|Summary:||[patch] x11/sddm: consolekit + PAM support|
|Product:||Ports & Packages||Reporter:||Tijl Coosemans <tijl>|
|Severity:||Affects Only Me||CC:||adridg, bsd, dbn, doctorwhoguy, kmoore, me, mikael.urankar, tcberner|
Description Tijl Coosemans 2018-05-10 15:28:28 UTC
Created attachment 193236 [details] patch - Replace post-patch command for the sddm Xsession script with a patch so $STARTUP is injected in the right place. Also fix use of $@ in this script because "$@" is something special (see sh man page). This allows reverting ports r469242 which may not work with display managers like gdm and lightdm that have built-in support for consolekit. - Remove unneeded USES=desktop-file-utils. Reported by make stage-qa. - Enable PAM support. - Patch sddm.pam to be like /etc/pam.d/login. - Patch sddm-autologin.pam to remove linuxisms and deny password changes. - Patch sddm-greeter.pam to remove linuxisms. Also, for the session facility pam_unix.so is a no-op.
Comment 1 Tobias C. Berner 2018-05-10 17:41:04 UTC
Cool :) If you are already on it, do you mind incorperating it into this one: https://github.com/freebsd/freebsd-ports-kde/commit/4c94d4b96d78b2ec8950c758b6cc0a2ac86a07d1 and then committing it with the update together? mfg Tobias
Comment 2 mikael.urankar 2018-05-10 18:00:29 UTC
(In reply to Tobias C. Berner from comment #1) @tobias: there is a problem with the shutdown command: set(HALT_COMMAND "/sbin/shutdown -h -p now"): shutdown: incompatible switches -c, -h, -k, -p and -r Remove -h please :) Another thing, /usr/local is hardcoded in some places (but you're probably already aware of that)
Comment 3 Tijl Coosemans 2018-05-10 20:00:26 UTC
Created attachment 193248 [details] 0.17.0+patch Here's the patch plus the update to 0.17.0. This version doesn't work well for me. Only the breeze theme from plasma-workspace appears to work. The themes included in sddm all give a black screen with an onscreen keyboard at the bottom.
Comment 4 Tobias C. Berner 2018-05-13 13:26:26 UTC
Hm, in that case, please go ahead with the patch against 0.12, and we'll postpone the update to a later date. mfg Tobias
Comment 5 Tijl Coosemans 2018-05-13 13:39:52 UTC
It works when setting InputMethod empty in sddm.conf. By default it is set to qtvirtualkeyboard and I suspect the themes included with sddm don't support that so the keyboard ends up being drawn on top of the login screen. The breeze theme does support the virtual keyboard and hides it behind a button. I'm still looking into why the shutdown and reboot buttons are disabled. I think sddm needs to start console-kit-daemon for that. Once I figure that out I'll upload a new patch.
Comment 6 Tijl Coosemans 2018-05-15 13:17:32 UTC
Created attachment 193430 [details] patch2 New patch with the following changes: - Update to 0.17.0. - Replace post-patch command for the sddm Xsession script with a patch so $STARTUP is injected in the right place. Also use dbus-run-session to start a D-Bus session bus. Otherwise libdbus will autolaunch the session bus on first use and these autolaunched daemons don't always disappear when the session closes. Fix use of $@ in this script because "$@" is something special (see sh man page). This allows reverting ports r469242 which may not work with display managers like gdm and lightdm that have built-in support for ConsoleKit. - Remove unneeded USES=desktop-file-utils. Reported by make stage-qa. - Enable PAM support. - Patch sddm.pam to be like /etc/pam.d/login. - Patch sddm-autologin.pam to remove linuxisms and deny password changes. - Patch sddm-greeter.pam to remove linuxisms. Also, for the session facility pam_unix.so is a no-op. - Use %%PREFIX%% instead of /usr/local in xinitrc.desktop. - Remove DesktopNames from xinitrc.desktop and patch sddm to leave XDG_CURRENT_DESKTOP and XDG_SESSION_DESKTOP environment variables unset if there's no DesktopNames. These variables are used for OnlyShowIn and NotShowIn in .desktop files so setting them to some arbitrary value messes up the desktop started from ~/.xinitrc. - Use @sample for sddm.conf. - Patch the default configuration to leave InputMethod empty since qtvirtualkeyboard does not appear to be supported by the included themes. The keyboard is drawn on top of the login screen and has to be clicked away (button lower-right). - Set the default theme and cursor theme to breeze, because sddm is most likely used together with Plasma. If they aren't available sddm falls back to a compiled-in theme. - Use post-patch instead of a patch to replace paths like /usr/bin/X with /usr/local/bin/X. - Add a patch to start console-kit-daemon from sddm, because there's no rc.d script for that. Add another patch to disable broken sddm ConsoleKit seat management support because sddm assumes it has the same D-Bus interface as logind which isn't true. - Add an upstream patch to open sockets with SOCK_CLOEXEC. - Run sddm-greeter via the session command (Xsession script) so it also gets X resources and a ConsoleKit and D-Bus session. The ConsoleKit session has its session-class set to "user" instead of "greeter" because ck-launch-session doesn't provide a way to change this. ConsoleKit doesn't do anything with this value though so it is believed to be harmless. The XDG_SESSION_CLASS environment variable does have the value "greeter". - Improve the sddm rc.d script. There's no pidfile so just use the standard stop command. Provide a default value for sddm_enable to silence a warning from /etc/rc.subr. There's no need to generate a configuration like with KDM so remove that. Use %%PREFIX%% and %%LOCALBASE%%. Add a space after ! because !command doesn't work.
