kossLAN/wry
1
0
Fork 0
forked from wry/wry
Code Pull requests Activity

Merge pull request #143 from mahkoh/jorth/config-run-privileged

Browse source 
config: allow running commands privileged
This commit is contained in:
mahkoh 2024-04-01 13:26:21 +02:00 committed by GitHub
commit 12681f42b0
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
11 changed files with 74 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

6
jay-config/src/_private/client.rs
View file

@ -944,6 +944,12 @@ impl Client {
}) })
} }
pub fn get_socket_path(&self) -> Option<String> {
let res = self.send_with_response(&ClientMessage::GetSocketPath);
get_response!(res, None, GetSocketPath { path });
Some(path)
}
pub fn create_pollable(&self, fd: i32) -> Result<PollableId, String> { pub fn create_pollable(&self, fd: i32) -> Result<PollableId, String> {
let res = self.send_with_response(&ClientMessage::AddPollable { fd }); let res = self.send_with_response(&ClientMessage::AddPollable { fd });
get_response!( get_response!(

4
jay-config/src/_private/ipc.rs
View file

@ -431,6 +431,7 @@ pub enum ClientMessage<'a> {
SetExplicitSyncEnabled { SetExplicitSyncEnabled {
enabled: bool, enabled: bool,
}, },
GetSocketPath,
} }
#[derive(Serialize, Deserialize, Debug)] #[derive(Serialize, Deserialize, Debug)]
@ -576,6 +577,9 @@ pub enum Response {
GetInputDeviceDevnode { GetInputDeviceDevnode {
devnode: String, devnode: String,
}, },
GetSocketPath {
path: String,
},
} }
#[derive(Serialize, Deserialize, Debug)] #[derive(Serialize, Deserialize, Debug)]

15
jay-config/src/exec.rs
View file

@ -82,6 +82,21 @@ impl Command {
self.fd(2, fd) self.fd(2, fd)
} }
/// Runs the application with access to privileged wayland protocols.
///
/// The default is `false`.
pub fn privileged(&mut self) -> &mut Self {
match get!(self).get_socket_path() {
Some(path) => {
self.env("WAYLAND_DISPLAY", &format!("{path}.jay"));
}
_ => {
log::error!("Compositor did not send the socket path");
}
}
self
}
/// Executes the command. /// Executes the command.
/// ///
/// This consumes all attached file descriptors. /// This consumes all attached file descriptors.

14
src/config/handler.rs
View file

@ -804,6 +804,19 @@ impl ConfigProxyHandler {
self.state.explicit_sync_enabled.set(enabled); self.state.explicit_sync_enabled.set(enabled);
} }
fn handle_get_socket_path(&self) {
match self.state.acceptor.get() {
Some(a) => {
self.respond(Response::GetSocketPath {
path: a.socket_name().to_string(),
});
}
_ => {
log::warn!("There is no acceptor");
}
}
}
fn handle_connector_connected(&self, connector: Connector) -> Result<(), CphError> { fn handle_connector_connected(&self, connector: Connector) -> Result<(), CphError> {
let connector = self.get_connector(connector)?; let connector = self.get_connector(connector)?;
self.respond(Response::ConnectorConnected { self.respond(Response::ConnectorConnected {
@ -1732,6 +1745,7 @@ impl ConfigProxyHandler {
ClientMessage::SetExplicitSyncEnabled { enabled } => { ClientMessage::SetExplicitSyncEnabled { enabled } => {
self.handle_set_explicit_sync_enabled(enabled) self.handle_set_explicit_sync_enabled(enabled)
} }
ClientMessage::GetSocketPath => self.handle_get_socket_path(),
} }
Ok(()) Ok(())
} }

1
toml-config/src/config.rs
View file

@ -245,6 +245,7 @@ pub struct Exec {
pub prog: String, pub prog: String,
pub args: Vec<String>, pub args: Vec<String>,
pub envs: Vec<(String, String)>, pub envs: Vec<(String, String)>,
pub privileged: bool,
} }
#[derive(Debug, Clone)] #[derive(Debug, Clone)]

15
toml-config/src/config/parsers/exec.rs
View file

@ -2,7 +2,7 @@ use {
crate::{ crate::{
config::{ config::{
context::Context, context::Context,
extractor::{arr, opt, str, val, Extractor, ExtractorError}, extractor::{arr, bol, opt, recover, str, val, Extractor, ExtractorError},
parser::{DataType, ParseResult, Parser, UnexpectedDataType}, parser::{DataType, ParseResult, Parser, UnexpectedDataType},
parsers::{ parsers::{
env::{EnvParser, EnvParserError}, env::{EnvParser, EnvParserError},
@ -11,7 +11,7 @@ use {
Exec, Exec,
}, },
toml::{ toml::{
toml_span::{Span, Spanned, SpannedExt}, toml_span::{DespanExt, Span, Spanned, SpannedExt},
toml_value::Value, toml_value::Value,
}, },
}, },
@ -45,6 +45,7 @@ impl Parser for ExecParser<'_> {
prog: string.to_string(), prog: string.to_string(),
args: vec![], args: vec![],
envs: vec![], envs: vec![],
privileged: false,
}) })
} }
@ -61,6 +62,7 @@ impl Parser for ExecParser<'_> {
prog, prog,
args, args,
envs: vec![], envs: vec![],
privileged: false,
}) })
} }
@ -70,8 +72,12 @@ impl Parser for ExecParser<'_> {
table: &IndexMap<Spanned<String>, Spanned<Value>>, table: &IndexMap<Spanned<String>, Spanned<Value>>,
) -> ParseResult<Self> { ) -> ParseResult<Self> {
let mut ext = Extractor::new(self.0, span, table); let mut ext = Extractor::new(self.0, span, table);
let (prog, args_val, envs_val) = let (prog, args_val, envs_val, privileged) = ext.extract((
ext.extract((str("prog"), opt(arr("args")), opt(val("env"))))?; str("prog"),
opt(arr("args")),
opt(val("env")),
recover(opt(bol("privileged"))),
))?;
let mut args = vec![]; let mut args = vec![];
if let Some(args_val) = args_val { if let Some(args_val) = args_val {
for arg in args_val.value { for arg in args_val.value {
@ -86,6 +92,7 @@ impl Parser for ExecParser<'_> {
prog: prog.value.to_string(), prog: prog.value.to_string(),
args, args,
envs, envs,
privileged: privileged.despan().unwrap_or(false),
}) })
} }
} }

2
toml-config/src/default-config.toml
View file

@ -7,7 +7,7 @@ keymap = """
}; };
""" """
on-graphics-initialized = { type = "exec", exec = "mako" } on-graphics-initialized = { type = "exec", exec = { prog = "mako", privileged = true } }
[shortcuts] [shortcuts]
alt-h = "focus-left" alt-h = "focus-left"

3
toml-config/src/lib.rs
View file

@ -823,6 +823,9 @@ fn create_command(exec: &Exec) -> Command {
for (k, v) in &exec.envs { for (k, v) in &exec.envs {
command.env(k, v); command.env(k, v);
} }
if exec.privileged {
command.privileged();
}
command command
} }

4
toml-spec/spec/spec.generated.json
View file

@ -677,6 +677,10 @@
"type": "string", "type": "string",
"description": "" "description": ""
} }
},
"privileged": {
"type": "boolean",
"description": "If `true`, the executable gets access to privileged wayland protocols.\n\nThe default is `false`.\n"
} }
}, },
"required": [ "required": [

8
toml-spec/spec/spec.generated.md
View file

@ -1308,6 +1308,14 @@ The table has the following fields:
The value of this field should be a table whose values are strings. The value of this field should be a table whose values are strings.
- `privileged` (optional):
If `true`, the executable gets access to privileged wayland protocols.
The default is `false`.
The value of this field should be a boolean.
<a name="types-GfxApi"></a> <a name="types-GfxApi"></a>
### `GfxApi` ### `GfxApi`

7
toml-spec/spec/spec.yaml
View file

@ -583,6 +583,13 @@ Exec:
values: values:
kind: string kind: string
description: The environment variables to pass to the executable. description: The environment variables to pass to the executable.
privileged:
kind: boolean
required: false
description: |
If `true`, the executable gets access to privileged wayland protocols.
The default is `false`.
SimpleActionName: SimpleActionName: