Commit graph

138 commits

Author SHA1 Message Date
Drew DeVault
10c2125040 Unset LD_PRELOAD on startup (before dropping root)
LD_PRELOAD enables keyloggers to easily be made. This solution isn't
perfect - really a secure system wouldn't have LD_PRELOAD at all. It was
a stupid idea in the first place.
2016-12-02 08:47:47 -05:00
Drew DeVault
04fc10feeb Flesh out security_sanity_check 2016-12-02 08:42:26 -05:00
Drew DeVault
dc4b57c868 Shut Clang up 2016-12-01 21:58:38 -05:00
Drew DeVault
5831f7ab68 Write example security config, start on code 2016-12-01 19:27:35 -05:00
Drew DeVault
d3e55f88ec Log LD_LIBRARY_PATH 2016-10-27 11:05:04 -04:00
Drew DeVault
78b65e2317 Remove duplicate redhat-release line 2016-10-27 10:57:18 -04:00
Drew DeVault
7aef6e66ae Log uname -a on startup 2016-10-27 10:50:22 -04:00
Drew DeVault
6ad2186f0e Log contents of distro version files 2016-10-27 10:48:46 -04:00
Drew DeVault
0d6cbcacbe Log important env vars on startup 2016-10-27 10:37:16 -04:00
Patrick Sauter
153620aefe moved ipc_init above config file processing.
This is necessary because commands in the config file (mode for
instance) emit ipc events, and if ipc_init has not been called the
ipc_clients_list is not initialized, and we segfault.  This fixes that
bug.
2016-10-02 17:29:40 -05:00
D.B
5e585f9603 Split setgid and setuid, add privilege check
This commit deals with issue #884. I consulted the following sources:
https://www.securecoding.cert.org/confluence/display/c/POS36-C.+Observe+correct+revocation+order+while+relinquishing+privileges
and
https://www.securecoding.cert.org/confluence/display/c/POS37-C.+Ensure+that+privilege+relinquishment+is+successful
2016-09-20 16:25:32 +02:00
Drew DeVault
416417a54c Reorganize includes 2016-09-01 08:18:37 -04:00
Daniel Lockyer
c9d634414a sway/main.c: simplify free'ing by switching to the helper method 2016-05-05 23:30:28 +01:00
Drew DeVault
54c635ca16 Update to wlc 0.0.2 2016-04-16 10:22:50 -04:00
Mikkel Oscar Lyderik
71a5350b68 Implement include command
The include command (`include <path>`) makes it possible to include sub
config files from the main config file (or from within other sub config
files).

The include command uses the following rules for including config files:

* the `path` can be either a full path or a path that is relative to the
  parent config. Shell expansion is supported, so it's possible to do
  `include ~/.config/sway.d/*`.
* The same config file can only be included once (to prevent include
  cycles). If a config is included multiple times it will just be
  ignored after it has been included once.
* Including a sub config file is the same as inserting the content of
  that file into the parent config, thus rules about overwriting
  bindsyms etc. works the same as for a single config.

Implement #542
2016-03-26 16:37:50 +01:00
Mikkel Oscar Lyderik
938ff29b7b Gracefully exit when config is not found
This makes sure that sway will gracefully exit if the config is not
found or sway is unable to read it.
2016-03-24 22:20:25 +01:00
Drew DeVault
06107bb44e Make the nvidia warning louder 2016-03-24 16:48:53 -04:00
Drew DeVault
fd061d4dc4 Don't set WLC_DIM on startup 2016-03-24 14:09:18 -04:00
Drew DeVault
5c85c018b4 Update to new WLC API 2016-03-24 14:08:53 -04:00
Mikkel Oscar Lyderik
67bbcceba1 Free config before exiting sway.
Apart from freeing the sway_config struct, this also terminates the
swaybars spawned by sway, since they are linked by PID to the bar config
structs.
2016-02-27 22:13:15 +01:00
Mikkel Oscar Lyderik
5e253fdd9a Correctly exit sway on errors.
Calling `exit` in sway_terminate prevents sway from correctly shutting
down (freeing data, cleanly terminating the ipc server, etc.).

