leyoda/cosmic-session
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

refactor: pass an extra pirivileged socket to xdp-cosmic

Browse source
This commit is contained in:
Ashley Wulber 2024-01-10 10:47:44 -05:00 committed by Ashley Wulber
parent efe4b58279
commit 8fd40b588a
4 changed files with 95 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

16
Cargo.lock generated
View file

@ -279,6 +279,7 @@ dependencies = [
"color-eyre", "color-eyre",
"cosmic-notifications-util", "cosmic-notifications-util",
"futures-util", "futures-util",
"itertools",
"launch-pad", "launch-pad",
"libc", "libc",
"log-panics", "log-panics",
@ -344,6 +345,12 @@ dependencies = [
"crypto-common", "crypto-common",
] ]
[[package]]
name = "either"
version = "1.9.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a26ae43d7bcc3b814de94796a5e736d4029efb0ee900c12e2d54c993ad1a1e07"
[[package]] [[package]]
name = "enumflags2" name = "enumflags2"
version = "0.7.7" version = "0.7.7"
@ -563,6 +570,15 @@ dependencies = [
"windows-sys", "windows-sys",
] ]
[[package]]
name = "itertools"
version = "0.12.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "25db6b064527c5d482d0423354fcd07a89a2dfe07b67892e62411946db7f07b0"
dependencies = [
"either",
]
[[package]] [[package]]
name = "itoa" name = "itoa"
version = "1.0.8" version = "1.0.8"

1
Cargo.toml
View file

@ -12,6 +12,7 @@ async-signals = "0.4"
color-eyre = "0.6" color-eyre = "0.6"
futures-util = "0.3" futures-util = "0.3"
launch-pad = { git = "https://github.com/pop-os/launch-pad" } launch-pad = { git = "https://github.com/pop-os/launch-pad" }
itertools = "0.12"
# launch-pad = { path = "../launch-pad" } # launch-pad = { path = "../launch-pad" }
libc = "0.2" libc = "0.2"
log-panics = { version = "2", features = ["with-backtrace"] } log-panics = { version = "2", features = ["with-backtrace"] }

