Running X as an unprivileged user
greg at kroah.com
Fri Jun 25 08:25:17 PDT 2010
On Fri, Jun 25, 2010 at 11:12:49PM +1000, Christopher James Halse Rogers wrote:
> It seems that almost all of the work required to run X without root
> privileges has been done, and there are just a couple of loose ends to
> tie up before it can work - at least for KMS drivers.
> Apart from opening /proc/mtrr for writing, which isn't used by any of
> the drivers I've inspected and certainly by none of the KMS drivers, it
> seems the last problem is backlight handling which requires
> prodding /sys/class/backlight/*/brightness. It seems that the way to
> deal with this would be to get a /dev/backlight device interface for
> which udev could set appropriate permissions. This would also clean the
> Intel DDX code somewhat as it wouldn't have to iterate over the list of
> possible /sys paths.
> Once this is in place, I'd write a patch to check on X startup whether
> a) KMS is in use
> b) /dev/backlight exists, with appropriate permissions
> c) /dev/input/* have appropriate permissions
> and in this case drop root privileges.
> Does this idea look sane? Are there any obvious pitfalls that I've
> missed here? What would a good /dev/backlight interface look like?
You are forgetting about the /sys/class/backlight/ files, those need to
be properly owned as well.
You might want to look at the recent MeeGo images, all of this work is
already done there.
greg "typing from a root-less xorg" k-h
More information about the xorg-devel