swayfx/sway/main.c

394 lines
9.2 KiB
C
Raw Normal View History

2015-08-05 11:02:46 +10:00
#include <stdio.h>
#include <stdlib.h>
#include <stdbool.h>
#include <wlc/wlc.h>
2015-08-13 17:44:56 +10:00
#include <sys/wait.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/un.h>
2015-08-13 17:44:56 +10:00
#include <signal.h>
#include <unistd.h>
2015-08-20 22:37:09 +10:00
#include <getopt.h>
2016-12-03 10:37:01 +11:00
#include <sys/capability.h>
2017-01-12 13:25:03 +11:00
#ifdef __linux__
#include <sys/prctl.h>
#endif
2016-09-01 22:18:37 +10:00
#include "sway/extensions.h"
#include "sway/layout.h"
#include "sway/config.h"
2016-12-03 00:42:26 +11:00
#include "sway/security.h"
2016-09-01 22:18:37 +10:00
#include "sway/handlers.h"
#include "sway/input.h"
#include "sway/ipc-server.h"
#include "ipc-client.h"
2016-09-01 22:18:37 +10:00
#include "readline.h"
#include "stringop.h"
2015-08-20 23:12:34 +10:00
#include "sway.h"
2016-09-01 22:18:37 +10:00
#include "log.h"
2015-08-20 23:12:34 +10:00
static bool terminate_request = false;
static int exit_value = 0;
2015-08-20 23:12:34 +10:00
void sway_terminate(int exit_code) {
2015-08-20 23:12:34 +10:00
terminate_request = true;
exit_value = exit_code;
2015-08-20 23:12:34 +10:00
wlc_terminate();
}
2015-08-05 11:02:46 +10:00
void sig_handler(int signal) {
close_views(&root_container);
sway_terminate(EXIT_SUCCESS);
}
2015-08-24 03:08:04 +10:00
static void wlc_log_handler(enum wlc_log_type type, const char *str) {
if (type == WLC_LOG_ERROR) {
2015-08-24 03:31:16 +10:00
sway_log(L_ERROR, "[wlc] %s", str);
2015-08-24 03:08:04 +10:00
} else if (type == WLC_LOG_WARN) {
2015-08-24 03:31:16 +10:00
sway_log(L_INFO, "[wlc] %s", str);
2015-08-24 03:08:04 +10:00
} else {
2015-08-24 03:31:16 +10:00
sway_log(L_DEBUG, "[wlc] %s", str);
2015-08-24 03:08:04 +10:00
}
}
2015-12-15 03:13:44 +11:00
void detect_proprietary() {
FILE *f = fopen("/proc/modules", "r");
if (!f) {
return;
}
while (!feof(f)) {
2016-12-16 09:08:56 +11:00
char *line;
if (!(line = read_line(f))) {
break;
}
if (strstr(line, "nvidia")) {
fprintf(stderr, "\x1B[1;31mWarning: Proprietary nvidia drivers do NOT support Wayland. Use nouveau.\x1B[0m\n");
2016-03-25 07:48:42 +11:00
fprintf(stderr, "\x1B[1;31mYes, they STILL don't work with the newly announced wayland \"support\".\x1B[0m\n");
free(line);
break;
}
2015-12-15 03:13:44 +11:00
if (strstr(line, "fglrx")) {
fprintf(stderr, "\x1B[1;31mWarning: Proprietary AMD drivers do NOT support Wayland. Use radeon.\x1B[0m\n");
free(line);
break;
}
free(line);
}
fclose(f);
}
void run_as_ipc_client(char *command, char *socket_path) {
int socketfd = ipc_open_socket(socket_path);
uint32_t len = strlen(command);
char *resp = ipc_single_command(socketfd, IPC_COMMAND, command, &len);
printf("%s\n", resp);
close(socketfd);
}
2016-10-28 01:37:16 +11:00
static void log_env() {
const char *log_vars[] = {
"PATH",
"LD_LOAD_PATH",
"LD_PRELOAD_PATH",
2016-10-28 02:05:04 +11:00
"LD_LIBRARY_PATH",
2016-10-28 01:37:16 +11:00
"SWAY_CURSOR_THEME",
"SWAY_CURSOR_SIZE",
"SWAYSOCK",
"WLC_DRM_DEVICE",
"WLC_SHM",
"WLC_OUTPUTS",
"WLC_XWAYLAND",
"WLC_LIBINPUT",
"WLC_REPEAT_DELAY",
"WLC_REPEAT_RATE",
"XKB_DEFAULT_RULES",
"XKB_DEFAULT_MODEL",
"XKB_DEFAULT_LAYOUT",
"XKB_DEFAULT_VARIANT",
"XKB_DEFAULT_OPTIONS",
};
for (size_t i = 0; i < sizeof(log_vars) / sizeof(char *); ++i) {
sway_log(L_INFO, "%s=%s", log_vars[i], getenv(log_vars[i]));
}
}
2016-10-28 01:48:46 +11:00
static void log_distro() {
const char *paths[] = {
"/etc/lsb-release",
"/etc/os-release",
"/etc/debian_version",
"/etc/redhat-release",
"/etc/gentoo-release",
};
for (size_t i = 0; i < sizeof(paths) / sizeof(char *); ++i) {
FILE *f = fopen(paths[i], "r");
if (f) {
sway_log(L_INFO, "Contents of %s:", paths[i]);
while (!feof(f)) {
2016-12-16 09:08:56 +11:00
char *line;
if (!(line = read_line(f))) {
break;
}
2016-10-28 01:48:46 +11:00
if (*line) {
sway_log(L_INFO, "%s", line);
}
free(line);
}
fclose(f);
}
}
}
2016-10-28 01:50:22 +11:00
static void log_kernel() {
FILE *f = popen("uname -a", "r");
if (!f) {
sway_log(L_INFO, "Unable to determine kernel version");
return;
}
while (!feof(f)) {
2016-12-16 09:08:56 +11:00
char *line;
if (!(line = read_line(f))) {
break;
}
2016-10-28 01:50:22 +11:00
if (*line) {
sway_log(L_INFO, "%s", line);
}
free(line);
}
fclose(f);
}
static void security_sanity_check() {
// TODO: Notify users visually if this has issues
2016-12-02 13:58:38 +11:00
struct stat s;
if (stat("/proc", &s)) {
sway_log(L_ERROR,
"!! DANGER !! /proc is not available - sway CANNOT enforce security rules!");
}
#ifdef __linux__
2016-12-03 10:37:01 +11:00
cap_flag_value_t v;
cap_t cap = cap_get_proc();
if (!cap || cap_get_flag(cap, CAP_SYS_PTRACE, CAP_PERMITTED, &v) != 0 || v != CAP_SET) {
sway_log(L_ERROR,
"!! DANGER !! Sway does not have CAP_SYS_PTRACE and cannot enforce security rules for processes running as other users.");
}
if (cap) {
cap_free(cap);
}
#endif
if (!stat(SYSCONFDIR "/sway", &s)) {
2016-12-03 00:42:26 +11:00
if (s.st_uid != 0 || s.st_gid != 0
|| (s.st_mode & S_IWGRP) || (s.st_mode & S_IWOTH)) {
sway_log(L_ERROR,
2016-12-03 00:42:26 +11:00
"!! DANGER !! " SYSCONFDIR "/sway is not secure! It should be owned by root and set to 0755 at the minimum");
}
}
}
int main(int argc, char **argv) {
2015-08-20 22:37:09 +10:00
static int verbose = 0, debug = 0, validate = 0;
static struct option long_options[] = {
{"help", no_argument, NULL, 'h'},
2015-08-20 22:37:09 +10:00
{"config", required_argument, NULL, 'c'},
{"validate", no_argument, NULL, 'C'},
{"debug", no_argument, NULL, 'd'},
2015-08-20 22:37:09 +10:00
{"version", no_argument, NULL, 'v'},
{"verbose", no_argument, NULL, 'V'},
2015-08-20 22:37:09 +10:00
{"get-socketpath", no_argument, NULL, 'p'},
2015-08-27 04:01:26 +10:00
{0, 0, 0, 0}
2015-08-20 22:37:09 +10:00
};
char *config_path = NULL;
const char* usage =
"Usage: sway [options] [command]\n"
"\n"
" -h, --help Show help message and quit.\n"
" -c, --config <config> Specify a config file.\n"
" -C, --validate Check the validity of the config file, then exit.\n"
" -d, --debug Enables full logging, including debug information.\n"
" -v, --version Show the version number and quit.\n"
" -V, --verbose Enables more verbose logging.\n"
" --get-socketpath Gets the IPC socket path and prints it, then exits.\n"
"\n";
2016-12-03 02:23:30 +11:00
// Security:
unsetenv("LD_PRELOAD");
#ifdef _LD_LIBRARY_PATH
2016-12-03 02:23:30 +11:00
setenv("LD_LIBRARY_PATH", _LD_LIBRARY_PATH, 1);
#else
unsetenv("LD_LIBRARY_PATH");
#endif
2015-08-20 22:37:09 +10:00
int c;
while (1) {
int option_index = 0;
c = getopt_long(argc, argv, "hCdvVc:", long_options, &option_index);
2015-08-20 22:37:09 +10:00
if (c == -1) {
break;
}
switch (c) {
case 'h': // help
fprintf(stdout, "%s", usage);
exit(EXIT_SUCCESS);
break;
2015-08-20 22:37:09 +10:00
case 'c': // config
config_path = strdup(optarg);
break;
case 'C': // validate
validate = 1;
break;
case 'd': // debug
debug = 1;
break;
case 'v': // version
2015-08-27 12:13:53 +10:00
#if defined SWAY_GIT_VERSION && defined SWAY_GIT_BRANCH && defined SWAY_VERSION_DATE
fprintf(stdout, "sway version %s (%s, branch \"%s\")\n", SWAY_GIT_VERSION, SWAY_VERSION_DATE, SWAY_GIT_BRANCH);
#else
fprintf(stdout, "version not detected\n");
#endif
2015-11-29 00:47:44 +11:00
exit(EXIT_SUCCESS);
2015-08-20 22:37:09 +10:00
break;
case 'V': // verbose
verbose = 1;
break;
case 'p': ; // --get-socketpath