A better way is to exit straight away if the failure occurs before
`wlc_run` and use sway_abort as usual if it occur when wlc is running.
2016-02-26 09:42:21 +01:00
Yacine Hmito
c400ca8f88 Fix for when sway_abort doesn't exit
sway_terminate does an exit in case wlc_terminate doesn't
2016-02-25 23:46:27 +01:00
Yacine Hmito
e239fbbd88 No options when using sway as IPC client
Sway used to attempt sending an IPC command composed of every argument
after the first non-option argument encountered.
Now, raises an error if an option is encountered before the intended command.
Some options such as -h or -v take effect when parsing, so they still
apply.
2016-02-25 23:04:59 +01:00
Yacine Hmito
179192e222 Removed p as a valid CLI option
The get-socketpath long option had an undocumented short alternative
as `p`. It has been removed.
However, the code in the options array is still the 'p' char.
2016-02-25 21:50:24 +01:00
crondog
cd0eaf00da Prevent ipc from crashing sway 2016-01-22 12:29:18 +11:00
Cole Mickens
28081b7689 libinput 2016-01-19 06:51:36 -08:00
Mikkel Oscar Lyderik
2e0ef533f2 Init layout before checking config 2016-01-05 19:16:46 +01:00
Mikkel Oscar Lyderik
16b8c2e915 Handle SIGTERM sent to sway
This makes sway handle and gracefully shut down everything when
receiving a SIGTERM.

Fix #416
2015-12-29 13:03:53 +01:00
Streetwalrus Einstein
774ffbe0d5 Detect proprietary AMD drivers too 2015-12-14 18:13:44 +02:00
Drew DeVault
af80b12add Implement invoking sway as IPC client
As an alternative to invoking swaymsg.
2015-12-12 13:01:00 -05:00
Drew DeVault
25ad3181f5 Merge pull request #276 from sce/earlier_logging
main: Setup logging before wlc_init.
2015-11-29 09:08:56 -05:00
S. Christoffer Eliesen
c26a4b42cf main: Setup logging before wlc_init.
If `wlc_init` fails the error message will never be logged or printed
anywhere.
2015-11-29 15:01:47 +01:00
Christoph Gysin
923c3245ac Fix option parsing
Using 'flag' results in duplicate code paths for short and long options.

This broke the -q short option in swaymsg, because there was:

 {"quiet", no_argument, &quiet, 'q'}

Which will set quiet to 'q' and return 0, not 'q'.
2015-11-28 23:50:44 +02:00
Christoph Gysin
2f2e1f3fc7 sway: Add --help option that prints usage 2015-11-28 23:50:44 +02:00
Christoph Gysin
e48a16ce5e sway: Print usage and exit on unknown options 2015-11-28 23:50:44 +02:00
Christoph Gysin
3ba33321de Use macros for exit values 2015-11-28 23:50:10 +02:00
S. Christoffer Eliesen
20cb390323 sway/main: Move wlc init to after args are handled.
First of all because it's not needed that early, and second of all
because there's a bug where calling `sway --get-socketpath` via `popen`
causes the child sway process to spin/hang instead of returning EOF.
(Specifically `(unset SWAYSOCK; swaymsg)` hangs.) This patch fixes that.

(Also note that this patch moves the "detailed review" comment, so I
guess this patch requires extra detailed review?)
2015-11-28 20:35:57 +01:00
Drew DeVault
27f03c705d Move IPC client into common, refactor IPC 2015-11-27 09:50:04 -05:00
Drew DeVault
82db2a57a9 Basic support for extensions in server and clients 2015-11-18 22:01:22 -05:00
S. Christoffer Eliesen
f64b7e71d4 ipc: Store socketname in SWAYSOCK. Fixes --get-socketpath.
After adding pid to the socket path the `--get-socketpath` command broke
because it doesn't know the pid of the running instance. Fix this by
setting and querying `SWAYSOCK`.

