Accepting request 590863 from GNOME:Factory

- Retire mutter-xwayland-use-gdm-auth-file.patch in favor of
  mutter-xwayland-create-xauthority.patch (bsc#1084737). We now
  create the cookie in mutter itself. (forwarded request 590608 from dimstar)

OBS-URL: https://build.opensuse.org/request/show/590863
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/mutter?expand=0&rev=125
This commit is contained in:
Dominique Leuenberger 2018-03-26 10:57:13 +00:00 committed by Git OBS Bridge
commit 17162f8cd3
4 changed files with 342 additions and 129 deletions

View File

@ -0,0 +1,324 @@
commit 04fab574db9c814196e81a86084a565dcdd4a26b
Author: Hans Petter Jansson <hpj@cl.no>
Date: Wed Mar 14 19:06:42 2018 +0100
Patch 3: mutter-xwayland-use-gdm-auth-file.patch
Index: mutter-3.28.0/src/wayland/meta-wayland.c
===================================================================
--- mutter-3.28.0.orig/src/wayland/meta-wayland.c
+++ mutter-3.28.0/src/wayland/meta-wayland.c
@@ -353,6 +353,7 @@ meta_wayland_init (void)
{
MetaWaylandCompositor *compositor = meta_wayland_compositor_get_default ();
GSource *wayland_event_source;
+ gchar *xauthority_path = NULL;
wayland_event_source = wayland_event_source_new (compositor->wayland_display);
@@ -394,7 +395,8 @@ meta_wayland_init (void)
meta_xwayland_global_filter,
compositor);
- if (!meta_xwayland_start (&compositor->xwayland_manager, compositor->wayland_display))
+ if (!meta_xwayland_start (&compositor->xwayland_manager, compositor->wayland_display,
+ &xauthority_path))
g_error ("Failed to start X Wayland");
if (_display_name_override)
@@ -417,7 +419,10 @@ meta_wayland_init (void)
}
set_gnome_env ("DISPLAY", meta_wayland_get_xwayland_display_name (compositor));
+ set_gnome_env ("XAUTHORITY", xauthority_path);
set_gnome_env ("WAYLAND_DISPLAY", meta_wayland_get_wayland_display_name (compositor));
+
+ g_free (xauthority_path);
}
const char *
Index: mutter-3.28.0/src/wayland/meta-xwayland-private.h
===================================================================
--- mutter-3.28.0.orig/src/wayland/meta-xwayland-private.h
+++ mutter-3.28.0/src/wayland/meta-xwayland-private.h
@@ -26,7 +26,8 @@
gboolean
meta_xwayland_start (MetaXWaylandManager *manager,
- struct wl_display *display);
+ struct wl_display *display,
+ gchar **xauthority_path_out);
void
meta_xwayland_complete_init (void);
Index: mutter-3.28.0/src/wayland/meta-xwayland.c
===================================================================
--- mutter-3.28.0.orig/src/wayland/meta-xwayland.c
+++ mutter-3.28.0/src/wayland/meta-xwayland.c
@@ -32,6 +32,13 @@
#include <sys/socket.h>
#include <sys/un.h>
+/* For Xauthority cookie */
+#include <X11/Xauth.h>
+#include <glib/gstdio.h>
+#include <fcntl.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
#include "compositor/meta-surface-actor-wayland.h"
#include "wayland/meta-wayland-actor-surface.h"
@@ -508,20 +515,231 @@ on_displayfd_ready (int fd,
return G_SOURCE_REMOVE;
}
+/* Cookie generation code snipped from GDM */
+
+static gboolean
+_fd_is_character_device (int fd)
+{
+ struct stat file_info;
+
+ if (fstat (fd, &file_info) < 0) {
+ return FALSE;
+ }
+
+ return S_ISCHR (file_info.st_mode);
+}
+
+static gboolean
+_read_bytes (int fd,
+ char *bytes,
+ gsize number_of_bytes,
+ GError **error)
+{
+ size_t bytes_left_to_read;
+ size_t total_bytes_read = 0;
+ gboolean premature_eof;
+
+ bytes_left_to_read = number_of_bytes;
+ premature_eof = FALSE;
+ do {
+ size_t bytes_read = 0;
+
+ errno = 0;
+ bytes_read = read (fd, ((guchar *) bytes) + total_bytes_read,
+ bytes_left_to_read);
+
+ if (bytes_read > 0) {
+ total_bytes_read += bytes_read;
+ bytes_left_to_read -= bytes_read;
+ } else if (bytes_read == 0) {
+ premature_eof = TRUE;
+ break;
+ } else if ((errno != EINTR)) {
+ break;
+ }
+ } while (bytes_left_to_read > 0);
+
+ if (premature_eof) {
+ g_set_error (error,
+ G_FILE_ERROR,
+ G_FILE_ERROR_FAILED,
+ "No data available");
+
+ return FALSE;
+ } else if (bytes_left_to_read > 0) {
+ g_set_error (error,
+ G_FILE_ERROR,
+ g_file_error_from_errno (errno),
+ "%s", g_strerror (errno));
+ return FALSE;
+ }
+
