1 From 0ed62e1a0beb47e033f7632dbf6d2087366b7830 Mon Sep 17 00:00:00 2001
2 From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh>
3 Date: Fri, 13 Oct 2017 14:05:56 +0200
4 Subject: [PATCH] use XDG_RUNTIMESHARE_DIR
6 When running with LSM Smack, the file returned by the
7 function 'os_create_anonymous_file' is tagged with the
8 security label of weston. That security label genrally doesn't
9 allow sharing of files? Then passing the vreated file descriptor
10 to the client application fails with EPERM.
12 To allow file descriptors to be tagged with a security
13 label that allows clients to receive and use it, that
14 patch introduce the use of the environment variable
15 XDG_RUNTIMESHARE_DIR that takes precedence over
16 XDG_RUNTIME_DIR whe, creating anonymous file is needed.
18 A correct setting of the shared directory using Smack's
19 transmute mechanism allows set up file tag for sharing.
21 This patch was submitted upstream for discussion but
22 was rejected with the following reason (IIRC): "the
23 function 'os_create_anonymous_file' and the sharing
24 are obsolete and should not be used anymore. IVI was
25 requiring it but newer version don't use it". Halas,
26 even aligned with latest versions of IVI-shell and weston,
27 the patch is needed. Because of its simplicity, it can
28 remain maintained locally out of mainstream in the wait
29 of further investigations.
31 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
33 shared/os-compatibility.c | 1 +
34 1 file changed, 1 insertion(+)
36 diff --git a/shared/os-compatibility.c b/shared/os-compatibility.c
37 index e19fb61b..7e93e818 100644
38 --- a/shared/os-compatibility.c
39 +++ b/shared/os-compatibility.c
40 @@ -157,6 +157,8 @@ os_create_anonymous_file(off_t size)
44 - path = getenv("XDG_RUNTIME_DIR");
45 + path = getenv("XDG_RUNTIMESHARE_DIR");
47 + path = getenv("XDG_RUNTIME_DIR");
Code Review / AGL / meta-agl.git / blob