1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-10-25 22:02:07 +00:00
Commit graph

41 commits

Author SHA1 Message Date
Cameron Youell
1d24f394c6 Everywhere: Use LibFileSystem where trivial 2023-03-21 19:03:21 +00:00
Tim Schumacher
d43a7eae54 LibCore: Rename File to DeprecatedFile
As usual, this removes many unused includes and moves used includes
further down the chain.
2023-02-13 00:50:07 +00:00
MacDue
83f41d1491 SystemServer: Revert back to inheriting environments again
This reverts the SystemServer exec() logic to how it was before
81bd91c, but now with some extra TRY()s. This allows the HOME var
to always be propagated from LoginServer which prevents needing
to unveil() /etc/passwd everywhere.
2023-02-05 16:40:51 +01:00
Lucas CHOLLET
81bd91c1c3 SystemServer: Propagate errors
This patch also includes some changes in the way that the environment
and arguments are passed to `exec`. It was needed to fit the signature
of `Core::System::exec`. That's beneficial though, as we are now doing
`String` manipulation in a fallible environment, so we can propagate
more errors.
2023-02-01 19:21:10 +01:00
Andrew Kaster
ddf348daeb Everywhere: Use ElapsedTimer::elapsed_time() for comparisons
Simplify a lot of uses of ElapsedTimer by converting the callers to
elapsed_time from elapsed, as the AK::Time returned is better for unit
conversions and comparisons against constants.
2023-01-07 14:51:04 +01:00
Federico Guerinoni
43ff500a80 LibCore: Use ';' to split socket path in SOCKET_TAKEOVER
This allow to use socket path with spaces inside.

Closes #16436.
2022-12-15 12:33:36 -05:00
Linus Groh
57dc179b1f Everywhere: Rename to_{string => deprecated_string}() where applicable
This will make it easier to support both string types at the same time
while we convert code, and tracking down remaining uses.

One big exception is Value::to_string() in LibJS, where the name is
dictated by the ToString AO.
2022-12-06 08:54:33 +01:00
Linus Groh
6e19ab2bbc AK+Everywhere: Rename String to DeprecatedString
We have a new, improved string type coming up in AK (OOM aware, no null
state), and while it's going to use UTF-8, the name UTF8String is a
mouthful - so let's free up the String name by renaming the existing
class.
Making the old one have an annoying name will hopefully also help with
quick adoption :^)
2022-12-06 08:54:33 +01:00
Gunnar Beutner
5f38f5500e SystemServer: Fix race condition in Service::determine_account()
In theory our peer process could die between the call to getsockopt()
and Core::system::stat() and another process could end up with the same
PID which would result in us incorrectly launching the service as
another user (e.g. root).
2022-10-22 19:59:36 +02:00
Peter Elliott
7af5eef0dd SystemServer+LoginServer+Userland: Switch to sid-based sockets
This commit does three things atomically:
- switch over Core::Account+SystemServer+LoginServer to sid based socket
  names.
- change socket names with %uid to %sid.
- add/update necessary pledges and unveils.

Userland: Switch over servers to sid based sockets

Userland: Properly pledge and unveil for sid based sockets
2022-10-03 11:11:29 +02:00
Lucas CHOLLET
507cb411c2 LibCore: Use StringView instead of char * in Account 2022-09-27 21:29:44 +01:00
Lucas CHOLLET
1b36348d8b LibCore+LibIPC: Recognise %uid in path
This patch allows to insert "%uid" in `IPC_CLIENT_CONNECTION`
declaration and in SystemServer's ini files. This pattern is replaced
then replaced by the UID of the owner of the service. It opens a path
for seamlessly managed, per-user portal.
2022-08-14 21:52:35 +01:00
Lucas CHOLLET
f0012c2162 SystemServer: Create accounts with Account::Read::PasswdOnly
This prevents non-root instances of SystemServer to try to open
`/etc/shadow`.
2022-08-14 21:52:35 +01:00
Lucas CHOLLET
a3b8a9a142 SystemServer: Change user only when needed 2022-08-14 21:52:35 +01:00
Lucas CHOLLET
a13ffffbec SystemServer: Unlink before binding a new socket
Prevent "Address already in use" issues when restarting a service.
2022-08-14 21:52:35 +01:00
Lucas CHOLLET
70846d701c LaunchServer+SystemServer: Move the portal to a user-specific directory
Various changes are needed to support this:
 - The directory is created by Core::Account on login (and located in
   /tmp).
 - Service's sockets are now deleted on exit (to allow re-creation)
 - SystemServer needs to handle SIGTERM to correctly destroy services.
2022-07-19 11:15:14 +01:00
sin-ack
3f3f45580a Everywhere: Add sv suffix to strings relying on StringView(char const*)
Each of these strings would previously rely on StringView's char const*
constructor overload, which would call __builtin_strlen on the string.
Since we now have operator ""sv, we can replace these with much simpler
versions. This opens the door to being able to remove
StringView(char const*).

