| From a1548c742bf2dedbb47282d8a00407b60bbab669 Mon Sep 17 00:00:00 2001 |
| From: Tom Hochstein <tom.hochstein@nxp.com> |
| Date: Wed, 22 Feb 2017 15:53:30 +0200 |
| Subject: [PATCH] weston-launch: Provide a default version that doesn't require |
| |
| PAM |
| |
| weston-launch requires PAM for starting weston as a non-root user. |
| |
| Since starting weston as root is a valid use case by itself, if |
| PAM is not available, provide a default version of weston-launch |
| without non-root-user support. |
| |
| Upstream-Status: Pending |
| |
| Signed-off-by: Tom Hochstein <tom.hochstein@nxp.com> |
| Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> |
| Signed-off-by: Denys Dmytriyenko <denys@ti.com> |
| Signed-off-by: Ming Liu <ming.liu@toradex.com> |
| |
| --- |
| libweston/meson.build | 16 ++++++++++++---- |
| libweston/weston-launch.c | 21 +++++++++++++++++++++ |
| meson_options.txt | 7 +++++++ |
| 3 files changed, 40 insertions(+), 4 deletions(-) |
| |
| diff --git a/libweston/meson.build b/libweston/meson.build |
| index 08d23ec..cb9fd3f 100644 |
| --- a/libweston/meson.build |
| +++ b/libweston/meson.build |
| @@ -216,16 +216,24 @@ dep_vertex_clipping = declare_dependency( |
| ) |
| |
| if get_option('weston-launch') |
| - dep_pam = cc.find_library('pam') |
| + deps_weston_launch = [systemd_dep, dep_libdrm] |
| |
| - if not cc.has_function('pam_open_session', dependencies: dep_pam) |
| - error('pam_open_session not found for weston-launch') |
| + if get_option('pam') |
| + dep_pam = cc.find_library('pam') |
| + if not cc.has_function('pam_open_session', dependencies: dep_pam) |
| + error('pam_open_session not found for weston-launch') |
| + endif |
| + |
| + if dep_pam.found() |
| + deps_weston_launch += dep_pam |
| + config_h.set('HAVE_PAM', '1') |
| + endif |
| endif |
| |
| executable( |
| 'weston-launch', |
| 'weston-launch.c', |
| - dependencies: [dep_pam, systemd_dep, dep_libdrm], |
| + dependencies: deps_weston_launch, |
| include_directories: common_inc, |
| install: true |
| ) |
| diff --git a/libweston/weston-launch.c b/libweston/weston-launch.c |
| index 521cb2c..2d42d33 100644 |
| --- a/libweston/weston-launch.c |
| +++ b/libweston/weston-launch.c |
| @@ -51,7 +51,9 @@ |
| |
| #include <pwd.h> |
| #include <grp.h> |
| +#ifdef HAVE_PAM |
| #include <security/pam_appl.h> |
| +#endif |
| |
| #ifdef HAVE_SYSTEMD_LOGIN |
| #include <systemd/sd-login.h> |
| @@ -100,8 +102,10 @@ drmSetMaster(int drm_fd) |
| #endif |
| |
| struct weston_launch { |
| +#ifdef HAVE_PAM |
| struct pam_conv pc; |
| pam_handle_t *ph; |
| +#endif |
| int tty; |
| int ttynr; |
| int sock[2]; |
| @@ -192,6 +196,7 @@ weston_launch_allowed(struct weston_launch *wl) |
| return false; |
| } |
| |
| +#ifdef HAVE_PAM |
| static int |
| pam_conversation_fn(int msg_count, |
| const struct pam_message **messages, |
| @@ -232,6 +237,7 @@ setup_pam(struct weston_launch *wl) |
| |
| return 0; |
| } |
