Difference between revisions of "Start X at login"

From ArchWiki
Jump to navigation Jump to search
(add info about security issue)
m (→‎{{Filename|~/.bash_profile}}: mentioning alock and lualock alternatives)
Line 21: Line 21:
 
{{Note|This method can be combined with [[automatic login to virtual console]] and act similar to the inittab method, but it will properly register your session and work with ConsoleKit.}}
 
{{Note|This method can be combined with [[automatic login to virtual console]] and act similar to the inittab method, but it will properly register your session and work with ConsoleKit.}}
  
{{Warning|Note that there is a significant security difference when using plain startx instead of a loginmanager. Thus you run startx from your shell you are always able to switch from X (usually on tt7) back to tt1 (Ctrl+Alt+F1) and gain control over the user shell even when the screen is locked (e.g. via xscreensaver or i3lock).  
+
{{Warning|Note that there is a significant security difference when using plain startx instead of a loginmanager. Thus you run startx from your shell you are always able to switch from X (usually on tt7) back to tt1 (Ctrl+Alt+F1) and gain control over the user shell even when the screen is locked (e.g. via xscreensaver, i3lock, {{Package AUR|alock-svn}} or {{Package AUR|lualock-git}}).  
 
A Solution: replace 'exec startx' with 'exec nohup startx > .xlog & vlock'. This will start X, redirect the printout to ~/.xlog and lock the shell. Of course you need to install {{Package Official|vlock}} first.}}
 
A Solution: replace 'exec startx' with 'exec nohup startx > .xlog & vlock'. This will start X, redirect the printout to ~/.xlog and lock the shell. Of course you need to install {{Package Official|vlock}} first.}}
  

Revision as of 14:05, 12 November 2011

This template has only maintenance purposes. For linking to local translations please use interlanguage links, see Help:i18n#Interlanguage links.


Local languages: Català – Dansk – English – Español – Esperanto – Hrvatski – Indonesia – Italiano – Lietuviškai – Magyar – Nederlands – Norsk Bokmål – Polski – Português – Slovenský – Česky – Ελληνικά – Български – Русский – Српски – Українська – עברית – العربية – ไทย – 日本語 – 正體中文 – 简体中文 – 한국어


External languages (all articles in these languages should be moved to the external wiki): Deutsch – Français – Română – Suomi – Svenska – Tiếng Việt – Türkçe – فارسی

Template:Article summary start Template:Article summary text Template:Article summary heading Template:Article summary wiki Template:Article summary wiki Template:Article summary wiki Template:Article summary end

Typically, Template:Filename or Template:Filename are used to manually start X. Both will execute Template:Filename, which may be customized to start the window manager of choice as described in the xinitrc article.

The majority of users wishing to start an X server during the boot process will want to install a Display Manager instead.

By using the ~/.bash_profile method, X will be started once logged in from a tty. The /etc/inittab way allows automatically starting X without supplying a password.

Template:Filename

Note: This method can be combined with automatic login to virtual console and act similar to the inittab method, but it will properly register your session and work with ConsoleKit.
Warning: Note that there is a significant security difference when using plain startx instead of a loginmanager. Thus you run startx from your shell you are always able to switch from X (usually on tt7) back to tt1 (Ctrl+Alt+F1) and gain control over the user shell even when the screen is locked (e.g. via xscreensaver, i3lock, Template:Package AUR or Template:Package AUR). A Solution: replace 'exec startx' with 'exec nohup startx > .xlog & vlock'. This will start X, redirect the printout to ~/.xlog and lock the shell. Of course you need to install Template:Package Official first.

An alternative to a login manager is to add the following to the bottom of your Template:Filename (if Template:Filename does not yet exist, you can copy a skeleton version from Template:Filename. If you use zsh as your preferred shell, add the following lines to your Template:Filename instead.):

Template:File

or with additional checking (if tty1 (Template:Keypress + Template:Keypress + Template:Keypress) shows an error message):

Template:File

Or with a prompt:

Template:File

The user will be logged out when X is killed. In order to avoid this, remove the Template:Codeline part from the script.

Template:Filename

Warning: This method will not use Template:Filename or register your session, therefore no session will appear in `who` or `w`. Your session will also not be authorized as 'local' by ConsoleKit, so you will be unable to shutdown/suspend/reboot or mount drives without using Template:Codeline or Template:Codeline.

Another way of circumventing display managers and booting straight into a preferred window manager or desktop environment involves editing Template:Filename, changing:

id:3:initdefault:

[...]

x:5:respawn:/usr/bin/xdm -nodaemon

to:

id:5:initdefault:

[...]

x:5:once:/bin/su - -- PREFERRED_USER -l -c '/usr/bin/startx </dev/null >/dev/null 2>&1'

The Template:Codeline option invokes a "login shell" by prepending a dash (-) to its name. Because a command is specified with the Template:Codeline option, the shell is also run in "non-interactive mode". Bash does not do the normal login process in non-interactive login mode unless it is forced with the Template:Codeline option. The Template:Codeline option ensures that the Template:Codeline and Template:Codeline options are passed to the shell rather than used by su itself. These workarounds are needed for the combination of Gnu su and Bash; see "su 5.2.1 does not invoke bash as a login shell".

The standard input must be redirected (Template:Codeline) if Getty or some other program is still used on the console, otherwise there will be a conflict between multiple programs stealing console input from each other.

The output can also be redirected (Template:Codeline) to avoid outputting messages from X to the console.

The field populated with Template:Codeline may be changed to Template:Codeline which will restart X if it exits.

Additionally, Template:Codeline may be changed to any desired command or script. For example:

startx -- -nolisten tcp -br -deferglyphs 16

Also you can do this for multiple users using different runlevels,

x1:4:once:/bin/su - -- PREFERRED_USER1 -l -c '/usr/bin/startx </dev/null >/dev/null 2>&1'
x2:5:once:/bin/su - -- PREFERRED_USER2 -l -c '/usr/bin/startx </dev/null >/dev/null 2>&1'

and inserting a new entry in GRUB's Template:Filename:

# (0) Arch Linux
title  Arch Linux USER1
root   (hd0,0)
kernel /vmlinuz-linux root=/dev/disk/by-label/Arch ro 4
initrd /initramfs-linux.img

# (1) Arch Linux
title  Arch Linux USER2
root   (hd0,0)
kernel /vmlinuz-linux root=/dev/disk/by-label/Arch ro 5
initrd /initramfs-linux.img
Note: If you have problems with writing non-ASCII letters within terminals in that new X, remove the Template:Codeline switch (see here).