From patchwork Sat Sep 17 12:23:45 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?b?6Lev6L6J?= X-Patchwork-Id: 42681 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 430C427BBE9; Sat, 17 Sep 2022 13:24:37 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED, DKIM_INVALID,DKIM_SIGNED,FREEMAIL_FROM,MAILING_LIST_MULTI, PDS_OTHER_BAD_TLD,SPF_HELO_PASS,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.6 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id BD5F627BBE9 for ; Sat, 17 Sep 2022 13:24:36 +0100 (BST) Received: from localhost ([::1]:54962 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1oZWs7-0001QZ-Sz for patchwork@mira.cbaines.net; Sat, 17 Sep 2022 08:24:35 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:52958) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oZWrb-0001P1-Qo for guix-patches@gnu.org; Sat, 17 Sep 2022 08:24:04 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:46245) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1oZWrb-0007Zz-2Q for guix-patches@gnu.org; Sat, 17 Sep 2022 08:24:03 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1oZWra-0003cq-Ir for guix-patches@gnu.org; Sat, 17 Sep 2022 08:24:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#57881] [PATCH] gnu: hikari: only allow use setuid hikari-unlocker. Resent-From: =?utf-8?b?6Lev6L6J?= Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Sat, 17 Sep 2022 12:24:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 57881 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 57881@debbugs.gnu.org X-Debbugs-Original-To: guix-patches Received: via spool by submit@debbugs.gnu.org id=B.166341743613921 (code B ref -1); Sat, 17 Sep 2022 12:24:02 +0000 Received: (at submit) by debbugs.gnu.org; 17 Sep 2022 12:23:56 +0000 Received: from localhost ([127.0.0.1]:45323 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1oZWrU-0003cT-2j for submit@debbugs.gnu.org; Sat, 17 Sep 2022 08:23:56 -0400 Received: from lists.gnu.org ([209.51.188.17]:53780) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1oZWrP-0003cI-79 for submit@debbugs.gnu.org; Sat, 17 Sep 2022 08:23:54 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:33306) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oZWrO-0001DB-TO for guix-patches@gnu.org; Sat, 17 Sep 2022 08:23:50 -0400 Received: from mail-yb1-xb42.google.com ([2607:f8b0:4864:20::b42]:38531) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1oZWrM-0007UO-OV for guix-patches@gnu.org; Sat, 17 Sep 2022 08:23:50 -0400 Received: by mail-yb1-xb42.google.com with SMTP id c9so36234591ybf.5 for ; Sat, 17 Sep 2022 05:23:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date; bh=SldnTfcmrpVfetWewvg3iqt5873A17Hjj/UA2MtTwLs=; b=K6ocV0k5iAmfUXzdHINrc/EhZL84lnqlSM/ULbw21uPrv6YMQ3t/f5Nx7S5sTpNZNI 1Ztsx/leAd3EjE0dhrmLN16N3mwWYrTZ4fFmuQamvSLV7FZH4uUk7mKUvvnOvf5eT6ea 9jw6o+HQug7hYu7G0WGSkCGLl9WVU8rPNgKEaOF0Y+4lepNwVN6MUgG9qJQkI+VS0tgw zbLY7t7ZQiQKJPCN1JYEt/dp1p5zbqRy7a583pxWnn2DRGCBAz8MmXNMTeWFbeZ7dkSQ LwccSEvKmP2tYzfeRTfRrRXwLO8iXKslMyHsiPnwxcALKGwDVlMhbDkH6IEVWvJBXc98 7JUw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date; bh=SldnTfcmrpVfetWewvg3iqt5873A17Hjj/UA2MtTwLs=; b=AUOBgmE1zYCzpy7XNwm/gWnEDMA7PCF12y1E8Ihw0wvj/qR82o8eHXCi4HEQ4md5oO