No functional changes.
2022-07-12 23:11:35 +02:00
Lucas CHOLLET
f467ebc933 SystemServer: Detect spawning user for AcceptSocketConnections services
SystemServer now invokes services with the same uid as the process that
made the request.

This allows the superuser to have a normal GUI workflow. For example,
read and write its own files in TextEditor.
2022-06-10 14:20:07 +01:00
Lucas CHOLLET
23fa6b1f7b SystemServer: Add Service::try_create to propagate errors
This static method is used to propagate errors at the creation of the
object.
2022-06-09 22:08:04 +02:00
kleines Filmröllchen
5319e3a03f LibCore+Userland: Remove File::ensure_parent_directories
We have a much safer and more powerful alternative now, so let's move
the few users over.
2022-04-11 00:08:48 +02:00
Idan Horowitz
086969277e Everywhere: Run clang-format 2022-04-01 21:24:45 +01:00
sin-ack
72ef1d7c06 SystemServer: Remove Socket.h header + use Core::System in some places
Various Core::System functions are still missing so not all raw syscalls
were converted just yet.
2022-02-14 11:44:09 +01:00
Jonta
18dab0384d SystemServer: Fixed grammatical error "a charm" 2021-12-19 13:43:34 -08:00
Andreas Kling
8b1108e485 Everywhere: Pass AK::StringView by value 2021-11-11 01:27:46 +01:00
Ben Wiederhake
3d855a801b SystemServer: Rename 'BootModes' config option to 'SystemModes' 2021-10-25 23:38:28 +02:00
Ben Wiederhake
8d13f6ddce Kernel+SystemServer: Change bootmode to system_mode
'bootmode' now only controls which set of services are started by
SystemServer, so it is more appropriate to rename it to system_mode, and
no longer validate it in the Kernel.
2021-10-25 23:38:28 +02:00
Brian Gianforcaro
b5b67a1747 SystemServer: Handle missing service executable gracefully
I use the `configure-components` functionality locally during
development. There are a few services (SpiceAgent) which aren't marked
as required components, and hence aren't built in all configurations,
but we still try to launch them in all configurations.

Instead of letting the forked SystemServer process crash, lets
gracefully handle the situation of a missing binary and provide a
message to the user.
2021-08-07 12:30:50 +02:00
Brian Gianforcaro
808aa31353 Services: Remove unused header includes 2021-08-01 08:10:16 +02:00
Gunnar Beutner
0ca5a393d1 SystemServer: Improve error message when execv() fails
Previously perror() would just tell us that the file specified
for execv() doesn't exist.
2021-06-17 11:03:51 +02:00
Andreas Kling
f0687dbbb7 Services: Convert StringBuilder::appendf() => AK::Format 2021-05-07 21:12:09 +02:00
Brian Gianforcaro
1682f0b760 Everything: Move to SPDX license identifiers in all files.
SPDX License Identifiers are a more compact / standardized
way of representing file license information.

