Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Sway: Unable to drop root
View unanswered posts
View posts from last 24 hours
View posts from last 7 days

 
Reply to topic    Gentoo Forums Forum Index Desktop Environments
View previous topic :: View next topic  
Author Message
flu0r1ne
n00b
n00b


Joined: 19 Feb 2021
Posts: 2
Location: NULL

PostPosted: Fri Feb 19, 2021 9:44 pm    Post subject: Sway: Unable to drop root Reply with quote

Q: Why is Sway unable to drop root privileges?

Attempting to install Sway on a box with systemd. Having issues with the environment / config.

Code:

flu0r1ne@gentoo-vm ~ $ sudo XDG_RUNTIME_DIR=/run/user/0 dbus-run-session sway -V
00:00:00.000 [sway/main.c:326] Sway version 1.5.1
00:00:00.004 [sway/main.c:153] Linux gentoo-vm 5.4.88 #1 SMP Sat Jan 9 20:46:23 -00 2021 x86_64 Intel(R) Core(TM) i7-4770HQ CPU @ 2.20GHz GenuineIntel GNU/Linux
00:00:00.004 [sway/main.c:169] Contents of /etc/os-release:
00:00:00.005 [sway/main.c:153] NAME=Gentoo
00:00:00.005 [sway/main.c:153] ID=gentoo
00:00:00.005 [sway/main.c:153] PRETTY_NAME="Gentoo/Linux"
00:00:00.005 [sway/main.c:153] ANSI_COLOR="1;32"
00:00:00.005 [sway/main.c:153] HOME_URL="https://www.gentoo.org/"
00:00:00.005 [sway/main.c:153] SUPPORT_URL="https://www.gentoo.org/support/"
00:00:00.005 [sway/main.c:153] BUG_REPORT_URL="https://bugs.gentoo.org/"
00:00:00.005 [sway/main.c:169] Contents of /etc/gentoo-release:
00:00:00.005 [sway/main.c:153] Gentoo Base System release 2.7
00:00:00.005 [sway/main.c:141] LD_LIBRARY_PATH=(null)
00:00:00.005 [sway/main.c:141] LD_PRELOAD=(null)
00:00:00.005 [sway/main.c:141] PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/opt/bin:/usr/lib/llvm/11/bin
00:00:00.005 [sway/main.c:141] SWAYSOCK=(null)
00:00:00.012 [INFO] [backend/session/logind.c:853] Successfully loaded logind session
00:00:00.015 [INFO] [backend/backend.c:157] Found 1 GPUs
00:00:00.016 [INFO] [backend/drm/backend.c:138] Initializing DRM backend for /dev/dri/card0 (virtio_gpu)
00:00:00.016 [INFO] [backend/drm/drm.c:255] Found 1 DRM CRTCs
00:00:00.016 [INFO] [backend/drm/drm.c:176] Found 2 DRM planes
MESA-LOADER: failed to open virtio_gpu (search paths /usr/lib64/dri)
failed to load driver: virtio_gpu
00:00:00.098 [INFO] [render/egl.c:297] Using EGL 1.4
00:00:00.098 [INFO] [render/egl.c:298] Supported EGL client extensions: EGL_EXT_device_base EGL_EXT_device_enumeration EGL_EXT_device_query EGL_EXT_platform_base EGL_KHR_client_get_all_proc_addresses EGL_EXT_client_extensions EGL_KHR_debug EGL_EXT_platform_device EGL_EXT_platform_x11 EGL_KHR_platform_x11 EGL_MESA_platform_gbm EGL_KHR_platform_gbm EGL_MESA_platform_surfaceless
00:00:00.098 [INFO] [render/egl.c:299] Supported EGL display extensions: EGL_ANDROID_blob_cache EGL_EXT_buffer_age EGL_EXT_image_dma_buf_import EGL_EXT_image_dma_buf_import_modifiers EGL_KHR_cl_event2 EGL_KHR_config_attribs EGL_KHR_create_context EGL_KHR_create_context_no_error EGL_KHR_fence_sync EGL_KHR_get_all_proc_addresses EGL_KHR_gl_colorspace EGL_KHR_gl_renderbuffer_image EGL_KHR_gl_texture_2D_image EGL_KHR_gl_texture_3D_image EGL_KHR_gl_texture_cubemap_image EGL_KHR_image EGL_KHR_image_base EGL_KHR_image_pixmap EGL_KHR_no_config_context EGL_KHR_reusable_sync EGL_KHR_surfaceless_context EGL_EXT_pixel_format_float EGL_KHR_wait_sync EGL_MESA_configless_context EGL_MESA_image_dma_buf_export EGL_MESA_query_driver
00:00:00.098 [INFO] [render/egl.c:300] EGL vendor: Mesa Project
00:00:00.120 [INFO] [render/gles2/renderer.c:674] Using OpenGL ES 3.2 Mesa 20.2.6
