> I got a bit closer to the root cause of the problem: SDDM works
and logs
> me in when I start it by simply running 'sddm' from a root shell. But it
> fails (with the symptoms described in this thread) when started using
> systemd.
>
> In what way can systemd be hurting sddm so that it can't log users in?
Two thoughts: first, after it fails, log into a CLI and run this:
systemctl status sddm
Compared to the strace wrapper I tried, combined with a careful inspection of logs from
journalctl, status doesn't say too much:
Dec 19 21:41:25 prdell.localdomain systemd[1]: Started Simple Desktop Display Manager.
Dec 19 21:41:25 prdell.localdomain systemd[1]: Starting Simple Desktop Display
Manager...
Dec 19 21:41:27 prdell.localdomain sddm-helper[1893]: pam_unix(sddm-greeter:session):
session opened for user sddm by (uid=0)
Dec 19 21:41:31 prdell.localdomain sddm-helper[1945]: pam_kwallet5(sddm:auth): (null):
pam_sm_authenticate
Dec 19 21:41:31 prdell.localdomain sddm-helper[1945]: pam_kwallet(sddm:auth): (null):
pam_sm_authenticate
Dec 19 21:41:31 prdell.localdomain sddm[1880]: Oops, secure memory pool already
initialized
Dec 19 21:41:31 prdell.localdomain sddm-helper[1945]: pam_kwallet5(sddm:setcred):
pam_kwallet5: pam_sm_setcred
Dec 19 21:41:31 prdell.localdomain sddm-helper[1945]: pam_kwallet(sddm:setcred):
pam_kwallet: pam_sm_setcred
Dec 19 21:41:31 prdell.localdomain sddm[1880]: Auth: sddm-helper exited with 2
Dec 19 21:41:32 prdell.localdomain sddm-helper[1970]: pam_unix(sddm-greeter:session):
session opened for user sddm by (uid=0)
The sddm-helper exits with error code 2, quite likely due to the EPERM I saw in the strace
logs. And as already mentioned, setting SELinux to permissive makes sddm just hang
silently.
Second, try disabling the sddm.service and running sddm from rc.local
instead.
That fails exactly the same way, which is no surprise, because rc.local is just yet
another systemd service. There's indeed something in the environment set up by systemd
that sddm just can't tolerate. I'm still not sure what this could be.
What extra restrictions does systemd impose, when compared to running stuff from a root
shell? It has its own ulimit settings in /etc/systemd/system.conf, but sddm still fails
the same way, with "vanilla" ulimit settings as well as with a relaxed vesion
thereof.
Also tried to set PrivateTmp=true in sddm's unit file, just to check this out, but no,
still the same problem. :-(
Andrej