From 0ed62e1a0beb47e033f7632dbf6d2087366b7830 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh> Date: Fri, 13 Oct 2017 14:05:56 +0200 Subject: [PATCH] use XDG_RUNTIMESHARE_DIR When running with LSM Smack, the file returned by the function 'os_create_anonymous_file' is tagged with the security label of weston. That security label genrally doesn't allow sharing of files? Then passing the vreated file descriptor to the client application fails with EPERM. To allow file descriptors to be tagged with a security label that allows clients to receive and use it, that patch introduce the use of the environment variable XDG_RUNTIMESHARE_DIR that takes precedence over XDG_RUNTIME_DIR whe, creating anonymous file is needed. A correct setting of the shared directory using Smack's transmute mechanism allows set up file tag for sharing. This patch was submitted upstream for discussion but was rejected with the following reason (IIRC): "the function 'os_create_anonymous_file' and the sharing are obsolete and should not be used anymore. IVI was requiring it but newer version don't use it". Halas, even aligned with latest versions of IVI-shell and weston, the patch is needed. Because of its simplicity, it can remain maintained locally out of mainstream in the wait of further investigations. Signed-off-by: José Bollo <jose.bollo@iot.bzh> diff --git a/shared/os-compatibility.c b/shared/os-compatibility.c index e19fb61b..826e48b8 100644 --- a/shared/os-compatibility.c +++ b/shared/os-compatibility.c @@ -157,7 +157,9 @@ os_create_anonymous_file(off_t size) int fd; int ret; - path = getenv("XDG_RUNTIME_DIR"); + path = getenv("XDG_RUNTIMESHARE_DIR"); + if (!path) + path = getenv("XDG_RUNTIME_DIR"); if (!path) { errno = ENOENT; return -1;