Multiple X logins

Jeff Spaleta jspaleta at gmail.com
Tue Mar 7 22:22:16 UTC 2006 

On 3/7/06, Uno Engborg <uno at webworks.se> wrote:
> I think it is Gnome/KDE agnostic, the first login grabs the devices
> regardless if it is KDE or Gnome.

For those interested... the current technology that implements
permissions/ownership changes for devices, like the sound device, at
login is controlled by the pam_console  pam module in the pam for
associated login mechanism.  basically pam_console keeps a list of
users logged in at the "console" and oldest "console" login wins for
pam_console ownership comparisons. There is no obvious way for
pam_console's apprach to be extended to know which user is "active"
when there are 2 or more local "console" desktops, like what
gdmflexiserver provides. Oldest login wins, simple and problematic for
fast user switching.
Read over:
man pam_console
/etc/security/console.perms
and
/etc/security/console.perms.d/

Before the creation of dbus aware services, pretty much all device
ownership/permisions were channeled through the pam_console ownership
mechanism.

Though recently, it seems that certain people http://blog.fubar.dk/?p=63
are thinking about how to solve the problems associated with multiple
concurrent "console" user policy via dbus.  Its a long blog post and
it will confuse you, as it continues to confuse me, until you are
comfortable in dbus messaging syntax.

The important thing to take away from that blog is that dbus could
very well be used to track console activity in a more sophisticated
way that solves the problem of what to do about device ownership when
more than one person is logged in, as long as each login fires of a
dbus managed session. One of the big ideas in the psuedocode of that
blog is the introduction of keeping up with which "console" session is
the active one and having a dbus-enabled policy service fireoff
actions when active console changes from one session to another...or
even when there is no active session.

-jef"I can't wait to see the active console idea implemented in dbus,
so I can see how badly dbus responses to 18 levels of nexted
gdmflexiserver -n  calls"spaleta

More information about the fedora-test-list mailing list