> After a reboot, the problem disappears for a while, but comes again, > and I didn't find what could trigger it. > I can't figure what KDE could have to do with user groups returned by > the kernel ! > > Does anyone have a hint on the origin of this problem ?
Yes, this is triggered by restarting the xdm service, possibly limited to sddm users. I have noticed the same issue here. Groups are correct after a reboot, but if I do: $ /etc/init.d/xdm restart and log into KDE, then I'm a member of all sorts of system groups. I'm using sddm, maybe it happens with other login managers as well. I suspect that this is due to inheriting the supplementary groups of which "root" is a member at the time the login manager is started. At boot time, it is a member of no additional groups, whereas in a root shell, it is: # groups root bin daemon sys adm disk wheel floppy dialout tape video I suspect this is a bug in sddm, or maybe in pam. It should drop all supplementary groups before switching to the user logging in. As a workaround, I now always reboot instead of restarting xdm. -- Remy