+ return TRUE;
+}
+
+static char *
+generate_random_bytes (gsize size,
+ GError **error)
+{
+ int fd;
+ char *bytes;
+ GError *read_error;
+
+ /* We don't use the g_rand_* glib apis because they don't document
+ * how much entropy they are seeded with, and it might be less
+ * than the passed in size.
+ */
+
+ errno = 0;
+ fd = open ("/dev/urandom", O_RDONLY);
+
+ if (fd < 0) {
+ g_set_error (error,
+ G_FILE_ERROR,
+ g_file_error_from_errno (errno),
+ "%s", g_strerror (errno));
+ close (fd);
+ return NULL;
+ }
+
+ if (!_fd_is_character_device (fd)) {
+ g_set_error (error,
+ G_FILE_ERROR,
+ g_file_error_from_errno (ENODEV),
+ "/dev/urandom is not a character device");
+ close (fd);
+ return NULL;
+ }
+
+ bytes = g_malloc (size);
+ read_error = NULL;
+ if (!_read_bytes (fd, bytes, size, &read_error)) {
+ g_propagate_error (error, read_error);
+ g_free (bytes);
+ close (fd);
+ return NULL;
+ }
+
+ close (fd);
+ return bytes;
+}
+
+static FILE *
+create_auth_file (char **filename)
+{
+ char *auth_dir = NULL;
+ char *auth_file = NULL;
+ int fd;
+ FILE *fp = NULL;
+
+ auth_dir = g_build_filename (g_get_user_runtime_dir (),
+ "mutter",
+ NULL);
+
+ g_mkdir_with_parents (auth_dir, 0711);
+ auth_file = g_build_filename (auth_dir, "Xauthority", NULL);
+ g_clear_pointer (&auth_dir, g_free);
+
+ fd = open (auth_file, O_RDWR | O_CREAT | O_TRUNC, 0700);
+
+ if (fd < 0) {
+ g_debug ("could not open %s to store auth cookie: %m",
+ auth_file);
+ g_clear_pointer (&auth_file, g_free);
+ goto out;
+ }
+
+ fp = fdopen (fd, "w+");
+
+ if (fp == NULL) {
+ g_debug ("could not set up stream for auth cookie file: %m");
+ g_clear_pointer (&auth_file, g_free);
+ close (fd);
+ goto out;
+ }
+
+ *filename = auth_file;
+out:
+ return fp;
+}
+
+static char *
+prepare_auth_file (void)
+{
+ FILE *fp = NULL;
+ char *filename = NULL;
+ GError *error = NULL;
+ gboolean prepared = FALSE;
+ Xauth auth_entry = { 0 };
+ char localhost[HOST_NAME_MAX + 1] = "";
+
+ g_debug ("Preparing auth file for X server");
+
+ fp = create_auth_file (&filename);
+
+ if (fp == NULL) {
+ return NULL;
+ }
+
+ if (gethostname (localhost, HOST_NAME_MAX) < 0) {
+ strncpy (localhost, "localhost", sizeof (localhost) - 1);
+ }
+
+ auth_entry.family = FamilyLocal;
+ auth_entry.address = localhost;
+ auth_entry.address_length = strlen (auth_entry.address);
+ auth_entry.name = "MIT-MAGIC-COOKIE-1";
+ auth_entry.name_length = strlen (auth_entry.name);
+
+ auth_entry.data_length = 16;
+ auth_entry.data = generate_random_bytes (auth_entry.data_length, &error);
+
+ if (error != NULL) {
+ goto out;
+ }
+
+ if (!XauWriteAuth (fp, &auth_entry) || fflush (fp) == EOF) {
+ goto out;
+ }
+
+ auth_entry.family = FamilyWild;
+ if (!XauWriteAuth (fp, &auth_entry) || fflush (fp) == EOF) {
+ goto out;
+ }
+
+ prepared = TRUE;
+
+out:
+ g_clear_pointer (&auth_entry.data, g_free);
+ g_clear_pointer (&fp, fclose);
+
+ if (!prepared) {
+ g_clear_pointer (&filename, g_free);
+ }
+
+ return filename;
+}
+
gboolean
meta_xwayland_start (MetaXWaylandManager *manager,
- struct wl_display *wl_display)
+ struct wl_display *wl_display,
+ gchar **xauthority_path_out)
{
int xwayland_client_fd[2];
int displayfd[2];
gboolean started = FALSE;
g_autoptr(GSubprocessLauncher) launcher = NULL;
GSubprocessFlags flags;
+ gchar *auth_file = NULL;
GError *error = NULL;
if (!choose_xdisplay (manager))
goto out;
+ auth_file = prepare_auth_file ();
+ if (!auth_file)
+ g_error ("Unable to create X authority file");
+
/* We want xwayland to be a wayland client so we make a socketpair to setup a
* wayland protocol connection. */
if (socketpair (AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0, xwayland_client_fd) < 0)
@@ -566,6 +784,7 @@ meta_xwayland_start (MetaXWaylandManager
"-terminate",
"-accessx",
"-core",
+ "-auth", auth_file,
"-listen", "4",
"-listen", "5",
"-displayfd", "6",
@@ -588,6 +807,11 @@ meta_xwayland_start (MetaXWaylandManager
manager->init_loop = g_main_loop_new (NULL, FALSE);
g_main_loop_run (manager->init_loop);
+ if (xauthority_path_out)
+ *xauthority_path_out = auth_file;
+ else
+ g_free (auth_file);
+
started = TRUE;
out:

View File

@ -1,123 +0,0 @@
Index: mutter-3.28.0/src/wayland/meta-xwayland.c
===================================================================
--- mutter-3.28.0.orig/src/wayland/meta-xwayland.c
+++ mutter-3.28.0/src/wayland/meta-xwayland.c
@@ -32,6 +32,12 @@
#include <sys/socket.h>
#include <sys/un.h>
+/* For g_open() */
+#include <glib/gstdio.h>
+#include <fcntl.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
#include "compositor/meta-surface-actor-wayland.h"
#include "wayland/meta-wayland-actor-surface.h"
@@ -508,6 +514,37 @@ on_displayfd_ready (int fd,
return G_SOURCE_REMOVE;
}
+/* Look for an Xauthority file that may have been created by gdm */
+static char *
+find_auth_file (void)
+{
+ char *auth_dir = NULL;
+ char *auth_file = NULL;
+ int fd;
+
+ auth_dir = g_build_filename (g_get_user_runtime_dir (),
+ "gdm",
+ NULL);
+
+ auth_file = g_build_filename (auth_dir, "Xauthority", NULL);
+ g_clear_pointer (&auth_dir, g_free);
+
+ /* Check that we can open the file. In theory it could still go away before
+ * Xwayland gets a chance to run, but at least we can be fairly sure. */
+
+ fd = g_open (auth_file, O_RDWR, 0700);
+
+ if (fd < 0) {
+ g_clear_pointer (&auth_file, g_free);
+ goto out;
+ }
+
+ g_close (fd, NULL);
+
+out:
+ return auth_file;
+}
+
gboolean
meta_xwayland_start (MetaXWaylandManager *manager,
struct wl_display *wl_display)
@@ -517,11 +554,14 @@ meta_xwayland_start (MetaXWaylandManager
gboolean started = FALSE;
g_autoptr(GSubprocessLauncher) launcher = NULL;
GSubprocessFlags flags;
+ gchar *auth_file = NULL;
GError *error = NULL;
if (!choose_xdisplay (manager))
goto out;
+ auth_file = find_auth_file ();
+
/* We want xwayland to be a wayland client so we make a socketpair to setup a
* wayland protocol connection. */
if (socketpair (AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0, xwayland_client_fd) < 0)
@@ -560,16 +600,34 @@ meta_xwayland_start (MetaXWaylandManager
* won't try to reconnect and crash, leaving uninteresting core dumps. We do
* want core dumps from Xwayland but only if a real bug occurs...
*/
- manager->proc = g_subprocess_launcher_spawn (launcher, &error,
- XWAYLAND_PATH, manager->display_name,
- "-rootless",
- "-terminate",
- "-accessx",
- "-core",
- "-listen", "4",
- "-listen", "5",
- "-displayfd", "6",
- NULL);
+ if (auth_file)
+ {
+ manager->proc = g_subprocess_launcher_spawn (launcher, &error,
+ XWAYLAND_PATH, manager->display_name,
+ "-rootless",
+ "-terminate",
+ "-accessx",
+ "-core",
+ "-auth", auth_file,
+ "-listen", "4",
+ "-listen", "5",
+ "-displayfd", "6",
+ NULL);
+ }
+ else
+ {
+ manager->proc = g_subprocess_launcher_spawn (launcher, &error,
+ XWAYLAND_PATH, manager->display_name,
+ "-rootless",
+ "-terminate",
+ "-accessx",
+ "-core",
+ "-listen", "4",
+ "-listen", "5",
+ "-displayfd", "6",
+ NULL);
+ }
+
if (!manager->proc)
{
g_error ("Failed to spawn Xwayland: %s", error->message);
@@ -591,6 +649,7 @@ meta_xwayland_start (MetaXWaylandManager
started = TRUE;
out:
+ g_free (auth_file);
if (!started)
{
unlink (manager->lock_file);

