Programs running as different user accounts?
krh at bitplanet.net
Wed Aug 17 10:33:48 PDT 2011
On Sat, Aug 13, 2011 at 8:17 PM, nerdopolis
<bluescreen_avenger at verizon.net> wrote:
> I was thinking, but I don't know how often something like this will be used:
> sometimes a user might need to run a program running as a different user
> along with their session (for maybe testing, or something).
> Seeing that Wayland uses a file socket, file permissions could get in the
> way. Would ACLs need to be used, to allow/disallow users to use the socket?
> Some Linux FSes seem to support them, but not every distro use them by
> default. It also seems that BSD and MAC do have support for ACL's if Wayland
> ever needed to be ported to these platforms...
What I'm thinking for this case is that you can just add a socket in
the $XDG_RUNTIME_DIR for the user in question. The server can handle
multiple listen sockets just fine. So something like this
$ create-socket su $WAYLAND_USER -l -c add-socket
run as the user who wishes to get access. The create-socket commands
creates and binds the listen socket in the users $XDG_RUNTIME_DIR,
then forks and execs the first argument with the remaining args and
the leaves the listen socket fd open for the child process. So su
gets run with fd=3 being a listen socket for the original user and
then prompts for password and then runs add-socket as the user that
owns the wayland server ($WAYLAND_USER). The add-socket helper
connects to the wayland server and passes the fd to the server as a
new listen fd. Or that's one way it could work, at least.
> Is this even a use case worth considering?
More information about the wayland-devel