aboutsummaryrefslogtreecommitdiff
path: root/sway
diff options
context:
space:
mode:
Diffstat (limited to 'sway')
-rw-r--r--sway/config/seat.c2
-rw-r--r--sway/debug-tree.c2
-rw-r--r--sway/input/cursor.c2
-rw-r--r--sway/ipc-json.c2
-rw-r--r--sway/main.c73
-rw-r--r--sway/meson.build1
-rw-r--r--sway/tree/container.c2
7 files changed, 14 insertions, 70 deletions
diff --git a/sway/config/seat.c b/sway/config/seat.c
index 83dac4c0..46456caf 100644
--- a/sway/config/seat.c
+++ b/sway/config/seat.c
@@ -30,7 +30,7 @@ struct seat_config *new_seat_config(const char* name) {
return seat;
}
-struct seat_attachment_config *seat_attachment_config_new() {
+struct seat_attachment_config *seat_attachment_config_new(void) {
struct seat_attachment_config *attachment =
calloc(1, sizeof(struct seat_attachment_config));
if (!attachment) {
diff --git a/sway/debug-tree.c b/sway/debug-tree.c
index 9644f4e5..16b479f9 100644
--- a/sway/debug-tree.c
+++ b/sway/debug-tree.c
@@ -120,7 +120,7 @@ static int draw_node(cairo_t *cairo, struct sway_node *node,
return height;
}
-void update_debug_tree() {
+void update_debug_tree(void) {
if (!debug.render_tree) {
return;
}
diff --git a/sway/input/cursor.c b/sway/input/cursor.c
index 2d5d351f..3ddc27a0 100644
--- a/sway/input/cursor.c
+++ b/sway/input/cursor.c
@@ -30,7 +30,7 @@
// when dragging to the edge of a layout container.
#define DROP_LAYOUT_BORDER 30
-static uint32_t get_current_time_msec() {
+static uint32_t get_current_time_msec(void) {
struct timespec now;
clock_gettime(CLOCK_MONOTONIC, &now);
return now.tv_nsec / 1000;
diff --git a/sway/ipc-json.c b/sway/ipc-json.c
index f054ac9f..45915094 100644
--- a/sway/ipc-json.c
+++ b/sway/ipc-json.c
@@ -42,7 +42,7 @@ static const char *ipc_json_orientation_description(enum sway_container_layout l
return "none";
}
-json_object *ipc_json_get_version() {
+json_object *ipc_json_get_version(void) {
int major = 0, minor = 0, patch = 0;
json_object *version = json_object_new_object();
diff --git a/sway/main.c b/sway/main.c
index 990f5f3a..50b05b21 100644
--- a/sway/main.c
+++ b/sway/main.c
@@ -12,10 +12,6 @@
#include <sys/wait.h>
#include <sys/un.h>
#include <unistd.h>
-#ifdef __linux__
-#include <sys/capability.h>
-#include <sys/prctl.h>
-#endif
#include <wlr/util/log.h>
#include "sway/commands.h"
#include "sway/config.h"
@@ -45,7 +41,7 @@ void sig_handler(int signal) {
sway_terminate(EXIT_SUCCESS);
}
-void detect_raspi() {
+void detect_raspi(void) {
bool raspi = false;
FILE *f = fopen("/sys/firmware/devicetree/base/model", "r");
if (!f) {
@@ -85,7 +81,7 @@ void detect_raspi() {
}
}
-void detect_proprietary() {
+void detect_proprietary(void) {
FILE *f = fopen("/proc/modules", "r");
if (!f) {
return;
@@ -120,7 +116,7 @@ void run_as_ipc_client(char *command, char *socket_path) {
close(socketfd);
}
-static void log_env() {
+static void log_env(void) {
const char *log_vars[] = {
"PATH",
"LD_LIBRARY_PATH",
@@ -135,7 +131,7 @@ static void log_env() {
}
}
-static void log_distro() {
+static void log_distro(void) {
const char *paths[] = {
"/etc/lsb-release",
"/etc/os-release",
@@ -162,7 +158,7 @@ static void log_distro() {
}
}
-static void log_kernel() {
+static void log_kernel(void) {
FILE *f = popen("uname -a", "r");
if (!f) {
wlr_log(WLR_INFO, "Unable to determine kernel version");
