[RFC PATCH xserver] os: move tempfiles.d/x11.conf from systemd to here

Peter Hutterer peter.hutterer at who-t.net
Fri Dec 8 05:34:13 UTC 2017 

On Thu, Nov 30, 2017 at 12:22:46PM +0000, Emil Velikov wrote:
> Hi Peter,
> 
> On 9 November 2017 at 04:19, Peter Hutterer <peter.hutterer at who-t.net> wrote:
> > Let's not rely on some other package to set up and clean up after our
> > tempfiles.
> >
> > Signed-off-by: Peter Hutterer <peter.hutterer at who-t.net>
> > ---
> > Not all of these are created by the server, but moving them to the
> > respective libs etc. makes even less sense.
> >
> >  configure.ac   | 13 +++++++++++++
> >  os/Makefile.am |  7 ++++++-
> >  os/x11.conf    | 11 +++++++++++
> >  3 files changed, 30 insertions(+), 1 deletion(-)
> >  create mode 100644 os/x11.conf
> >
> > diff --git a/configure.ac b/configure.ac
> > index ec98f52c0..54d71bbbe 100644
> > --- a/configure.ac
> > +++ b/configure.ac
> > @@ -851,6 +851,19 @@ if test "x$WITH_SYSTEMD_DAEMON" = "xyes" -o "x$WITH_SYSTEMD_DAEMON" = "xauto" ;
> >  fi
> >  AM_CONDITIONAL([HAVE_SYSTEMD_DAEMON], [test "x$HAVE_SYSTEMD_DAEMON" = "xyes"])
> >
> > +dnl systemd tmpfiles.d directory
> > +PKG_CHECK_MODULES([SYSTEMD], [systemd],
> > +                  [tmpfilesdir=`$PKG_CONFIG --variable=tmpfilesdir systemd`],
> > +                  [tmpfilesdir=no])
> > +AC_ARG_WITH([tmpfiles-dir],
> > +            AS_HELP_STRING([--with-tmpfiles-dir],
> > +                           [Install the tmpfiles into the given directory (default: auto)]),
> > +            [TMPFILES_DIR=$withval], [TMPFILES_DIR=$tmpfilesdir])
> > +if test "x$TMPFILES_DIR" != "xno"; then
> > +       AC_SUBST(TMPFILES_DIR, "$TMPFILES_DIR")
> > +fi
> > +AM_CONDITIONAL(HAVE_TMPFILES_DIR, test "x$TMPFILES_DIR" != "xno")
> > +
> >  if test "x$CONFIG_UDEV" = xyes && test "x$CONFIG_HAL" = xyes; then
> >         AC_MSG_ERROR([Hotplugging through both libudev and hal not allowed])
> >  fi
> > diff --git a/os/Makefile.am b/os/Makefile.am
> > index c6e78cb99..437e91431 100644
> > --- a/os/Makefile.am
> > +++ b/os/Makefile.am
> > @@ -54,7 +54,12 @@ if BUSFAULT
> >  libos_la_SOURCES += $(BUSFAULT_SRCS)
> >  endif
> >
> > -EXTRA_DIST = $(SECURERPC_SRCS) $(XDMCP_SRCS)
> > +if HAVE_TMPFILES_DIR
> > +tmpfilesdir = $(TMPFILES_DIR)
> > +tmpfiles_DATA = x11.conf
> > +endif
> > +
> > +EXTRA_DIST = $(SECURERPC_SRCS) $(XDMCP_SRCS) x11.conf
> >
> >  if SPECIAL_DTRACE_OBJECTS
> >  # Generate dtrace object code for probes in libos & libdix
> > diff --git a/os/x11.conf b/os/x11.conf
> > new file mode 100644
> > index 000000000..eb2d67d72
> > --- /dev/null
> > +++ b/os/x11.conf
> > @@ -0,0 +1,11 @@
> > +# See tmpfiles.d(5) for details
> > +
> > +# Make sure these are created by default so that nobody else can
> > +d /tmp/.X11-unix 1777 root root 10d
> > +d /tmp/.ICE-unix 1777 root root 10d
> > +d /tmp/.XIM-unix 1777 root root 10d
> > +d /tmp/.font-unix 1777 root root 10d
> > +d /tmp/.Test-unix 1777 root root 10d
> > +
> Should these be root even if we're running X w/o root?

*shrug* I think the point here is that no-one else can create them for
nefarious purposes?

> Will systemd attempt to remove the directories if X session is still running?

in this version, yes. but in the current version that's in systemd (which I
missed, sorry), the lines read as "D! /tmp/.X11-unix ...." which only causes
them to be removed on boot. I'll update for the new version.

> On my systems uptime is normally way above 10 days ;-)

you need to apply security updates more often :P

Cheers,
   Peter

More information about the xorg-devel mailing list