Drew DeVault
d859f825d3
Fix build error
2016-12-15 19:01:41 -05:00
Drew DeVault
63d96c1bb4
Fix indentation issues
2016-12-15 19:01:41 -05:00
Drew DeVault
10c8b73075
Handle calloc failures
2016-12-15 19:01:41 -05:00
Drew DeVault
a2b9149656
Add remaining sway allocation failure handling
2016-12-15 19:01:41 -05:00
Drew DeVault
7784f1a905
Handle allocation failures in security code
...
Note that such errors are generally going to be fatal
2016-12-15 19:01:41 -05:00
Drew DeVault
31b002b6d5
Handle IPC server allocation failures
2016-12-15 19:01:41 -05:00
Drew DeVault
8cef81d6f2
Handle some more memory allocation failures
2016-12-15 19:01:41 -05:00
Drew DeVault
d75a747a3d
Handle config-related allocation failures
2016-12-15 19:01:41 -05:00
Drew DeVault
248df18c24
Handle allocation failure in commands
2016-12-15 19:01:40 -05:00
Drew DeVault
8691ff1b63
Handle border-related malloc failures
2016-12-15 19:01:40 -05:00
Drew DeVault
4c6c65e70c
Handle malloc failures from read_line
2016-12-15 19:01:40 -05:00
Greg V
da26d69cb1
Fix build on FreeBSD
...
- Make sure CMake always finds absolute paths for Cairo, Pango and GdkPixbuf
- Add forgotten json-c include path to swaymsg/CMakeLists.txt
- Disable -Werror because of assert warnings
- Add correct /proc/pid/file path for FreeBSD
- Use libepoll-shim on FreeBSD
- Only use Linux capabilities on, well, Linux
2016-12-09 19:32:07 +03:00
Drew DeVault
d93e53fd4b
Use return value of write
2016-12-06 09:10:16 -05:00
Drew DeVault
979878d8af
Decrement expected_len
2016-12-04 10:55:11 -05:00
Drew DeVault
1a509dcc29
Fix to sway-security(7)
2016-12-04 09:49:13 -05:00
Drew DeVault
cdecf3c495
Drop restart command from sanity check
...
Since we don't actually have one of those
2016-12-04 09:37:24 -05:00
D.B
35b8d185ac
fix layout switching (was broken because of workspace_layout)
...
For workspace containers, swayc_change_layout also changes ->layout alongside
->workspace_layout when it's a sensible thing to do. There is an additional test
for 'layout toggle' command which ensures that containers will be tiled
horizontally after toggling from tabbed or stacked.
2016-12-04 08:31:34 -05:00
D.B
4762bcb3b9
wrap some views under workspaces
...
If workspace layout is set to tabbed or stacked, its C_VIEW children
should get wrapped in a container. Alongside that, move_container was
modified to retain previous functionality.
2016-12-04 08:31:34 -05:00
D.B
6fb4b6737a
add workspace_layout to container
...
Add swayc_change_layout function, which changes either layout or
workspace_layout, depending on the container type.
2016-12-04 08:31:34 -05:00
Drew DeVault
e7a764fdf4
Disallow everything by default
...
And update config.d/security to configure sane defaults
2016-12-03 12:38:42 -05:00
Drew DeVault
93d99f3712
Fix use-after-free
2016-12-02 18:57:10 -05:00
Drew DeVault
d2d6fcd1ff
Fix clang issues
2016-12-02 18:38:31 -05:00
Drew DeVault
8577095db7
Check for CAP_SYS_PTRACE
2016-12-02 18:37:01 -05:00
Drew DeVault
d353da248b
Add ipc connection feature policy controls
2016-12-02 18:09:19 -05:00
Drew DeVault
62dad7148f
Enforce IPC security policy
2016-12-02 17:55:03 -05:00
Drew DeVault
c8dc4925d1
Add IPC security policy command handlers
2016-12-02 17:34:26 -05:00
Drew DeVault
e9e1a6a409
Add IPC policy to config
...
