alex/swayfx
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
2136 commits 2 branches 0 tags 43 MiB
Commit graph

1214 commits

Author SHA1 Message Date
Drew DeVault 1172566d4e Change how security config is loaded 2016-12-17 15:21:57 -05:00
Drew DeVault 14d9200e4e Merge pull request #996 from woutershep/datadir 
Use CMAKE_INSTALL_FULL_DATA{,ROOT}DIR
 2016-12-17 14:56:51 -05:00
Wouter van Kesteren 09b9106550 Use CMAKE_INSTALL_FULL_DATA{,ROOT}DIR 
Exherbo installs architecture dependent data in a different place than architecture
independent data. More concretely: binaries go in /usr/$chost/{bin,lib},
data goes in /usr/share and configs in /etc, /etc is already configurable
through CMAKE_INSTALL_FULL_SYSCONFDIR but the datadir was not. This
patch fixes it so that things can be pushed in the right places.
 2016-12-17 01:00:39 +01:00
Drew DeVault d859f825d3 Fix build error 2016-12-15 19:01:41 -05:00
Drew DeVault 63d96c1bb4 Fix indentation issues 2016-12-15 19:01:41 -05:00
Drew DeVault 10c8b73075 Handle calloc failures 2016-12-15 19:01:41 -05:00
Drew DeVault a2b9149656 Add remaining sway allocation failure handling 2016-12-15 19:01:41 -05:00
Drew DeVault 7784f1a905 Handle allocation failures in security code 
Note that such errors are generally going to be fatal
 2016-12-15 19:01:41 -05:00
Drew DeVault 31b002b6d5 Handle IPC server allocation failures 2016-12-15 19:01:41 -05:00
Drew DeVault 8cef81d6f2 Handle some more memory allocation failures 2016-12-15 19:01:41 -05:00
Drew DeVault d75a747a3d Handle config-related allocation failures 2016-12-15 19:01:41 -05:00
Drew DeVault 248df18c24 Handle allocation failure in commands 2016-12-15 19:01:40 -05:00
Drew DeVault 8691ff1b63 Handle border-related malloc failures 2016-12-15 19:01:40 -05:00
Drew DeVault 4c6c65e70c Handle malloc failures from read_line 2016-12-15 19:01:40 -05:00
Greg V da26d69cb1 Fix build on FreeBSD 
- Make sure CMake always finds absolute paths for Cairo, Pango and GdkPixbuf
- Add forgotten json-c include path to swaymsg/CMakeLists.txt
- Disable -Werror because of assert warnings
- Add correct /proc/pid/file path for FreeBSD
- Use libepoll-shim on FreeBSD
- Only use Linux capabilities on, well, Linux
 2016-12-09 19:32:07 +03:00
Drew DeVault d93e53fd4b Use return value of write 2016-12-06 09:10:16 -05:00
Drew DeVault 979878d8af Decrement expected_len 2016-12-04 10:55:11 -05:00
Drew DeVault 1a509dcc29 Fix to sway-security(7) 2016-12-04 09:49:13 -05:00
Drew DeVault cdecf3c495 Drop restart command from sanity check 
Since we don't actually have one of those
 2016-12-04 09:37:24 -05:00
D.B 35b8d185ac fix layout switching (was broken because of workspace_layout) 
For workspace containers, swayc_change_layout also changes ->layout alongside
->workspace_layout when it's a sensible thing to do. There is an additional test
for 'layout toggle' command which ensures that containers will be tiled
horizontally after toggling from tabbed or stacked.
 2016-12-04 08:31:34 -05:00
D.B 4762bcb3b9 wrap some views under workspaces 
If workspace layout is set to tabbed or stacked, its C_VIEW children
should get wrapped in a container. Alongside that, move_container was
modified to retain previous functionality.
 2016-12-04 08:31:34 -05:00
D.B 6fb4b6737a add workspace_layout to container 
Add swayc_change_layout function, which changes either layout or
workspace_layout, depending on the container type.
