summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatthieu Herrb <matthieu@cvs.openbsd.org>2021-01-10 09:22:43 +0000
committerMatthieu Herrb <matthieu@herrb.eu>2021-08-30 20:01:43 +0200
commit6e33ecfd5c2ff079477b7fc1f2ece8541a225be9 (patch)
tree774060cd6780c597da14c83293c29f7e3448b351
parentf9fda8e6926928edf7b412acdf435a0307542201 (diff)
Make login_fbtab() work by tweaking the pledges.
chown is needed until the login process is done. It is removed afterwards. Also use the console device from the X server root property. This makes it available on architectures without VTs too.
-rw-r--r--xenodm/dm.c2
-rw-r--r--xenodm/session.c17
2 files changed, 11 insertions, 8 deletions
diff --git a/xenodm/dm.c b/xenodm/dm.c
index a524d65..b6ffc0d 100644
--- a/xenodm/dm.c
+++ b/xenodm/dm.c
@@ -636,7 +636,7 @@ StartDisplay (struct display *d)
exit (OPENFAILED_DISPLAY);
SetConsolePath(d);
SetWindowPath(d);
- if (pledge("stdio rpath cpath wpath fattr flock proc dns inet unix exec prot_exec getpw id", NULL) != 0)
+ if (pledge("stdio rpath cpath wpath chown fattr flock proc dns inet unix exec prot_exec getpw id", NULL) != 0)
exit(OPENFAILED_DISPLAY);
ManageSession (d);
exit (REMANAGE_DISPLAY);
diff --git a/xenodm/session.c b/xenodm/session.c
index 6ba5179..ae4732f 100644
--- a/xenodm/session.c
+++ b/xenodm/session.c
@@ -188,8 +188,9 @@ ManageSession (struct display *d)
/*
* run system-wide reset file
*/
- if (d->windowPath != NULL)
- login_fbtab(d->windowPath, 0, 0);
+ if (d->consolePath != NULL) {
+ login_fbtab(d->consolePath, 0, 0);
+ }
Debug ("Source reset program %s\n", d->reset);
source (verify.systemEnviron, d->reset);
SessionExit (d, OBEYSESS_DISPLAY, true);
@@ -305,7 +306,7 @@ StartClient (
pid_t pid;
struct passwd* pwd;
- if (pledge("stdio rpath wpath cpath fattr proc getpw id exec dns", NULL) != 0)
+ if (pledge("stdio rpath wpath cpath chown fattr proc getpw id exec dns", NULL) == -1)
exit(25);
if (vinfo->argv) {
@@ -329,10 +330,9 @@ StartClient (
*/
pwd = getpwnam(name);
if (pwd) {
- if (d->windowPath != NULL) {
- /* XXX not working because of pledge() */
- Debug("login_fbtab %s %d\n", d->windowPath, geteuid());
- login_fbtab(d->windowPath, pwd->pw_uid, pwd->pw_gid);
+ if (d->consolePath != NULL) {
+ Debug("login_fbtab %s %d\n", d->consolePath, geteuid());
+ login_fbtab(d->consolePath, pwd->pw_uid, pwd->pw_gid);
}
if (setusercontext(NULL, pwd, pwd->pw_uid, LOGIN_SETALL) == -1) {
LogError ("setusercontext for \"%s\" failed: %s\n",
@@ -377,6 +377,9 @@ StartClient (
return 0;
default:
Debug("StartClient, fork succeeded %d\n", pid);
+ if (pledge("stdio rpath wpath cpath fattr proc exec id dns", NULL) == -1)
+ exit(25);
+
*pidp = pid;
return 1;
}