This is simply a false sense of security, and is worse than just using
setuid. CAP_SYS_ADMIN is an extremely serious capability that is
effectively as powerful as root.
It also required users to be in the input group, which allows any
process to keylog the entire system.
The logind provider defaulted to systemd and in order to use elogind,
-Dlogin-provider=elogind was required. This adds 'auto' as a choice
for the login-provider option and sets it as default. Using 'auto',
the build will check for systemd first and if it's not found, try
to find and use elogind automatically.
Arch Linux maintainers are still figuring out whether they should ask
people to explicitely install it or make it a dependency of libxcb again
[1]. In the meantime, add it as an explicit dependency. I'll revert
this patch if they decide otherwise.
[1]: https://bugs.archlinux.org/task/64914
