Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[update] elogind without polkit
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks
View previous topic :: View next topic  
Author Message
teika
Apprentice
Apprentice


Joined: 19 Feb 2011
Posts: 155
Location: YYYY-MM-DD, period. Have you ever used the Internet?

PostPosted: Thu Nov 11, 2021 5:25 am    Post subject: [update] elogind without polkit Reply with quote

[update] The original post below is now obsolete. Today sys-auth/polkit does not any more depend on spidermonkey by default.
-------
Caveat: I am not recommending this. Use at your own risk. See below for details.

Here's what I have met when I removed sys-auth/polkit (i.e. USE="-policykit" for elogind.)

1. You can't run X without this:
$ chmod 4755 /usr/bin/Xorg
(With USE=+suid, this might be unnecessary. Sorry, haven't checked.)

2. Without polkit, elogind won't let you sleep/hibernate (aka s2ram/s2disk). You can do them with sysfs:
$ # s2disk
$ echo platform > /sys/power/disk && echo disk > /sys/power/state

$ # s2ram
$ echo mem > /sys/power/state

Of course you need the root privilege for these. Write wrapper scripts and run with sudo.
(I guess any command to sleep have them at its core.)

Motivation:
polkit pulls in spidermonkey, and there're many complaints about it:

* Forum thread: Fork Polkit to remove SpiderMonkey dependency (From Jan 2019 to Dec 2020)
* Forum thread: [Solved] How do I switch polkit from spidermonkey to duktape (in Mar 2021)
* Reddit thread: Want to get rid of spidermonkey, but polkit depends on it. (in Jul 2021)

What's wrong with this?
First notice elogind has IUSE="+policykit". Do respect default USE flags. And you should not run X with suid.

Cheers.
_________________
Hack of easy Shift / Ctrl / AltGr etc; save your pinkies, type without drudgery: topic 865313

XPAT - Xi, Putin, Abe and Trump - are security holes of their own nations.


Last edited by teika on Thu Sep 08, 2022 1:09 am; edited 3 times in total
Back to top
View user's profile Send private message
smartding
Tux's lil' helper
Tux's lil' helper


Joined: 22 Jan 2021
Posts: 129

PostPosted: Thu Nov 11, 2021 5:40 am    Post subject: Reply with quote

I disabled the "policykit" flag of elogind long ago, because I don't want to compile spidermonkey.

1. I'm still rootless Xorg according to "ps -fC X", and I didn't chmod anything.

2. I'm still able to sleep with loginctl. Although I never tried hibernating.
Back to top
View user's profile Send private message
Perfect Gentleman
Veteran
Veteran


Joined: 18 May 2014
Posts: 1245

PostPosted: Thu Nov 11, 2021 6:03 am    Post subject: Reply with quote

Compile polkit with duktape. Without polkit I've bumped into some restrictions.
Back to top
View user's profile Send private message
teika
Apprentice
Apprentice


Joined: 19 Feb 2011
Posts: 155
Location: YYYY-MM-DD, period. Have you ever used the Internet?

PostPosted: Thu Sep 08, 2022 1:05 am    Post subject: Reply with quote

Update, if you're still avoiding polkit, i.e. USE="-policykit".

sys-auth/polkit now depends on duktape, not on spidermonkey, by default. Now you can pull in polkit without hassle.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum