From 484395d23f2cdbde9df5d1efb25d5d2751b43aa9 Mon Sep 17 00:00:00 2001 From: David Edmundson Date: Mon, 12 May 2014 16:08:10 +0200 Subject: [PATCH] Start the greeter under the user sddm --- src/daemon/Authenticator.cpp | 4 +--- src/daemon/Display.cpp | 2 +- src/daemon/Greeter.cpp | 36 ++++++++++++++++++++++++++++++++---- src/daemon/Greeter.h | 11 ++++++----- src/daemon/Session.cpp | 9 +++++++-- src/daemon/Session.h | 5 ++++- 6 files changed, 51 insertions(+), 16 deletions(-) diff --git a/src/daemon/Authenticator.cpp b/src/daemon/Authenticator.cpp index eb34d2bf4..172a158b0 100644 --- a/src/daemon/Authenticator.cpp +++ b/src/daemon/Authenticator.cpp @@ -316,9 +316,7 @@ namespace SDDM { } // create user session process - process = new Session(QString("Session%1").arg(daemonApp->newSessionId()), this); - - m_display->addCookie(QString("%1/.Xauthority").arg(pw->pw_dir)); + process = new Session(QString("Session%1").arg(daemonApp->newSessionId()), m_display, this); // set session process params process->setUser(pw->pw_name); diff --git a/src/daemon/Display.cpp b/src/daemon/Display.cpp index 38d0d1496..6bfcbcc6b 100644 --- a/src/daemon/Display.cpp +++ b/src/daemon/Display.cpp @@ -164,7 +164,7 @@ namespace SDDM { m_socketServer->start(m_display); // set greeter params - m_greeter->setDisplay(m_display); + m_greeter->setDisplay(this); m_greeter->setAuthPath(m_authPath); m_greeter->setSocket(m_socketServer->socketAddress()); m_greeter->setTheme(QString("%1/%2").arg(daemonApp->configuration()->themesDir()).arg(daemonApp->configuration()->currentTheme())); diff --git a/src/daemon/Greeter.cpp b/src/daemon/Greeter.cpp index b27e3759b..33bd0c737 100644 --- a/src/daemon/Greeter.cpp +++ b/src/daemon/Greeter.cpp @@ -22,10 +22,16 @@ #include "Configuration.h" #include "Constants.h" #include "DaemonApp.h" +#include "Session.h" +#include "Display.h" #include #include +#include +#include +#include + namespace SDDM { Greeter::Greeter(QObject *parent) : QObject(parent) { } @@ -34,7 +40,7 @@ namespace SDDM { stop(); } - void Greeter::setDisplay(const QString &display) { + void Greeter::setDisplay(Display *display) { m_display = display; } @@ -55,8 +61,30 @@ namespace SDDM { if (m_started) return false; + struct passwd *pw = nullptr; + if (!daemonApp->configuration()->testing) + { + pw = getpwnam(qPrintable("sddm")); + if (!pw) { + qWarning() << "Failed to switch greeter to user sddm. Running greeter as root"; + //continue anyway?? Otherwise we'll block out everyone self compiling + //from logging in + } + } + // create process - m_process = new QProcess(this); + m_process = new Session("sddm-greeter", m_display, this); + + if (pw) { + m_process->setUser(pw->pw_name); + m_process->setDir(pw->pw_dir); + m_process->setUid(pw->pw_uid); + m_process->setGid(pw->pw_gid); + + // take ownership of the socket so we can read/write to it + // -1 = don't change group + chown(qPrintable(m_socket), pw->pw_uid, -1); + } // delete process on finish connect(m_process, SIGNAL(finished(int,QProcess::ExitStatus)), this, SLOT(finished())); @@ -69,7 +97,7 @@ namespace SDDM { // set process environment QProcessEnvironment env = QProcessEnvironment::systemEnvironment(); - env.insert("DISPLAY", m_display); + env.insert("DISPLAY", m_display->name()); env.insert("XAUTHORITY", m_authPath); env.insert("XCURSOR_THEME", daemonApp->configuration()->cursorTheme()); m_process->setProcessEnvironment(env); @@ -84,7 +112,7 @@ namespace SDDM { //if we fail to start bail immediately, and don't block in waitForStarted if (m_process->state() == QProcess::NotRunning) { - qCritical() << "DAEMON: Greeter failed to launch."; + qCritical() << "Greeter failed to launch."; return false; } // wait for greeter to start diff --git a/src/daemon/Greeter.h b/src/daemon/Greeter.h index 3d8d7f427..72773e41d 100644 --- a/src/daemon/Greeter.h +++ b/src/daemon/Greeter.h @@ -22,9 +22,10 @@ #include -class QProcess; - namespace SDDM { + class Session; + class Display; + class Greeter : public QObject { Q_OBJECT Q_DISABLE_COPY(Greeter) @@ -32,7 +33,7 @@ namespace SDDM { explicit Greeter(QObject *parent = 0); ~Greeter(); - void setDisplay(const QString &display); + void setDisplay(Display *display); void setAuthPath(const QString &authPath); void setSocket(const QString &socket); void setTheme(const QString &theme); @@ -49,12 +50,12 @@ namespace SDDM { private: bool m_started { false }; - QString m_display { "" }; + Display *m_display { nullptr }; QString m_authPath { "" }; QString m_socket { "" }; QString m_theme { "" }; - QProcess *m_process { nullptr }; + Session *m_process { nullptr }; }; } diff --git a/src/daemon/Session.cpp b/src/daemon/Session.cpp index dacaab4a2..bbdef6d97 100644 --- a/src/daemon/Session.cpp +++ b/src/daemon/Session.cpp @@ -31,9 +31,10 @@ #include namespace SDDM { - Session::Session(const QString &name, QObject *parent) : + Session::Session(const QString &name, Display *display, QObject *parent) : QProcess(parent), - m_name(name) + m_name(name), + m_display(display) { } @@ -95,7 +96,11 @@ namespace SDDM { } } + + if (!m_dir.isEmpty()) { + m_display->addCookie(QString("%1/.Xauthority").arg(m_dir)); + // change to user home dir if (chdir(qPrintable(m_dir))) { qCritical() << "Failed to change dir to user home."; diff --git a/src/daemon/Session.h b/src/daemon/Session.h index 3749761f9..738fa75f9 100644 --- a/src/daemon/Session.h +++ b/src/daemon/Session.h @@ -23,11 +23,13 @@ #include namespace SDDM { + class Display; + class Session : public QProcess { Q_OBJECT Q_DISABLE_COPY(Session) public: - explicit Session(const QString &name, QObject *parent); + explicit Session(const QString &name, Display *display, QObject *parent); const QString &name() const; @@ -44,6 +46,7 @@ namespace SDDM { QString m_user { "" }; QString m_dir { "" }; + Display *m_display { nullptr }; int m_uid { 0 }; int m_gid { 0 }; };