On Thu, Nov 30, 2017 at 12:22:46PM +0000, Emil Velikov wrote: > Hi Peter, > > On 9 November 2017 at 04:19, Peter Hutterer <[email protected]> wrote: > > Let's not rely on some other package to set up and clean up after our > > tempfiles. > > > > Signed-off-by: Peter Hutterer <[email protected]> > > --- > > Not all of these are created by the server, but moving them to the > > respective libs etc. makes even less sense. > > > > configure.ac | 13 +++++++++++++ > > os/Makefile.am | 7 ++++++- > > os/x11.conf | 11 +++++++++++ > > 3 files changed, 30 insertions(+), 1 deletion(-) > > create mode 100644 os/x11.conf > > > > diff --git a/configure.ac b/configure.ac > > index ec98f52c0..54d71bbbe 100644 > > --- a/configure.ac > > +++ b/configure.ac > > @@ -851,6 +851,19 @@ if test "x$WITH_SYSTEMD_DAEMON" = "xyes" -o > > "x$WITH_SYSTEMD_DAEMON" = "xauto" ; > > fi > > AM_CONDITIONAL([HAVE_SYSTEMD_DAEMON], [test "x$HAVE_SYSTEMD_DAEMON" = > > "xyes"]) > > > > +dnl systemd tmpfiles.d directory > > +PKG_CHECK_MODULES([SYSTEMD], [systemd], > > + [tmpfilesdir=`$PKG_CONFIG --variable=tmpfilesdir > > systemd`], > > + [tmpfilesdir=no]) > > +AC_ARG_WITH([tmpfiles-dir], > > + AS_HELP_STRING([--with-tmpfiles-dir], > > + [Install the tmpfiles into the given directory > > (default: auto)]), > > + [TMPFILES_DIR=$withval], [TMPFILES_DIR=$tmpfilesdir]) > > +if test "x$TMPFILES_DIR" != "xno"; then > > + AC_SUBST(TMPFILES_DIR, "$TMPFILES_DIR") > > +fi > > +AM_CONDITIONAL(HAVE_TMPFILES_DIR, test "x$TMPFILES_DIR" != "xno") > > + > > if test "x$CONFIG_UDEV" = xyes && test "x$CONFIG_HAL" = xyes; then > > AC_MSG_ERROR([Hotplugging through both libudev and hal not allowed]) > > fi > > diff --git a/os/Makefile.am b/os/Makefile.am > > index c6e78cb99..437e91431 100644 > > --- a/os/Makefile.am > > +++ b/os/Makefile.am > > @@ -54,7 +54,12 @@ if BUSFAULT > > libos_la_SOURCES += $(BUSFAULT_SRCS) > > endif > > > > -EXTRA_DIST = $(SECURERPC_SRCS) $(XDMCP_SRCS) > > +if HAVE_TMPFILES_DIR > > +tmpfilesdir = $(TMPFILES_DIR) > > +tmpfiles_DATA = x11.conf > > +endif > > + > > +EXTRA_DIST = $(SECURERPC_SRCS) $(XDMCP_SRCS) x11.conf > > > > if SPECIAL_DTRACE_OBJECTS > > # Generate dtrace object code for probes in libos & libdix > > diff --git a/os/x11.conf b/os/x11.conf > > new file mode 100644 > > index 000000000..eb2d67d72 > > --- /dev/null > > +++ b/os/x11.conf > > @@ -0,0 +1,11 @@ > > +# See tmpfiles.d(5) for details > > + > > +# Make sure these are created by default so that nobody else can > > +d /tmp/.X11-unix 1777 root root 10d > > +d /tmp/.ICE-unix 1777 root root 10d > > +d /tmp/.XIM-unix 1777 root root 10d > > +d /tmp/.font-unix 1777 root root 10d > > +d /tmp/.Test-unix 1777 root root 10d > > + > Should these be root even if we're running X w/o root?
*shrug* I think the point here is that no-one else can create them for nefarious purposes? > Will systemd attempt to remove the directories if X session is still running? in this version, yes. but in the current version that's in systemd (which I missed, sorry), the lines read as "D! /tmp/.X11-unix ...." which only causes them to be removed on boot. I'll update for the new version. > On my systems uptime is normally way above 10 days ;-) you need to apply security updates more often :P Cheers, Peter _______________________________________________ [email protected]: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: https://lists.x.org/mailman/listinfo/xorg-devel