Also ignore `SWAYSOCK` upon normal startup if a socket exists at that
location (ie. from another sway instance), and don't overwrite `I3SOCK`
if it exists either.
2015-11-13 18:18:52 +01:00
S. Christoffer Eliesen
3be11a08e6 main: Implement --get-socketpath switch. 2015-10-18 19:53:56 +02:00
taiyu
18f4905e62 #187, let init handle child processes 2015-10-08 08:12:31 -07:00
Drew DeVault
5bcecbb751 Revert "#187 cleanup zombies properly" 2015-10-08 06:24:35 -04:00
taiyu
5539fd89be #187 cleanup zombies properly using default 2015-10-07 16:18:57 -07:00
Drew DeVault
318e1be240 Fix warnings introduced by prior commit 2015-09-18 07:27:35 -04:00
Drew DeVault
8e25ce4e57 Fix build for debian stretch
Fixes #182
2015-09-18 07:16:20 -04:00
Drew DeVault
1756a4f2da fclose /proc/modules when we're done with it 2015-09-02 11:47:15 -04:00
Drew DeVault
4ef60e7c09 Add check for nvidia module and warn user 2015-09-02 11:46:21 -04:00
Drew DeVault
eb003689a3 Log sway version on startup 2015-09-02 09:42:27 -04:00
Luminarys
42de135c3a Added in better versioning info 2015-08-26 21:13:53 -05:00
taiyu
1fa7a91bfb move_container_to fixup 2015-08-26 11:01:26 -07:00
Luminarys
38cfdf99f4 Added in build version based on git hash 2015-08-25 22:04:57 -05:00
taiyu
e121258426 longopt minor fix 2015-08-25 16:39:05 -07:00
Drew DeVault
e78221e6a0 Prefix log events from wlc with [wlc] 2015-08-23 13:31:16 -04:00
Drew DeVault
ac2034df99 Handle wlc log events 2015-08-23 13:08:04 -04:00
Drew DeVault
2a799a731f Remove wlc logging stuff 2015-08-21 18:24:54 -04:00
minus
f26ed32e46 added sway_terminate to exit cleanly 2015-08-20 15:27:56 +02:00
minus
91c0877264 properly exit sway
- wlc_terminate() instead of exit(0)
- unlink IPC socket
2015-08-20 15:24:33 +02:00
minus
8981b48cd2 very basic IPC implementation
simply executes the received data as command
2015-08-20 15:24:33 +02:00
Drew DeVault
579fe70ed9 Add command line parsing
Closes #6
2015-08-20 08:37:24 -04:00
Drew DeVault
3f3d1ffee4 Rearrange main.c some more 2015-08-17 18:20:56 -04:00
Luminarys
7427ce8930 Switched config loading order to prevent root access w/wlc 2015-08-17 17:15:05 -05:00
Drew DeVault
a092df52da Remove WLC_IDLE_TIME environment variable 2015-08-16 13:04:59 -04:00
Drew DeVault
6e8280e7fd Config errors should not be fatal 2015-08-16 12:03:34 -04:00
Drew DeVault
0ed6501aa4 Set WLC_IDLE_TIME to 0 2015-08-15 16:53:42 -04:00
Luminarys
ea9efc884d Allowed for execd commands to be spawned after abort 2015-08-13 14:41:36 -05:00
Luminarys
2c9f5eca89 Fixes to workspace generation 2015-08-13 14:41:36 -05:00
Taiyu
5df5b00989 moved signal handling to main 2015-08-13 00:44:56 -07:00
Taiyu
0f387483fd moving stuff around 2015-08-12 20:59:43 -07:00
Luminarys
a5b02791d4 Changed command handler to perform var subs on all cmd args
Fixed workspace_next_name to use the first workspace name it can find in the config

Minor fixes

Changed command handler to perform var subs on all portions of a command

Revert "Changed command handler to perform var subs on all portions of a command"

This reverts commit fcfcffa1ea9819bcada6e6c85b40b21bf1b3a96e.

Var sub fixes

Minor fixes

More minor fixes
2015-08-11 12:48:55 -05:00
Drew DeVault
96d7ff1e19 Slightly better multihead support 2015-08-10 23:54:23 -04:00
Drew DeVault
54374d81b5 Fix some errors with config loading 2015-08-10 15:45:36 -04:00
Luminarys
508980e3ab Abstracted load_config 2015-08-10 14:22:22 -05:00
Luminarys
c0ee2a6406 Added in reload and exec_always handling 2015-08-10 13:53:43 -05:00
Drew DeVault
c741de8ca4 Override WLC_DIM by default 2015-08-10 08:29:57 -04:00
Drew DeVault
b075b06478 Load config after xwayland is created
This lets us run x commands on startup
2015-08-09 14:03:54 -04:00
Drew DeVault
4924628ac2 Set DISPLAY to :1 automatically 2015-08-09 13:54:52 -04:00
Drew DeVault
f97a48d5b7 Implement focus_follows_mouse 2015-08-09 09:23:10 -04:00
Drew DeVault
a78b921803 Implement key bindings 2015-08-08 19:24:18 -04:00
Drew DeVault
c7be30d912 Deny window resize requests 2015-08-08 18:22:22 -04:00
Drew DeVault
0427fddb5a Add logging and new windows into layout tree 2015-08-08 17:01:27 -04:00
Drew DeVault
c102f18499 Add layout containers for new outputs 2015-08-06 08:40:16 -04:00
Drew DeVault
82bc36c681 Start to build out window management functions 2015-08-06 08:24:14 -04:00
Drew DeVault
47b28bd335 Clean up config loading and launch wayland 2015-08-05 22:59:06 -04:00
Drew DeVault
e7a8868514 Make main.c less stupid 2015-08-05 22:56:45 -04:00
Drew DeVault
e07c77fbb7 Build out command subsystem
Everyone loves code stolen from your own projects
2015-08-05 17:30:47 -04:00
Drew DeVault
542ef0c777 Pull in some scas code and read i3 config file 2015-08-04 21:30:40 -04:00
Drew DeVault
6a33e1e3cd Initial commit 2015-08-04 21:02:46 -04:00