The following issues are present in the current ebuild from the kde overlay: - Many permissions from modern systemd-logind are missing in the org.freedesktop.login1.conf - Kernel features, that are required, are not checked. - org.freedesktop.login1.service must not be patched to start elogind. Instead, an init script is needed. Otherwise, the first login will call the elogind launch via dbus when connecting to pam_elogind.so. Unfortunately this means, that if xdm starts SDDM, the greeter has already questioned for available services before elogind is up. The consequence is, that sddm only provides "shutdown" and "reboot", but both do not work. After launching elogind using an init script, sddm provides "shutdown", "reboot", "suspend" and "hibernate", with all four buttons working as expected. - SECURITY_SMACK support should be disabled unless activated in the kernel config. - --with-udevrulesdir should be set.
Created attachment 452984 [details] elogind-219.12-r7.ebuild Updated ebuild, fixing all issues mentioned above
Created attachment 452986 [details, diff] Add missing login1 permissions This patch, originating from https://github.com/wingo/elogind/pull/4 , adds the requested permissions. See also: https://github.com/systemd/systemd/issues/471
Created attachment 452988 [details] elogind.conf file for /etc/conf.d
Created attachment 452990 [details] elogind init script for /etc/init.d
The update can be tested from my overlay at layman/seden.
Comment on attachment 452984 [details] elogind-219.12-r7.ebuild ># Copyright 1999-2016 Gentoo Foundation ># Distributed under the terms of the GNU General Public License v2 ># $Id$ > >EAPI=6 > >inherit autotools eutils linux-info pam udev > >DESCRIPTION="The systemd project's logind, extracted to a standalone package" >HOMEPAGE="https://github.com/wingo/elogind" >SRC_URI="https://github.com/wingo/elogind/archive/v${PV}.tar.gz -> ${P}.tar.gz" > >LICENSE="CC0-1.0 LGPL-2.1+ public-domain" >SLOT="0" >KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-linux ~ia64-linux ~x86-linux" >IUSE="acl apparmor pam policykit selinux +seccomp" > >COMMON_DEPEND=" > sys-libs/libcap > sys-apps/util-linux > virtual/libudev:= > acl? ( sys-apps/acl ) > apparmor? ( sys-libs/libapparmor ) > pam? ( virtual/pam ) > seccomp? ( sys-libs/libseccomp ) > selinux? ( sys-libs/libselinux ) >" >RDEPEND="${COMMON_DEPEND} > sys-apps/dbus > policykit? ( sys-auth/polkit ) > !sys-auth/systemd >" >DEPEND="${COMMON_DEPEND} > dev-util/gperf > dev-util/intltool > sys-devel/libtool > virtual/pkgconfig >" > >DOCS=( NEWS README TODO ) you can nix these, they're part of default einstalldocs set >PATCHES=( > "${FILESDIR}/${PN}-docs.patch" > "${FILESDIR}/${PN}-lrt.patch" > "${FILESDIR}/${P}-session.patch" > "${FILESDIR}/${PN}-add_missing_login1_permissions.patch" >) > >pkg_setup() { > if use kernel_linux; then > linux-info_pkg_setup > if ! linux_config_exists; then > ewarn "Can't check the linux kernel configuration." > else > local missing_count=0 > if linux_chkconfig_present AUDIT; then > ewarn "AUDIT is enabled. If you have problems with the auditing" > ewarn " system creating and closing sessions, then disable it." > fi > if ! linux_chkconfig_present CGROUPS; then > eerror "CGROUPS is not enabled but needed by elogind." > eerror " (it is OK to disable all controllers)" > missing_count=$((missing_count+1)) > fi > if ! linux_chkconfig_present INOTIFY_USER; then > eerror "INOTIFY_USER is not enabled but needed by elogind." > missing_count=$((missing_count+1)) > fi > if ! linux_chkconfig_present SIGNALFD; then > eerror "SIGNALFD is not enabled but needed by elogind." > missing_count=$((missing_count+1)) > fi > if ! linux_chkconfig_present TIMERFD; then > eerror "TIMERFD is not enabled but needed by elogind." > missing_count=$((missing_count+1)) > fi > if ! linux_chkconfig_present EPOLL; then > eerror "EPOLL is not enabled but needed by elogind." > missing_count=$((missing_count+1)) > fi > if ! linux_chkconfig_present SECCOMP; then > einfo "SECCOMP is not enabled but useful to elogind." > fi > [ 0 -lt $missing_count ] && die "$missing_count required kernel features are missing." > fi > fi >} > >src_prepare() { > default > > # Makefile.am is patched by > # - "${FILESDIR}/${PN}-docs.patch" > # - "${FILESDIR}/${PN}-lrt.patch" > eautoreconf >} > >src_configure() { > local use_smack="--disable-smack" > if linux_config_exists && linux_chkconfig_present SECURITY_SMACK; then > use_smack="--enable-smack" > fi > > econf \ > --with-pamlibdir=$(getpam_mod_dir) \ > --with-udevrulesdir="$(get_udevdir)"/rules.d \ > $(use_enable acl) \ > $(use_enable apparmor) \ > $(use_enable pam) \ > $(use_enable seccomp) \ > $(use_enable selinux) \ > $use_smack >} > >src_install() { > default > prune_libtool_files --modules If possible, get rid of prune_libtool_files. If the package installs .pc files, you can nix it. You can then also get rid of 'eutils'. > > newinitd "${FILESDIR}"/${PN}.init ${PN} > newconfd "${FILESDIR}"/${PN}.conf ${PN} >}
