[SOLVED] Display Manager with Wayland forced to change session

moonlight · 2024-09-12 11:09:33

Hello everyone. I’m pretty new to linux, so I'm sorry if I misunderstood something.

I'm setting up my environment using wayland with hyprland as my compositor. I got to the point where I want to improve the login ux.

I setup sddm to open hyprland after login. This works, but after login I can see it opening a new session and only after that hyprland opens. After a bit of searching around, it seems that wayland runs rootless, while x11 runs as root. Which makes it so if you use wayland for sddm, it can’t open the new admin user in the same session.

What would be my options to have a smooth transition between logging in, and the rest of the system working.

I assume I could use x11 for sddm, however I’ve read that its use of root for the display manager is insecure, so if possible, I’d rather not. I also assume that other display managers have the same issue with x11 vs wayland, as I haven’t found any information to say otherwise.

Could I use a setup where I autologin, and then instantly screen lock? Wouldn’t that just create possible issues for the future, and also be less secure than just using x11?

Note that I am the only user, using one session only. I need only the password part of the display manager, in case there’s an alternative that would work.

Thank you for any input on this!

Last edited by moonlight (2024-09-12 12:38:56)

V1del · 2024-09-12 11:58:02

You're forced to change sessions anyway, sddm is it's own session so it can do session management for different sessions/users that aspect is normal and intended (and what you want).

as for the rootfull/rootless discussion: https://wiki.archlinux.org/title/SDDM#Rootless and the wayland session right below it.

That said as for the "security considerations of running SDDM on a root Xorg". While yes, if a potential attacker gets access to the xorg server ran by the SDDM process it can technically listen to events happening on that xorg screen. But for that to be a real issue multiple other mechanisms need to have failed beforehand (he would have had to elevate permissions to get to the xauth cookie of SDDM to then connect to the xorg server which then runs as root -- i.e. you already had a privilege escalation) at which point you're basically owned anyway. So I'd not worry about that aspect too much.

But yeah doing an autologin on VT1 or so and invoking a screenlocker would avoid that particular scenario (given that said screen locker is engineered as such that killing it will not expose your session, but not sure about the hyprland based implementations here)

Last edited by V1del (2024-09-12 12:03:50)

moonlight · 2024-09-12 12:38:35

@V1del I see, thank you. I was unaware of the security issue not being anything too important.

I've changed sddm to run in x11-user mode and open Hyprland after login, and it seems to fix the session change issue. There's still a 2 second black screen, but I'm not sure anything could be done about that, as X11 needs to close and wayland to open, with no window manager open in that time. Perhaps is there a way to open both X11 and wayland at the same time, so after login Hyprland opens instantly? I'm not sure, but I will look into that further, but if you or anyone else has any clue I'd be grateful!

I'll also look into the screenlocker solution later, good to know it's viable. Thanks for your help!

Arch Linux

#1 2024-09-12 11:09:33

[SOLVED] Display Manager with Wayland forced to change session

#2 2024-09-12 11:58:02

Re: [SOLVED] Display Manager with Wayland forced to change session

#3 2024-09-12 12:38:35

Re: [SOLVED] Display Manager with Wayland forced to change session

Board footer