You are not logged in.

Pages: 1

#1 Yesterday 03:13:10

ArchEr9
Member
Registered: 2025-03-18
Posts: 37

How to run the SDDM display manager rootless to start KDE

I have followed the steps given in the Arch Wiki SDDM article  to run sddm rootless. The result is that the wayland compositor runs rootless but not SDDM. SDDM still runs with root privileges. Please see the output given below

$ sudo ps -o user=,pid=,ppid=,cmd= -C sddm-helper,sddm,startplasma-wayland,kwin_wayland_wrapper,kwin_wayland,Xwayland,"systemd --user"
root           1       0 /usr/lib/systemd/systemd --switched-root --system --deserialize=44
root        1121       1 /usr/bin/sddm
root        1341    1121 /usr/lib/sddm/sddm-helper --socket /tmp/sddm-auth-xxxxx --id 1 --start /usr/lib/plasma-
usera       1346       1 /usr/lib/systemd/systemd --user
usera       1373    1341 /usr/bin/startplasma-wayland
usera       1381    1346 /usr/bin/kwin_wayland_wrapper --xwayland
usera       1393    1381 /usr/bin/kwin_wayland --wayland-fd 7 --socket wayland-0 --xwayland-fd 8 --xwayland-fd 9 --xwayland-display :0 --xwayla
usera       1412    1393 /usr/bin/Xwayland :0 -auth /run/user/1001/xauth_AItnKm -listenfd 8 -listenfd 9 -displayfd 66 -wm 68 -rootless -enable-

I checked in the /etc/passwd file and there is a sddm user. But it is not being used to launch any process or do anything.

So my question is that if I want to run the display manager, i.e. sddm, as a non-root user, then how can it be done? Also if SDDM is run with a non-root user, for example using the sddm user, then will it have issues in spawning and launching the various Wayland compositors?

Last edited by ArchEr9 (Yesterday 12:30:47)

Offline

#2 Yesterday 15:41:08

V1del
Forum Moderator
Registered: 2012-10-16
Posts: 25,051

Re: How to run the SDDM display manager rootless to start KDE

The process of the display manager is launched by systemd and as root. The snippet you link is about running the display server i.e. xorg or the wayland compositor that sddm uses to show you the login window as a normal user. If you wanted to enforce the login manager process itself to not run as root you are probably going to run into issues spawning stuff, yes.

This is mostly about having the root owned process be something small and lean and not tied to huge amounts of GUI code. You need some process in that chain that is allowed to invoke root level operations because you are spawning a session for a different (the to be logged in) user).

If you are just using the normal shell, the underlying process is no different. The getty servuce that will get used in that case will be root launched as well.

Last edited by V1del (Yesterday 15:45:11)

Offline

Pages: 1

Board footer

Powered by FluxBB