 2016-12-04 08:31:34 -05:00
Drew DeVault e7a764fdf4 Disallow everything by default 
And update config.d/security to configure sane defaults
 2016-12-03 12:38:42 -05:00
Drew DeVault 93d99f3712 Fix use-after-free 2016-12-02 18:57:10 -05:00
Drew DeVault d2d6fcd1ff Fix clang issues 2016-12-02 18:38:31 -05:00
Drew DeVault 8577095db7 Check for CAP_SYS_PTRACE 2016-12-02 18:37:01 -05:00
Drew DeVault d353da248b Add ipc connection feature policy controls 2016-12-02 18:09:19 -05:00
Drew DeVault 62dad7148f Enforce IPC security policy 2016-12-02 17:55:03 -05:00
Drew DeVault c8dc4925d1 Add IPC security policy command handlers 2016-12-02 17:34:26 -05:00
Drew DeVault e9e1a6a409 Add IPC policy to config 
Also reduces enum abuse, cc @minus7
 2016-12-02 16:08:45 -05:00
Drew DeVault 0a1b211e09 Drop -Denable-binding-event 2016-12-02 16:01:33 -05:00
Drew DeVault 25a4a85a59 Run config files through sed and install to /etc 2016-12-02 15:56:36 -05:00
Drew DeVault 751e6d2ab2 Clarify lock permission consequences 2016-12-02 10:34:17 -05:00
Drew DeVault 0c8dc0e6df Clarify that executable has to be a full path 2016-12-02 10:32:08 -05:00
Drew DeVault c61746a15b Soften up environment security 
So no one gets their feewings hurt
 2016-12-02 10:29:50 -05:00
Drew DeVault a4e92ad272 Deal with LD_LIBRARY_PATH 2016-12-02 10:23:30 -05:00
Drew DeVault 1a143e601b Clarify when keyboard/mouse features work 2016-12-02 10:17:53 -05:00
Drew DeVault 4d312f753c Add docs on what features sway programs require 2016-12-02 10:13:06 -05:00
Drew DeVault 3dbeb9c35c Add sway-security(7) 2016-12-02 10:05:43 -05:00
Drew DeVault 10c2125040 Unset LD_PRELOAD on startup (before dropping root) 
LD_PRELOAD enables keyloggers to easily be made. This solution isn't
perfect - really a secure system wouldn't have LD_PRELOAD at all. It was
a stupid idea in the first place.
 2016-12-02 08:47:47 -05:00
Drew DeVault 04fc10feeb Flesh out security_sanity_check 2016-12-02 08:42:26 -05:00
Drew DeVault 39cf9a82f7 Enforce command policies 2016-12-02 08:17:45 -05:00
Drew DeVault f23880b1fd Add support for command policies in config file 2016-12-02 08:10:03 -05:00
Drew DeVault 0d395681fe Enforce mouse permissions 2016-12-01 22:11:48 -05:00
Drew DeVault 8aeeacf178 Enforce keyboard permissions 2016-12-01 22:09:33 -05:00
Drew DeVault ffdbb9d050 Enforce fullscreen permissions 2016-12-01 22:03:36 -05:00
Drew DeVault dc4b57c868 Shut Clang up 2016-12-01 21:58:38 -05:00
Drew DeVault 21e1b2bef3 Add security checks for background, panel, lock 2016-12-01 21:51:07 -05:00
Drew DeVault 76cab04b4d Implement permit and reject commands 2016-12-01 21:36:43 -05:00
Drew DeVault 1a8a42f372 Memory leak 2016-12-01 20:39:35 -05:00
Drew DeVault 2675293200 Implement policy lookups 2016-12-01 19:58:11 -05:00
Drew DeVault 44cc0ef125 Add config related code and initial headers 2016-12-01 19:38:36 -05:00
Drew DeVault 5831f7ab68 Write example security config, start on code 2016-12-01 19:27:35 -05:00
D.B 05be14ff7c change default layout toggle to L_HORIZ 
After issuing 'layout toggle split' command from tabbed/stacked layout,
layout should have been horizontally split.
