Commit graph

185 commits

Author SHA1 Message Date
Dominique Martinet c092f1fe6a startup: move setenv WAYLAND_DISPLAY before config execs
We would previously run all config commands without the environment,
which would appear to work as our socket name is the default one, but
wayland clients would start up in the wrong sway session.

(This explains why 'sometimes' my swayidle processes wouldn't die with
sway, as they weren't listening to the correct socket)
2018-07-04 13:52:26 +09:00
Dominique Martinet 1b7f554474 log_kernel: s/fclose/pclose/ (for popen'd FILE)
With recent glibc the functions are strictly identical, but this might
not be true for all libc implementations

Found through static analysis.
2018-07-02 08:03:41 +09:00
Tobias Blass a5c091e302 Perform (partial) server initialization before dropping privileges.
Some operations during backend creation (e.g. becoming DRM master)
require CAP_SYS_ADMIN privileges. At this point, sway has dropped them
already, though. This patch splits the privileged part of server_init
into its own function and calls it before dropping its privileges.
This fixes the bug with minimal security implications.
2018-06-19 00:19:57 +02:00
Tobias Blass d6d292897f Remove suspicious unconditional return
This return effectively disables the log_kernel function
2018-06-05 23:27:35 +02:00
Dominique Martinet 89ae1792b5 sway: run commands without waiting for Xwayland
Xwayland is lazy now, there is no need to wait at all
2018-05-16 16:50:56 +09:00
Drew DeVault 603e0e42c5 Add debug tree view 2018-04-06 11:49:27 -04:00
Tony Crisci f7a20726fc temporarily add LD_LIBRARY_PATH stuff 2018-03-31 15:37:16 -04:00
Tony Crisci dc8c9fbeb6 Revert "Merge pull request #1653 from swaywm/revert-1647-refactor-tree"
This reverts commit 472e81f35d, reversing
changes made to 6b7841b11f.
2018-03-29 23:41:33 -04:00
Drew DeVault d0c7f66e95
Revert "Refactor tree" 2018-03-29 23:29:29 -04:00
Tony Crisci ed2cedb544 rename layout init 2018-03-29 17:13:37 -04:00
Tony Crisci 874f009866 move tree includes to their own directory 2018-03-29 14:21:42 -04:00
Dominique Martinet f5b33cb4b6 fix typos in comments/messages; add shutting down message 2018-01-05 00:07:34 +01:00
Calvin Lee 7196f59db0 Consolidate WLR and Sway logging
See #1390
2017-12-31 14:32:28 -07:00
Tony Crisci 9fa70ce426 Merge branch 'wlroots' into feature/input 2017-12-16 07:33:23 -05:00
Tony Crisci 9eecbb5d8a xkb config 2017-12-15 05:22:51 -05:00
Tony Crisci 9333a7eb53 working xcursor 2017-12-09 14:06:00 -05:00
emersion aaae59026f
Add output config 2017-12-06 12:36:06 +01:00
emersion 90f7f1a0e6
Add minimal config subsystem 2017-12-05 10:40:55 +01:00
Tony Crisci 7152075681 log env after ipc init 2017-12-02 07:49:23 -05:00
Tony Crisci 9696f50eba remove nvidia support claim 2017-11-28 05:40:00 -05:00
Drew DeVault 7753a0ec75 Wire up IPC server 2017-11-22 21:37:07 -05:00
Drew DeVault db4fb1c85c Add outputs to the tree 2017-11-19 17:04:28 -05:00
Drew DeVault 733993a651 Move everything to sway/old/ 2017-11-18 11:22:02 -05:00
Drew DeVault 7eafcc75f6 Initialize outputs from backend and add to tree 2017-11-11 11:58:43 -05:00
Drew DeVault 7c448b4081 Fire up the wlroots backend and run the event loop 2017-11-11 09:08:50 -05:00
Dan Robertson 88d042ec49
nvidia: Validate the nvidia_drm module options
When the proprietary nvidia driver is used, ensure the modeset option is
set instead of checking /proc/cmdline for nvidia-drm.modeset=1.
2017-10-24 22:35:31 +00:00
azarus 5987f19eb2 Check for Raspberry Pi 2017-08-14 22:29:21 +02:00
johalun 7fef283044 FreeBSD fixes
Increase _POSIX_SOURCE value where needed.
Increase _XOPEN_SOURCE value where needed.
Conditionally link to libcap (only on Linux).
Possibly some trailing whitespace fixes (automatic).
2017-06-06 09:45:50 +02:00
Mykyta Holubakha 93cf21fb9a Terminate when both suid bit and filecaps are set 2017-05-11 19:33:57 +03:00
Mykyta Holubakha f736198c31 Initialise logging earlier 2017-05-11 19:29:25 +03:00
Sebastian Noack 173b338567 Add -DVERSION flag for release version numbers 2017-04-26 15:56:46 +02:00
Drew DeVault b3541d9dc5 Implement more thourough nvidia config check 2017-04-12 10:04:44 -04:00
