The smoketest script has gotten significantly simpler, and can simply be
inlined into the build scripts if we don't care about running the tests
twice.
This should fix CI for mailing list patches.
sd_bus_call drains received messages into the receive queue, and peeks
for its own return value. It does not dispatch the receive queue.
As the socket is drained, the caller will not wake from a poll and have
no reason to dispatch libseat. This has gone unnoticed largely due to
logind sending an event for every device, making it unlikely that no
unread message will be left on the socket.
Like we have done for seatd, we fix this by sending a "ping" request to
logind if anything is left in our receive queue as reported by
sd_bus_get_events. The response to this will wake us up and ensure that
dispatch is called.
When device open or close messages are sent to seatd, libseat must read
messages from the socket until it sees the associated response message.
This means that it may drain enable/disable seat events from the socket,
queueing them internally for deferred processing.
As the socket is drained, the caller will not wake from a poll and have
no reason to dispatch libseat. To ensure that these messages would not
be left in the queue, 6fa82930d0 made it
so that open/close calls would execute all queued events just before
returning.
Unfortunately, this had the side-effect of having events fire from the
stack of libseat_open_device or libseat_close_device, which we now see
cause problems in compositors. Specifically, an issue has been observed
where libinput end up calling libseat_close_device, which in turn
dispatch a disable seat event that calls libinput_suspend. libinput does
not like this.
Instead, remove the execution from libseat_open_device and
libseat_close_device, and instead make a "ping" request to seatd if
events have been queued. The response to this will wake us up and ensure
that dispatch is called.
The parent environment might contain nasty things. Create a new
environment for the seatd process containing only the environment
variables we care about. For now, that's only SEATD_LOGLEVEL.
We previously used execlp to execute seatd, which had the effect of
searching PATH for the executable. This allowed the caller to control
what executable was run, which is bad if SUID has been set.
Instead, expose the absolute install path for seatd from meason as a
define, and use that in a call to execv.
Mimick shells and exit with a status >128 if our child has been
signalled. Exiting with 128 + signal number is what most shells do
(POSIX only requires them to exit with >128).
The command indexing had not been updated afer the introduction of
getopt, so combining a command with flags would fail.
Add error handling for if no command was specified while we're at it.
Instead of relying on seatd's user/group arguments, which require
turning our UID back into a username, just chmod/chown the socket
ourselves once seatd is ready.
We also reduce the permissions to just user access, instead of user and
group like seatd specifies.
New clients could only be added to a VT bound seat if there were no
"active" client, regardless of its actual state. This meant that if one
switched from an "active" VT to an "inactive" VT, the seat would be
blocked while the "active" client was in CLIENT_PENDING_DISABLE, causing
new clients to possibly fail should the old client take its time with
the ack.
Instead, allow new clients to also be added if there is an active client
whose state is CLIENT_PENDING_DISABLE, and there is no client with the
new VT as its session ID.
The kernel Secure Attention Key killer, triggered by SysRq+k, kills all
processes that hold an fd referencing the tty.
To avoid its attention, we stop storing the fd for the currently active
VT in seat state. This has the added benefit of simplifying state a bit.
Test if arguments (e.g. -Wimplicit-fallthrough) is available before
using it as -Wimplicit-fallthrough has been added only since gcc 7.1 and
81fea426da
and so it will raise the following build failure with gcc < 7:
arm-none-linux-gnueabi-gcc: error: unrecognized command line option '-Wimplicit-fallthrough'
Fixes:
- http://autobuild.buildroot.org/results/0ee6816a7cceebdafd07612677a594bdf68e0790
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
This reverts commit 1ae6c3b3dd.
A user might want to run the builtin server as non root, if they have
permission to use the devices.
The check was originally copied from wlroots's direct backend. It was reverted
in fa05d3cde68d with a detailed explanation of why root priviledges are not
always necessary to use the DRM device.
c8b3a22d4e snuck in a change which
converts chown/chmod to fchown/fchmod using the socket fd. This appears
to succeed under Linux, but fails with EINVAL on FreeBSD. As the error
handling in this area was flawed, CI failed to catch the regression.
Partially revert c8b3a22d4e to fix the
regression on FreeBSD.
The UID/GID defaulted to 0, which results in trying to chown to root
when a UID or GID isn't requested. Instead, deafult to -1 so that the
unspecified values are left intact.
This adds the ability to specify the number of an fd that is inherited
by the process as open. Once seatd is read to serve requests, it will
write a single newline and close the fd.
This handler returns the number of dispatched or executed events, or -1
if dispatch_pending failed.
This helper is used to clean up dispatch_background, which now ensures
that all events are executed before we read or poll the connection, and
have improved error handling in the corner case where the second
dispatch_pending failed.
Dispatch needs to report if something has happened, which includes
events executed from the queue as these could have lead to additional
dispatch and queuing.
