You are not logged in.
- Topics: Active | Unanswered
#1 2023-07-17 03:25:58
- soravoid
- Member
- Registered: 2023-07-17
- Posts: 7
Can't run GNOME with wayland with hidepid=2 after adding proc to gdm
I'm mounting /proc with hidepid=2 and have added the proc group to both systemd-logind and gdm via the SupplementaryGroups option under [Service], but I get this error in my `journalctl -b`:
Jul 16 22:12:20 HOSTNAME org.gnome.Shell.desktop[846]: Failed to setup: Could not get session ID: Failed to get session by pid for user 120 (No such process)
Jul 16 22:12:20 HOSTNAME gnome-session[836]: gnome-session-binary[836]: WARNING: App 'org.gnome.Shell.desktop' exited with code 1
Jul 16 22:12:20 HOSTNAME gnome-session-binary[836]: WARNING: App 'org.gnome.Shell.desktop' exited with code 1
Jul 16 22:12:20 HOSTNAME gnome-session-binary[836]: Unrecoverable failure in required component org.gnome.Shell.desktop
Jul 16 22:12:20 HOSTNAME /usr/lib/gdm-wayland-session[835]: dbus-daemon[835]: [session uid=120 pid=835] Activating service name='ca.desrt.dconf' requested by ':1.2' (uid=120 pid=836 comm="/usr/lib/gnome-session>
Jul 16 22:12:20 HOSTNAME /usr/lib/gdm-wayland-session[835]: dbus-daemon[835]: [session uid=120 pid=835] Successfully activated service 'ca.desrt.dconf'
Jul 16 22:12:20 HOSTNAME gdm[799]: Gdm: GdmDisplay: Session never registered, failingand the output of
loginctl show-session $(awk '/tty/ {print $1}' <(loginctl)) -p Type | awk -F= '{print $2}'shows that I'm running X11, but after removing the /proc line from my fstab, the command tells me that I am running wayland. I have also tried adding the proc group to the systemd-user-sessions service. Finally, here is how I mount proc in my fstab just for you guys to make sure it is correct:
proc /proc proc nosuid,nodev,noexec,hidepid=2,gid=proc 0 0I think I just need to find the right service or something to add to the proc group, but I'm not sure where to start, other than finding the thing that launches org.gnome.Shell.desktop, but I haven't been successful. Any help would be appreciated! Thanks!
Last edited by soravoid (2023-07-17 03:36:12)
Offline
#2 2023-07-17 06:30:39
- seth
- Member
- From: Don't DM me only for attention
- Registered: 2012-09-03
- Posts: 74,314
Re: Can't run GNOME with wayland with hidepid=2 after adding proc to gdm
https://wiki.archlinux.org/title/Security#hidepid - see the warning
https://access.redhat.com/solutions/6704531
hidepid is incompatible with lennartware, it died when arch switched to systemd and using it but on an extremely barebone system is masochism.
And before a parrot steps in: one might also conclude that lennart is simply incompatible w/ the world.
Offline