Drew DeVault b036ad9b54 Downgrade nvidia proprietary driver warning 2017-04-12 10:04:44 -04:00
JerziKaminsky aa6bd85da1 Add libcap check to CMake
- Moved ``<sys/capability.h>`` include inside `__linux__` guard,
  because all uses are similarly guarded.
- <sys/capability.h> is part of an optional devel package, at least
  in fedora. CMake now explicitly checks that libcap devel files
  are available.
- Added libcap to the list of install packages in .travis.yml, to
  make the dependency explicit. travis-ci installs the package by
  default, which is why this hasn't surfaced previously.
2017-04-07 03:14:16 +03:00
Drew DeVault 9aed9d9359 UnGNUify the codebase 2017-03-10 23:41:24 -05:00
Drew DeVault 407ebe9cd3 Move env logging to earlier than wlc_init 2017-02-23 08:32:11 -05:00
Drew DeVault 126ce571da Read configs from /etc/sway/security.d/* 2017-02-20 07:51:31 -05:00
Mykyta Holubakha 138bcd0cfa Unset LD_LIBRARY_PATH, unless specified 2017-01-16 01:05:05 +02:00
Mykyta Holubakha d9ba61d7e9 Log capability dropping 2017-01-12 04:35:09 +02:00
Mykyta Holubakha ea1313d80d Keep CAP_SYS_PTRACE with suid binary 2017-01-12 04:25:27 +02:00
Drew DeVault 1172566d4e Change how security config is loaded 2016-12-17 15:21:57 -05:00
Drew DeVault 4c6c65e70c Handle malloc failures from read_line 2016-12-15 19:01:40 -05:00
Greg V da26d69cb1 Fix build on FreeBSD
- Make sure CMake always finds absolute paths for Cairo, Pango and GdkPixbuf
- Add forgotten json-c include path to swaymsg/CMakeLists.txt
- Disable -Werror because of assert warnings
- Add correct /proc/pid/file path for FreeBSD
- Use libepoll-shim on FreeBSD
- Only use Linux capabilities on, well, Linux
2016-12-09 19:32:07 +03:00
Drew DeVault 979878d8af Decrement expected_len 2016-12-04 10:55:11 -05:00
Drew DeVault cdecf3c495 Drop restart command from sanity check
Since we don't actually have one of those
2016-12-04 09:37:24 -05:00
Drew DeVault 8577095db7 Check for CAP_SYS_PTRACE 2016-12-02 18:37:01 -05:00
Drew DeVault a4e92ad272 Deal with LD_LIBRARY_PATH 2016-12-02 10:23:30 -05:00
Drew DeVault 10c2125040 Unset LD_PRELOAD on startup (before dropping root)
LD_PRELOAD enables keyloggers to easily be made. This solution isn't
perfect - really a secure system wouldn't have LD_PRELOAD at all. It was
a stupid idea in the first place.
2016-12-02 08:47:47 -05:00
Drew DeVault 04fc10feeb Flesh out security_sanity_check 2016-12-02 08:42:26 -05:00
Drew DeVault dc4b57c868 Shut Clang up 2016-12-01 21:58:38 -05:00
Drew DeVault 5831f7ab68 Write example security config, start on code 2016-12-01 19:27:35 -05:00
Drew DeVault d3e55f88ec Log LD_LIBRARY_PATH 2016-10-27 11:05:04 -04:00
Drew DeVault 78b65e2317 Remove duplicate redhat-release line 2016-10-27 10:57:18 -04:00
Drew DeVault 7aef6e66ae Log uname -a on startup 2016-10-27 10:50:22 -04:00
Drew DeVault 6ad2186f0e Log contents of distro version files 2016-10-27 10:48:46 -04:00
Drew DeVault 0d6cbcacbe Log important env vars on startup 2016-10-27 10:37:16 -04:00
Patrick Sauter 153620aefe moved ipc_init above config file processing.
This is necessary because commands in the config file (mode for
instance) emit ipc events, and if ipc_init has not been called the
ipc_clients_list is not initialized, and we segfault.  This fixes that
bug.
2016-10-02 17:29:40 -05:00
D.B 5e585f9603 Split setgid and setuid, add privilege check
This commit deals with issue #884. I consulted the following sources:
https://www.securecoding.cert.org/confluence/display/c/POS36-C.+Observe+correct+revocation+order+while+relinquishing+privileges
and
https://www.securecoding.cert.org/confluence/display/c/POS37-C.+Ensure+that+privilege+relinquishment+is+successful
2016-09-20 16:25:32 +02:00
Drew DeVault 416417a54c Reorganize includes 2016-09-01 08:18:37 -04:00
Daniel Lockyer c9d634414a sway/main.c: simplify free'ing by switching to the helper method 2016-05-05 23:30:28 +01:00
Drew DeVault 54c635ca16 Update to wlc 0.0.2 2016-04-16 10:22:50 -04:00
Mikkel Oscar Lyderik 71a5350b68 Implement include command
The include command (`include <path>`) makes it possible to include sub
config files from the main config file (or from within other sub config
files).

