mirror of
https://github.com/RGBCube/serenity
synced 2025-07-27 06:07:34 +00:00
SystemServer+LoginServer+Userland: Switch to sid-based sockets
This commit does three things atomically: - switch over Core::Account+SystemServer+LoginServer to sid based socket names. - change socket names with %uid to %sid. - add/update necessary pledges and unveils. Userland: Switch over servers to sid based sockets Userland: Properly pledge and unveil for sid based sockets
This commit is contained in:
parent
1df4cc1926
commit
7af5eef0dd
50 changed files with 134 additions and 130 deletions
|
@ -68,15 +68,6 @@ ErrorOr<Account> Account::from_passwd(passwd const& pwd, spwd const& spwd)
|
|||
return account;
|
||||
}
|
||||
|
||||
String Account::parse_path_with_uid(StringView general_path, Optional<uid_t> uid)
|
||||
{
|
||||
if (general_path.contains("%uid"sv)) {
|
||||
auto const final_uid = uid.has_value() ? uid.value() : getuid();
|
||||
return general_path.replace("%uid"sv, String::number(final_uid), ReplaceMode::All);
|
||||
}
|
||||
return general_path;
|
||||
}
|
||||
|
||||
ErrorOr<Account> Account::self([[maybe_unused]] Read options)
|
||||
{
|
||||
Vector<gid_t> extra_gids = TRY(Core::System::getgroups());
|
||||
|
@ -149,14 +140,6 @@ bool Account::authenticate(SecretString const& password) const
|
|||
return hash != nullptr && AK::timing_safe_compare(hash, m_password_hash.characters(), m_password_hash.length());
|
||||
}
|
||||
|
||||
ErrorOr<void> Account::create_user_temporary_directory_if_needed() const
|
||||
{
|
||||
auto const temporary_directory = String::formatted("/tmp/user/{}", m_uid);
|
||||
auto directory = TRY(Core::Directory::create(temporary_directory, Core::Directory::CreateDirectories::Yes));
|
||||
TRY(directory.chown(m_uid, m_gid));
|
||||
return {};
|
||||
}
|
||||
|
||||
ErrorOr<void> Account::login() const
|
||||
{
|
||||
TRY(Core::System::setgroups(m_extra_gids));
|
||||
|
|
|
@ -32,7 +32,6 @@ public:
|
|||
PasswdOnly
|
||||
};
|
||||
|
||||
static String parse_path_with_uid(StringView general_path, Optional<uid_t> force_uid = {});
|
||||
static ErrorOr<Account> self(Read options = Read::All);
|
||||
static ErrorOr<Account> from_name(StringView username, Read options = Read::All);
|
||||
static ErrorOr<Account> from_uid(uid_t uid, Read options = Read::All);
|
||||
|
@ -40,8 +39,6 @@ public:
|
|||
bool authenticate(SecretString const& password) const;
|
||||
ErrorOr<void> login() const;
|
||||
|
||||
ErrorOr<void> create_user_temporary_directory_if_needed() const;
|
||||
|
||||
String username() const { return m_username; }
|
||||
String password_hash() const { return m_password_hash; }
|
||||
|
||||
|
|
|
@ -22,6 +22,7 @@
|
|||
#include <LibCore/LocalServer.h>
|
||||
#include <LibCore/Notifier.h>
|
||||
#include <LibCore/Object.h>
|
||||
#include <LibCore/SessionManagement.h>
|
||||
#include <LibThreading/Mutex.h>
|
||||
#include <LibThreading/MutexProtected.h>
|
||||
#include <errno.h>
|
||||
|
@ -361,7 +362,12 @@ EventLoop::~EventLoop()
|
|||
bool connect_to_inspector_server()
|
||||
{
|
||||
#ifdef __serenity__
|
||||
auto inspector_server_path = Account::parse_path_with_uid("/tmp/user/%uid/portal/inspectables"sv);
|
||||
auto maybe_path = SessionManagement::parse_path_with_sid("/tmp/session/%sid/portal/inspectables"sv);
|
||||
if (maybe_path.is_error()) {
|
||||
dbgln("connect_to_inspector_server: {}", maybe_path.error());
|
||||
return false;
|
||||
}
|
||||
auto inspector_server_path = maybe_path.value();
|
||||
auto maybe_socket = Stream::LocalSocket::connect(inspector_server_path);
|
||||
if (maybe_socket.is_error()) {
|
||||
dbgln("connect_to_inspector_server: Failed to connect: {}", maybe_socket.error());
|
||||
|
|
|
@ -4,9 +4,9 @@
|
|||
* SPDX-License-Identifier: BSD-2-Clause
|
||||
*/
|
||||
|
||||
#include <LibCore/Account.h>
|
||||
#include <LibCore/LocalServer.h>
|
||||
#include <LibCore/Notifier.h>
|
||||
#include <LibCore/SessionManagement.h>
|
||||
#include <LibCore/Stream.h>
|
||||
#include <LibCore/System.h>
|
||||
#include <LibCore/SystemServerTakeover.h>
|
||||
|
@ -38,7 +38,7 @@ ErrorOr<void> LocalServer::take_over_from_system_server(String const& socket_pat
|
|||
if (m_listening)
|
||||
return Error::from_string_literal("Core::LocalServer: Can't perform socket takeover when already listening");
|
||||
|
||||
auto const parsed_path = Core::Account::parse_path_with_uid(socket_path);
|
||||
auto const parsed_path = TRY(Core::SessionManagement::parse_path_with_sid(socket_path));
|
||||
auto socket = TRY(take_over_socket_from_system_server(parsed_path));
|
||||
m_fd = TRY(socket->release_fd());
|
||||
|
||||
|
|
|
@ -13,6 +13,7 @@
|
|||
#include <AK/String.h>
|
||||
#include <AK/Vector.h>
|
||||
#include <LibCore/File.h>
|
||||
#include <LibCore/SessionManagement.h>
|
||||
#include <LibCore/System.h>
|
||||
#include <limits.h>
|
||||
#include <stdarg.h>
|
||||
|
@ -82,7 +83,7 @@ ErrorOr<void> pledge(StringView promises, StringView execpromises)
|
|||
|
||||
ErrorOr<void> unveil(StringView path, StringView permissions)
|
||||
{
|
||||
auto const parsed_path = Core::Account::parse_path_with_uid(path);
|
||||
auto const parsed_path = TRY(Core::SessionManagement::parse_path_with_sid(path));
|
||||
|
||||
Syscall::SC_unveil_params params {
|
||||
{ parsed_path.characters(), parsed_path.length() },
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue