seatd and libseat is a minimal seat management daemon and a universal seat management library.
The canonical documentation for seatd and seatd-launch are their respective manpages, while libseat is documented in its header file.
A seat is a collection of physical input/output devices (keyboard, mouse, monitor/GPU) associated with where a physical user sits, hence "seat".
If a computer serves two independent users with each their own keyboard, mouse and monitor, then it is said to be a multi-seat system. This is not particularly common.
If a computer serves multiple users from a single set of keyboard, mouse and monitor, with other user sessions suspended in the meanwhile, then it is set to be a single-seat but multi-session system.
Seat management daemons like seatd, (e)logind and ConsoleKit(2) all provide a way for display servers to access input/output devices without having to be root. They also coordinate things like session switching and access revocation.
Note that ConsoleKit and (e)logind also perform other functions entirely unrelated to seat management.
The short answer is yes. Even if your system is single-seat single-session, seat management provides root-less access to the devices within the seat, and makes it easy to integrate with VT switching.
seatd is a daemon providing seat management services.
libseat is a library for display servers needing to access seat devices, which can use either seatd or (e)logind as backend. Some forks also support ConsoleKit2.
(e)logind sets up XDG_RUNTIME_DIR
when you log in. This can be replaced with scripts or PAM modules that run on login.
Run the following as root on system startup:
#!/bin/sh -eu
# Configuration
YOUR_USER="your username here"
YOUR_GROUP="your group here"
XDG_RUNTIME_DIR=/run/user/`id -u $YOUR_USER`
if [ $? -ne 0 ]
then
echo "No such user $YOUR_USER"
exit 1
fi
# Delete existing directory, create a new one and set permissions
rm -rf $XDG_RUNTIME_DIR
mkdir -p $XDG_RUNTIME_DIR
chown $YOUR_USER:$YOUR_GROUP $XDG_RUNTIME_DIR
chmod 700 $XDG_RUNTIME_DIR
Then add the following to your .profile or similar script that wraps or is sourced before you need XDG_RUNTIME_DIR
set:
export XDG_RUNTIME_DIR=/run/user/`id -u`
This requires that your login manager (login(1)
, greetd, GDM, whatever you use) uses PAM.
For Alpine Linux, only the non-busybox version of login(1)
uses PAM. See the util-linux-login
and shadow-login
packages.
The login manager you use should have a PAM stack located at /etc/pam.d/<name>
or similar. For example, login(1)
uses /etc/pam.d/login
, while greetd uses /etc/pam.d/greetd
.
dumb_runtime_dir
dumb_runtime_dir
is "dumb" in the sense that it only does the bare minimum: Create a folder, set permissions and set the environment variable.
dumb_runtime_dir
is not packaged at the time of writing. To build and install:
make all
sudo make install
Then add the following to your login manager PAM stack:
session optional pam_dumb_runtime_dir.so
pam_rundir
pam_rundir handles creating XDG_RUNTIME_DIR
on login and removing it on last logout.
Install pam_rundir and add the following to your login manager PAM stack:
session optional pam_rundir.so
It handles creating the /run/user/
and setting XDG_RUNTIME_DIR
.
pam_xdg
If pam_rundir
doesn't work for you, there is an alternative with Steffen Nurpmeso's s-toolbox that has pam_xdg
.
It has a bit better documentation, but at least on Alpine it is not packaged (and therefore not vetted by Alpine maintainers), so so you need to compile it yourself.
To build and install:
make -f pam_xdg.makefile
sudo make -f pam_xdg.makefile install
Then add the following to your login manager PAM stack:
session optional pam_xdg.so notroot track_sessions
commit 47003f179237658407a4c33b281efd18a5ba01b9 Author: Kenny Levinsen <kl@kl.wtf> Date: 2022-03-22T10:54:40+01:00 Refactor and extend XDG_RUNTIME_DIR - Add a simple script section - Add `dumb_runtime_dir` - Make other sections less `login(1)` and Alpine specific