 2016-11-06 08:13:24 +01:00
D.B 3d1b472b83 swap unnecessary function for strndup 2016-11-03 06:43:12 +01:00
D.B 58eb7ac19f change bar colors from char[10] to *char 
This commit removes has_* booleans from bar color struct. It also
generalizes of functions in commands/bar/colors.c.
 2016-11-02 21:07:04 +01:00
D.B ad4d21d60b add bar colours for focused_(workspace|statusline|separator) 
If these aren't defined in config, color settings without 'focused_'
prefix are used as a fallback.
 2016-11-02 18:58:33 +01:00
D.B 39ee0ec552 use urgent_ws color in swaybar if binding_mode is undefined 2016-11-02 18:58:33 +01:00
Drew DeVault d3e55f88ec Log LD_LIBRARY_PATH 2016-10-27 11:05:04 -04:00
Drew DeVault 78b65e2317 Remove duplicate redhat-release line 2016-10-27 10:57:18 -04:00
Drew DeVault 7aef6e66ae Log uname -a on startup 2016-10-27 10:50:22 -04:00
Drew DeVault 6ad2186f0e Log contents of distro version files 2016-10-27 10:48:46 -04:00
Drew DeVault 0d6cbcacbe Log important env vars on startup 2016-10-27 10:37:16 -04:00
Michał Winiarski e8d8abfbb5 Add left_handed support for input devices 
Some users may want to switch buttons on their input devices, turns out
libinput already supports it. Let's add a support for it in our config.

Signed-off-by: Michał Winiarski <knr@hardline.pl>
 2016-10-25 22:06:23 +02:00
Mykyta Holubakha 2a24772c4b config: set pango_markup default to false 2016-10-20 16:43:38 +03:00
Drew DeVault 67a9a94596 Overwrite alpha when drawing borders 
This does two important things when using alpha:

1. At corners, borders don't double in opacity
2. Foreground elements (text) can be made transparent and you can see
fully through to the wallpaper
 2016-10-12 22:42:23 -04:00
Drew DeVault 56a7e5fbce Revert "Merge pull request #952 from SirCmpwn/revert-948-floating-titlebar-click" 
This reverts commit 857eea8b63, reversing
changes made to ce713efcd2.
 2016-10-12 21:54:19 -04:00
Drew DeVault 4cba91803e Revert "Fixes dealing with workspace_layout and related bugs [rfc]" 2016-10-12 21:26:06 -04:00
Drew DeVault f30f60dad8 Revert "also check floating cons in container_find" 2016-10-12 12:19:02 -04:00
Drew DeVault ce713efcd2 Merge pull request #945 from thejan2009/workspace_layout 
Fixes dealing with workspace_layout and related bugs [rfc]
 2016-10-11 08:24:38 -04:00
D.B 166c2a3687 generalize wrapping views under workspaces 2016-10-11 09:16:59 +02:00
D.B 571321a1d8 add workspace_layout, ensure ws is always L_HORIZ 
Add swayc_change_layout function, which changes either layout or
workspace_layout, depending on the container type. Workspace being
always L_HORIZ makes this much more i3-compatible.
 2016-10-11 09:16:59 +02:00
D.B 0ddc4279d1 wrap workspace's child into a container if needed 
If workspace has stacked/tabbed layout, its direct children should be
wrapped into a container which enables them to draw the titlebar.