Also reduces enum abuse, cc @minus7
2016-12-02 16:08:45 -05:00
Drew DeVault
0a1b211e09
Drop -Denable-binding-event
2016-12-02 16:01:33 -05:00
Drew DeVault
25a4a85a59
Run config files through sed and install to /etc
2016-12-02 15:56:36 -05:00
Drew DeVault
751e6d2ab2
Clarify lock permission consequences
2016-12-02 10:34:17 -05:00
Drew DeVault
0c8dc0e6df
Clarify that executable has to be a full path
2016-12-02 10:32:08 -05:00
Drew DeVault
c61746a15b
Soften up environment security
...
So no one gets their feewings hurt
2016-12-02 10:29:50 -05:00
Drew DeVault
a4e92ad272
Deal with LD_LIBRARY_PATH
2016-12-02 10:23:30 -05:00
Drew DeVault
1a143e601b
Clarify when keyboard/mouse features work
2016-12-02 10:17:53 -05:00
Drew DeVault
4d312f753c
Add docs on what features sway programs require
2016-12-02 10:13:06 -05:00
Drew DeVault
3dbeb9c35c
Add sway-security(7)
2016-12-02 10:05:43 -05:00
Drew DeVault
10c2125040
Unset LD_PRELOAD on startup (before dropping root)
...
LD_PRELOAD enables keyloggers to easily be made. This solution isn't
perfect - really a secure system wouldn't have LD_PRELOAD at all. It was
a stupid idea in the first place.
2016-12-02 08:47:47 -05:00
Drew DeVault
04fc10feeb
Flesh out security_sanity_check
2016-12-02 08:42:26 -05:00
Drew DeVault
39cf9a82f7
Enforce command policies
2016-12-02 08:17:45 -05:00
Drew DeVault
f23880b1fd
Add support for command policies in config file
2016-12-02 08:10:03 -05:00
Drew DeVault
0d395681fe
Enforce mouse permissions
2016-12-01 22:11:48 -05:00
Drew DeVault
8aeeacf178
Enforce keyboard permissions
2016-12-01 22:09:33 -05:00
Drew DeVault
ffdbb9d050
Enforce fullscreen permissions
2016-12-01 22:03:36 -05:00
Drew DeVault
dc4b57c868
Shut Clang up
2016-12-01 21:58:38 -05:00
Drew DeVault
21e1b2bef3
Add security checks for background, panel, lock
2016-12-01 21:51:07 -05:00
Drew DeVault
76cab04b4d
Implement permit and reject commands
2016-12-01 21:36:43 -05:00
Drew DeVault
1a8a42f372
Memory leak
2016-12-01 20:39:35 -05:00
Drew DeVault
2675293200
Implement policy lookups
2016-12-01 19:58:11 -05:00
Drew DeVault
44cc0ef125
Add config related code and initial headers
2016-12-01 19:38:36 -05:00
Drew DeVault
5831f7ab68
Write example security config, start on code
2016-12-01 19:27:35 -05:00
D.B
05be14ff7c
change default layout toggle to L_HORIZ
...
After issuing 'layout toggle split' command from tabbed/stacked layout,
layout should have been horizontally split.
2016-11-06 08:13:24 +01:00
D.B
3d1b472b83
swap unnecessary function for strndup
2016-11-03 06:43:12 +01:00
D.B
58eb7ac19f
change bar colors from char[10] to *char
...
This commit removes has_* booleans from bar color struct. It also
generalizes of functions in commands/bar/colors.c.
2016-11-02 21:07:04 +01:00
D.B
ad4d21d60b
add bar colours for focused_(workspace|statusline|separator)
...
If these aren't defined in config, color settings without 'focused_'
prefix are used as a fallback.