if (getenv("SWAYSOCK")) {
fprintf(stdout, "%s\n", getenv("SWAYSOCK"));
2015-11-29 00:47:44 +11:00
exit(EXIT_SUCCESS);
} else {
fprintf(stderr, "sway socket not detected.\n");
2015-11-29 00:47:44 +11:00
exit(EXIT_FAILURE);
}
2015-08-20 22:37:09 +10:00
break;
default:
fprintf(stderr, "%s", usage);
exit(EXIT_FAILURE);
2015-08-20 22:37:09 +10:00
}
}
if (optind < argc) { // Behave as IPC client
if(optind != 1) {
sway_log(L_ERROR, "Don't use options with the IPC client");
exit(EXIT_FAILURE);
}
if (getuid() != geteuid() || getgid() != getegid()) {
if (setgid(getgid()) != 0) {
sway_log(L_ERROR, "Unable to drop root");
exit(EXIT_FAILURE);
}
if (setuid(getuid()) != 0) {
sway_log(L_ERROR, "Unable to drop root");
exit(EXIT_FAILURE);
}
}
if (setuid(0) != -1) {
sway_log(L_ERROR, "Root privileges can be restored.");
exit(EXIT_FAILURE);
}
char *socket_path = getenv("SWAYSOCK");
if (!socket_path) {
sway_log(L_ERROR, "Unable to retrieve socket path");
exit(EXIT_FAILURE);
}
char *command = join_args(argv + optind, argc - optind);
run_as_ipc_client(command, socket_path);
return 0;
}
2017-01-12 13:25:03 +11:00
#ifdef __linux__
bool suid = false;
if (getuid() != geteuid() || getgid() != getegid()) {
// Retain capabilities after setuid()
if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0)) {
sway_log(L_ERROR, "Cannot keep caps after setuid()");
exit(EXIT_FAILURE);
}
suid = true;
}
#endif
// we need to setup logging before wlc_init in case it fails.
if (debug) {
init_log(L_DEBUG);
} else if (verbose || validate) {
init_log(L_INFO);
} else {
init_log(L_ERROR);
}
wlc_log_set_handler(wlc_log_handler);
2015-12-15 03:13:44 +11:00
detect_proprietary();
2016-01-17 21:53:37 +11:00
input_devices = create_list();
/* Changing code earlier than this point requires detailed review */
/* (That code runs as root on systems without logind, and wlc_init drops to
* another user.) */
2016-03-25 05:08:53 +11:00
register_wlc_handlers();
2016-04-17 00:22:50 +10:00
if (!wlc_init()) {
return 1;
}
register_extensions();
2017-01-12 13:25:03 +11:00
#ifdef __linux__
if (suid) {
// Drop every cap except CAP_SYS_PTRACE
cap_t caps = cap_init();
cap_value_t keep = CAP_SYS_PTRACE;
2017-01-12 13:35:09 +11:00
sway_log(L_INFO, "Dropping extra capabilities");
2017-01-12 13:25:03 +11:00
if (cap_set_flag(caps, CAP_PERMITTED, 1, &keep, CAP_SET) ||
cap_set_flag(caps, CAP_EFFECTIVE, 1, &keep, CAP_SET) ||
cap_set_proc(caps)) {
sway_log(L_ERROR, "Failed to drop extra capabilities");
exit(EXIT_FAILURE);
}
}
#endif
// handle SIGTERM signals
signal(SIGTERM, sig_handler);
2016-01-22 12:29:18 +11:00
// prevent ipc from crashing sway
signal(SIGPIPE, SIG_IGN);
2015-09-02 23:42:27 +10:00
#if defined SWAY_GIT_VERSION && defined SWAY_GIT_BRANCH && defined SWAY_VERSION_DATE
sway_log(L_INFO, "Starting sway version %s (%s, branch \"%s\")\n", SWAY_GIT_VERSION, SWAY_VERSION_DATE, SWAY_GIT_BRANCH);
#endif
2016-10-28 01:50:22 +11:00
log_kernel();
2016-10-28 01:48:46 +11:00
log_distro();
2016-10-28 01:50:22 +11:00
log_env();
2015-09-02 23:42:27 +10:00
2016-01-06 05:16:46 +11:00
init_layout();
ipc_init();
2015-08-20 22:37:09 +10:00
if (validate) {
bool valid = load_main_config(config_path, false);
2015-08-20 22:37:09 +10:00
return valid ? 0 : 1;
}
if (!load_main_config(config_path, false)) {
sway_terminate(EXIT_FAILURE);
}
2015-08-20 22:37:09 +10:00
if (config_path) {
free(config_path);
}
2016-12-03 00:42:26 +11:00
security_sanity_check();
2015-08-20 23:12:34 +10:00
if (!terminate_request) {
wlc_run();
}
list_free(input_devices);
2016-01-17 21:53:37 +11:00
2015-08-20 23:12:34 +10:00
ipc_terminate();
if (config) {
free_config(config);
}
return exit_value;
2015-08-05 11:02:46 +10:00
}
2015-10-08 21:24:35 +11:00