1wilkens / rdm Goto Github PK
View Code? Open in Web Editor NEWA toy display manager written in Rust. Inspired by Slim it aims to provide a simple and elegant login screen.
License: MIT License
A toy display manager written in Rust. Inspired by Slim it aims to provide a simple and elegant login screen.
License: MIT License
HAS MAJOR ISSUES RELATED TO SECURITY!!
Among things.
It's good to remember that when dbus craps out all the software that depends on it stops working.
I imagine that display manager ought to work regardless of whether dbus feels like working or not.
As multiple people have pointed out RDM is already used by Redis Desktop Manager among others.
For v0.1 a non-clashing name would help discoverability and avoid potential problems down the road.
I'll post ideas and suggestions here as I come up with them.
Currently only ~/.xinitrc
is executed to start a user session. This approach is very simple but unnecessarily static and should be extended to include /etc/xsessions
and whatever other reasonable standards exist.
As this is purely an enhancement it is not a blocker for v0.1
Currently an xauth
file is generated and written to disk but not used when launching X
, because the concept of .Xauthority
is not quite clear. Adding the flag to the launch prevents gtk from opening the display. This is weird because the main ui (via gtk) will always be executed as root and as such should have access to X
under all circumstances.
Also it is just not clear what .Xauthority
actually does. In theory it should limit access to the X
server but the auth file via startx
actually contains multiple magic cookies while .Xauthority
only contains 1.
More research is required to figure out what the "best practices" are.
Although this is an enhancement it is the de-facto standard in all other display managers so it is a blocker for v0.1
Currently the session started by rdm is partly recognized by loginctl
(no seat
or tty
attribute present) and all authentication attempts (for example shutdown
/reboot
) fail with Failed to power off system via logind: Interactive authentication required.
.
This indicates that the pam_systemd.so
module is not properly executed for the session (although the runtime directory in /var/run/user/
is created..) which might be caused by a problem in the pam configuration file.
More research is needed to determine which practices we need to follow.
As proper systemd
support is one of the core principles rdm is built on, this is a blocker for v0.1!
Currently the user session is invoked as root
which effectively makes any shell opened in it a root-shell. This is obviously wrong and dangerous especially with a malicious .xinitrx
.
The reason for this is not completely clear. rdm
's subthread for the session invokes pam_open_session
which should change the user but apparently this is not enough to do so.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.