@@ -181,28 +177,8 @@ static void log_kernel() {
pclose(f);
}
-static void executable_sanity_check() {
-#ifdef __linux__
- struct stat sb;
- char *exe = realpath("/proc/self/exe", NULL);
- stat(exe, &sb);
- // We assume that cap_get_file returning NULL implies ENODATA
- if (sb.st_mode & (S_ISUID|S_ISGID) && cap_get_file(exe)) {
- wlr_log(WLR_ERROR,
- "sway executable has both the s(g)uid bit AND file caps set.");
- wlr_log(WLR_ERROR,
- "This is strongly discouraged (and completely broken).");
- wlr_log(WLR_ERROR,
- "Please clear one of them (either the suid bit, or the file caps).");
- wlr_log(WLR_ERROR,
- "If unsure, strip the file caps.");
- exit(EXIT_FAILURE);
- }
- free(exe);
-#endif
-}
-static void drop_permissions(bool keep_caps) {
+static void drop_permissions(void) {
if (getuid() != geteuid() || getgid() != getegid()) {
if (setgid(getgid()) != 0) {
wlr_log(WLR_ERROR, "Unable to drop root");
@@ -217,20 +193,6 @@ static void drop_permissions(bool keep_caps) {
wlr_log(WLR_ERROR, "Root privileges can be restored.");
exit(EXIT_FAILURE);
}
-#ifdef __linux__
- if (keep_caps) {
- // Drop every cap except CAP_SYS_PTRACE
- cap_t caps = cap_init();
- cap_value_t keep = CAP_SYS_PTRACE;
- wlr_log(WLR_INFO, "Dropping extra capabilities");
- if (cap_set_flag(caps, CAP_PERMITTED, 1, &keep, CAP_SET) ||
- cap_set_flag(caps, CAP_EFFECTIVE, 1, &keep, CAP_SET) ||
- cap_set_proc(caps)) {
- wlr_log(WLR_ERROR, "Failed to drop extra capabilities");
- exit(EXIT_FAILURE);
- }
- }
-#endif
}
void enable_debug_flag(const char *flag) {
@@ -347,7 +309,7 @@ int main(int argc, char **argv) {
wlr_log(WLR_ERROR, "Don't use options with the IPC client");
exit(EXIT_FAILURE);
}
- drop_permissions(false);
+ drop_permissions();
char *socket_path = getenv("SWAYSOCK");
if (!socket_path) {
wlr_log(WLR_ERROR, "Unable to retrieve socket path");
@@ -358,34 +320,17 @@ int main(int argc, char **argv) {
return 0;
}
- executable_sanity_check();
- bool suid = false;
-
if (!server_privileged_prepare(&server)) {
return 1;
}
-#if defined(__linux__) || defined(__FreeBSD__)
- if (getuid() != geteuid() || getgid() != getegid()) {
-#ifdef __linux__
- // Retain capabilities after setuid()
- if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0)) {
- wlr_log(WLR_ERROR, "Cannot keep caps after setuid()");
- exit(EXIT_FAILURE);
- }
-#endif
- suid = true;
- }
-#endif
-
log_kernel();
log_distro();
detect_proprietary();
detect_raspi();
-#if defined(__linux__) || defined(__FreeBSD__)
- drop_permissions(suid);
-#endif
+ drop_permissions();
+
// handle SIGTERM signals
signal(SIGTERM, sig_handler);
diff --git a/sway/meson.build b/sway/meson.build
index d67a4c64..0bb0c2d3 100644
--- a/sway/meson.build
+++ b/sway/meson.build
@@ -164,7 +164,6 @@ sway_deps = [
cairo,
gdk_pixbuf,
jsonc,
- libcap,
libinput,
math,
pango,
diff --git a/sway/tree/container.c b/sway/tree/container.c
index baaa82fd..66370a42 100644
--- a/sway/tree/container.c
+++ b/sway/tree/container.c
@@ -593,7 +593,7 @@ void container_update_representation(struct sway_container *con) {
}
}
-size_t container_titlebar_height() {
+size_t container_titlebar_height(void) {
return config->font_height + TITLEBAR_V_PADDING * 2;
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-15 15:31:23 +0000