Running X as an unprivileged user

Greg KH greg at
Fri Jun 25 08:25:17 PDT 2010

On Fri, Jun 25, 2010 at 11:12:49PM +1000, Christopher James Halse Rogers wrote:
> It seems that almost all of the work required to run X without root
> privileges has been done, and there are just a couple of loose ends to
> tie up before it can work - at least for KMS drivers.
> Apart from opening /proc/mtrr for writing, which isn't used by any of
> the drivers I've inspected and certainly by none of the KMS drivers, it
> seems the last problem is backlight handling which requires
> prodding /sys/class/backlight/*/brightness.  It seems that the way to
> deal with this would be to get a /dev/backlight device interface for
> which udev could set appropriate permissions.  This would also clean the
> Intel DDX code somewhat as it wouldn't have to iterate over the list of
> possible /sys paths.
> Once this is in place, I'd write a patch to check on X startup whether
> a) KMS is in use
> b) /dev/backlight exists, with appropriate permissions
> c) /dev/input/* have appropriate permissions
> and in this case drop root privileges.
> Does this idea look sane?  Are there any obvious pitfalls that I've
> missed here?  What would a good /dev/backlight interface look like?

You are forgetting about the /sys/class/backlight/ files, those need to
be properly owned as well.

You might want to look at the recent MeeGo images, all of this work is
already done there.


greg "typing from a root-less xorg" k-h

More information about the xorg-devel mailing list