When starting a confined shell it is not currently possible to acquire a graphical ttyN session with logind as AppArmour will deny access to “org.freedesktop.login1” via dbus.
I note that there are existing interfaces (e.g. “shutdown” & “network_manager”) that allow some access to “org.freedesktop.login1”, but not to “Session” and “Seat” as needed for the above.
As a result I’m thinking proposing a new interface that allows this access. That leads to several questions:
- Would adding to an existing interface - e.g. “wayland” (which I already implement) be preferable? (It would work for me but doesn’t seem coherent.)
- If not, would a new interface for this be acceptable?
- if so, what would be the best name? “logind”?
Ping @jdstrand
Note, I’m motivated by Mir-based snaps mir-test-tools and egmde-confined-desktop, but this seems a much more general issue and might affect others.