93
src/main.rs
View file

@ -8,13 +8,16 @@ mod process;
mod service; mod service;
mod systemd; mod systemd;
use std::{os::fd::AsRawFd, sync::Arc}; use std::{
os::fd::{AsRawFd, OwnedFd},
sync::Arc,
};
use async_signals::Signals; use async_signals::Signals;
use color_eyre::{eyre::WrapErr, Result}; use color_eyre::{eyre::WrapErr, Result};
use comp::create_privileged_socket; use comp::create_privileged_socket;
use cosmic_notifications_util::{DAEMON_NOTIFICATIONS_FD, PANEL_NOTIFICATIONS_FD}; use cosmic_notifications_util::{DAEMON_NOTIFICATIONS_FD, PANEL_NOTIFICATIONS_FD};
use futures_util::StreamExt; use futures_util::{SinkExt, StreamExt};
use launch_pad::{process::Process, ProcessManager}; use launch_pad::{process::Process, ProcessManager};
use service::SessionRequest; use service::SessionRequest;
use tokio::{ use tokio::{
@ -53,10 +56,9 @@ async fn main() -> Result<()> {
let session_tx_clone = session_tx.clone(); let session_tx_clone = session_tx.clone();
let _conn = ConnectionBuilder::session()? let _conn = ConnectionBuilder::session()?
.name("com.system76.CosmicSession")? .name("com.system76.CosmicSession")?
.serve_at( .serve_at("/com/system76/CosmicSession", service::SessionService {
"/com/system76/CosmicSession", session_tx,
service::SessionService { session_tx }, })?
)?
.build() .build()
.await?; .await?;
@ -191,6 +193,7 @@ async fn start(
&process_manager, &process_manager,
&env_vars, &env_vars,
&socket_tx, &socket_tx,
Vec::new(),
) )
.await; .await;
@ -201,6 +204,7 @@ async fn start(
&process_manager, &process_manager,
&env_vars, &env_vars,
&socket_tx, &socket_tx,
Vec::new(),
) )
.await; .await;
@ -211,22 +215,50 @@ async fn start(
&process_manager, &process_manager,
&env_vars, &env_vars,
&socket_tx, &socket_tx,
Vec::new(),
) )
.await; .await;
let span = info_span!(parent: None, "cosmic-osd"); let span = info_span!(parent: None, "cosmic-osd");
start_component("cosmic-osd", span, &process_manager, &env_vars, &socket_tx).await; start_component(
"cosmic-osd",
span,
&process_manager,
&env_vars,
&socket_tx,
Vec::new(),
)
.await;
let span = info_span!(parent: None, "cosmic-bg"); let span = info_span!(parent: None, "cosmic-bg");
start_component("cosmic-bg", span, &process_manager, &env_vars, &socket_tx).await; start_component(
"cosmic-bg",
span,
&process_manager,
&env_vars,
&socket_tx,
Vec::new(),
)
.await;
let span = info_span!(parent: None, "xdg-desktop-portal-cosmic"); let span = info_span!(parent: None, "xdg-desktop-portal-cosmic");
let mut sockets = Vec::with_capacity(1);
let extra_env = Vec::with_capacity(1);
let portal_extras =
if let Ok((mut env, fd)) = create_privileged_socket(&mut sockets, &extra_env) {
let mut env = env.remove(0);
env.0 = "PORTAL_WAYLAND_SOCKET".to_string();
vec![(fd, env, sockets.remove(0))]
} else {
Vec::new()
};
start_component( start_component(
XDP_COSMIC.unwrap_or("/usr/libexec/xdg-desktop-portal-cosmic"), XDP_COSMIC.unwrap_or("/usr/libexec/xdg-desktop-portal-cosmic"),
span, span,
&process_manager, &process_manager,
&env_vars, &env_vars,
&socket_tx, &socket_tx,
portal_extras,
) )
.await; .await;
@ -279,16 +311,27 @@ async fn start_component(
process_manager: &ProcessManager, process_manager: &ProcessManager,
env_vars: &[(String, String)], env_vars: &[(String, String)],
socket_tx: &mpsc::UnboundedSender<Vec<UnixStream>>, socket_tx: &mpsc::UnboundedSender<Vec<UnixStream>>,
extra_fds: Vec<(OwnedFd, (String, String), UnixStream)>,
) { ) {
let mut sockets = Vec::with_capacity(1); let mut sockets = Vec::with_capacity(2);
let (env_vars, fd) = create_privileged_socket(&mut sockets, env_vars).unwrap(); let (mut env_vars, fd) = create_privileged_socket(&mut sockets, &env_vars).unwrap();
if let Err(why) = socket_tx.send(sockets) {
error!(?why, "Failed to send the privileged socket");
}
let socket_tx_clone = socket_tx.clone(); let socket_tx_clone = socket_tx.clone();
let stdout_span = span.clone(); let stdout_span = span.clone();
let stderr_span = span.clone(); let stderr_span = span.clone();
let cmd_clone = cmd.to_string(); let cmd_clone = cmd.to_string();
let (mut fds, extra_fd_env, mut streams): (Vec<_>, Vec<_>, Vec<_>) =
itertools::multiunzip(extra_fds);
for kv in &extra_fd_env {
env_vars.push(kv.clone());
}
sockets.append(&mut streams);
if let Err(why) = socket_tx.send(sockets) {
error!(?why, "Failed to send the privileged socket");
}
let (extra_fd_env, _): (Vec<_>, Vec<_>) = extra_fd_env.into_iter().unzip();
fds.push(fd);
process_manager process_manager
.start( .start(
Process::new() Process::new()
@ -312,16 +355,25 @@ async fn start_component(
if let Some(err) = err_code { if let Some(err) = err_code {
error!("{cmd_clone} exited with error {}", err.to_string()); error!("{cmd_clone} exited with error {}", err.to_string());
} }
let extra_fd_env = extra_fd_env.clone();
let socket_tx_clone = socket_tx_clone.clone(); let socket_tx_clone = socket_tx_clone.clone();
async move { async move {
if !will_restart { if !will_restart {
return; return;
} }
let mut sockets = Vec::with_capacity(1);
let env_vars = Vec::with_capacity(1); let mut sockets = Vec::with_capacity(1 + extra_fd_env.len());
let (env_vars, new_fd) = let mut fds = Vec::with_capacity(1 + extra_fd_env.len());
create_privileged_socket(&mut sockets, &env_vars).unwrap(); let (mut env_vars, fd) =
create_privileged_socket(&mut sockets, &[]).unwrap();
fds.push(fd);
for k in extra_fd_env {
let (mut fd_env_vars, fd) =
create_privileged_socket(&mut sockets, &[]).unwrap();
fd_env_vars.last_mut().unwrap().0 = k;
env_vars.append(&mut fd_env_vars);
fds.push(fd)
}
if let Err(why) = socket_tx_clone.send(sockets) { if let Err(why) = socket_tx_clone.send(sockets) {
error!(?why, "Failed to send the privileged socket"); error!(?why, "Failed to send the privileged socket");
@ -329,13 +381,12 @@ async fn start_component(
if let Err(why) = pman.update_process_env(&key, env_vars).await { if let Err(why) = pman.update_process_env(&key, env_vars).await {
error!(?why, "Failed to update environment variables"); error!(?why, "Failed to update environment variables");
} }
if let Err(why) = pman.update_process_fds(&key, move || vec![new_fd]).await if let Err(why) = pman.update_process_fds(&key, move || fds).await {
{
error!(?why, "Failed to update fds"); error!(?why, "Failed to update fds");
} }
} }
}) })
.with_fds(move || vec![fd]), .with_fds(move || fds),
) )
.await .await
.unwrap_or_else(|_| panic!("failed to start {}", cmd)); .unwrap_or_else(|_| panic!("failed to start {}", cmd));

13
src/notifications.rs
View file

@ -1,12 +1,11 @@
use color_eyre::eyre::Context; use color_eyre::{eyre::Context, Result};
use color_eyre::Result;
use cosmic_notifications_util::{DAEMON_NOTIFICATIONS_FD, PANEL_NOTIFICATIONS_FD}; use cosmic_notifications_util::{DAEMON_NOTIFICATIONS_FD, PANEL_NOTIFICATIONS_FD};
use launch_pad::process::Process; use launch_pad::{process::Process, ProcessKey};
use launch_pad::ProcessKey;
use rustix::fd::AsRawFd; use rustix::fd::AsRawFd;
use std::os::fd::OwnedFd; use std::{
use std::os::unix::net::UnixStream; os::{fd::OwnedFd, unix::net::UnixStream},
use std::sync::Arc; sync::Arc,
};
use tokio::sync::{mpsc, Mutex}; use tokio::sync::{mpsc, Mutex};
use tracing::Instrument; use tracing::Instrument;