Merge branch 'master' of git://0pointer.de/pulseaudio into dbus-work

Conflicts: src/Makefile.am src/daemon/daemon-conf.c src/daemon/daemon.conf.in src/modules/module-stream-restore.c src/pulse/client-conf.c src/pulsecore/namereg.c
author: Tanu Kaskinen <tanuk@iki.fi> 2009-08-16 21:25:48 +0300
committer: Tanu Kaskinen <tanuk@iki.fi> 2009-08-16 21:25:48 +0300
commit: bcaba0b1b43d6a1b32aadfa98860f40b2c93e136 (patch)
tree: 6bd0d60a8fa822bfd688b90d062d0f73eee2e47e /src/daemon
parent: 2bb3eef414f80189cf6af6cd66c519630e4c0a43 (diff)
parent: 01e4b61a910afdd21f860fadbe98075735c2bf51 (diff)
5 files changed, 81 insertions, 22 deletions
diff --git a/src/daemon/caps.c b/src/daemon/caps.c
index 294be494..76b62e03 100644
--- a/src/daemon/caps.c
+++ b/src/daemon/caps.c
@@ -57,24 +57,29 @@ void pa_drop_root(void) {
 
 #ifdef HAVE_GETUID
     uid_t uid;
+    gid_t gid;
 
+    pa_log_debug(_("Cleaning up privileges."));
     uid = getuid();
-    if (uid == 0 || geteuid() != 0)
-        return;
-
-    pa_log_info(_("Dropping root privileges."));
+    gid = getgid();
 
 #if defined(HAVE_SETRESUID)
     pa_assert_se(setresuid(uid, uid, uid) >= 0);
+    pa_assert_se(setresgid(gid, gid, gid) >= 0);
 #elif defined(HAVE_SETREUID)
     pa_assert_se(setreuid(uid, uid) >= 0);
+    pa_assert_se(setregid(gid, gid) >= 0);
 #else
     pa_assert_se(setuid(uid) >= 0);
     pa_assert_se(seteuid(uid) >= 0);
+    pa_assert_se(setgid(gid) >= 0);
+    pa_assert_se(setegid(gid) >= 0);
 #endif
 
     pa_assert_se(getuid() == uid);
     pa_assert_se(geteuid() == uid);
+    pa_assert_se(getgid() == gid);
+    pa_assert_se(getegid() == gid);
 #endif
 