00:00:00.120 [INFO] [render/gles2/renderer.c:675] GL vendor: Mesa/X.org
00:00:00.120 [INFO] [render/gles2/renderer.c:676] GL renderer: llvmpipe (LLVM 11.0.0, 256 bits)
00:00:00.120 [INFO] [render/gles2/renderer.c:677] Supported GLES2 extensions: GL_EXT_blend_minmax GL_EXT_multi_draw_arrays GL_EXT_texture_compression_s3tc GL_EXT_texture_compression_dxt1 GL_EXT_texture_compression_rgtc GL_EXT_texture_format_BGRA8888 GL_OES_compressed_ETC1_RGB8_texture GL_OES_depth24 GL_OES_element_index_uint GL_OES_fbo_render_mipmap GL_OES_mapbuffer GL_OES_rgb8_rgba8 GL_OES_standard_derivatives GL_OES_stencil8 GL_OES_texture_3D GL_OES_texture_float GL_OES_texture_float_linear GL_OES_texture_half_float GL_OES_texture_half_float_linear GL_OES_texture_npot GL_OES_vertex_half_float GL_EXT_draw_instanced GL_EXT_texture_sRGB_decode GL_OES_EGL_image GL_OES_depth_texture GL_OES_packed_depth_stencil GL_EXT_texture_type_2_10_10_10_REV GL_NV_conditional_render GL_OES_get_program_binary GL_APPLE_texture_max_level GL_EXT_discard_framebuffer GL_EXT_read_format_bgra GL_EXT_frag_depth GL_NV_fbo_color_attachments GL_OES_EGL_image_external GL_OES_EGL_sync GL_OES_vertex_array_object GL_OES_viewport_array GL_ANGLE_texture_compression_dxt3 GL_ANGLE_texture_compression_dxt5 GL_EXT_occlusion_query_boolean GL_EXT_robustness GL_EXT_texture_rg GL_EXT_unpack_subimage GL_NV_draw_buffers GL_NV_read_buffer GL_NV_read_depth GL_NV_read_depth_stencil GL_NV_read_stencil GL_EXT_draw_buffers GL_EXT_map_buffer_range GL_KHR_debug GL_KHR_robustness GL_KHR_texture_compression_astc_ldr GL_NV_pixel_buffer_object GL_OES_depth_texture_cube_map GL_OES_required_internalformat GL_OES_surfaceless_context GL_EXT_color_buffer_float GL_EXT_sRGB_write_control GL_EXT_separate_shader_objects GL_EXT_shader_group_vote GL_EXT_shader_implicit_conversions GL_EXT_shader_integer_mix GL_EXT_tessellation_point_size GL_EXT_tessellation_shader GL_ANDROID_extension_pack_es31a GL_EXT_base_instance GL_EXT_compressed_ETC1_RGB8_sub_texture GL_EXT_copy_image GL_EXT_draw_buffers_indexed GL_EXT_draw_elements_base_vertex GL_EXT_gpu_shader5 GL_EXT_polygon_offset_clamp GL_EXT_primitive_bounding_box GL_EXT_render_snorm GL_EXT_shader_io_blocks GL_EXT_texture_border_clamp GL_EXT_texture_buffer GL_EXT_texture_cube_map_array GL_EXT_texture_norm16 GL_EXT_texture_view GL_KHR_blend_equation_advanced GL_KHR_context_flush_control GL_KHR_robust_buffer_access_behavior GL_NV_image_formats GL_OES_copy_image GL_OES_draw_buffers_indexed GL_OES_draw_elements_base_vertex GL_OES_gpu_shader5 GL_OES_primitive_bounding_box GL_OES_sample_shading GL_OES_sample_variables GL_OES_shader_io_blocks GL_OES_shader_multisample_interpolation GL_OES_tessellation_point_size GL_OES_tessellation_shader GL_OES_texture_border_clamp GL_OES_texture_buffer GL_OES_texture_cube_map_array GL_OES_texture_stencil8 GL_OES_texture_storage_multisample_2d_array GL_OES_texture_view GL_EXT_blend_func_extended GL_EXT_buffer_storage GL_EXT_float_blend GL_EXT_geometry_point_size GL_EXT_geometry_shader GL_KHR_no_error GL_KHR_texture_compression_astc_sliced_3d GL_OES_EGL_image_external_essl3 GL_OES_geometry_point_size GL_OES_geometry_shader GL_OES_shader_image_atomic GL_EXT_clip_cull_distance GL_EXT_disjoint_timer_query GL_EXT_texture_compression_s3tc_srgb GL_MESA_shader_integer_functions GL_EXT_clip_control GL_EXT_texture_compression_bptc GL_KHR_parallel_shader_compile GL_EXT_EGL_image_storage GL_EXT_shader_framebuffer_fetch_non_coherent GL_EXT_texture_sRGB_R8 GL_EXT_texture_shadow_lod GL_MESA_framebuffer_flip_y GL_EXT_depth_clamp GL_EXT_texture_query_lod