Comment 7 Tijl Coosemans 2018-05-20 19:55:11 UTC
It needs more patching because it doesn't respect login.conf(5) yet.
Comment 8 David Naylor 2018-06-11 14:36:04 UTC
Hi Thank you for the patch. I needed this as I use pam_pefs(8) and the version of sddm in Ports does not integrate with pam(3). While testing I encountered the following issues: 1. Lock screen does not recognise password (possibly something to do with kpasscheck)*; and 2. KDE does not know how to shutdown/restart - one has to logout then use sddm to shutdown/restart * I've had this issue before with kdm4, but it got fixed a while ago... Is there anything specific I could help regarding this patch?
Comment 9 Tijl Coosemans 2018-06-11 15:05:29 UTC
(In reply to David Naylor from comment #8) Shutdown and reboot only appear in KDE if the session is marked active. When you log in to KDE and run ck-list-sessions does it say "active = TRUE"? Do you have any commands in ~/.xsession or ~/.xinitrc?
Comment 10 Tijl Coosemans 2018-06-11 15:33:55 UTC
(In reply to David Naylor from comment #8) To get the screen locker to recognise your password you may need to create /usr/local/etc/pam.d/kde. Otherwise it falls back to /etc/pam.d/other.
Comment 11 David Naylor 2018-06-11 16:10:29 UTC
# ck-list-sessions Session3: unix-user = '1001' realname = 'David Naylor' seat = 'Seat1' session-type = 'unspecified' session-class = 'user' session-state = 'active' active = TRUE x11-display = ':0' x11-display-device = '/dev/ttyv8' display-device = '/dev/ ? ' remote-host-name = '' is-local = TRUE on-since = '2018-06-11T14:24:13.849770Z' login-session-id = '' XDG_RUNTIME_DIR = '/var/run/user/1001' VTNr = '9' Session2: unix-user = '1001' realname = 'David Naylor' seat = 'Seat1' session-type = 'unspecified' session-class = 'user' session-state = 'online' active = FALSE x11-display = ':0' x11-display-device = '/dev/ttyv8' display-device = '/dev/ ? ' remote-host-name = '' is-local = TRUE on-since = '2018-06-11T14:24:13.618008Z' login-session-id = '' XDG_RUNTIME_DIR = '/var/run/user/1001' VTNr = '9' I'm not sure why it lists two sessions, I'm only logged in once. (Would PAM possibly cause this?) I don't have either ~/.xsession or ~/.xinitrc specified. Copying /usr/local/etc/pam.d/sddm to /usr/local/etc/pam.d/kde fixed logins. Thanks :-)
Comment 12 Tijl Coosemans 2018-06-11 16:20:35 UTC
(In reply to David Naylor from comment #11) The original patch also removed x11/plasma5-plasma-workspace/files/patch-plasma.desktop.cmake. It seems I forgot to include this in patch2. So, try to remove that file and rebuild plasma5-plasma-workspace.
Comment 13 David Naylor 2018-06-11 19:07:14 UTC
(In reply to Tijl Coosemans from comment #12) That fixes everything for me, thanks :-)
Comment 14 Kris Moore 2018-07-15 16:08:42 UTC
Hey folks! Trying to use this patch here and for the life of me I can't seem to get the shutdown / reboot options to appear in KDE5. I've applied and rebuilt sddm with patch2 and removed the plasma.desktop patch mentioned previously. However my ck-list-sessions still looks like this: % ck-list-sessions Session2: unix-user = '1001' realname = 'Kris Moore' seat = 'Seat3' session-type = 'unspecified' session-class = 'user' session-state = 'online' active = FALSE x11-display = ':0' x11-display-device = '' display-device = '/dev/ ? ' remote-host-name = '' is-local = TRUE on-since = '2018-07-15T16:00:32.033247Z' login-session-id = '' XDG_RUNTIME_DIR = '/var/run/user/1001' Any idea what I've got wrong here?
Comment 15 Tijl Coosemans 2018-07-16 10:22:38 UTC
(In reply to Kris Moore from comment #14) Sometimes when I switch to text console and then back to X11, the session stays inactive. I then have to log out, kill console-kit-daemon and restart sddm to fix that.
