes user to 'vtty' and runs 'cage' mostly unprivileged.
>
>
> 2. Inside cage, you run a Wayland terminal emulator as user 'vtty',
> so mostly unprivileged. The terminal emulator creates a PTY.
>
> 3. Inside that terminal emulator, that is, connecting to that PTY,
> you want to be able log in with any user. Therefore the program
> running on the PTY should present a login prompt and succeed
> in logging a user in and setting up his session, and switching
> to a shell running as that user.
>
> All in all, this stack would replace the usual stack where
> /bin/login runs directly on the TTY of a VT, allowing to use a more
> featureful terminal, custom display modes, multi-output support,
> maybe multiple parallel sessions for different users a la fast user
> switching, and more.
>
Not to mention, getting Shift+PgUp back, (and now on multiseat systems,
keyboard input from non-seat0 seats will no longer bleed into seat0 when VT 1-6
are active) :)
> Am I guessing right?
You are guessing correct. Thanks!
>
> Then the question is, how to organize all this so that it works,
> and what program(s) should be used in step 3, and how?
>
>
> My own proposal for this would be to run everything as systemd
> system services:
>
> 1. Cage runs as a system service, as user 'vtty'. Cage will require
> systemd integration so that it can tell systemd when it is ready
> to accept Wayland clients.
>
> 2. The Wayland terminal runs as another systemd system service,
> depending on the cage service, as user 'vtty'.
>
That's close to what I was trying, but cage is pretty cool in this regard, you
can start
cage -- vte
and cage starts VTE as its only client, so the complexity of starting the
wayland client externally, don't have to worry about that.
> 3. The login program runs as a third systemd system service,
> depending on the terminal service, as user 'root' because it
> needs to be able log in a user and set up a session for them.
>
> That would solve the problem of how to get the necessary privileges
> to log in a user, but all the other details I'm not sure.
>
That's what I was aiming to do, wasn't sure how to connect to the service until
I found I can do that with socat a few days after I sent that first email to
the list, but I still feel I should still clarify here.
and if you're really curious, I have the .service files I made public
https://github.com/n3rdopolis/fakekmscon/tree/master/usr/lib/systemd/system
> So the main idea here is to not run /bin/login *under* the terminal
> emulator or cage, but as a system service which just connects to the
> right PTY. I guess it would be like running /bin/login for a serial
> terminal, it just connects to ttyS1 or whatever instead of tty1.
>
> Would that work?
>
>
> Thanks,
> pq
More information about the systemd-devel
mailing list