| +#endif |
| |
| static int |
| setup_launcher_socket(struct weston_launch *wl) |
| @@ -466,6 +472,7 @@ quit(struct weston_launch *wl, int status) |
| close(wl->signalfd); |
| close(wl->sock[0]); |
| |
| +#ifdef HAVE_PAM |
| if (wl->new_user) { |
| err = pam_close_session(wl->ph, 0); |
| if (err) |
| @@ -473,6 +480,7 @@ quit(struct weston_launch *wl, int status) |
| err, pam_strerror(wl->ph, err)); |
| pam_end(wl->ph, err); |
| } |
| +#endif |
| |
| /* |
| * Get a fresh handle to the tty as the previous one is in |
| @@ -710,6 +718,7 @@ setup_session(struct weston_launch *wl, char **child_argv) |
| setenv("HOME", wl->pw->pw_dir, 1); |
| setenv("SHELL", wl->pw->pw_shell, 1); |
| |
| +#ifdef HAVE_PAM |
| env = pam_getenvlist(wl->ph); |
| if (env) { |
| for (i = 0; env[i]; ++i) { |
| @@ -718,6 +727,7 @@ setup_session(struct weston_launch *wl, char **child_argv) |
| } |
| free(env); |
| } |
| +#endif |
| |
| /* |
| * We open a new session, so it makes sense |
| @@ -789,8 +799,10 @@ static void |
| help(const char *name) |
| { |
| fprintf(stderr, "Usage: %s [args...] [-- [weston args..]]\n", name); |
| +#ifdef HAVE_PAM |
| fprintf(stderr, " -u, --user Start session as specified username,\n" |
| " e.g. -u joe, requires root.\n"); |
| +#endif |
| fprintf(stderr, " -t, --tty Start session on alternative tty,\n" |
| " e.g. -t /dev/tty4, requires -u option.\n"); |
| fprintf(stderr, " -v, --verbose Be verbose\n"); |
| @@ -804,7 +816,9 @@ main(int argc, char *argv[]) |
| int i, c; |
| char *tty = NULL; |
| struct option opts[] = { |
| +#ifdef HAVE_PAM |
| { "user", required_argument, NULL, 'u' }, |
| +#endif |
| { "tty", required_argument, NULL, 't' }, |
| { "verbose", no_argument, NULL, 'v' }, |
| { "help", no_argument, NULL, 'h' }, |
| @@ -816,11 +830,16 @@ main(int argc, char *argv[]) |
| while ((c = getopt_long(argc, argv, "u:t:vh", opts, &i)) != -1) { |
| switch (c) { |
| case 'u': |
| +#ifdef HAVE_PAM |
| wl.new_user = optarg; |
| if (getuid() != 0) { |
| fprintf(stderr, "weston: Permission denied. -u allowed for root only\n"); |
| exit(EXIT_FAILURE); |
| } |
| +#else |
| + fprintf(stderr, "weston: -u is unsupported in this weston-launch build\n"); |
| + exit(EXIT_FAILURE); |
| +#endif |
| break; |
| case 't': |
| tty = optarg; |
| @@ -872,8 +891,10 @@ main(int argc, char *argv[]) |
| if (setup_tty(&wl, tty) < 0) |
| exit(EXIT_FAILURE); |
| |
| +#ifdef HAVE_PAM |
| if (wl.new_user && setup_pam(&wl) < 0) |
| exit(EXIT_FAILURE); |
| +#endif |
| |
| if (setup_launcher_socket(&wl) < 0) |
| exit(EXIT_FAILURE); |
| diff --git a/meson_options.txt b/meson_options.txt |
| index 239bd2d..99e4ec3 100644 |
| --- a/meson_options.txt |
| +++ b/meson_options.txt |
| @@ -73,6 +73,13 @@ option( |
| ) |
| |
| option( |
| + 'pam', |
| + type: 'boolean', |
| + value: true, |
| + description: 'Define if PAM is available' |
| +) |
| + |
| +option( |
| 'xwayland', |
| type: 'boolean', |
| value: true, |