Could it have to do with security changes regarding X and setuid root, see end of my post?
Expected or earlier behavior:
- a) you start in your desktop environment (running X)
- b) switch with STRG+ALT+F1 to tty 1 (X still runs, test with STRG+ALT+F7 and back)
- c) you want to DU without running X so 'systemctl isolate multi-user.target' stops X on F7),
c1) while you stay logged in on tty1
(c would be the same as if you 'systemctl stop lightdm [or sddm])
Now c1) doesn't really work as expected/earlier... -> throws you out, relogin necessary.
----
System1 with
kdenext,
sddm as DM, xserver-xorg-core 2:1.17.3-2,
xserver-xorg-legacy 2:1.17.3-2, systemd 227-3
Acting like c) does stop X, logs me out of tty1 and gives me re-login prompt on tty1, I can login as root and work on.
After 'systemctl isolate graphical.target' X is started and lets me re-login in sddm.
System1, a) user in X,
loginctl list-sessions:
SESSION UID USER SEAT
5 117 sddm seat0
6 1000 martin seat0
2 sessions listed.
System1, b) root in tty1, X still running
loginctl list-sessions:
SESSION UID USER SEAT
5 117 sddm seat0
6 1000 martin seat0
7 0 root seat0
3 sessions listed.
System1, c) X stopped, root thrown out and re-logged in
loginctl list-sessions:
SESSION UID USER SEAT
8 0 root seat0
1 session listed.
----
System2, no kdenext (stock debian),
lightdm as DM, xserver-xorg-core 2:1.17.3-2,
no xserver-xorg-legacy, systemd 227-3
Acting like c) does stop X, logs me out of tty1 and gives me re-login prompt on tty1, I can login as root and work on.
After 'systemctl isolate graphical.target' X is started and lets me re-login in lightdm.
System2, a) user in X,
loginctl list-sessions:
SESSION UID USER SEAT
1 1000 martin seat0
c1 105 lightdm seat0
2 sessions listed.
System2, b) root in tty1, X running
loginctl list-sessions:
SESSION UID USER SEAT
1 1000 martin seat0
2 0 root seat0
c1 105 lightdm seat0
3 sessions listed.
System2, c) X stopped, root thrown out and re-logged in
loginctl list-sessions:
SESSION UID USER SEAT
3 0 root seat0
1 session listed.
----
Could it perhaps be a side effect related to changes for xserver, because the topic in irc #debian-next says "Unprivileged Xorg is here! /msg dpkg xorg root" , which gives
/msg dpkg xorg root
From Debian 9 "Stretch" onwards (xorg-server 1.17.3-1), the Xorg server is no longer setuid root, reducing the risk of privilege escalation security problems. This relies on logind and libpam-systemd and moves the logs to ~/.local/share/xorg; use the xserver-xorg-legacy package and see Xwrapper.config(5) if you'd rather a setuid root X.