 #ifdef HAVE_SYS_PRCTL_H
@@ -82,7 +87,7 @@ void pa_drop_root(void) {
 #endif
 
 #ifdef HAVE_SYS_CAPABILITY_H
-    {
+    if (uid != 0) {
         cap_t caps;
         pa_assert_se(caps = cap_init());
         pa_assert_se(cap_clear(caps) == 0);
diff --git a/src/daemon/daemon-conf.c b/src/daemon/daemon-conf.c
index ace460ed..31f29009 100644
--- a/src/daemon/daemon-conf.c
+++ b/src/daemon/daemon-conf.c
@@ -476,14 +476,18 @@ int pa_daemon_conf_load(pa_daemon_conf *c, const char *filename) {
         { "high-priority",              pa_config_parse_bool,     &c->high_priority, NULL },
         { "realtime-scheduling",        pa_config_parse_bool,     &c->realtime_scheduling, NULL },
         { "disallow-module-loading",    pa_config_parse_bool,     &c->disallow_module_loading, NULL },
+        { "allow-module-loading",       pa_config_parse_not_bool, &c->disallow_module_loading, NULL },
         { "disallow-exit",              pa_config_parse_bool,     &c->disallow_exit, NULL },
+        { "allow-exit",                 pa_config_parse_not_bool, &c->disallow_exit, NULL },
         { "use-pid-file",               pa_config_parse_bool,     &c->use_pid_file, NULL },
         { "system-instance",            pa_config_parse_bool,     &c->system_instance, NULL },
 #ifdef HAVE_DBUS
         { "local-server-type",          parse_server_type,        c, NULL },
 #endif
         { "no-cpu-limit",               pa_config_parse_bool,     &c->no_cpu_limit, NULL },
+        { "cpu-limit",                  pa_config_parse_not_bool, &c->no_cpu_limit, NULL },
         { "disable-shm",                pa_config_parse_bool,     &c->disable_shm, NULL },
+        { "enable-shm",                 pa_config_parse_not_bool, &c->disable_shm, NULL },
         { "flat-volumes",               pa_config_parse_bool,     &c->flat_volumes, NULL },
         { "lock-memory",                pa_config_parse_bool,     &c->lock_memory, NULL },
         { "exit-idle-time",             pa_config_parse_int,      &c->exit_idle_time, NULL },
@@ -503,7 +507,9 @@ int pa_daemon_conf_load(pa_daemon_conf *c, const char *filename) {
         { "default-fragment-size-msec", parse_fragment_size_msec, c, NULL },
         { "nice-level",                 parse_nice_level,         c, NULL },
         { "disable-remixing",           pa_config_parse_bool,     &c->disable_remixing, NULL },
+        { "enable-remixing",            pa_config_parse_not_bool, &c->disable_remixing, NULL },
         { "disable-lfe-remixing",       pa_config_parse_bool,     &c->disable_lfe_remixing, NULL },
+        { "enable-lfe-remixing",        pa_config_parse_not_bool, &c->disable_lfe_remixing, NULL },
         { "load-default-script-file",   pa_config_parse_bool,     &c->load_default_script_file, NULL },
         { "shm-size-bytes",             pa_config_parse_size,     &c->shm_size, NULL },
         { "log-meta",                   pa_config_parse_bool,     &c->log_meta, NULL },
@@ -669,15 +675,15 @@ char *pa_daemon_conf_dump(pa_daemon_conf *c) {
     pa_strbuf_printf(s, "nice-level = %i\n", c->nice_level);
     pa_strbuf_printf(s, "realtime-scheduling = %s\n", pa_yes_no(c->realtime_scheduling));
     pa_strbuf_printf(s, "realtime-priority = %i\n", c->realtime_priority);
-    pa_strbuf_printf(s, "disallow-module-loading = %s\n", pa_yes_no(c->disallow_module_loading));
-    pa_strbuf_printf(s, "disallow-exit = %s\n", pa_yes_no(c->disallow_exit));
+    pa_strbuf_printf(s, "allow-module-loading = %s\n", pa_yes_no(!c->disallow_module_loading));
+    pa_strbuf_printf(s, "allow-exit = %s\n", pa_yes_no(!c->disallow_exit));
     pa_strbuf_printf(s, "use-pid-file = %s\n", pa_yes_no(c->use_pid_file));
     pa_strbuf_printf(s, "system-instance = %s\n", pa_yes_no(c->system_instance));
 #ifdef HAVE_DBUS
     pa_strbuf_printf(s, "local-server-type = %s\n", server_type_to_string[c->local_server_type]);
 #endif
-    pa_strbuf_printf(s, "no-cpu-limit = %s\n", pa_yes_no(c->no_cpu_limit));
-    pa_strbuf_printf(s, "disable-shm = %s\n", pa_yes_no(c->disable_shm));
+    pa_strbuf_printf(s, "cpu-limit = %s\n", pa_yes_no(!c->no_cpu_limit));
+    pa_strbuf_printf(s, "enable-shm = %s\n", pa_yes_no(!c->disable_shm));
     pa_strbuf_printf(s, "flat-volumes = %s\n", pa_yes_no(c->flat_volumes));
     pa_strbuf_printf(s, "lock-memory = %s\n", pa_yes_no(c->lock_memory));
     pa_strbuf_printf(s, "exit-idle-time = %i\n", c->exit_idle_time);
@@ -688,8 +694,8 @@ char *pa_daemon_conf_dump(pa_daemon_conf *c) {
     pa_strbuf_printf(s, "log-target = %s\n", c->auto_log_target ? "auto" : (c->log_target == PA_LOG_SYSLOG ? "syslog" : "stderr"));
     pa_strbuf_printf(s, "log-level = %s\n", log_level_to_string[c->log_level]);
     pa_strbuf_printf(s, "resample-method = %s\n", pa_resample_method_to_string(c->resample_method));
-    pa_strbuf_printf(s, "disable-remixing = %s\n", pa_yes_no(c->disable_remixing));
-    pa_strbuf_printf(s, "disable-lfe-remixing = %s\n", pa_yes_no(c->disable_lfe_remixing));
+    pa_strbuf_printf(s, "enable-remixing = %s\n", pa_yes_no(!c->disable_remixing));
+    pa_strbuf_printf(s, "enable-lfe-remixing = %s\n", pa_yes_no(!c->disable_lfe_remixing));
     pa_strbuf_printf(s, "default-sample-format = %s\n", pa_sample_format_to_string(c->default_sample_spec.format));
     pa_strbuf_printf(s, "default-sample-rate = %u\n", c->default_sample_spec.rate);
     pa_strbuf_printf(s, "default-sample-channels = %u\n", c->default_sample_spec.channels);
diff --git a/src/daemon/daemon.conf.in b/src/daemon/daemon.conf.in
index 9bea6148..a11fd06c 100644
--- a/src/daemon/daemon.conf.in
+++ b/src/daemon/daemon.conf.in
@@ -21,15 +21,15 @@
 
 ; daemonize = no
 ; fail = yes
-; disallow-module-loading = no
-; disallow-exit = no
+; allow-module-loading = yes
+; allow-exit = yes
 ; use-pid-file = yes
 ; system-instance = no
 ; local-server-type = user
-; disable-shm = no
+; enable-shm = yes
 ; shm-size-bytes = 0 # setting this 0 will use the system-default, usually 64 MiB
 ; lock-memory = no
-; no-cpu-limit = no
+; cpu-limit = yes
 
