diff options
author | emersion <contact@emersion.fr> | 2018-11-01 18:14:26 +0100 |
---|---|---|
committer | emersion <contact@emersion.fr> | 2018-11-01 18:50:06 +0100 |
commit | f90ff1210b2a40449171c5a1428faaa28ff1f9c3 (patch) | |
tree | 8c0e29162c4e3413f74751e6955e505ed1781c1d /sway/main.c | |
parent | Make it clear that being able to restore root is a failure (diff) | |
download | sway-f90ff1210b2a40449171c5a1428faaa28ff1f9c3.tar.gz sway-f90ff1210b2a40449171c5a1428faaa28ff1f9c3.tar.zst sway-f90ff1210b2a40449171c5a1428faaa28ff1f9c3.zip |
Teardown compositor when failing to drop permissions
Diffstat (limited to 'sway/main.c')
-rw-r--r-- | sway/main.c | 20 |
1 files changed, 13 insertions, 7 deletions
diff --git a/sway/main.c b/sway/main.c index a810bb55..920cea11 100644 --- a/sway/main.c +++ b/sway/main.c | |||
@@ -29,7 +29,7 @@ | |||
29 | 29 | ||
30 | static bool terminate_request = false; | 30 | static bool terminate_request = false; |
31 | static int exit_value = 0; | 31 | static int exit_value = 0; |
32 | struct sway_server server; | 32 | struct sway_server server = {0}; |
33 | 33 | ||
34 | void sway_terminate(int exit_code) { | 34 | void sway_terminate(int exit_code) { |
35 | terminate_request = true; | 35 | terminate_request = true; |
@@ -194,15 +194,15 @@ static void log_kernel(void) { | |||
194 | } | 194 | } |
195 | 195 | ||
196 | 196 | ||
197 | static void drop_permissions(void) { | 197 | static bool drop_permissions(void) { |
198 | if (getuid() != geteuid() || getgid() != getegid()) { | 198 | if (getuid() != geteuid() || getgid() != getegid()) { |
199 | if (setgid(getgid()) != 0) { | 199 | if (setgid(getgid()) != 0) { |
200 | wlr_log(WLR_ERROR, "Unable to drop root, refusing to start"); | 200 | wlr_log(WLR_ERROR, "Unable to drop root, refusing to start"); |
201 | exit(EXIT_FAILURE); | 201 | return false; |
202 | } | 202 | } |
203 | if (setuid(getuid()) != 0) { | 203 | if (setuid(getuid()) != 0) { |
204 | wlr_log(WLR_ERROR, "Unable to drop root, refusing to start"); | 204 | wlr_log(WLR_ERROR, "Unable to drop root, refusing to start"); |
205 | exit(EXIT_FAILURE); | 205 | return false; |
206 | } | 206 | } |
207 | } | 207 | } |
208 | if (setuid(0) != -1) { | 208 | if (setuid(0) != -1) { |
@@ -210,6 +210,7 @@ static void drop_permissions(void) { | |||
210 | "restore it after setuid), refusing to start"); | 210 | "restore it after setuid), refusing to start"); |
211 | return false; | 211 | return false; |
212 | } | 212 | } |
213 | return true; | ||
213 | } | 214 | } |
214 | 215 | ||
215 | void enable_debug_flag(const char *flag) { | 216 | void enable_debug_flag(const char *flag) { |
@@ -318,11 +319,13 @@ int main(int argc, char **argv) { | |||
318 | } | 319 | } |
319 | 320 | ||
320 | if (optind < argc) { // Behave as IPC client | 321 | if (optind < argc) { // Behave as IPC client |
321 | if(optind != 1) { | 322 | if (optind != 1) { |
322 | wlr_log(WLR_ERROR, "Don't use options with the IPC client"); | 323 | wlr_log(WLR_ERROR, "Don't use options with the IPC client"); |
323 | exit(EXIT_FAILURE); | 324 | exit(EXIT_FAILURE); |
324 | } | 325 | } |
325 | drop_permissions(); | 326 | if (!drop_permissions()) { |
327 | exit(EXIT_FAILURE); | ||
328 | } | ||
326 | char *socket_path = getenv("SWAYSOCK"); | 329 | char *socket_path = getenv("SWAYSOCK"); |
327 | if (!socket_path) { | 330 | if (!socket_path) { |
328 | wlr_log(WLR_ERROR, "Unable to retrieve socket path"); | 331 | wlr_log(WLR_ERROR, "Unable to retrieve socket path"); |
@@ -342,7 +345,10 @@ int main(int argc, char **argv) { | |||
342 | detect_proprietary(allow_unsupported_gpu); | 345 | detect_proprietary(allow_unsupported_gpu); |
343 | detect_raspi(); | 346 | detect_raspi(); |
344 | 347 | ||
345 | drop_permissions(); | 348 | if (!drop_permissions()) { |
349 | server_fini(&server); | ||
350 | exit(EXIT_FAILURE); | ||
351 | } | ||
346 | 352 | ||
347 | // handle SIGTERM signals | 353 | // handle SIGTERM signals |
348 | signal(SIGTERM, sig_handler); | 354 | signal(SIGTERM, sig_handler); |