2016-11-02 18:58:33 +01:00
D.B
39ee0ec552
use urgent_ws color in swaybar if binding_mode is undefined
2016-11-02 18:58:33 +01:00
Drew DeVault
d3e55f88ec
Log LD_LIBRARY_PATH
2016-10-27 11:05:04 -04:00
Drew DeVault
78b65e2317
Remove duplicate redhat-release line
2016-10-27 10:57:18 -04:00
Drew DeVault
7aef6e66ae
Log uname -a on startup
2016-10-27 10:50:22 -04:00
Drew DeVault
6ad2186f0e
Log contents of distro version files
2016-10-27 10:48:46 -04:00
Drew DeVault
0d6cbcacbe
Log important env vars on startup
2016-10-27 10:37:16 -04:00
Michał Winiarski
e8d8abfbb5
Add left_handed support for input devices
...
Some users may want to switch buttons on their input devices, turns out
libinput already supports it. Let's add a support for it in our config.
Signed-off-by: Michał Winiarski <knr@hardline.pl>
2016-10-25 22:06:23 +02:00
Mykyta Holubakha
2a24772c4b
config: set pango_markup default to false
2016-10-20 16:43:38 +03:00
Drew DeVault
67a9a94596
Overwrite alpha when drawing borders
...
This does two important things when using alpha:
1. At corners, borders don't double in opacity
2. Foreground elements (text) can be made transparent and you can see
fully through to the wallpaper
2016-10-12 22:42:23 -04:00
Drew DeVault
56a7e5fbce
Revert "Merge pull request #952 from SirCmpwn/revert-948-floating-titlebar-click"
...
This reverts commit 857eea8b63
, reversing
changes made to ce713efcd2
.
2016-10-12 21:54:19 -04:00
Drew DeVault
4cba91803e
Revert "Fixes dealing with workspace_layout and related bugs [rfc]"
2016-10-12 21:26:06 -04:00
Drew DeVault
f30f60dad8
Revert "also check floating cons in container_find"
2016-10-12 12:19:02 -04:00
Drew DeVault
ce713efcd2
Merge pull request #945 from thejan2009/workspace_layout
...
Fixes dealing with workspace_layout and related bugs [rfc]
2016-10-11 08:24:38 -04:00
D.B
166c2a3687
generalize wrapping views under workspaces
2016-10-11 09:16:59 +02:00
D.B
571321a1d8
add workspace_layout, ensure ws is always L_HORIZ
...
Add swayc_change_layout function, which changes either layout or
workspace_layout, depending on the container type. Workspace being
always L_HORIZ makes this much more i3-compatible.
2016-10-11 09:16:59 +02:00
D.B
0ddc4279d1
wrap workspace's child into a container if needed
...
If workspace has stacked/tabbed layout, its direct children should be
wrapped into a container which enables them to draw the titlebar.
2016-10-11 09:15:48 +02:00
D.B
24c3b86065
also check floating cons in container_find
2016-10-11 06:22:54 +02:00
Nicolas Cornu
5384d3effe
Can't move an empty workspace
2016-10-11 01:51:55 +02:00
Drew DeVault
8d277bc962
Merge pull request #942 from thejan2009/bugfix-931
...
fix for_window [] move scratchpad
2016-10-08 09:45:21 -04:00
Drew DeVault
0fc03f9c13
Merge pull request #941 from thejan2009/floating-border
...
Fix border color for floating containers
2016-10-08 09:45:06 -04:00
D.B
8264fedce6
fix for_window [] move scratchpad
...
- move wlc_view_set_mask before applying window criteria
- check parent_container because container in scratchpad doesn't have a
parent
2016-10-08 12:37:28 +02:00
D.B
746345e3b8
reorder cmd_handler arrays for bsearch
2016-10-08 11:12:45 +02:00
D.B
77f99480ae
draw indicator border only for non-floating
2016-10-08 09:15:34 +02:00
Nicolas Cornu
382d47e238
Fix creating of sibling floating/children
...
If we want to add a sibling of different type than current
container it failed. Because we add it to the wrong list
2016-10-07 22:29:56 +02:00
Nicolas Cornu
2d82586c88
Add constant scale factor in get_text_size
...
af44154
forget one "get_text_size" made it possible to
do a format string by setting title bar.