 ; high-priority = yes
 ; nice-level = -11
@@ -52,8 +52,8 @@
 ; log-backtrace = 0
 
 ; resample-method = speex-float-3
-; disable-remixing = no
-; disable-lfe-remixing = yes
+; enable-remixing = yes
+; enable-lfe-remixing = no
 
 ; flat-volumes = yes
 
diff --git a/src/daemon/main.c b/src/daemon/main.c
index f4209859..73696005 100644
--- a/src/daemon/main.c
+++ b/src/daemon/main.c
@@ -110,7 +110,7 @@ int allow_severity = LOG_INFO;
 int deny_severity = LOG_WARNING;
 #endif
 
-#ifdef HAVE_OSS
+#ifdef HAVE_OSS_WRAPPER
 /* padsp looks for this symbol in the running process and disables
  * itself if it finds it and it is set to 7 (which is actually a bit
  * mask). For details see padsp. */
@@ -407,7 +407,8 @@ int main(int argc, char *argv[]) {
     /*
        Disable lazy relocations to make usage of external libraries
        more deterministic for our RT threads. We abuse __OPTIMIZE__ as
-       a check whether we are a debug build or not.
+       a check whether we are a debug build or not. This all is
+       admittedly a bit snake-oilish.
     */
 
     if (!getenv("LD_BIND_NOW")) {
@@ -418,9 +419,16 @@ int main(int argc, char *argv[]) {
 
         pa_set_env("LD_BIND_NOW", "1");
 
-        if ((rp = pa_readlink("/proc/self/exe")))
-            pa_assert_se(execv(rp, argv) == 0);
-        else
+        if ((rp = pa_readlink("/proc/self/exe"))) {
+
+            if (pa_streq(rp, PA_BINARY))
+                pa_assert_se(execv(rp, argv) == 0);
+            else
+                pa_log_warn("/proc/self/exe does not point to " PA_BINARY ", cannot self execute. Are you playing games?");
+
+            pa_xfree(rp);
+
+        } else
             pa_log_warn("Couldn't read /proc/self/exe, cannot self execute. Running in a chroot()?");
     }
 #endif
@@ -435,10 +443,13 @@ int main(int argc, char *argv[]) {
     /* We might be autospawned, in which case have no idea in which
      * context we have been started. Let's cleanup our execution
      * context as good as possible */
+
+    pa_reset_personality();
     pa_drop_root();
     pa_close_all(passed_fd, -1);
     pa_reset_sigs(-1);
     pa_unblock_sigs(-1);
+    pa_reset_priority();
 
     setlocale(LC_ALL, "");
     pa_init_i18n();
diff --git a/src/daemon/pulseaudio-system.conf b/src/daemon/pulseaudio-system.conf
new file mode 100644
index 00000000..edddaf93
--- /dev/null
+++ b/src/daemon/pulseaudio-system.conf
@@ -0,0 +1,37 @@
+<?xml version="1.0"?><!--*-nxml-*-->
+<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+
+<!--
+This file is part of PulseAudio.
+
+PulseAudio is free software; you can redistribute it and/or modify it
+under the terms of the GNU Lesser General Public License as
+published by the Free Software Foundation; either version 2.1 of the
+License, or (at your option) any later version.
+
+PulseAudio is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General
+Public License for more details.
+
+You should have received a copy of the GNU Lesser General Public
+License along with PulseAudio; if not, write to the Free Software
+Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
+USA.
+-->
+
+<busconfig>
+
+  <!-- System-wide PulseAudio runs as 'pulse' user. This fragment is
+       not necessary for user PulseAudio instances. -->
+
+  <policy user="pulse">
+    <allow own="org.pulseaudio.Server"/>
+
+    <!-- Allow pulseaudio to talk to HAL for device detection -->
+    <allow send_destination="org.freedesktop.Hal" send_interface="org.freedesktop.Hal.Manager"/>
+    <allow send_destination="org.freedesktop.Hal" send_interface="org.freedesktop.Hal.Device"/>
+  </policy>
+
+</busconfig>
author	Tanu Kaskinen <tanuk@iki.fi>	2009-08-16 21:25:48 +0300
committer	Tanu Kaskinen <tanuk@iki.fi>	2009-08-16 21:25:48 +0300
commit	bcaba0b1b43d6a1b32aadfa98860f40b2c93e136 (patch)
tree	6bd0d60a8fa822bfd688b90d062d0f73eee2e47e /src/daemon
parent	2bb3eef414f80189cf6af6cd66c519630e4c0a43 (diff)
parent	01e4b61a910afdd21f860fadbe98075735c2bf51 (diff)