Comment 16 commit-hook 2018-09-08 10:28:57 UTC
A commit references this bug: Author: adridg Date: Sat Sep 8 10:28:16 UTC 2018 New revision: 479245 URL: https://svnweb.freebsd.org/changeset/ports/479245 Log: Update x11/sddm to 0.17. This is still one minor release behind, but a big update relative to the previous version. Thanks to tijl@ for the patches, dbn@ for initial testing. PR: 228116 Submitted by: tijl Changes: head/x11/plasma5-plasma-workspace/Makefile head/x11/plasma5-plasma-workspace/files/patch-plasma.desktop.cmake head/x11/sddm/Makefile head/x11/sddm/distinfo head/x11/sddm/files/patch-CMakeLists.txt head/x11/sddm/files/patch-data_scripts_Xsession head/x11/sddm/files/patch-services_sddm-autologin.pam head/x11/sddm/files/patch-services_sddm-greeter.pam head/x11/sddm/files/patch-services_sddm.pam head/x11/sddm/files/patch-src_common_Configuration.h head/x11/sddm/files/patch-src_daemon_CMakeLists.txt head/x11/sddm/files/patch-src_daemon_DaemonApp.cpp head/x11/sddm/files/patch-src_daemon_Display.cpp head/x11/sddm/files/patch-src_daemon_LogindDBusTypes.cpp head/x11/sddm/files/patch-src_daemon_SignalHandler.cpp head/x11/sddm/files/patch-src_greeter_UserModel.cpp head/x11/sddm/files/patch-src_helper_HelperApp.cpp head/x11/sddm/files/patch-src_helper_UserSession.cpp head/x11/sddm/files/patch-src_helper_backend_PasswdBackend.cpp head/x11/sddm/files/sddm.in head/x11/sddm/files/xinitrc.desktop head/x11/sddm/files/xinitrc.desktop.in head/x11/sddm/pkg-plist
Comment 17 Adriaan de Groot 2018-09-08 10:30:45 UTC
As tijl@ points out, consolekit can get confused; after updating to this SDDM version and rebooting, Plasma desktop once again offers shutdown and reboot from the "leave" menu.
Comment 18 Patrick McMunn 2018-09-12 00:59:48 UTC
I've updated to SDDM 0.17, but KDE Plasma still does not offer shutdown or reboot from the "leave" menu. I'm running 11.2-STABLE. Could there perhaps be something that wasn't properly updated?
Comment 19 Tijl Coosemans 2018-09-12 08:20:22 UTC
(In reply to Patrick from comment #18) Make sure you also have the latest version of plasma5-plasma-workspace. If you have that and it still doesn't work, open konsole and run ck-list-sessions. It should list only 1 session and it should say "active = TRUE". If that's not the case see if rebooting fixes that. If not, post the output of ck-list-sessions here.
Comment 20 Kris Moore 2018-09-12 16:19:39 UTC
I'm seeing the issue here, shutdown/reboot options not presented. This is on 12.0-ALPHA5 with this patch and rebuilt plasma port: [kris@backbreaker] ~% ck-list-sessions Session2: unix-user = '1001' realname = 'Kris Moore' seat = 'Seat3' session-type = 'unspecified' session-class = 'user' session-state = 'online' active = FALSE x11-display = ':0' x11-display-device = '' display-device = '/dev/ ? ' remote-host-name = '' is-local = TRUE on-since = '2018-09-12T16:06:46.297066Z' login-session-id = '' XDG_RUNTIME_DIR = '/var/run/user/1001'
Comment 21 David Naylor 2018-09-12 17:40:09 UTC
What do you get for? # head -n 5 /usr/local/share/xsessions/plasma.desktop [Desktop Entry] Type=XSession Exec=/usr/local/bin/startkde TryExec=/usr/local/bin/startkde DesktopNames=KDE If you have `Exec=ck-launch-session /usr/local/bin/startkde/startkde` then that is the source of the problem.
Comment 22 Kris Moore 2018-09-12 20:28:04 UTC
[root@backbreaker] ~# head -n 5 /usr/local/share/xsessions/plasma.desktop [Desktop Entry] Type=XSession Exec=/usr/local/bin/startkde TryExec=/usr/local/bin/startkde DesktopNames=KDE Nothing obviously wrong here that I can see.
Comment 23 Patrick McMunn 2018-09-13 00:33:30 UTC
The latest available in packages or ports is plasma5-plasma-desktop-5.12.5_3, and it has the correct exec line in the desktop file. The output of ck-list-sessions also shows "active = FALSE".
Comment 24 Ivan 2018-11-25 18:34:11 UTC
If you have security.bsd.see_other*=0 in your /etc/sysctl.conf, then it's affecting startup scripts in this way.