My system thankfully does not use the systemd and the sddm was compiled accordingly with "consolekit pam -elogind -systemd -test". However, I keep getting the following error messages in the system log: Oct 30 11:08:02 hooverix sddm-helper[2026]: PAM unable to dlopen(/lib64/security/pam_systemd.so): /lib64/security/pam_systemd.so: cannot open shared object file: No such file or directory Oct 30 11:08:02 hooverix sddm-helper[2026]: PAM adding faulty module: /lib64/security/pam_systemd.so Oct 30 11:08:02 hooverix sddm-helper[2026]: pam_unix(sddm-greeter:session): session opened for user sddm by (uid=0) The sddm appears to work despite this but as this problem is pam-related, I am concerned if the security is not compromised because sddm is perhaps confused about the system it runs on and the pam modules it should use.
sddm installs sddm-greeter.pam which contains: session optional @LOGIND_PAM_MODULE@ where @LOGIND_PAM_MODULE@ is configured by: if(USE_ELOGIND) set(LOGIND_PAM_MODULE "pam_elogind.so") else() set(LOGIND_PAM_MODULE "pam_systemd.so") endif() This shouldn't affect anything if neither systemd nor logind are being used, but it would be nice to fix upstream removing this bogus line if neither session tracker is being used.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/proj/qt.git/commit/?id=874d04dd36d01a9bb6f07d2bad6427c7b6883cbb commit 874d04dd36d01a9bb6f07d2bad6427c7b6883cbb Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2023-02-04 11:22:59 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2023-02-04 12:56:46 +0000 x11-misc/sddm: Adapt to upstream changes for 0.20.0 release prep - Set QTMIN to 5.15.2 - Switch SDDM configuration to /etc/sddm.conf.d/ - New Gentoo defaults file: 01gentoo.conf - For IUSE="elogind", fix path to /bin/loginctl - Don't look for pam_systemd.so by default - Respin pam-1.4 substack patch, dropping upstreamed changes - Respin *-respect-user-flags.patch for minimal context See also: https://github.com/gentoo/gentoo/pull/18935 See also: https://github.com/gentoo/gentoo/pull/25853 Bug: https://bugs.gentoo.org/669980 Bug: https://bugs.gentoo.org/728550 Bug: https://bugs.gentoo.org/790713 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> x11-misc/sddm/files/pam-1.4-substack.patch | 31 --------- .../files/sddm-0.18.1-respect-user-flags.patch | 25 -------- .../sddm-0.20.0-disable-etc-debian-check.patch | 26 ++++++++ ...sddm-0.20.0-no-default-pam_systemd-module.patch | 43 +++++++++++++ .../files/sddm-0.20.0-respect-user-flags.patch | 11 ++++ .../files/sddm-0.20.0-sddm.pam-use-substack.patch | 37 +++++++++++ x11-misc/sddm/sddm-9999.ebuild | 74 ++++++++++++++-------- 7 files changed, 166 insertions(+), 81 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6005bae9a3c36693a31521851a53fcd0aa2b443f commit 6005bae9a3c36693a31521851a53fcd0aa2b443f Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2023-06-18 18:30:04 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2023-06-18 18:51:40 +0000 x11-misc/sddm: Add 0.19.0_p20230608 snapshot w/o KEYWORDS Short summary of changes: - Drop IUSE pam, require elogind or systemd - Drop obsolete default settings (now upstream defaults) - Change RUNTIME_DIR path to "/run/sddm" - Use upstream sddm-tmpfiles.conf - Update dependencies - Drop x11-base/xorg-server RDEPEND (only ensured xdm init script in past) - Switch SDDM configuration to /etc/sddm.conf.d/ - Don't look for pam_systemd.so by default Bug: https://bugs.gentoo.org/669980 Bug: https://bugs.gentoo.org/728550 Bug: https://bugs.gentoo.org/790713 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> x11-misc/sddm/Manifest | 1 + .../sddm-0.20.0-disable-etc-debian-check.patch | 26 ++++ ...sddm-0.20.0-no-default-pam_systemd-module.patch | 43 +++++++ .../files/sddm-0.20.0-respect-user-flags.patch | 11 ++ .../files/sddm-0.20.0-sddm.pam-use-substack.patch | 37 ++++++ x11-misc/sddm/sddm-0.19.0_p20230608.ebuild | 137 +++++++++++++++++++++ 6 files changed, 255 insertions(+)
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=94c6fa3154bbae2d4a906d9ee4f105fc62320702 commit 94c6fa3154bbae2d4a906d9ee4f105fc62320702 Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2023-06-26 15:51:27 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2023-06-27 11:25:40 +0000 x11-misc/sddm: add 0.20.0 See also: https://github.com/sddm/sddm/releases/tag/v0.20.0 This is adding back RDEPEND=x11-base/xorg-server for two reasons: - X11 is the default DisplayServer, with all other options EXPERIMENTAL - every other distro still depends on it, probably for that reason Closes: https://bugs.gentoo.org/669980 Bug: https://bugs.gentoo.org/728550 Closes: https://bugs.gentoo.org/790713 Closes: https://bugs.gentoo.org/907069 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> x11-misc/sddm/Manifest | 1 + .../sddm-0.20.0-fix-use-development-sessions.patch | 83 +++++++++++++ x11-misc/sddm/sddm-0.20.0.ebuild | 132 +++++++++++++++++++++ 3 files changed, 216 insertions(+)