[PATCH wayland-web] building: Recommend disabling setuid for non-root installs
Kristian Høgsberg
hoegsberg at gmail.com
Fri Aug 30 13:43:58 PDT 2013
On Sun, Aug 25, 2013 at 07:05:45PM +0000, Bryce W. Harrington wrote:
> On Sun, Aug 25, 2013 at 10:57:59AM +0300, Pekka Paalanen wrote:
> > On Fri, 23 Aug 2013 19:54:17 +0000
> > "Bryce W. Harrington" <b.harrington at samsung.com> wrote:
> > > diff --git a/building.html b/building.html
> > > index b7a1158..a47744e 100644
> > > --- a/building.html
> > > +++ b/building.html
> > > @@ -228,7 +228,7 @@ gio-2.0.</p>
> > >
> > > <pre> $ git clone git://anongit.freedesktop.org/wayland/weston
> > > $ cd weston
> > > - $ ./autogen.sh --prefix=$WLD
> > > + $ ./autogen.sh --prefix=$WLD --enable-setuid-install=no
> > > $ make
> > > $ make install
> > > </pre>
> >
> > I believe setuid weston-launch is mandatory for all backends
> > that use evdev, that is at least drm and fbdev. Otherwise they
> > cannot open input devices on normal system setups.
> >
> > Maybe prefer 'sudo make install' then?
>
> weston itself can be run directly as non-root inside an X session,
> without use of weston-launch. For client development or just kicking
> the tires, this is probably sufficient as a starting point. I imagine
> many people who will be reading this document could fit into those
> categories.
>
> Certainly 'sudo make install' addresses the problem, however the intent
> of the article as I read it is to show how to build wayland entirely
> without needing superuser privs. This is a worthwhile goal: It assures
> tire kickers they won't muss up their system, it enables building,
> installing, and testing wayland in automated test frameworks, and it
> enables users to try out wayland who may not have superuser access.
>
> Perhaps the documentation could first explain how to run non-root, and
> then in a following section rebuild with setuid and explain running it
> using weston-launch?
For local installs I think we could enhance weston-launch to work
better with sudo (make it run weston as the original user) and then
recommend --disable-setuid-install and sudo weston-launch for local
installs.
Kristian
More information about the wayland-devel
mailing list