~kennylevinsen/seatd-docs

47003f179237658407a4c33b281efd18a5ba01b9 — Kenny Levinsen 2 years ago 0620c7f master
Refactor and extend XDG_RUNTIME_DIR

- Add a simple script section
- Add `dumb_runtime_dir`
- Make other sections less `login(1)` and Alpine specific
1 files changed, 67 insertions(+), 14 deletions(-)

M index.md
M index.md => index.md +67 -14
@@ 32,39 32,92 @@ libseat is a library for display servers needing to access seat devices, which c

## XDG_RUNTIME_DIR not set

seatd doesn't do this automatically. Commonly with elogind or systemd this is done by pam modules.  You can either use scripts to do this, add them manually in your `.profile` or use `pam_rundir` or `s-toolbox`'s `pam_xdg`
(e)logind sets up `XDG_RUNTIME_DIR` when you log in. This can be replaced with scripts or PAM modules that run on login.

### Using PAM (like elogind and systemd)
### Using simple scripts

#### Getting working `login` command
Run the following as root on system startup:

Make sure you are using `login` command that supports PAM, this means using non-busybox version of the `login` command.
```sh
#!/bin/sh -eu

There are `util-linux-login` and `shadow-login` packages ready in alpine that work.
# Configuration
YOUR_USER="your username here"
YOUR_GROUP="your group here"

XDG_RUNTIME_DIR=/run/user/`id -u $YOUR_USER`
if [ $? -ne 0 ]
then
        echo "No such user $YOUR_USER"
        exit 1
fi

# Delete existing directory, create a new one and set permissions
rm -rf $XDG_RUNTIME_DIR
mkdir -p $XDG_RUNTIME_DIR
chown $YOUR_USER:$YOUR_GROUP $XDG_RUNTIME_DIR
chmod 700 $XDG_RUNTIME_DIR
```

Then add the following to your .profile or similar script that wraps or is sourced before you need `XDG_RUNTIME_DIR` set:

```sh
export XDG_RUNTIME_DIR=/run/user/`id -u`
```

### Using PAM

This requires that your login manager (`login(1)`, greetd, GDM, whatever you use) uses PAM.

For Alpine Linux, only the non-busybox version of `login(1)` uses PAM. See the `util-linux-login` and `shadow-login` packages.

The login manager you use should have a PAM stack located at `/etc/pam.d/<name>` or similar. For example, `login(1)` uses `/etc/pam.d/login`, while greetd uses `/etc/pam.d/greetd`.

#### Using `dumb_runtime_dir`

[`dumb_runtime_dir`](https://github.com/ifreund/dumb_runtime_dir) is "dumb" in the sense that it only does the bare minimum: Create a folder, set permissions and set the environment variable.

`dumb_runtime_dir` is not packaged at the time of writing. To build and install:

```sh
make all
sudo make install
```

Then add the following to your login manager PAM stack:

```
session		optional	pam_dumb_runtime_dir.so
```

#### Using `pam_rundir`

Alpine Linux has `pam_rundir` package, which you can install.  It handles creating the `/run/user/` and setting up the `XDG_`-variables.
pam_rundir handles creating `XDG_RUNTIME_DIR` on login and removing it on last logout.

Install `pam_rundir`-package.  Then add
Install pam_rundir and add the following to your login manager PAM stack:

```
session     optional    pam_rundir.so
```

to your `/etc/pam.d/login` file

It handles creating the `/run/user/` and setting `XDG_RUNTIME_DIR`.

#### Using `pam_xdg`
If `pam_rundir` doesn't work for you, there is an alternative with Steffen Nurpmeso's [s-toolbox](https://git.sdaoden.eu/browse/s-toolbox.git) that has `pam_xdg`.  It handles creating the `/run/user/` and setting up the `XDG_`-variables.

It has a bit better documentation, but requires you to compile it and it isn't vetted by Alpine's maintainers.
If `pam_rundir` doesn't work for you, there is an alternative with Steffen Nurpmeso's [s-toolbox](https://git.sdaoden.eu/browse/s-toolbox.git) that has `pam_xdg`.

It has a bit better documentation, but at least on Alpine it is not packaged (and therefore not vetted by Alpine maintainers), so so you need to compile it yourself.

To build and install:

You need to build the `pam_xdg.so` module from the git repository, and throw it into `/lib/security` and then add
```sh
make -f pam_xdg.makefile
sudo make -f pam_xdg.makefile install
```

Then add the following to your login manager PAM stack:

```
session     optional    pam_xdg.so  notroot track_sessions
```

to your `/etc/pam.d/login` file