Created attachment 453370 [details] elogind-219.12-r8.ebuild The following updates where made:# - Remove check for CONFIG_AUDIT The auditing system can be a problem with systemd in containers. But that is something not possible with elogind. - Install libraries in /lib* instead of /usr/lib* Tools used in early boot, thus before mounting a separate /usr partition, like 'ps' need libelogind.so in /lib. (See bug 599504) - Added a pkg_postinst() message about adding eloging to the default runlevel. - Remove superfluous DOCS array and add a note why we have to prune_libtool_files. @David: Thank you very much, but unfortunately prune_libtool_files can not be removed as libelogind.so has to be installed in /lib*. install_qa_check doesn't like *.la files in /lib* at all. It would be great if something like that would be detected automatically, but it isn't. (yet?)
Created attachment 454324 [details] elogind-219.12-r9.ebuild The new ebuild fixes a nasty issue I detected when trying to switch to elogind on my Raspberry Pi 3: The build system uses $(libdir)/pkgconfig as a target for the libelogind.pc file. So as pkg-config does not look into /lib/pkgconfig, it can no longer find libelogind, and all configure phases searching for it fail. (like dbus) The new revision fixes that by moving libelogind.pc back to /usr/$(get_libdir)/pkgconfig. Sorry for the inconvenience with the -r8 ebuild.
Created attachment 454904 [details] Updated init script for elogind The current version of elogind does not create a run/systemd directory, but needs it to work properly. The new init script creates the /run/systemd directory first before starting the service.
Created attachment 454906 [details] elogind-219.12-r10 Revision bump Revision bump to force the installation of the new init script.
@KDE Team : I think the ebuild is ready now. The issues left are in elogind itself, which is worked upon. So if you like, you can take over now. The ebuild for elogind itself is not depending on anything but polkit (See Bug 598615) which is ripe for a take-over, too.
Shall we move this straight to main tree? Might be more likely to get traction from other teams that way.
Thanks for your work! This is now in kde overlay.
(In reply to Andreas Sturmlechner from comment #13) > Thanks for your work! This is now in kde overlay. Thank you very much! The ebuild has some impressive simplifications. I like it. :-) But I have found the following issues / questions: ======== Why was libelogind.so moved back to /usr/lib? This causes problems with procps (please see bug 599504 ) and as far as I understood it, upstream (systemd) wants boot relevant files to be installed in /lib anyway. However, the next versions of elogind will have adopted the option --with-rootlibdir. With the line --rootlibdir="${EPREFIX}"/$(get_libdir) added to econf, all files will then go into the right places. Until then, the manual move is necessary, at least for users with separate /usr partition. ======== Unfortunately elogind fails to build with dev-util/gperf-3.1 Therefore the dependency must be adapted to =dev-util/gperf-3.0*. I just found out today, sorry. ======== I have taken the new ebuild and have adapted it to fix above problems. Please have a look.
Created attachment 459802 [details] elogind-219.12-r11.ebuild This is basically the new elogind-219.12-r3.ebuild from KDE overlay with the following two changes: 1) The gperf dependency has been changed to =dev-util/gperf-3.0*, because it does not build using gperf-3.1 Note: This also happens with my current elogind-226 dev branch, which is using the exact build system as systemd-226. 2) /bin/ps is used during the start of openrc and fails, because libelogind.so.0 is not found if it was installed in /usr/lib* with /usr being on a separate partition. So the install goes into /lib* and pkgconfig is moved back to /usr/lib* by src_install(). Note: Later versions of elogind will support --with-rootlibdir which will render this manual move unnecessary.
Thanks for pointing out the issues, now fixed in overlay. In general, please use diffs instead of full ebuilds so your changes can be tracked more easily.
Moved to tree after fixing build with gperf-3.1 using a systemd patch. Sven, you may want to pick that for your dev branch as well.
Created attachment 460732 [details, diff] fix permissions on /run/systemd Sorry for not opening a new bug, but this is just a little oversight on my part. I was sure I had uploaded that already. Well, the original elogind.init creates a /run/systemd directory, but I made a mistake on the chmod line. The directory must have 755 permissions not 644 of course. I am sorry for the inconvenience!