2016-10-07 20:38:56 +02:00
D.B
379b1a0378
add focus changing between floating containers
...
It will also wrap if needed.
2016-10-07 09:37:09 +02:00
D.B
d3f5ac8cbb
add force_focus_wrapping option
2016-10-07 08:12:14 +02:00
D.B
7f558ce894
wrap container in direction (if possible)
...
Introduces container wrapping - if there is no other viable move, the
selection wraps on the first container where such action is possible.
2016-10-07 08:12:14 +02:00
Nicolas Cornu
6ced4098dc
fix for click on title_bar
...
- Check null pointer for swayc_parent_by_type
- Split lines to follow coding style
2016-10-06 21:17:45 +02:00
Nicolas Cornu
37065cd0c4
add click on title_bar to focus a container
2016-10-06 20:23:46 +02:00
Drew DeVault
d2aba3ce3a
Merge pull request #924 from zandrmartin/fix-focus-segfault
...
prevent dereference of freed workspace
2016-10-03 08:10:29 -04:00
Zandr Martin
ba581c4442
consolidate nodes json
2016-10-02 22:21:16 -05:00
Zandr Martin
09a44263c3
Merge branch 'master' into fix-focus-segfault
2016-10-02 22:13:40 -05:00
Zandr Martin
4c0e809028
prevent dereference of freed workspace
2016-10-02 22:03:52 -05:00
Patrick Sauter
153620aefe
moved ipc_init above config file processing.
...
This is necessary because commands in the config file (mode for
instance) emit ipc events, and if ipc_init has not been called the
ipc_clients_list is not initialized, and we segfault. This fixes that
bug.
2016-10-02 17:29:40 -05:00
Zandr Martin
58ac1f7f24
fix pointer format string in sway_log() call
2016-10-01 06:40:16 -05:00
Drew DeVault
4e660975a9
Merge pull request #911 from thejan2009/setgid-setuid
...
Split setgid and setuid, add privilege check [RFC]
2016-09-27 14:28:14 -04:00
Drew DeVault
a95ce5ce65
Merge pull request #914 from zandrmartin/container-ids
...
add unique IDs to containers
2016-09-27 14:27:29 -04:00
Ryan Dwyer
64d463142f
Implement default name for workspace command
...
This implements commands such as:
workspace number 9: test
If a workspace with the given number exists then it will be focused,
otherwise a new workspace with the given name will be created.
2016-09-25 21:42:28 +10:00
Zandr Martin
7d947fdb95
add unique IDs to containers
2016-09-21 21:05:09 -05:00
D.B
5e585f9603
Split setgid and setuid, add privilege check
...
This commit deals with issue #884 . I consulted the following sources:
https://www.securecoding.cert.org/confluence/display/c/POS36-C.+Observe+correct+revocation+order+while+relinquishing+privileges
and
https://www.securecoding.cert.org/confluence/display/c/POS37-C.+Ensure+that+privilege+relinquishment+is+successful
2016-09-20 16:25:32 +02:00
Zandr Martin
0516dba3f6
implement "focused container" feature for swaygrab
2016-09-18 16:41:08 -05:00
Zandr Martin
e75217cfb1
fix get_workspaces json reply
2016-09-17 22:00:11 -05:00
Zandr Martin
87080bb9cc
take four!
2016-09-17 16:36:55 -05:00
Zandr Martin
e18b7cdfa9
add global current_focus
pointer
2016-09-17 15:54:45 -05:00
Ryan Dwyer
e4cb4d1b5c
Fix swaybar when running on named outputs.
...
When using a bar on a named output, load_swaybars() requires the
output to be active (ie. in the root container), but this is not the case if
the bar is added to the last output. To fix this, load_swaybars() is now
called after the output has been added to the root container.
After fixing that, swaybar would segfault due to using the wrong index
variable when loading outputs and config.
2016-09-17 17:25:45 +10:00