Permalink
Browse files

Start the greeter under the user sddm

  • Loading branch information...
1 parent 655228c commit 484395d23f2cdbde9df5d1efb25d5d2751b43aa9 @davidedmundson davidedmundson committed May 12, 2014
Showing with 51 additions and 16 deletions.
  1. +1 −3 src/daemon/Authenticator.cpp
  2. +1 −1 src/daemon/Display.cpp
  3. +32 −4 src/daemon/Greeter.cpp
  4. +6 −5 src/daemon/Greeter.h
  5. +7 −2 src/daemon/Session.cpp
  6. +4 −1 src/daemon/Session.h
@@ -316,9 +316,7 @@ namespace SDDM {
}
// create user session process
- process = new Session(QString("Session%1").arg(daemonApp->newSessionId()), this);
-
- m_display->addCookie(QString("%1/.Xauthority").arg(pw->pw_dir));
+ process = new Session(QString("Session%1").arg(daemonApp->newSessionId()), m_display, this);
// set session process params
process->setUser(pw->pw_name);
@@ -164,7 +164,7 @@ namespace SDDM {
m_socketServer->start(m_display);
// set greeter params
- m_greeter->setDisplay(m_display);
+ m_greeter->setDisplay(this);
m_greeter->setAuthPath(m_authPath);
m_greeter->setSocket(m_socketServer->socketAddress());
m_greeter->setTheme(QString("%1/%2").arg(daemonApp->configuration()->themesDir()).arg(daemonApp->configuration()->currentTheme()));
@@ -22,10 +22,16 @@
#include "Configuration.h"
#include "Constants.h"
#include "DaemonApp.h"
+#include "Session.h"
+#include "Display.h"
#include <QDebug>
#include <QProcess>
+#include <sys/types.h>
+#include <pwd.h>
+#include <unistd.h>
+
namespace SDDM {
Greeter::Greeter(QObject *parent) : QObject(parent) {
}
@@ -34,7 +40,7 @@ namespace SDDM {
stop();
}
- void Greeter::setDisplay(const QString &display) {
+ void Greeter::setDisplay(Display *display) {
m_display = display;
}
@@ -55,8 +61,30 @@ namespace SDDM {
if (m_started)
return false;
+ struct passwd *pw = nullptr;
+ if (!daemonApp->configuration()->testing)
+ {
+ pw = getpwnam(qPrintable("sddm"));
+ if (!pw) {
+ qWarning() << "Failed to switch greeter to user sddm. Running greeter as root";
+ //continue anyway?? Otherwise we'll block out everyone self compiling
+ //from logging in
+ }
+ }
+
// create process
- m_process = new QProcess(this);
+ m_process = new Session("sddm-greeter", m_display, this);
+
+ if (pw) {
+ m_process->setUser(pw->pw_name);
+ m_process->setDir(pw->pw_dir);
+ m_process->setUid(pw->pw_uid);
+ m_process->setGid(pw->pw_gid);
+
+ // take ownership of the socket so we can read/write to it
+ // -1 = don't change group
+ chown(qPrintable(m_socket), pw->pw_uid, -1);
+ }
// delete process on finish
connect(m_process, SIGNAL(finished(int,QProcess::ExitStatus)), this, SLOT(finished()));
@@ -69,7 +97,7 @@ namespace SDDM {
// set process environment
QProcessEnvironment env = QProcessEnvironment::systemEnvironment();
- env.insert("DISPLAY", m_display);
+ env.insert("DISPLAY", m_display->name());
env.insert("XAUTHORITY", m_authPath);
env.insert("XCURSOR_THEME", daemonApp->configuration()->cursorTheme());
m_process->setProcessEnvironment(env);
@@ -84,7 +112,7 @@ namespace SDDM {
//if we fail to start bail immediately, and don't block in waitForStarted
if (m_process->state() == QProcess::NotRunning) {
- qCritical() << "DAEMON: Greeter failed to launch.";
+ qCritical() << "Greeter failed to launch.";
return false;
}
// wait for greeter to start
View
@@ -22,17 +22,18 @@
#include <QObject>
-class QProcess;
-
namespace SDDM {
+ class Session;
+ class Display;
+
class Greeter : public QObject {
Q_OBJECT
Q_DISABLE_COPY(Greeter)
public:
explicit Greeter(QObject *parent = 0);
~Greeter();
- void setDisplay(const QString &display);
+ void setDisplay(Display *display);
void setAuthPath(const QString &authPath);
void setSocket(const QString &socket);
void setTheme(const QString &theme);
@@ -49,12 +50,12 @@ namespace SDDM {
private:
bool m_started { false };
- QString m_display { "" };
+ Display *m_display { nullptr };
QString m_authPath { "" };
QString m_socket { "" };
QString m_theme { "" };
- QProcess *m_process { nullptr };
+ Session *m_process { nullptr };
};
}
@@ -31,9 +31,10 @@
#include <unistd.h>
namespace SDDM {
- Session::Session(const QString &name, QObject *parent) :
+ Session::Session(const QString &name, Display *display, QObject *parent) :
QProcess(parent),
- m_name(name)
+ m_name(name),
+ m_display(display)
{
}
@@ -95,7 +96,11 @@ namespace SDDM {
}
}
+
+
if (!m_dir.isEmpty()) {
+ m_display->addCookie(QString("%1/.Xauthority").arg(m_dir));
+
// change to user home dir
if (chdir(qPrintable(m_dir))) {
qCritical() << "Failed to change dir to user home.";
@@ -23,11 +23,13 @@
#include <QProcess>
namespace SDDM {
+ class Display;
+
class Session : public QProcess {
Q_OBJECT
Q_DISABLE_COPY(Session)
public:
- explicit Session(const QString &name, QObject *parent);
+ explicit Session(const QString &name, Display *display, QObject *parent);
const QString &name() const;
@@ -44,6 +46,7 @@ namespace SDDM {
QString m_user { "" };
QString m_dir { "" };
+ Display *m_display { nullptr };
int m_uid { 0 };
int m_gid { 0 };
};

0 comments on commit 484395d

Please sign in to comment.