ok, I will take some time to fix it. 2022-09-18 20:05 GMT, Josselin Poiret : > Hi, > > 路辉 writes: > >> hikari-unlocker need setuid and pam to work. >> >> if hikari exec a non-setuid hikari-unlocker, such as >> "$HOME/.guix-profile/bin/hikari-unlocker", it will cause hikari's >> lock-mode can't exit, only can press power button to exit it. :( >> >> https://hikari.acmelabs.space/manpage.html >> >> https://hub.darcs.net/raichoo/hikari/browse/src/lock_mode.c#71 >> From d1bedbc3c850cf0a60b182999c229079bad9cd99 Mon Sep 17 00:00:00 2001 >> From: Lu Hui >> Date: Sat, 17 Sep 2022 20:10:34 +0800 >> Subject: [PATCH] gnu: hikari: only allow use setuid hikari-unlocker. >> >> * gnu/packages/wm.scm (hikari) >> [phases]{force-use-setuid-unlocker}: replace "sh -c hikari-unlocker" to >> "/run/setuid-programs/hikari-unlocker" > > On Guix system, /run/setuid-programs/ should be in front of whatever > profiles you're using in your PATH, otherwise it will be shadowed by > them. With the default profile loading code in /etc/profile, this > should be what happens but there might be issues with any non-default > setup (ie. package not installed in the ~/.guix-profile/). > > To be honest, I'm not happy with hardcoding > /run/setuid-programs/hikari-unlocker, since it won't work on foreign > distros. > > Shouldn't we rather report this issue upstream? I'm under the > impression that the locker should detect that it isn't running suid and > not try to query PAM if it isn't able to, and instead fail and display > an error message or something similar. > > Best, > -- > Josselin Poiret >