Age | Commit message (Collapse) | Author |
|
|
|
The parent environment might contain nasty things. Create a new
environment for the seatd process containing only the environment
variables we care about. For now, that's only SEATD_LOGLEVEL.
|
|
We previously used execlp to execute seatd, which had the effect of
searching PATH for the executable. This allowed the caller to control
what executable was run, which is bad if SUID has been set.
Instead, expose the absolute install path for seatd from meason as a
define, and use that in a call to execv.
|
|
|
|
|
|
Makes it easier to find out that something went wrong.
|
|
Mimick shells and exit with a status >128 if our child has been
signalled. Exiting with 128 + signal number is what most shells do
(POSIX only requires them to exit with >128).
|
|
|
|
The command indexing had not been updated afer the introduction of
getopt, so combining a command with flags would fail.
Add error handling for if no command was specified while we're at it.
|
|
$ seatd-launch sway -c /dev/null
Could not start target: No such file or directory
|
|
|
|
|
|
|
|
|
|
Instead of relying on seatd's user/group arguments, which require
turning our UID back into a username, just chmod/chown the socket
ourselves once seatd is ready.
We also reduce the permissions to just user access, instead of user and
group like seatd specifies.
|
|
New clients could only be added to a VT bound seat if there were no
"active" client, regardless of its actual state. This meant that if one
switched from an "active" VT to an "inactive" VT, the seat would be
blocked while the "active" client was in CLIENT_PENDING_DISABLE, causing
new clients to possibly fail should the old client take its time with
the ack.
Instead, allow new clients to also be added if there is an active client
whose state is CLIENT_PENDING_DISABLE, and there is no client with the
new VT as its session ID.
|
|
Allows text editor auto-configuration.
|
|
The kernel Secure Attention Key killer, triggered by SysRq+k, kills all
processes that hold an fd referencing the tty.
To avoid its attention, we stop storing the fd for the currently active
VT in seat state. This has the added benefit of simplifying state a bit.
|
|
Test if arguments (e.g. -Wimplicit-fallthrough) is available before
using it as -Wimplicit-fallthrough has been added only since gcc 7.1 and
https://github.com/gcc-mirror/gcc/commit/81fea426da8c4687bb32e6894dc26f00ae211822
and so it will raise the following build failure with gcc < 7:
arm-none-linux-gnueabi-gcc: error: unrecognized command line option '-Wimplicit-fallthrough'
Fixes:
- http://autobuild.buildroot.org/results/0ee6816a7cceebdafd07612677a594bdf68e0790
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
|
This was regressed by 166feaea3394e00af14418e074ae090e31922f33 which
missed the builtin backend when changing struct libseat_seat_listener to
being passed around as const.
|
|
The builtin backend no longer requires root, setuid or CAP_SYS_ADMIN.
This commit updates the documentation accordingly.
|
|
This reverts commit 1ae6c3b3ddf0ce2a2e1817eb9c74e0c03153df58.
A user might want to run the builtin server as non root, if they have
permission to use the devices.
The check was originally copied from wlroots's direct backend. It was reverted
in fa05d3cde68d with a detailed explanation of why root priviledges are not
always necessary to use the DRM device.
|
|
|
|
libseat will never write to that struct. Let's allow callers to
make it read-only.
|
|
c8b3a22d4ef0f69c3d22f0ec1170b89c93ef1dc3 snuck in a change which
converts chown/chmod to fchown/fchmod using the socket fd. This appears
to succeed under Linux, but fails with EINVAL on FreeBSD. As the error
handling in this area was flawed, CI failed to catch the regression.
Partially revert c8b3a22d4ef0f69c3d22f0ec1170b89c93ef1dc3 to fix the
regression on FreeBSD.
|
|
chmod/chown errors were logged, but did not result in failure opening
the seatd socket. This meant that errors would not get caught by CI.
|
|
|
|
|
|
While forked (child pid is zero), don't use gotos. These will
execute atexit functions and potentially mess up the stdlib.
Instead, use _exit.
|
|
When the child process exits with a non-zero code or is killed,
return with a non-zero code as well.
|
|
|
|
|
|
This launch wrapper is used to conveniently start a new seatd instance,
wait for it to be ready, and launch a target application.
|
|
The UID/GID defaulted to 0, which results in trying to chown to root
when a UID or GID isn't requested. Instead, deafult to -1 so that the
unspecified values are left intact.
|
|
This adds the ability to specify the number of an fd that is inherited
by the process as open. Once seatd is read to serve requests, it will
write a single newline and close the fd.
|
|
This condition was accidentally botched as part of
5923e0edc9bb157cf6398b63d51cc3c0aaf06001
|
|
This name never made much sense. dispatch_and_execute is more
meaningful, especially when compared to the non-executing dispatch
function.
|
|
This handler returns the number of dispatched or executed events, or -1
if dispatch_pending failed.
This helper is used to clean up dispatch_background, which now ensures
that all events are executed before we read or poll the connection, and
have improved error handling in the corner case where the second
dispatch_pending failed.
|
|
Dispatch needs to report if something has happened, which includes
events executed from the queue as these could have lead to additional
dispatch and queuing.
|
|
The option names are a little bit confusing, because it's not clear
which ones toggle libseat features, and which ones toggle seatd
features.
Add a "libseat-" prefix to libseat-specific features, to make it
more obvious that they only are about the library.
|
|
Since seatd uses `clock_gettime`, this is needed when cross-compiling.
This came up in https://github.com/JuliaPackaging/Yggdrasil/pull/3193.
|
|
|
|
The builtin backend relies on the seatd backend implementation. When
builtin was enabled without seatd, compilation would fail due to the
implementation not being included.
Include the implementation if either seatd or builtin is enabled.
|
|
The socket is expected not to be found if seatd is not running.
In general other backends will be attempted after seatd. There is
already an error message in case no backend can be started.
|
|
"video" was used for convenience in the example, but a dedicated group
is preferable so that a user does not gain the ability to bypass the
seat manager and open devices directly.
|
|
This allows libseat users to e.g. advise people to chmod a+s the
executable if libseat is built with the builtin backend.
While bumping the Meson version, adjust the scdoc logic to avoid
the following warnings:
WARNING: Project targeting '>=0.56.0' but tried to use feature deprecated since '0.56.0': Dependency.get_pkgconfig_variable. use Dependency.get_variable(pkgconfig : ...) instead
WARNING: Project targeting '>=0.56.0' but tried to use feature deprecated since '0.55.0': ExternalProgram.path. use ExternalProgram.full_path() instead
|
|
Setting auto_features=disabled is supposed to disable all optional
dependencies. Since we aren't using a feature option here, we need
to manually add logic to disable logind in this case.
|
|
These features don't have any dependencies, so "auto" doesn't make
sense.
|
|
This removes the "Program sh found" line in the build logs, and
should not change anything else.
|
|
If -Dlogind=auto but systemd/elogind isn't available,
logind_provider would get set to the last item of the foreach loop.
This would incorrectly report "systemd: YES".
|