startx
. I never really understood which problems a display/login manager solves. startx
runs org as the end user?I never even knew about pcdm, wdm or ly, for that matter until just now.I believe display managers are strictly aesthetic, but that's my opinion. I am not 100% certain but I believe there are security implications of using a display manager as well, but I am not an operating system security expert. Don't display managers run as root whilestartx
runs org as the end user?
I never even knew about pcdm, wdm or ly, for that matter until just now.
Is the issue that display managers are started before the user is signed in? If so would it not be possible to automatically sign into a temporary user prior to starting the display manager?I never even knew about pcdm, wdm or ly, for that matter until just now.
Sevendogsbsd : There's noise about making sddm Wayland-compatible so that it doesn't have to start as root. But there are issues to be ironed out.
Also the OpenBSD fork of XDM (xenodm) doesn't run as root.Sevendogsbsd : There's noise about making sddm Wayland-compatible so that it doesn't have to start as root. But there are issues to be ironed out.
To the best of my understanding, that's not an issue, that's the standard and expected behavior for DMs (to start before the user is signed in). A user would use a DM to actually sign in... that's what a DM is for in the first place.Is the issue that display managers are started before the user is signed in?
Indeed that is what I mean. When you run startx a user is already signed in to run the command. When you start a display manager it starts before a user has signed in, that is the point of it. So is this why it is usually started as root?To the best of my understanding, that's not an issue, that's the standard and expected behavior for DMs (to start before the user is signed in). A user would use a DM to actually sign in... that's what a DM is for in the first place.
I think so... but instead of signing in as a 'temporary' user, the OS simply launches a process with less privileges than root. For example, MySQL has a special 'mysql' user in /etc/passwd. That is a 'system account', so to speak, it does not need to sign in. This is how the MySQL server gets launched at boot, before anyone has a chance to sign in. Same logic should apply to Xorg... but is not really programmed in. This is why OpenBSD did what it did... this is why Wayland is being pushed as an alternative.Indeed that is what I mean. When you run startx a user is already signed in to run the command. When you start a display manager it starts before a user has signed in, that is the point of it. So is this why it is usually started as root?
+1 for this.Login as text and then automatically startx by .(z)shrc.
startx
from his profile script. xlock
. He has basically turned multi-user BSD into a single-user machine On my maine workstation I have the above startx, plus Firefox and urxvt running when the WM starts. On the "media player" attached to the TV which also runs FreeBSD, the login is via /etc/gettytab (/etc/ttys). When the WM starts kodi is automatically loaded, after that ssh+vnc for remote control.+1 for this.
A colleague of mine does similar but goes a step further. He also has his command line automatically log in by tweaking /etc/gettytab and /etc/ttys.
This in turn automatically exec'sstartx
from his profile script.
Finally his .xinitrc starts WM andxlock
. He has basically turned multi-user BSD into a single-user machine
… why using a display/login manager is useful.
Can you elaborate how it might be more secure for the window environment?Display managers are convenient for getting right to the desktop after bootup. It may also be more secure for the window environment.