The include command uses the following rules for including config files:

* the `path` can be either a full path or a path that is relative to the
  parent config. Shell expansion is supported, so it's possible to do
  `include ~/.config/sway.d/*`.
* The same config file can only be included once (to prevent include
  cycles). If a config is included multiple times it will just be
  ignored after it has been included once.
* Including a sub config file is the same as inserting the content of
  that file into the parent config, thus rules about overwriting
  bindsyms etc. works the same as for a single config.

Implement #542
2016-03-26 16:37:50 +01:00
Mikkel Oscar Lyderik 938ff29b7b Gracefully exit when config is not found
This makes sure that sway will gracefully exit if the config is not
found or sway is unable to read it.
2016-03-24 22:20:25 +01:00
Drew DeVault 06107bb44e Make the nvidia warning louder 2016-03-24 16:48:53 -04:00
Drew DeVault fd061d4dc4 Don't set WLC_DIM on startup 2016-03-24 14:09:18 -04:00
Drew DeVault 5c85c018b4 Update to new WLC API 2016-03-24 14:08:53 -04:00
Mikkel Oscar Lyderik 67bbcceba1 Free config before exiting sway.
Apart from freeing the sway_config struct, this also terminates the
swaybars spawned by sway, since they are linked by PID to the bar config
structs.
2016-02-27 22:13:15 +01:00
Mikkel Oscar Lyderik 5e253fdd9a Correctly exit sway on errors.
Calling `exit` in sway_terminate prevents sway from correctly shutting
down (freeing data, cleanly terminating the ipc server, etc.).

A better way is to exit straight away if the failure occurs before
`wlc_run` and use sway_abort as usual if it occur when wlc is running.
2016-02-26 09:42:21 +01:00
Yacine Hmito c400ca8f88 Fix for when sway_abort doesn't exit
sway_terminate does an exit in case wlc_terminate doesn't
2016-02-25 23:46:27 +01:00
Yacine Hmito e239fbbd88 No options when using sway as IPC client
Sway used to attempt sending an IPC command composed of every argument
after the first non-option argument encountered.
Now, raises an error if an option is encountered before the intended command.
Some options such as -h or -v take effect when parsing, so they still
apply.
2016-02-25 23:04:59 +01:00
Yacine Hmito 179192e222 Removed p as a valid CLI option
The get-socketpath long option had an undocumented short alternative
as `p`. It has been removed.
However, the code in the options array is still the 'p' char.
2016-02-25 21:50:24 +01:00
crondog cd0eaf00da Prevent ipc from crashing sway 2016-01-22 12:29:18 +11:00
Cole Mickens 28081b7689 libinput 2016-01-19 06:51:36 -08:00
Mikkel Oscar Lyderik 2e0ef533f2 Init layout before checking config 2016-01-05 19:16:46 +01:00
Mikkel Oscar Lyderik 16b8c2e915 Handle SIGTERM sent to sway
This makes sway handle and gracefully shut down everything when
receiving a SIGTERM.