View File

@ -1,3 +1,17 @@
-------------------------------------------------------------------
Thu Mar 22 20:04:16 CET 2018 - hpj@suse.com
- Retire mutter-xwayland-use-gdm-auth-file.patch in favor of
mutter-xwayland-create-xauthority.patch (bsc#1084737). We now
create the cookie in mutter itself.
-------------------------------------------------------------------
Tue Mar 20 16:57:50 UTC 2018 - dimstar@opensuse.org
- Unconditionally enable translation-update-upstream: on
Tumbleweed, this results in a NOP and for Leap in SLE paid
translations being used (boo#1086036).
-------------------------------------------------------------------
Wed Mar 14 01:58:11 CET 2018 - hpj@suse.com

View File

@ -30,8 +30,8 @@ Source0: http://download.gnome.org/sources/mutter/3.28/%{name}-%{version}
Patch0: mutter-fix-startup.patch
# PATCH-FEATURE-UPSTREAM mutter-iconcache-Support-RGB16_565-format-for-16-bit-color-.patch FATE#323412 bgo#781704 bsc#1024748 vliaskovitis@suse.com -- iconcache: Support RGB16_565 format for 16-bit sessions
Patch1: mutter-iconcache-Support-RGB16_565-format-for-16-bit-color-.patch
# PATCH-FIX-OPENSUSE mutter-xwayland-use-gdm-auth-file.patch bsc#1084737 hpj@suse.com -- Pass an Xauthority file to Xwayland -auth if found
Patch2: mutter-xwayland-use-gdm-auth-file.patch
# PATCH-FIX-OPENSUSE mutter-xwayland-create-xauthority.patch bsc#1084737 hpj@suse.com -- Create and pass an Xauthority file to Xwayland and session
Patch2: mutter-xwayland-create-xauthority.patch
# SLE-only patches start at 1000
# PATCH-FEATURE-SLE mutter-SLE-bell.patch FATE#316042 bnc#889218 idonmez@suse.com -- make audible bell work out of the box.
Patch1000: mutter-SLE-bell.patch
@ -45,6 +45,7 @@ BuildRequires: Mesa-libGLESv3-devel
BuildRequires: fdupes
BuildRequires: intltool
BuildRequires: pkgconfig
BuildRequires: translation-update-upstream
BuildRequires: zenity
BuildRequires: pkgconfig(cairo) >= 1.10.0
BuildRequires: pkgconfig(egl)
@ -91,9 +92,6 @@ Recommends: %{name}-lang
Provides: windowmanager
# Obsolete the now private typelib.
Obsoletes: typelib-1_0-Meta-3_0
%if !0%{?is_opensuse}
BuildRequires: translation-update-upstream
%endif
%description
Mutter is a window and compositing manager based on Clutter, forked
@ -147,8 +145,8 @@ applications that want to make use of the mutter library.
%patch2 -p1
# SLE-only patches and translations.
%if !0%{?is_opensuse}
translation-update-upstream
%if !0%{?is_opensuse}
%patch1000 -p1
%patch1001 -p1
%patch1002 -p1