YG9Bx+w7UNCYoZ/YSyiaEKawbNgYWeh+3msTl3TCw3rDWh8rk/0NRP7XcKJ2CbwcCHQk j6Egr/Sq+Yci/a8RchGMiNSwoBoZymGQCdEKz+ymmcSqbo5z+++VpcfCWzvPB1NsA/iD raHdboWpzmvKy66tSuPdKmXh2It3lByVvUckdRzLames4torDXEDCR6pntYWpvD8TxFr NEF6fIgyQB7yyPIkTLen3Eq8OfLx6gN0x1GJTmyG4eg0cjBauC1RSq2dMYX2zDuBvE+e 04tg== X-Gm-Message-State: ACrzQf1iNo778R9F2pM0k3D/oFr3yQtu+QlPss5ejuek8FRQR8IDMi/U 4iMTAWjQamCWpnLyZLctoCz5Bl0mmartkXZmaTdU2Xu7EogQTgrO X-Google-Smtp-Source: AMsMyM7nnq/G+RbAh4LgwV5XBbFnjUbL+MScEH5beSoDLkz116nciU97Byv3S4g57jlXSUQVhGZ9gnDsHxgMsMUEXns= X-Received: by 2002:a25:5c3:0:b0:6a9:90fb:c9e6 with SMTP id 186-20020a2505c3000000b006a990fbc9e6mr8120284ybf.152.1663417427642; Sat, 17 Sep 2022 05:23:47 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a0d:d0c6:0:0:0:0:0 with HTTP; Sat, 17 Sep 2022 05:23:45 -0700 (PDT) From: =?utf-8?b?6Lev6L6J?= Date: Sat, 17 Sep 2022 12:23:45 +0000 Message-ID: Received-SPF: pass client-ip=2607:f8b0:4864:20::b42; envelope-from=luhux76@gmail.com; helo=mail-yb1-xb42.google.com X-Spam_score_int: -17 X-Spam_score: -1.8 X-Spam_bar: - X-Spam_report: (-1.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches hikari-unlocker need setuid and pam to work. if hikari exec a non-setuid hikari-unlocker, such as "$HOME/.guix-profile/bin/hikari-unlocker", it will cause hikari's lock-mode can't exit, only can press power button to exit it. :( https://hikari.acmelabs.space/manpage.html https://hub.darcs.net/raichoo/hikari/browse/src/lock_mode.c#71 From d1bedbc3c850cf0a60b182999c229079bad9cd99 Mon Sep 17 00:00:00 2001 From: Lu Hui Date: Sat, 17 Sep 2022 20:10:34 +0800 Subject: [PATCH] gnu: hikari: only allow use setuid hikari-unlocker. * gnu/packages/wm.scm (hikari) [phases]{force-use-setuid-unlocker}: replace "sh -c hikari-unlocker" to "/run/setuid-programs/hikari-unlocker" --- gnu/packages/wm.scm | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/gnu/packages/wm.scm b/gnu/packages/wm.scm index f329020eb4..d0586efb63 100644 --- a/gnu/packages/wm.scm +++ b/gnu/packages/wm.scm @@ -57,6 +57,7 @@ ;;; Copyright © 2022 muradm ;;; Copyright © 2022 Elais Player ;;; Copyright © 2022 Trevor Richards +;;; Copyright © 2022 LuHui ;;; ;;; This file is part of GNU Guix. ;;; @@ -2632,6 +2633,11 @@ (define-public hikari "WITH_VIRTUAL_INPUT=YES") #:phases (modify-phases %standard-phases + (add-after 'unpack 'force-use-setuid-unlocker + (lambda _ + (substitute* "src/lock_mode.c" + (("\"/bin/sh\", \"/bin/sh\", \"-c\", \"hikari-unlocker\"") + "\"/run/setuid-programs/hikari-unlocker\"")))) (delete 'configure) (replace 'build (lambda* (#:key inputs outputs make-flags #:allow-other-keys) @@ -2643,7 +2649,11 @@ (define-public hikari (synopsis "Stacking Wayland compositor with tiling capabilities") (description "Hikari is a stacking Wayland compositor with additional tiling -capabilities. It is heavily inspired by the Calm Window manager(cwm).") +capabilities. It is heavily inspired by the Calm Window manager(cwm). + +You need add following line to your system configuration to make unlocker working: + + (screen-locker-service-type hikari \"hikari-unlocker\")") (license license:bsd-2))) (define-public devour -- 2.37.3