175 lines
5.1 KiB
Diff
175 lines
5.1 KiB
Diff
|
From 8ff6ed03ec4079f32e9b34085414e57be4730e04 Mon Sep 17 00:00:00 2001
|
||
|
From: Tom Hochstein <tom.hochstein@nxp.com>
|
||
|
Date: Wed, 22 Feb 2017 15:53:30 +0200
|
||
|
Subject: [PATCH] weston-launch: Provide a default version that doesn't require
|
||
|
PAM
|
||
|
|
||
|
weston-launch requires PAM for starting weston as a non-root user.
|
||
|
|
||
|
Since starting weston as root is a valid use case by itself, if
|
||
|
PAM is not available, provide a default version of weston-launch
|
||
|
without non-root-user support.
|
||
|
|
||
|
Upstream-Status: Pending
|
||
|
|
||
|
Signed-off-by: Tom Hochstein <tom.hochstein@nxp.com>
|
||
|
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
|
||
|
---
|
||
|
configure.ac | 9 +++++++--
|
||
|
libweston/weston-launch.c | 20 ++++++++++++++++++++
|
||
|
2 files changed, 27 insertions(+), 2 deletions(-)
|
||
|
|
||
|
diff --git a/configure.ac b/configure.ac
|
||
|
index 46cb2c7..bb45f46 100644
|
||
|
--- a/configure.ac
|
||
|
+++ b/configure.ac
|
||
|
@@ -435,13 +435,17 @@ AC_ARG_ENABLE(resize-optimization,
|
||
|
AS_IF([test "x$enable_resize_optimization" = "xyes"],
|
||
|
[AC_DEFINE([USE_RESIZE_POOL], [1], [Use resize memory pool as a performance optimization])])
|
||
|
|
||
|
+AC_ARG_WITH(pam,
|
||
|
+ AS_HELP_STRING([--with-pam], [Use PAM]),
|
||
|
+ [use_pam=$withval], [use_pam=yes])
|
||
|
AC_ARG_ENABLE(weston-launch, [ --enable-weston-launch],, enable_weston_launch=yes)
|
||
|
AM_CONDITIONAL(BUILD_WESTON_LAUNCH, test x$enable_weston_launch = xyes)
|
||
|
-if test x$enable_weston_launch = xyes; then
|
||
|
+if test x$enable_weston_launch = xyes -a x$use_pam = xyes; then
|
||
|
WESTON_SEARCH_LIBS([PAM], [pam], [pam_open_session], [have_pam=yes], [have_pam=no])
|
||
|
if test x$have_pam = xno; then
|
||
|
- AC_ERROR([weston-launch requires pam])
|
||
|
+ AC_ERROR([PAM support is explicitly requested, but libpam couldn't be found])
|
||
|
fi
|
||
|
+ AC_DEFINE([HAVE_PAM], [1], [Define if PAM is available])
|
||
|
fi
|
||
|
|
||
|
AM_CONDITIONAL(HAVE_PANGO, test "x$have_pango" = "xyes")
|
||
|
@@ -701,6 +705,7 @@ AC_MSG_RESULT([
|
||
|
Enable developer documentation ${enable_devdocs}
|
||
|
|
||
|
weston-launch utility ${enable_weston_launch}
|
||
|
+ PAM support ${use_pam}
|
||
|
systemd-login support ${have_systemd_login}
|
||
|
systemd notify support ${enable_systemd_notify}
|
||
|
|
||
|
diff --git a/libweston/weston-launch.c b/libweston/weston-launch.c
|
||
|
index 0491896..07e7469 100644
|
||
|
--- a/libweston/weston-launch.c
|
||
|
+++ b/libweston/weston-launch.c
|
||
|
@@ -51,7 +51,9 @@
|
||
|
|
||
|
#include <pwd.h>
|
||
|
#include <grp.h>
|
||
|
+#ifdef HAVE_PAM
|
||
|
#include <security/pam_appl.h>
|
||
|
+#endif
|
||
|
|
||
|
#ifdef HAVE_SYSTEMD_LOGIN
|
||
|
#include <systemd/sd-login.h>
|
||
|
@@ -93,8 +95,10 @@ drmSetMaster(int drm_fd)
|
||
|
#endif
|
||
|
|
||
|
struct weston_launch {
|
||
|
+#ifdef HAVE_PAM
|
||
|
struct pam_conv pc;
|
||
|
pam_handle_t *ph;
|
||
|
+#endif
|
||
|
int tty;
|
||
|
int ttynr;
|
||
|
int sock[2];
|
||
|
@@ -181,6 +185,7 @@ weston_launch_allowed(struct weston_launch *wl)
|
||
|
return false;
|
||
|
}
|
||
|
|
||
|
+#ifdef HAVE_PAM
|
||
|
static int
|
||
|
pam_conversation_fn(int msg_count,
|
||
|
const struct pam_message **messages,
|
||
|
@@ -221,6 +226,7 @@ setup_pam(struct weston_launch *wl)
|
||
|
|
||
|
return 0;
|
||
|
}
|
||
|
+#endif
|
||
|
|
||
|
static int
|
||
|
setup_launcher_socket(struct weston_launch *wl)
|
||
|
@@ -414,6 +420,7 @@ quit(struct weston_launch *wl, int status)
|
||
|
close(wl->signalfd);
|
||
|
close(wl->sock[0]);
|
||
|
|
||
|
+#ifdef HAVE_PAM
|
||
|
if (wl->new_user) {
|
||
|
err = pam_close_session(wl->ph, 0);
|
||
|
if (err)
|
||
|
@@ -421,6 +428,7 @@ quit(struct weston_launch *wl, int status)
|
||
|
err, pam_strerror(wl->ph, err));
|
||
|
pam_end(wl->ph, err);
|
||
|
}
|
||
|
+#endif
|
||
|
|
||
|
if (ioctl(wl->tty, KDSKBMUTE, 0) &&
|
||
|
ioctl(wl->tty, KDSKBMODE, wl->kb_mode))
|
||
|
@@ -600,6 +608,7 @@ setup_session(struct weston_launch *wl, char **child_argv)
|
||
|
setenv("HOME", wl->pw->pw_dir, 1);
|
||
|
setenv("SHELL", wl->pw->pw_shell, 1);
|
||
|
|
||
|
+#ifdef HAVE_PAM
|
||
|
env = pam_getenvlist(wl->ph);
|
||
|
if (env) {
|
||
|
for (i = 0; env[i]; ++i) {
|
||
|
@@ -608,6 +617,7 @@ setup_session(struct weston_launch *wl, char **child_argv)
|
||
|
}
|
||
|
free(env);
|
||
|
}
|
||
|
+#endif
|
||
|
|
||
|
/*
|
||
|
* We open a new session, so it makes sense
|
||
|
@@ -675,7 +685,9 @@ static void
|
||
|
help(const char *name)
|
||
|
{
|
||
|
fprintf(stderr, "Usage: %s [args...] [-- [weston args..]]\n", name);
|
||
|
+#ifdef HAVE_PAM
|
||
|
fprintf(stderr, " -u, --user Start session as specified username\n");
|
||
|
+#endif
|
||
|
fprintf(stderr, " -t, --tty Start session on alternative tty\n");
|
||
|
fprintf(stderr, " -v, --verbose Be verbose\n");
|
||
|
fprintf(stderr, " -h, --help Display this help message\n");
|
||
|
@@ -688,7 +700,9 @@ main(int argc, char *argv[])
|
||
|
int i, c;
|
||
|
char *tty = NULL;
|
||
|
struct option opts[] = {
|
||
|
+#ifdef HAVE_PAM
|
||
|
{ "user", required_argument, NULL, 'u' },
|
||
|
+#endif
|
||
|
{ "tty", required_argument, NULL, 't' },
|
||
|
{ "verbose", no_argument, NULL, 'v' },
|
||
|
{ "help", no_argument, NULL, 'h' },
|
||
|
@@ -700,9 +714,13 @@ main(int argc, char *argv[])
|
||
|
while ((c = getopt_long(argc, argv, "u:t::vh", opts, &i)) != -1) {
|
||
|
switch (c) {
|
||
|
case 'u':
|
||
|
+#ifdef HAVE_PAM
|
||
|
wl.new_user = optarg;
|
||
|
if (getuid() != 0)
|
||
|
error(1, 0, "Permission denied. -u allowed for root only");
|
||
|
+#else
|
||
|
+ error(1, 0, "-u is unsupported in this weston-launch build");
|
||
|
+#endif
|
||
|
break;
|
||
|
case 't':
|
||
|
tty = optarg;
|
||
|
@@ -740,8 +758,10 @@ main(int argc, char *argv[])
|
||
|
if (setup_tty(&wl, tty) < 0)
|
||
|
exit(EXIT_FAILURE);
|
||
|
|
||
|
+#ifdef HAVE_PAM
|
||
|
if (wl.new_user && setup_pam(&wl) < 0)
|
||
|
exit(EXIT_FAILURE);
|
||
|
+#endif
|
||
|
|
||
|
if (setup_launcher_socket(&wl) < 0)
|
||
|
exit(EXIT_FAILURE);
|
||
|
--
|
||
|
2.1.4
|
||
|
|