 2016-10-11 09:15:48 +02:00
D.B 24c3b86065 also check floating cons in container_find 2016-10-11 06:22:54 +02:00
Nicolas Cornu 5384d3effe Can't move an empty workspace 2016-10-11 01:51:55 +02:00
Drew DeVault 8d277bc962 Merge pull request #942 from thejan2009/bugfix-931 
fix for_window [] move scratchpad
 2016-10-08 09:45:21 -04:00
Drew DeVault 0fc03f9c13 Merge pull request #941 from thejan2009/floating-border 
Fix border color for floating containers
 2016-10-08 09:45:06 -04:00
D.B 8264fedce6 fix for_window [] move scratchpad 
- move wlc_view_set_mask before applying window criteria
 - check parent_container because container in scratchpad doesn't have a
 parent
 2016-10-08 12:37:28 +02:00
D.B 746345e3b8 reorder cmd_handler arrays for bsearch 2016-10-08 11:12:45 +02:00
D.B 77f99480ae draw indicator border only for non-floating 2016-10-08 09:15:34 +02:00
Nicolas Cornu 382d47e238 Fix creating of sibling floating/children 
If we want to add a sibling of different type than current
container it failed. Because we add it to the wrong list
 2016-10-07 22:29:56 +02:00
Nicolas Cornu 2d82586c88 Add constant scale factor in get_text_size 
af44154 forget one "get_text_size" made it possible to
do a format string by setting title bar.
 2016-10-07 20:38:56 +02:00
D.B 379b1a0378 add focus changing between floating containers 
It will also wrap if needed.
 2016-10-07 09:37:09 +02:00
D.B d3f5ac8cbb add force_focus_wrapping option 2016-10-07 08:12:14 +02:00
D.B 7f558ce894 wrap container in direction (if possible) 
Introduces container wrapping - if there is no other viable move, the
selection wraps on the first container where such action is possible.
 2016-10-07 08:12:14 +02:00
Nicolas Cornu 6ced4098dc fix for click on title_bar 
- Check null pointer for swayc_parent_by_type
- Split lines to follow coding style
 2016-10-06 21:17:45 +02:00
Nicolas Cornu 37065cd0c4 add click on title_bar to focus a container 2016-10-06 20:23:46 +02:00
Drew DeVault d2aba3ce3a Merge pull request #924 from zandrmartin/fix-focus-segfault 
prevent dereference of freed workspace
 2016-10-03 08:10:29 -04:00
Zandr Martin ba581c4442
consolidate nodes json 2016-10-02 22:21:16 -05:00
Zandr Martin 09a44263c3 Merge branch 'master' into fix-focus-segfault 2016-10-02 22:13:40 -05:00
Zandr Martin 4c0e809028
prevent dereference of freed workspace 2016-10-02 22:03:52 -05:00
Patrick Sauter 153620aefe moved ipc_init above config file processing. 
This is necessary because commands in the config file (mode for
instance) emit ipc events, and if ipc_init has not been called the
ipc_clients_list is not initialized, and we segfault.  This fixes that
bug.
 2016-10-02 17:29:40 -05:00
Zandr Martin 58ac1f7f24 fix pointer format string in sway_log() call 2016-10-01 06:40:16 -05:00
Drew DeVault 4e660975a9 Merge pull request #911 from thejan2009/setgid-setuid 
Split setgid and setuid, add privilege check [RFC]
 2016-09-27 14:28:14 -04:00
Drew DeVault a95ce5ce65 Merge pull request #914 from zandrmartin/container-ids 
add unique IDs to containers
 2016-09-27 14:27:29 -04:00
Ryan Dwyer 64d463142f Implement default name for workspace command 
This implements commands such as:

    workspace number 9: test

If a workspace with the given number exists then it will be focused,
otherwise a new workspace with the given name will be created.
 2016-09-25 21:42:28 +10:00
Zandr Martin 7d947fdb95
add unique IDs to containers 2016-09-21 21:05:09 -05:00
D.B 5e585f9603 Split setgid and setuid, add privilege check 
This commit deals with issue #884. I consulted the following sources:
https://www.securecoding.cert.org/confluence/display/c/POS36-C.+Observe+correct+revocation+order+while+relinquishing+privileges
and
https://www.securecoding.cert.org/confluence/display/c/POS37-C.+Ensure+that+privilege+relinquishment+is+successful
 2016-09-20 16:25:32 +02:00
Zandr Martin 0516dba3f6
implement "focused container" feature for swaygrab 2016-09-18 16:41:08 -05:00
Zandr Martin e75217cfb1
fix get_workspaces json reply 2016-09-17 22:00:11 -05:00