Teardown compositor when failing to drop permissions
This commit is contained in:
parent
9dae68eba5
commit
f90ff1210b
20
sway/main.c
20
sway/main.c
|
@ -29,7 +29,7 @@
|
||||||
|
|
||||||
static bool terminate_request = false;
|
static bool terminate_request = false;
|
||||||
static int exit_value = 0;
|
static int exit_value = 0;
|
||||||
struct sway_server server;
|
struct sway_server server = {0};
|
||||||
|
|
||||||
void sway_terminate(int exit_code) {
|
void sway_terminate(int exit_code) {
|
||||||
terminate_request = true;
|
terminate_request = true;
|
||||||
|
@ -194,15 +194,15 @@ static void log_kernel(void) {
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static void drop_permissions(void) {
|
static bool drop_permissions(void) {
|
||||||
if (getuid() != geteuid() || getgid() != getegid()) {
|
if (getuid() != geteuid() || getgid() != getegid()) {
|
||||||
if (setgid(getgid()) != 0) {
|
if (setgid(getgid()) != 0) {
|
||||||
wlr_log(WLR_ERROR, "Unable to drop root, refusing to start");
|
wlr_log(WLR_ERROR, "Unable to drop root, refusing to start");
|
||||||
exit(EXIT_FAILURE);
|
return false;
|
||||||
}
|
}
|
||||||
if (setuid(getuid()) != 0) {
|
if (setuid(getuid()) != 0) {
|
||||||
wlr_log(WLR_ERROR, "Unable to drop root, refusing to start");
|
wlr_log(WLR_ERROR, "Unable to drop root, refusing to start");
|
||||||
exit(EXIT_FAILURE);
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (setuid(0) != -1) {
|
if (setuid(0) != -1) {
|
||||||
|
@ -210,6 +210,7 @@ static void drop_permissions(void) {
|
||||||
"restore it after setuid), refusing to start");
|
"restore it after setuid), refusing to start");
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
void enable_debug_flag(const char *flag) {
|
void enable_debug_flag(const char *flag) {
|
||||||
|
@ -318,11 +319,13 @@ int main(int argc, char **argv) {
|
||||||
}
|
}
|
||||||
|
|
||||||
if (optind < argc) { // Behave as IPC client
|
if (optind < argc) { // Behave as IPC client
|
||||||
if(optind != 1) {
|
if (optind != 1) {
|
||||||
wlr_log(WLR_ERROR, "Don't use options with the IPC client");
|
wlr_log(WLR_ERROR, "Don't use options with the IPC client");
|
||||||
exit(EXIT_FAILURE);
|
exit(EXIT_FAILURE);
|
||||||
}
|
}
|
||||||
drop_permissions();
|
if (!drop_permissions()) {
|
||||||
|
exit(EXIT_FAILURE);
|
||||||
|
}
|
||||||
char *socket_path = getenv("SWAYSOCK");
|
char *socket_path = getenv("SWAYSOCK");
|
||||||
if (!socket_path) {
|
if (!socket_path) {
|
||||||
wlr_log(WLR_ERROR, "Unable to retrieve socket path");
|
wlr_log(WLR_ERROR, "Unable to retrieve socket path");
|
||||||
|
@ -342,7 +345,10 @@ int main(int argc, char **argv) {
|
||||||
detect_proprietary(allow_unsupported_gpu);
|
detect_proprietary(allow_unsupported_gpu);
|
||||||
detect_raspi();
|
detect_raspi();
|
||||||
|
|
||||||
drop_permissions();
|
if (!drop_permissions()) {
|
||||||
|
server_fini(&server);
|
||||||
|
exit(EXIT_FAILURE);
|
||||||
|
}
|
||||||
|
|
||||||
// handle SIGTERM signals
|
// handle SIGTERM signals
|
||||||
signal(SIGTERM, sig_handler);
|
signal(SIGTERM, sig_handler);
|
||||||
|
|
Loading…
Reference in a new issue