Fix #416
2015-12-29 13:03:53 +01:00
Streetwalrus Einstein 774ffbe0d5 Detect proprietary AMD drivers too 2015-12-14 18:13:44 +02:00
Drew DeVault af80b12add Implement invoking sway as IPC client
As an alternative to invoking swaymsg.
2015-12-12 13:01:00 -05:00
Drew DeVault 25ad3181f5 Merge pull request #276 from sce/earlier_logging
main: Setup logging before wlc_init.
2015-11-29 09:08:56 -05:00
S. Christoffer Eliesen c26a4b42cf main: Setup logging before wlc_init.
If `wlc_init` fails the error message will never be logged or printed
anywhere.
2015-11-29 15:01:47 +01:00
Christoph Gysin 923c3245ac Fix option parsing
Using 'flag' results in duplicate code paths for short and long options.

This broke the -q short option in swaymsg, because there was:

 {"quiet", no_argument, &quiet, 'q'}

Which will set quiet to 'q' and return 0, not 'q'.
2015-11-28 23:50:44 +02:00
Christoph Gysin 2f2e1f3fc7 sway: Add --help option that prints usage 2015-11-28 23:50:44 +02:00
Christoph Gysin e48a16ce5e sway: Print usage and exit on unknown options 2015-11-28 23:50:44 +02:00
Christoph Gysin 3ba33321de Use macros for exit values 2015-11-28 23:50:10 +02:00
S. Christoffer Eliesen 20cb390323 sway/main: Move wlc init to after args are handled.
First of all because it's not needed that early, and second of all
because there's a bug where calling `sway --get-socketpath` via `popen`
causes the child sway process to spin/hang instead of returning EOF.
(Specifically `(unset SWAYSOCK; swaymsg)` hangs.) This patch fixes that.

(Also note that this patch moves the "detailed review" comment, so I
guess this patch requires extra detailed review?)
2015-11-28 20:35:57 +01:00
Drew DeVault 27f03c705d Move IPC client into common, refactor IPC 2015-11-27 09:50:04 -05:00
Drew DeVault 82db2a57a9 Basic support for extensions in server and clients 2015-11-18 22:01:22 -05:00
S. Christoffer Eliesen f64b7e71d4 ipc: Store socketname in SWAYSOCK. Fixes --get-socketpath.
After adding pid to the socket path the `--get-socketpath` command broke
because it doesn't know the pid of the running instance. Fix this by
setting and querying `SWAYSOCK`.

Also ignore `SWAYSOCK` upon normal startup if a socket exists at that
location (ie. from another sway instance), and don't overwrite `I3SOCK`
if it exists either.
2015-11-13 18:18:52 +01:00
S. Christoffer Eliesen 3be11a08e6 main: Implement --get-socketpath switch. 2015-10-18 19:53:56 +02:00
taiyu 18f4905e62 #187, let init handle child processes 2015-10-08 08:12:31 -07:00
Drew DeVault 5bcecbb751 Revert "#187 cleanup zombies properly" 2015-10-08 06:24:35 -04:00
taiyu 5539fd89be #187 cleanup zombies properly using default 2015-10-07 16:18:57 -07:00
Drew DeVault 318e1be240 Fix warnings introduced by prior commit 2015-09-18 07:27:35 -04:00
Drew DeVault 8e25ce4e57 Fix build for debian stretch
Fixes #182
2015-09-18 07:16:20 -04:00
Drew DeVault 1756a4f2da fclose /proc/modules when we're done with it 2015-09-02 11:47:15 -04:00
Drew DeVault 4ef60e7c09 Add check for nvidia module and warn user 2015-09-02 11:46:21 -04:00
Drew DeVault eb003689a3 Log sway version on startup 2015-09-02 09:42:27 -04:00
Luminarys 42de135c3a Added in better versioning info 2015-08-26 21:13:53 -05:00
taiyu 1fa7a91bfb move_container_to fixup 2015-08-26 11:01:26 -07:00
Luminarys 38cfdf99f4 Added in build version based on git hash 2015-08-25 22:04:57 -05:00
taiyu e121258426 longopt minor fix 2015-08-25 16:39:05 -07:00