Non root Xorg

This guide details running X server under user account.

This has been successfully tested using Nouveau and Intel drivers

Additional prerequisities
Some of this support is relatively recent, and it may be necessary to install unstable packages. If it fails to work with stable, keywording certain packages may be necessary.

Rebuilding Xorg
Disable suid USE flag:

Rebuild Xorg:

Making necessary changes to system
Now you can run X as user, however because none of login managers are currently capable of doing necessary permission handling it needs some workarounds. In particular, X run by user needs to be able to access /dev/input files and it needs to be started directly as the user. Additionally, as with using direct rendering, the unprivileged user also needs access to the video hardware, typically achieved by adding them to the "video" group (though certain login managers, such as ConsoleKit or systemd-logind may handle this for you).

To access /dev/input files it's easiest to add them to group and allow user to access them. (Note: The "input" group and udev rules may already exist on many Gentoo systems. If they exist for you, you may skip the steps before adding your user to the necessary groups.)

Create udev rule to change /dev/input group on boot:

Reload udev rules to get the new permissions (note that this may interfere with your input devices on the current vty):

And finally, add your user to the necessary groups:

Log out and log back in (for the permissions changes to take effect), and then start X by running:

If logged on tty1 use vt1, on tty2 use vt2, and so on.

X should now be running as an unprivileged user.

Security concerns
Running X as a normal user is generally a positive step for security, with the exception of multiuser or, especially, multiseat systems. With the direct access to input devices by the user, it becomes trivially possible to snoop on the input of another active user or run a background job to snoop on the input of a future user of the system. For such systems, it's likely better to choose a solution other than running X as the logged-in user (such as using setuid with a dedicated, unprivileged user or using setgid for the "input" group).

Alternative method
In this section we will detail "setgid" mentioned above.

The objective is to run X as an unprivileged user without adding a user to the input group. This can prevent user from accidentally or intentionally snooping on the input.

To achieve this goal we make use of setgid so that when a user starts X, the X server will be automatically granted permission to access input devices.

Change the ownership of /usr/bin/Xorg:

Change the file permission of /usr/bin/Xorg:

Now your user is not required to be in the input group to run X server. To remove your user from input group:

But your user still needs to be in the video group:

Now start X as a regular user (see above) and X server should function well.