abstract sockets

[totaam]

Trivial to add, since I'm in the process of cleaning up the code in xpra.net

Somewhat also inspired by algorythmic/turbovnc@1028467

[totaam]

Implemented in the commit above:

Example usage:

xpra start --bind=@test

Attach with:

xpra attach @test

Only one item left: automatically create abstract sockets with the display name when --bind=auto?
--bind=@$DISPLAY_NO ?

[totaam]

Good enough for this release.
--bind=auto now creates an abstract socket automagically using the form @xpra/${DISPLAY_NO}:

xpra start --start=xterm :10

$ lsof -U | grep "@" | grep py
python3.1 968201 antoine   15u  unix 0x00000000f524a112      0t0 5712893 @xpra/10 type=STREAM (LISTEN)

The client will transparently try to use the abstract socket if it finds it:

xpra attach :10

Or exclusively if we request it more explicitly:

xpra attach @10

python3.1 974233 antoine   18u  unix 0x000000000f42bf4d      0t0 5784633 @xpra/10 type=STREAM (CONNECTED)

---

I'm not 100% sure that overloading the bind option is the right way to do this.
If there are no auth attributes, abstract sockets will use peercred:

xpra/xpra/net/socket_util.py

Line 36 in 62b305e

ABSTRACT_SOCKET_AUTH = os.environ.get("XPRA_ABSTRACT_SOCKET_AUTH", "peercred")

This ensures that other users on the same system can't use abstract sockets to bypass the access restrictions normally enforced by the file permissions of regular unix domain sockets.
The downside is that other users can now query xpra version on servers which they may not have had any access to previously.
Anyone really concerned by this (why? containers with host networking?) can use --bind=noabstract which does the same as --bind=auto but without creating the abstract socket.
AUTO_ABSTRACT_SOCKET=0 also disables abstract sockets and skips trying to connect to them too.