1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-27 06:07:34 +00:00

SystemServer+LoginServer+Userland: Switch to sid-based sockets

This commit does three things atomically:
- switch over Core::Account+SystemServer+LoginServer to sid based socket
  names.
- change socket names with %uid to %sid.
- add/update necessary pledges and unveils.

Userland: Switch over servers to sid based sockets

Userland: Properly pledge and unveil for sid based sockets
This commit is contained in:
Peter Elliott 2022-09-06 00:04:06 -06:00 committed by Andreas Kling
parent 1df4cc1926
commit 7af5eef0dd
50 changed files with 134 additions and 130 deletions

View file

@ -68,15 +68,6 @@ ErrorOr<Account> Account::from_passwd(passwd const& pwd, spwd const& spwd)
return account;
}
String Account::parse_path_with_uid(StringView general_path, Optional<uid_t> uid)
{
if (general_path.contains("%uid"sv)) {
auto const final_uid = uid.has_value() ? uid.value() : getuid();
return general_path.replace("%uid"sv, String::number(final_uid), ReplaceMode::All);
}
return general_path;
}
ErrorOr<Account> Account::self([[maybe_unused]] Read options)
{
Vector<gid_t> extra_gids = TRY(Core::System::getgroups());
@ -149,14 +140,6 @@ bool Account::authenticate(SecretString const& password) const
return hash != nullptr && AK::timing_safe_compare(hash, m_password_hash.characters(), m_password_hash.length());
}
ErrorOr<void> Account::create_user_temporary_directory_if_needed() const
{
auto const temporary_directory = String::formatted("/tmp/user/{}", m_uid);
auto directory = TRY(Core::Directory::create(temporary_directory, Core::Directory::CreateDirectories::Yes));
TRY(directory.chown(m_uid, m_gid));
return {};
}
ErrorOr<void> Account::login() const
{
TRY(Core::System::setgroups(m_extra_gids));

View file

@ -32,7 +32,6 @@ public:
PasswdOnly
};
static String parse_path_with_uid(StringView general_path, Optional<uid_t> force_uid = {});
static ErrorOr<Account> self(Read options = Read::All);
static ErrorOr<Account> from_name(StringView username, Read options = Read::All);
static ErrorOr<Account> from_uid(uid_t uid, Read options = Read::All);
@ -40,8 +39,6 @@ public:
bool authenticate(SecretString const& password) const;
ErrorOr<void> login() const;
ErrorOr<void> create_user_temporary_directory_if_needed() const;
String username() const { return m_username; }
String password_hash() const { return m_password_hash; }

View file

@ -22,6 +22,7 @@
#include <LibCore/LocalServer.h>
#include <LibCore/Notifier.h>
#include <LibCore/Object.h>
#include <LibCore/SessionManagement.h>
#include <LibThreading/Mutex.h>
#include <LibThreading/MutexProtected.h>
#include <errno.h>
@ -361,7 +362,12 @@ EventLoop::~EventLoop()
bool connect_to_inspector_server()
{
#ifdef __serenity__
auto inspector_server_path = Account::parse_path_with_uid("/tmp/user/%uid/portal/inspectables"sv);
auto maybe_path = SessionManagement::parse_path_with_sid("/tmp/session/%sid/portal/inspectables"sv);
if (maybe_path.is_error()) {
dbgln("connect_to_inspector_server: {}", maybe_path.error());
return false;
}
auto inspector_server_path = maybe_path.value();
auto maybe_socket = Stream::LocalSocket::connect(inspector_server_path);
if (maybe_socket.is_error()) {
dbgln("connect_to_inspector_server: Failed to connect: {}", maybe_socket.error());

View file

@ -4,9 +4,9 @@
* SPDX-License-Identifier: BSD-2-Clause
*/
#include <LibCore/Account.h>
#include <LibCore/LocalServer.h>
#include <LibCore/Notifier.h>
#include <LibCore/SessionManagement.h>
#include <LibCore/Stream.h>
#include <LibCore/System.h>
#include <LibCore/SystemServerTakeover.h>
@ -38,7 +38,7 @@ ErrorOr<void> LocalServer::take_over_from_system_server(String const& socket_pat
if (m_listening)
return Error::from_string_literal("Core::LocalServer: Can't perform socket takeover when already listening");
auto const parsed_path = Core::Account::parse_path_with_uid(socket_path);
auto const parsed_path = TRY(Core::SessionManagement::parse_path_with_sid(socket_path));
auto socket = TRY(take_over_socket_from_system_server(parsed_path));
m_fd = TRY(socket->release_fd());

View file

@ -13,6 +13,7 @@
#include <AK/String.h>
#include <AK/Vector.h>
#include <LibCore/File.h>
#include <LibCore/SessionManagement.h>
#include <LibCore/System.h>
#include <limits.h>
#include <stdarg.h>
@ -82,7 +83,7 @@ ErrorOr<void> pledge(StringView promises, StringView execpromises)
ErrorOr<void> unveil(StringView path, StringView permissions)
{
auto const parsed_path = Core::Account::parse_path_with_uid(path);
auto const parsed_path = TRY(Core::SessionManagement::parse_path_with_sid(path));
Syscall::SC_unveil_params params {
{ parsed_path.characters(), parsed_path.length() },