mirrors/sway
1
0
Fork 0
mirror of https://github.com/swaywm/sway.git synced 2024-09-23 06:01:21 +02:00
Code Issues Packages Projects Releases Wiki Activity
3,852 Commits 11 Branches 91 Tags 48 MiB
248ea93c1a
Commit Graph

134 Commits

Author SHA1 Message Date
Dominique Martinet
1b7f554474 log_kernel: s/fclose/pclose/ (for popen'd FILE) 
With recent glibc the functions are strictly identical, but this might
not be true for all libc implementations

Found through static analysis.
 2018-07-02 08:03:41 +09:00
Tobias Blass
a5c091e302 Perform (partial) server initialization before dropping privileges. 
Some operations during backend creation (e.g. becoming DRM master)
require CAP_SYS_ADMIN privileges. At this point, sway has dropped them
already, though. This patch splits the privileged part of server_init
into its own function and calls it before dropping its privileges.
This fixes the bug with minimal security implications.
 2018-06-19 00:19:57 +02:00
Tobias Blass
d6d292897f Remove suspicious unconditional return 
This return effectively disables the log_kernel function
 2018-06-05 23:27:35 +02:00
Dominique Martinet
89ae1792b5 sway: run commands without waiting for Xwayland 
Xwayland is lazy now, there is no need to wait at all
 2018-05-16 16:50:56 +09:00
Drew DeVault
603e0e42c5 Add debug tree view 2018-04-06 11:49:27 -04:00
Tony Crisci
f7a20726fc temporarily add LD_LIBRARY_PATH stuff 2018-03-31 15:37:16 -04:00
Tony Crisci
dc8c9fbeb6 Revert "Merge pull request #1653 from swaywm/revert-1647-refactor-tree" 
This reverts commit 472e81f35d, reversing
changes made to 6b7841b11f.
 2018-03-29 23:41:33 -04:00
Drew DeVault
d0c7f66e95
Revert "Refactor tree" 2018-03-29 23:29:29 -04:00
Tony Crisci
ed2cedb544 rename layout init 2018-03-29 17:13:37 -04:00
Tony Crisci
874f009866 move tree includes to their own directory 2018-03-29 14:21:42 -04:00
Dominique Martinet
f5b33cb4b6 fix typos in comments/messages; add shutting down message 2018-01-05 00:07:34 +01:00
Calvin Lee
7196f59db0 Consolidate WLR and Sway logging 
See #1390
 2017-12-31 14:32:28 -07:00
Tony Crisci
9fa70ce426 Merge branch 'wlroots' into feature/input 2017-12-16 07:33:23 -05:00
Tony Crisci
9eecbb5d8a xkb config 2017-12-15 05:22:51 -05:00
Tony Crisci
9333a7eb53 working xcursor 2017-12-09 14:06:00 -05:00
emersion
aaae59026f
Add output config 2017-12-06 12:36:06 +01:00
emersion
90f7f1a0e6
Add minimal config subsystem 2017-12-05 10:40:55 +01:00
Tony Crisci
7152075681 log env after ipc init 2017-12-02 07:49:23 -05:00
Tony Crisci
9696f50eba remove nvidia support claim 2017-11-28 05:40:00 -05:00
Drew DeVault
7753a0ec75 Wire up IPC server 2017-11-22 21:37:07 -05:00
Drew DeVault
db4fb1c85c Add outputs to the tree 2017-11-19 17:04:28 -05:00
Drew DeVault
733993a651 Move everything to sway/old/ 2017-11-18 11:22:02 -05:00
Drew DeVault
7eafcc75f6 Initialize outputs from backend and add to tree 2017-11-11 11:58:43 -05:00
Drew DeVault
7c448b4081 Fire up the wlroots backend and run the event loop 2017-11-11 09:08:50 -05:00
Dan Robertson
88d042ec49
nvidia: Validate the nvidia_drm module options 
When the proprietary nvidia driver is used, ensure the modeset option is
set instead of checking /proc/cmdline for nvidia-drm.modeset=1.
 2017-10-24 22:35:31 +00:00
azarus
5987f19eb2 Check for Raspberry Pi 2017-08-14 22:29:21 +02:00
johalun
7fef283044 FreeBSD fixes 
Increase _POSIX_SOURCE value where needed.
Increase _XOPEN_SOURCE value where needed.
Conditionally link to libcap (only on Linux).
Possibly some trailing whitespace fixes (automatic).
 2017-06-06 09:45:50 +02:00
Mykyta Holubakha
93cf21fb9a Terminate when both suid bit and filecaps are set 2017-05-11 19:33:57 +03:00
Mykyta Holubakha
f736198c31 Initialise logging earlier 2017-05-11 19:29:25 +03:00
Sebastian Noack
173b338567 Add -DVERSION flag for release version numbers 2017-04-26 15:56:46 +02:00
Drew DeVault
b3541d9dc5 Implement more thourough nvidia config check 2017-04-12 10:04:44 -04:00
Drew DeVault
b036ad9b54 Downgrade nvidia proprietary driver warning 2017-04-12 10:04:44 -04:00
JerziKaminsky
aa6bd85da1 Add libcap check to CMake 
- Moved ``<sys/capability.h>`` include inside `__linux__` guard,
  because all uses are similarly guarded.
- <sys/capability.h> is part of an optional devel package, at least
  in fedora. CMake now explicitly checks that libcap devel files
  are available.
- Added libcap to the list of install packages in .travis.yml, to
  make the dependency explicit. travis-ci installs the package by
  default, which is why this hasn't surfaced previously.
 2017-04-07 03:14:16 +03:00
Drew DeVault
9aed9d9359 UnGNUify the codebase 2017-03-10 23:41:24 -05:00
Drew DeVault
407ebe9cd3 Move env logging to earlier than wlc_init 2017-02-23 08:32:11 -05:00
Drew DeVault
126ce571da Read configs from /etc/sway/security.d/* 2017-02-20 07:51:31 -05:00
Mykyta Holubakha
138bcd0cfa Unset LD_LIBRARY_PATH, unless specified 2017-01-16 01:05:05 +02:00
Mykyta Holubakha
d9ba61d7e9 Log capability dropping 2017-01-12 04:35:09 +02:00
Mykyta Holubakha
ea1313d80d Keep CAP_SYS_PTRACE with suid binary 2017-01-12 04:25:27 +02:00
Drew DeVault
1172566d4e Change how security config is loaded 2016-12-17 15:21:57 -05:00
Drew DeVault
4c6c65e70c Handle malloc failures from read_line 2016-12-15 19:01:40 -05:00
Greg V
da26d69cb1 Fix build on FreeBSD 
- Make sure CMake always finds absolute paths for Cairo, Pango and GdkPixbuf
- Add forgotten json-c include path to swaymsg/CMakeLists.txt
- Disable -Werror because of assert warnings
- Add correct /proc/pid/file path for FreeBSD
- Use libepoll-shim on FreeBSD
- Only use Linux capabilities on, well, Linux
 2016-12-09 19:32:07 +03:00
Drew DeVault
979878d8af Decrement expected_len 2016-12-04 10:55:11 -05:00
Drew DeVault
cdecf3c495 Drop restart command from sanity check 
Since we don't actually have one of those
 2016-12-04 09:37:24 -05:00
Drew DeVault
8577095db7 Check for CAP_SYS_PTRACE 2016-12-02 18:37:01 -05:00
Drew DeVault
a4e92ad272 Deal with LD_LIBRARY_PATH 2016-12-02 10:23:30 -05:00
Drew DeVault
10c2125040 Unset LD_PRELOAD on startup (before dropping root) 
LD_PRELOAD enables keyloggers to easily be made. This solution isn't
perfect - really a secure system wouldn't have LD_PRELOAD at all. It was
a stupid idea in the first place.
 2016-12-02 08:47:47 -05:00
Drew DeVault
04fc10feeb Flesh out security_sanity_check 2016-12-02 08:42:26 -05:00
Drew DeVault
dc4b57c868 Shut Clang up 2016-12-01 21:58:38 -05:00
Drew DeVault
5831f7ab68 Write example security config, start on code 2016-12-01 19:27:35 -05:00