Possibly related:
I;ve ran into issues with the XDG_RUNTIME_DIR environment variable not being set. Apparently on systemd installs, pam-systemd sets this variable. I manually set it in ~/.pam_environment to /run/user/1000 (and /run/user/0 for root). This sets it at login. Yet, not via sudo. That's why I'm passing it via bash. Seems to work but to sure if these issues are related. For the record, if I remove both ~/.pam_environment both user and root's XDG_RUNTIME_DIR variable is set to /run/user/1000.

Package info:
Code:

flu0r1ne@gentoo-vm ~ $ emerge --info sway
Portage 3.0.13 (python 3.8.7-final-0, default/linux/amd64/17.1/systemd, gcc-9.3.0, glibc-2.32-r6, 5.4.88 x86_64)
=================================================================
                         System Settings
=================================================================
System uname: Linux-5.4.88-x86_64-Intel-R-_Core-TM-_i7-4770HQ_CPU_@_2.20GHz-with-glibc2.2.5
KiB Mem:     6088968 total,   5683228 free
KiB Swap:          0 total,         0 free
Timestamp of repository gentoo: Thu, 18 Feb 2021 00:45:01 +0000
Head commit of repository gentoo: 5cf7de86a08dbe859434c8b9b54ba15b4d63eba7
sh bash 5.0_p18
ld GNU ld (Gentoo 2.35.1 p2) 2.35.1
app-shells/bash:          5.0_p18::gentoo
dev-lang/perl:            5.30.3::gentoo
dev-lang/python:          3.8.7-r1::gentoo, 3.9.1-r1::gentoo
dev-util/cmake:           3.18.5::gentoo
sys-apps/baselayout:      2.7::gentoo
sys-apps/sandbox:         2.20::gentoo
sys-devel/autoconf:       2.13-r1::gentoo, 2.69-r5::gentoo
sys-devel/automake:       1.16.2-r1::gentoo
sys-devel/binutils:       2.35.1-r1::gentoo
sys-devel/gcc:            9.3.0-r2::gentoo
sys-devel/gcc-config:     2.3.2-r1::gentoo
sys-devel/libtool:        2.4.6-r6::gentoo
sys-devel/make:           4.3::gentoo
sys-kernel/linux-headers: 5.4-r1::gentoo (virtual/os-headers)
sys-libs/glibc:           2.32-r6::gentoo
Repositories:

gentoo
    location: /var/db/repos/gentoo
    sync-type: rsync
    sync-uri: rsync://rsync.gentoo.org/gentoo-portage
    priority: -1000
    sync-rsync-verify-max-age: 24
    sync-rsync-verify-jobs: 1
    sync-rsync-verify-metamanifest: yes
    sync-rsync-extra-opts:

ACCEPT_KEYWORDS="amd64"
ACCEPT_LICENSE="*"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-O2 -pipe -march=native"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/sandbox.d /etc/terminfo"
CXXFLAGS="-O2 -pipe -march=native"
DISTDIR="/var/cache/distfiles"
ENV_UNSET="CARGO_HOME DBUS_SESSION_BUS_ADDRESS DISPLAY GOBIN GOPATH PERL5LIB PERL5OPT PERLPREFIX PERL_CORE PERL_MB_OPT PERL_MM_OPT XAUTHORITY XDG_CACHE_HOME XDG_CONFIG_HOME XDG_DATA_HOME XDG_RUNTIME_DIR"
FCFLAGS="-O2 -pipe -march=native"
FEATURES="assume-digests binpkg-docompress binpkg-dostrip binpkg-logs config-protect-if-modified distlocks ebuild-locks fixlafiles ipc-sandbox merge-sync multilib-strict network-sandbox news parallel-fetch pid-sandbox preserve-libs protect-owned qa-unresolved-soname-deps sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr"
FFLAGS="-O2 -pipe -march=native"
GENTOO_MIRRORS="https://gentoo.osuosl.org/ https://mirrors.rit.edu/gentoo/"
LANG="en_US.utf8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
MAKEOPTS="-j8"
PKGDIR="/var/cache/binpkgs"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git"
PORTAGE_TMPDIR="/var/tmp"
USE="acl amd64 berkdb bzip2 cli crypt dri fortran gdbm gtk iconv ipv6 libglvnd libtirpc multilib ncurses nls nptl openmp pam pcre policykit qt4 qt5 readline seccomp split-usr ssl systemd tcpd udev unicode xattr zlib" ABI_X86="64" ADA_TARGET="gnat_2018" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="karbon sheets words" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="mmx mmxext sse sse2" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock greis isync itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 timing tsip tripmate tnt ublox ubx" INPUT_DEVICES="libinput" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" LUA_SINGLE_TARGET="lua5-1" LUA_TARGETS="lua5-1" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php7-3 php7-4" POSTGRES_TARGETS="postgres10 postgres11" PYTHON_SINGLE_TARGET="python3_8" PYTHON_TARGETS="python3_8" RUBY_TARGETS="ruby26" USERLAND="GNU" VIDEO_CARDS="amdgpu fbdev intel nouveau radeon radeonsi vesa dummy v4l" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account"
Unset:  CC, CPPFLAGS, CTARGET, CXX, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, LINGUAS, PORTAGE_BINHOST, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS

=================================================================
                        Package Settings
=================================================================

gui-wm/sway-1.5.1-r1::gentoo was built with the following:
USE="man swaybar swaybg swayidle swaylock swaymsg swaynag systemd -X (-elogind) -fish-completion -seatd -tray -wallpapers -zsh-completion" ABI_X86="(64)"
Back to top
View user's profile Send private message
gabrielg
Tux's lil' helper
Tux's lil' helper


Joined: 16 Nov 2012
Posts: 137

PostPosted: Wed Mar 03, 2021 4:34 pm    Post subject: Reply with quote

I wouldn't run sway like that - just run it from the user you wish to run as. In the past, with setuid, it would do whatever it needed as root and then drop privileges, but this only happens if you run it as a non root user.

With systemd, I suppose that you have to have loginctl running for your XDG_RUNTIME_DIR to be set up.

I would also call it with
Code:
dbus-launch --exit-with-session
instead.
Back to top
View user's profile Send private message
f1tz
Tux's lil' helper
Tux's lil' helper


Joined: 27 Aug 2020
Posts: 88

PostPosted: Thu Mar 04, 2021 5:28 pm    Post subject: Reply with quote

Dear flu0r1ne,

I had the same issue like you, and was able to solve it with this workaround out of the gentoo wiki.
This is my complete .bash_profile that I run sway with at the moment. Copy paste it and see if it works out for you.

Code:

# /etc/skel/.bash_profile

# This file is sourced by bash for login shells.  The following line
# runs your .bashrc and is recommended by the bash info pages.
if [[ -f ~/.bashrc ]] ; then
   . ~/.bashrc
fi
if [ "$(tty)" = "/dev/tty1" ]; then
   exec dbus-launch --sh-syntax --exit-with-session sway
fi

if test -z "${XDG_RUNTIME_DIR}"; then
    export XDG_RUNTIME_DIR=/tmp/${UID}-runtime-dir
    if ! test -d "${XDG_RUNTIME_DIR}"; then
        mkdir "${XDG_RUNTIME_DIR}"
        chmod 0700 "${XDG_RUNTIME_DIR}"
    fi
fi


The first part is where sway is mentioned, starts a terminal after bootup, where you can directly login via command line.
It also makes sure that there is a global dbus service started before sway (in case you want to run dbus).

Here is the explanation in the Gentoo wiki page of Weston for the second part.

Hope this helps :)
Back to top
View user's profile Send private message
flu0r1ne
n00b
n00b


Joined: 19 Feb 2021
Posts: 2
Location: NULL

PostPosted: Fri Sep 15, 2023 10:08 pm    Post subject: Reply with quote

I apologize for the delayed response. I was able to resolve the issue. I greatly appreciate the help.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Desktop Environments All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum