diff options
author | Matthieu Herrb <matthieu@cvs.openbsd.org> | 2021-01-10 09:22:43 +0000 |
---|---|---|
committer | Matthieu Herrb <matthieu@herrb.eu> | 2021-08-30 20:01:43 +0200 |
commit | 6e33ecfd5c2ff079477b7fc1f2ece8541a225be9 (patch) | |
tree | 774060cd6780c597da14c83293c29f7e3448b351 | |
parent | f9fda8e6926928edf7b412acdf435a0307542201 (diff) |
Make login_fbtab() work by tweaking the pledges.
chown is needed until the login process is done.
It is removed afterwards.
Also use the console device from the X server root property.
This makes it available on architectures without VTs too.
-rw-r--r-- | xenodm/dm.c | 2 | ||||
-rw-r--r-- | xenodm/session.c | 17 |
2 files changed, 11 insertions, 8 deletions
diff --git a/xenodm/dm.c b/xenodm/dm.c index a524d65..b6ffc0d 100644 --- a/xenodm/dm.c +++ b/xenodm/dm.c @@ -636,7 +636,7 @@ StartDisplay (struct display *d) exit (OPENFAILED_DISPLAY); SetConsolePath(d); SetWindowPath(d); - if (pledge("stdio rpath cpath wpath fattr flock proc dns inet unix exec prot_exec getpw id", NULL) != 0) + if (pledge("stdio rpath cpath wpath chown fattr flock proc dns inet unix exec prot_exec getpw id", NULL) != 0) exit(OPENFAILED_DISPLAY); ManageSession (d); exit (REMANAGE_DISPLAY); diff --git a/xenodm/session.c b/xenodm/session.c index 6ba5179..ae4732f 100644 --- a/xenodm/session.c +++ b/xenodm/session.c @@ -188,8 +188,9 @@ ManageSession (struct display *d) /* * run system-wide reset file */ - if (d->windowPath != NULL) - login_fbtab(d->windowPath, 0, 0); + if (d->consolePath != NULL) { + login_fbtab(d->consolePath, 0, 0); + } Debug ("Source reset program %s\n", d->reset); source (verify.systemEnviron, d->reset); SessionExit (d, OBEYSESS_DISPLAY, true); @@ -305,7 +306,7 @@ StartClient ( pid_t pid; struct passwd* pwd; - if (pledge("stdio rpath wpath cpath fattr proc getpw id exec dns", NULL) != 0) + if (pledge("stdio rpath wpath cpath chown fattr proc getpw id exec dns", NULL) == -1) exit(25); if (vinfo->argv) { @@ -329,10 +330,9 @@ StartClient ( */ pwd = getpwnam(name); if (pwd) { - if (d->windowPath != NULL) { - /* XXX not working because of pledge() */ - Debug("login_fbtab %s %d\n", d->windowPath, geteuid()); - login_fbtab(d->windowPath, pwd->pw_uid, pwd->pw_gid); + if (d->consolePath != NULL) { + Debug("login_fbtab %s %d\n", d->consolePath, geteuid()); + login_fbtab(d->consolePath, pwd->pw_uid, pwd->pw_gid); } if (setusercontext(NULL, pwd, pwd->pw_uid, LOGIN_SETALL) == -1) { LogError ("setusercontext for \"%s\" failed: %s\n", @@ -377,6 +377,9 @@ StartClient ( return 0; default: Debug("StartClient, fork succeeded %d\n", pid); + if (pledge("stdio rpath wpath cpath fattr proc exec id dns", NULL) == -1) + exit(25); + *pidp = pid; return 1; } |