Add support for OpenBSD#325
Conversation
- like done in swaywm/swaylock#325, provide an alternative for swayidle configuration file lookup - and provide a handrolled config line parser for 'timeout' commands, using strspn(), strchr() and asprintf() - the latter is in recent POSIX so move _POSIX_C_SOURCE 200809L definition within #if HAVE_WORDEXP - OpenBSD doesn't (and won't) have support for systemd/logind, so only care about timeout commands
|
Our Can we just completely get rid of it? |
oh definitely ! i see that |
Yeah, that one is for |
|
|
| elif is_openbsd | ||
| warning('The swaylock binary must be setgid when compiled with bsd auth') | ||
| warning('You must do this manually post-install: chgrp auth /path/to/swaylock ; chmod g+s /path/to/swaylock') | ||
| sources += ['bsdauth.c'] |
There was a problem hiding this comment.
Can we use login_passwd(8) instead to avoid this requirement?
Running the locker as root likely has funny attack vectors.
E.g.: point WAYLAND_DISPLAY to another user's socket and lock their session.
There was a problem hiding this comment.
swaylock already has a SUID-root mode for the shadow backend. We drop privileges early in the main process.
it's already defined in /usr/include/math.h on OpenBSD
sprinkle #if HAVE_WORDEXP where used include config.h first to only include wordexp.h if needed
more lines, but functionally equivalent.
OpenBSD doesn't have/need libcrypt or librt
backports/adapted from swaywm/sway@1d62d6bf note: as a side effect, env vars can't be used anymore for image paths
landryb
force-pushed
the
support-openbsd
branch
from
b348f87 to
6d85ad3
Compare
|
rebased this PR on top of master, can anyone review it ? been using it in the port since it's creationg.. |
|
Currently, swaylock doesn't have platform-specific code. I'm not sure we want to introduce some. |
|
Doesn’t support for linux-pam count as platform specific code?
|
|
BSDs other than OpenBSD support PAM. BSD auth is specific to OpenBSD and is not compatible with other platforms. |
|
And even if it's much more flexible, PAM is riddled with security issues, so i'm not sure it's a good argument here... oh well, @emersion in the end that's your choice. |
|
You already carry some platform-specific code to support glibc. With swearwords. |
That's not really an argument, as that's the single solution used on the majority of unix derivatives. I don't think it's final that we won't carry the OpenBSD bits, it's just that adding cross-platform code is always super annoying, especially from a testing/maintenance perspective. None of us maintainers are running OpenBSD, and while we can add a simple compile-test we'll have no clue if something breaks at runtime.
glibc isn't a platform, but swearing does feel like an appropriate response to needing |
well, since im trying to upstream patches, that also means i'm using it, and that i plan to update it in our packages, and report regressions if upstream breaks runtime on untested platforms.. |
5 participants
OpenBSD has initial/wip wayland support, so add support for building/using swaylock on OpenBSD. It uses http://man.openbsd.org/auth_userokay for user authentication so integrates well with the various login methods.
There's no
wordexp()on OpenBSD:so i've written a small function to lookup for configuration files in the same paths, and i've tested that it was functionally equivalent.
been able to use swaylock with
image=/usr/local/share/backgrounds/xfce/xfce-blue.jpgin~/.config/swaylock/config swaylockand it does what's expected.Feedback welcome !