See: https://spdx.dev/resources/use/#identifiers

This was done with the `ambr` search and replace tool.

 ambr --no-parent-ignore --key-from-file --rep-from-file key.txt rep.txt *
2021-04-22 11:22:27 +02:00
sin-ack
5b95850e28 SystemServer+LibCore: Allow service to request multiple sockets
SystemServer only allowed a single socket to be created for a service
before this.  Now, SystemServer will allow any amount of sockets.  The
sockets can be defined like so:

[SomeService]
Socket=/tmp/portal/socket1,/tmp/portal/socket2,/tmp/portal/socket3
SocketPermissions=660,600

The last item in SocketPermissions is applied to the remainder of the
sockets in the Socket= line, so multiple sockets can have the same
permissions without having to repeat them.

Defining multiple sockets is not allowed for socket-activated services
at the moment, and wouldn't make much sense anyway.

This patch also makes socket takeovers more robust by removing the
assumption that the socket will always be passed in fd 3.  Now, the
SOCKET_TAKEOVER environment variable carries information about which
endpoint corresponds to which socket, like so:

SOCKET_TAKEOVER=/tmp/portal/socket1:3 /tmp/portal/socket2:4

and LocalServer/LocalService will parse this automatically and select
the correct one.  The old behavior of getting the default socket is
preserved so long as the service only requests a single socket in
SystemServer.ini.
2021-04-15 21:04:49 +02:00
Gunnar Beutner
8ca5b8c065 LibC: Move S_* defines into <fcntl.h>
According to the Single UNIX Specification, Version 2 that's where
those macros should be defined. This fixes the libiconv port.

This also fixes some (but not all) build errors for the diffutils and nano ports.
2021-04-11 09:51:20 +02:00
Andreas Kling
5d180d1f99 Everywhere: Rename ASSERT => VERIFY
(...and ASSERT_NOT_REACHED => VERIFY_NOT_REACHED)

Since all of these checks are done in release builds as well,
let's rename them to VERIFY to prevent confusion, as everyone is
used to assertions being compiled out in release.

We can introduce a new ASSERT macro that is specifically for debug
checks, but I'm doing this wholesale conversion first since we've
accumulated thousands of these already, and it's not immediately
obvious which ones are suitable for ASSERT.
2021-02-23 20:56:54 +01:00
AnotherTest
09a43969ba Everywhere: Replace dbgln<flag>(...) with dbgln_if(flag, ...)
Replacement made by `find Kernel Userland -name '*.h' -o -name '*.cpp' | sed -i -Ee 's/dbgln\b<(\w+)>\(/dbgln_if(\1, /g'`
2021-02-08 18:08:55 +01:00
asynts
8465683dcf Everywhere: Debug macros instead of constexpr.
This was done with the following script:

    find . \( -name '*.cpp' -o -name '*.h' -o -name '*.in' \) -not -path './Toolchain/*' -not -path './Build/*' -exec sed -i -E 's/dbgln<debug_([a-z_]+)>/dbgln<\U\1_DEBUG>/' {} \;

    find . \( -name '*.cpp' -o -name '*.h' -o -name '*.in' \) -not -path './Toolchain/*' -not -path './Build/*' -exec sed -i -E 's/if constexpr \(debug_([a-z0-9_]+)/if constexpr \(\U\1_DEBUG/' {} \;
2021-01-25 09:47:36 +01:00
Andreas Kling
a85c61ad51 SystemServer: Mask off the set-uid bit in SocketPermissions 2021-01-23 16:45:05 +01:00
asynts
24888457d5 Everywhere: Replace a bundle of dbg with dbgln.
These changes are arbitrarily divided into multiple commits to make it
easier to find potentially introduced bugs with git bisect.
2021-01-22 22:14:30 +01:00
Andreas Kling
c71807a3fc Everywhere: Convert a handful of String::format() => formatted() 2021-01-16 14:52:04 +01:00
Andreas Kling
1a08ac72ad LibC+Everywhere: Remove open_with_path_length() in favor of open()
This API was a mostly gratuitous deviation from POSIX that gave up some
portability in exchange for avoiding the occasional strlen().

I don't think that was actually achieving anything valuable, so let's
just chill out and have the same open() API as everyone else. :^)
2021-01-12 23:34:01 +01:00
Andreas Kling
c7ac7e6eaf Services: Move to Userland/Services/ 2021-01-12 12:23:01 +01:00
Renamed from Services/SystemServer/Service.cpp (Browse further)