From 5c98609bf7dfb05af722e30adb49731727df9a94 Mon Sep 17 00:00:00 2001 From: Ross Burton Date: Tue, 4 Mar 2025 11:12:33 +0000 Subject: [PATCH] xserver-nodm-init: improve XDG_RUNTIME_DIR fallback creation This directory must have mode 0700, and should be under /run/user (as recommended in the specification, and as weston-init does). Also check the permissions if the directory already exists and fail early if they're incorrect. [ YOCTO #13878 ] Signed-off-by: Ross Burton Signed-off-by: Mathieu Dubois-Briand --- .../X11/Xsession.d/13xdgbasedirs.sh | 20 ++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/meta/recipes-graphics/x11-common/xserver-nodm-init/X11/Xsession.d/13xdgbasedirs.sh b/meta/recipes-graphics/x11-common/xserver-nodm-init/X11/Xsession.d/13xdgbasedirs.sh index 6bd40b2fc57..912f79761c6 100644 --- a/meta/recipes-graphics/x11-common/xserver-nodm-init/X11/Xsession.d/13xdgbasedirs.sh +++ b/meta/recipes-graphics/x11-common/xserver-nodm-init/X11/Xsession.d/13xdgbasedirs.sh @@ -1,13 +1,19 @@ # Minimal/stub implementation of the XDG Base Directory specification. # http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html -# -# Wayland needs XDG_RUNTIME_DIR, so set it to /tmp. This isn't compliant with -# the specification (wrong mode, wrong owner) but it's mostly sufficient. -# -# In the ideal case where SystemD is booting and userspace is initiated by a -# SystemD user session this will have been set already, so don't overwrite it. +# If the runtime directory hasn't been set already (for example by systemd, +# elogind, or pam) create a directory in TMPDIR. if [ -z "$XDG_RUNTIME_DIR" ]; then - XDG_RUNTIME_DIR="/tmp" + XDG_RUNTIME_DIR=/run/user/$(id -u) export XDG_RUNTIME_DIR fi + +if [ -d "$XDG_RUNTIME_DIR" ]; then + # If the directory exists, check the permissions and ownership + if [ "$(stat -c %u-%a "$XDG_RUNTIME_DIR")" != "$(id -u)-700" ]; then + echo "ERROR: $XDG_RUNTIME_DIR has incorrect permissions" + exit 1 + fi +else + mkdir --mode 0700 --parents "${XDG_RUNTIME_DIR}" +fi -- 2.47.2