leyoda/cosmic-greeter
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add daemon to proxy user backgrounds

Browse source
This commit is contained in:
Jeremy Soller 2024-02-06 15:03:07 -07:00
parent 3e2743a2e6
commit fd049483c3
No known key found for this signature in database
GPG key ID: D02FD439211AF56F
15 changed files with 487 additions and 58 deletions
Download patch file Download diff file Expand all files Collapse all files

20
daemon/Cargo.toml Normal file
View file

@ -0,0 +1,20 @@
[package]
name = "cosmic-greeter-daemon"
version = "0.1.0"
edition = "2021"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
[dependencies]
cosmic-bg-config.workspace = true
cosmic-config.workspace = true
env_logger.workspace = true
libc = "0.2"
libcosmic.workspace = true
log.workspace = true
pwd.workspace = true
ron.workspace = true
serde.workspace = true
zbus.workspace = true
#TODO: reduce features
tokio = { workspace = true, features = ["full"] }

16
daemon/src/lib.rs Normal file
View file

@ -0,0 +1,16 @@
pub use cosmic_bg_config::Color;
#[derive(Clone, Debug, serde::Deserialize, serde::Serialize)]
pub struct UserData {
pub uid: u32,
pub name: String,
pub full_name_opt: Option<String>,
pub icon_opt: Option<Vec<u8>>,
pub wallpapers_opt: Option<Vec<(String, WallpaperData)>>,
}
#[derive(Clone, Debug, serde::Deserialize, serde::Serialize)]
pub enum WallpaperData {
Bytes(Vec<u8>),
Color(Color),
}

181
daemon/src/main.rs Normal file
View file

@ -0,0 +1,181 @@
use cosmic_bg_config::Source;
use cosmic_greeter_daemon::{UserData, WallpaperData};
use std::{error::Error, fs, future::pending, io, path::Path};
use zbus::{dbus_interface, ConnectionBuilder, DBusError};
//IMPORTANT: this function is critical to the security of this proxy. It must ensure that the
// callback is executed with the permissions of the specified user id. A good test is to see if
// the /etc/shadow file can be read with a non-root user, it should fail with EPERM.
fn run_as_user<F: FnOnce() -> T, T>(user: &pwd::Passwd, f: F) -> Result<T, io::Error> {
if unsafe { libc::seteuid(user.uid) } != 0 {
return Err(io::Error::last_os_error());
}
let t = f();
if unsafe { libc::seteuid(0) } != 0 {
panic!("failed to restore root user id")
}
Ok(t)
}
#[derive(DBusError, Debug)]
#[dbus_error(prefix = "com.system76.CosmicGreeter")]
enum GreeterError {
#[dbus_error(zbus_error)]
ZBus(zbus::Error),
Ron(String),
RunAsUser(String),
}
struct GreeterProxy;
#[dbus_interface(name = "com.system76.CosmicGreeter")]
impl GreeterProxy {
fn get_user_data(&mut self) -> Result<String, GreeterError> {
// The pwd::Passwd method is unsafe (but not labelled as such) due to using global state (libc pwent functions).
// To prevent issues, this should only be called once in the entire process space at a time
let users: Vec<_> = /* unsafe */ {
pwd::Passwd::iter()
.filter(|user| {
if user.uid < 1000 {
// Skip system accounts
return false;
}
match Path::new(&user.shell).file_name().and_then(|x| x.to_str()) {
// Skip shell ending in false
Some("false") => false,
// Skip shell ending in nologin
Some("nologin") => false,
_ => true,
}
})
.collect()
};
let mut user_datas = Vec::new();
for user in users {
if user.uid < 1000 {
// Skip system accounts
continue;
}
match Path::new(&user.shell).file_name().and_then(|x| x.to_str()) {
// Skip shell ending in false
Some("false") => continue,
// Skip shell ending in nologin
Some("nologin") => continue,
_ => (),
}
//TODO: use accountsservice
//IMPORTANT: This file is owned by root and safe to read (it won't be a link to /etc/shadow for example)
// It may not exist if the user uses one of the system icons. In that case, we should read the
// information in /var/lib/AccountsService/users, and then read the icon path as the user
let icon_path = Path::new("/var/lib/AccountsService/icons").join(&user.name);
let icon_opt = if icon_path.is_file() {
match fs::read(&icon_path) {
Ok(icon_data) => Some(icon_data),
Err(err) => {
log::error!("failed to read icon {:?}: {:?}", icon_path, err);
None
}
}
} else {
None
};
//IMPORTANT: Assume the identity of the user to ensure we don't read wallpaper file data as root
let wallpapers_opt = run_as_user(&user, || {
//TODO: use libcosmic to find this path
let wallpapers_path = Path::new(&user.dir)
.join(".local/state/cosmic/com.system76.CosmicBackground/v1/wallpapers");
if wallpapers_path.is_file() {
match fs::read_to_string(&wallpapers_path) {
Ok(wallpapers_ron) => {
match ron::from_str::<Vec<(String, Source)>>(&wallpapers_ron) {
Ok(sources) => {
let mut wallpaper_datas = Vec::new();
for (output, source) in sources {
match source {
Source::Path(path) => match fs::read(&path) {
Ok(bytes) => {
wallpaper_datas.push((
output,
WallpaperData::Bytes(bytes),
));
}
Err(err) => {
log::error!(
"failed to read wallpaper {:?}: {:?}",
path,
err
);
}
},
Source::Color(color) => {
wallpaper_datas
.push((output, WallpaperData::Color(color)));
}
}
}
Some(wallpaper_datas)
}
Err(err) => {
log::error!(
"failed to parse wallpapers {:?}: {:?}",
wallpapers_path,
err
);
None
}
}
}
Err(err) => {
log::error!(
"failed to read wallpapers {:?}: {:?}",
wallpapers_path,
err
);
None
}
}
} else {
None
}
})
.map_err(|err| GreeterError::RunAsUser(err.to_string()))?;
user_datas.push(UserData {
uid: user.uid,
name: user.name,
full_name_opt: user
.gecos
.map(|gecos| gecos.split(',').next().unwrap_or_default().to_string()),
icon_opt,
//TODO: should wallpapers come from a per-user call?
wallpapers_opt,
});
}
//TODO: is ron the best choice for passing around background data?
ron::to_string(&user_datas).map_err(|err| GreeterError::Ron(err.to_string()))
}
}
#[tokio::main]
async fn main() -> Result<(), Box<dyn Error>> {
env_logger::init();
let _conn = ConnectionBuilder::system()?
.name("com.system76.CosmicGreeter")?
.serve_at("/com/system76/CosmicGreeter", GreeterProxy)?
.build()
.await?;
pending::<()>().await;
Ok(())
}