diff --git a/CMakeLists.txt b/CMakeLists.txt index ba1cfba89..d1276f8b5 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -50,7 +50,7 @@ find_package(GBM REQUIRED) find_package(LibInput REQUIRED) find_package(XKBCommon REQUIRED) find_package(Udev REQUIRED) -find_package(Libcap REQUIRED) +find_package(Libcap) find_package(Systemd) include(Wayland) diff --git a/README.md b/README.md index 75d191d49..4dcfed0ec 100644 --- a/README.md +++ b/README.md @@ -18,6 +18,7 @@ Install dependencies: * libinput * udev * systemd (optional, for logind support) +* libcap (optional, for capability support) * asciidoc (optional, for man pages) Run these commands: diff --git a/session/CMakeLists.txt b/session/CMakeLists.txt index 72ef9f567..d79991eee 100644 --- a/session/CMakeLists.txt +++ b/session/CMakeLists.txt @@ -1,7 +1,6 @@ include_directories( ${WAYLAND_INCLUDE_DIR} ${DRM_INCLUDE_DIRS} - ${Libcap_INCLUDE_DIRS} ) set(sources @@ -12,7 +11,6 @@ set(sources set(libs wlr-util ${WAYLAND_LIBRARIES} - ${Libcap_LIBRARIES} ) if (SYSTEMD_FOUND) @@ -24,5 +22,13 @@ if (SYSTEMD_FOUND) list(APPEND libs ${SYSTEMD_LIBRARIES}) endif () +if (Libcap_FOUND) + add_definitions(${Libcap_DEFINITIONS}) + include_directories(${Libcap_INCLUDE_DIRS}) + + add_definitions(-DHAS_LIBCAP) + list(APPEND libs ${Libcap_LIBRARIES}) +endif () + add_library(wlr-session ${sources}) target_link_libraries(wlr-session ${libs}) diff --git a/session/direct.c b/session/direct.c index 3615aec55..e6c2440fd 100644 --- a/session/direct.c +++ b/session/direct.c @@ -321,17 +321,35 @@ static void communicate(int sock) { } -static struct wlr_session *direct_session_start(struct wl_display *disp) { +#ifdef HAS_LIBCAP +static bool have_permissions(void) { cap_t cap = cap_get_proc(); cap_flag_value_t val; if (!cap || cap_get_flag(cap, CAP_SYS_ADMIN, CAP_PERMITTED, &val) || val != CAP_SET) { wlr_log(L_ERROR, "Do not have CAP_SYS_ADMIN; cannot become DRM master"); cap_free(cap); - return NULL; + return false; } cap_free(cap); + return true; +} +#else +static bool have_permissions(void) { + if (geteuid() != 0) { + wlr_log(L_ERROR, "Do not have root privileges; cannot become DRM master"); + return false; + } + + return true; +} +#endif + +static struct wlr_session *direct_session_start(struct wl_display *disp) { + if (!have_permissions()) { + return NULL; + } int sock[2]; if (socketpair(AF_UNIX, SOCK_SEQPACKET, 0, sock) < 0) {