diff options
Diffstat (limited to 'src/daemon')
-rw-r--r-- | src/daemon/daemon-conf.c | 2 | ||||
-rw-r--r-- | src/daemon/daemon.conf.in | 4 | ||||
-rw-r--r-- | src/daemon/main.c | 33 | ||||
-rw-r--r-- | src/daemon/org.pulseaudio.policy.in | 50 | ||||
-rw-r--r-- | src/daemon/polkit.c | 172 | ||||
-rw-r--r-- | src/daemon/polkit.h | 27 |
6 files changed, 27 insertions, 261 deletions
diff --git a/src/daemon/daemon-conf.c b/src/daemon/daemon-conf.c index 3428f807..571faae4 100644 --- a/src/daemon/daemon-conf.c +++ b/src/daemon/daemon-conf.c @@ -86,7 +86,7 @@ static const pa_daemon_conf default_conf = { #ifdef HAVE_DBUS .local_server_type = PA_SERVER_TYPE_UNSET, /* The actual default is _USER, but we have to detect when the user doesn't specify this option. */ #endif - .no_cpu_limit = FALSE, + .no_cpu_limit = TRUE, .disable_shm = FALSE, .lock_memory = FALSE, .default_n_fragments = 4, diff --git a/src/daemon/daemon.conf.in b/src/daemon/daemon.conf.in index a11fd06c..7c1a7b8c 100644 --- a/src/daemon/daemon.conf.in +++ b/src/daemon/daemon.conf.in @@ -29,7 +29,7 @@ ; enable-shm = yes ; shm-size-bytes = 0 # setting this 0 will use the system-default, usually 64 MiB ; lock-memory = no -; cpu-limit = yes +; cpu-limit = no ; high-priority = yes ; nice-level = -11 @@ -71,7 +71,7 @@ ; rlimit-msgqueue = -1 ; rlimit-nice = 31 ; rlimit-rtprio = 9 -; rlimit-rtttime = 1000000 +; rlimit-rttime = 1000000 ; default-sample-format = s16le ; default-sample-rate = 44100 diff --git a/src/daemon/main.c b/src/daemon/main.c index 409823b1..9e5647a8 100644 --- a/src/daemon/main.c +++ b/src/daemon/main.c @@ -260,9 +260,14 @@ static int change_user(void) { pa_set_env("HOME", PA_SYSTEM_RUNTIME_PATH); /* Relevant for pa_runtime_path() */ - pa_set_env("PULSE_RUNTIME_PATH", PA_SYSTEM_RUNTIME_PATH); - pa_set_env("PULSE_CONFIG_PATH", PA_SYSTEM_CONFIG_PATH); - pa_set_env("PULSE_STATE_PATH", PA_SYSTEM_STATE_PATH); + if (!getenv("PULSE_RUNTIME_PATH")) + pa_set_env("PULSE_RUNTIME_PATH", PA_SYSTEM_RUNTIME_PATH); + + if (!getenv("PULSE_CONFIG_PATH")) + pa_set_env("PULSE_CONFIG_PATH", PA_SYSTEM_CONFIG_PATH); + + if (!getenv("PULSE_STATE_PATH")) + pa_set_env("PULSE_STATE_PATH", PA_SYSTEM_STATE_PATH); pa_log_info(_("Successfully dropped root privileges.")); @@ -413,23 +418,28 @@ int main(int argc, char *argv[]) { if (!getenv("LD_BIND_NOW")) { char *rp; + char *canonical_rp; /* We have to execute ourselves, because the libc caches the * value of $LD_BIND_NOW on initialization. */ pa_set_env("LD_BIND_NOW", "1"); + canonical_rp = pa_realpath(PA_BINARY); + if ((rp = pa_readlink("/proc/self/exe"))) { - if (pa_streq(rp, PA_BINARY)) + if (pa_streq(rp, canonical_rp)) pa_assert_se(execv(rp, argv) == 0); else - pa_log_warn("/proc/self/exe does not point to " PA_BINARY ", cannot self execute. Are you playing games?"); + pa_log_warn("/proc/self/exe does not point to %s, cannot self execute. Are you playing games?", canonical_rp); pa_xfree(rp); } else pa_log_warn("Couldn't read /proc/self/exe, cannot self execute. Running in a chroot()?"); + + pa_xfree(canonical_rp); } #endif @@ -731,7 +741,7 @@ int main(int argc, char *argv[]) { #endif } - pa_set_env("PULSE_INTERNAL", "1"); + pa_set_env_and_record("PULSE_INTERNAL", "1"); pa_assert_se(chdir("/") == 0); umask(0022); @@ -746,7 +756,7 @@ int main(int argc, char *argv[]) { if (change_user() < 0) goto finish; - pa_set_env("PULSE_SYSTEM", conf->system_instance ? "1" : "0"); + pa_set_env_and_record("PULSE_SYSTEM", conf->system_instance ? "1" : "0"); pa_log_info(_("This is PulseAudio %s"), PACKAGE_VERSION); pa_log_debug(_("Compilation host: %s"), CANONICAL_HOST); @@ -853,8 +863,10 @@ int main(int argc, char *argv[]) { pa_memtrap_install(); - pa_cpu_init_x86(); - pa_cpu_init_arm(); + if (!getenv("PULSE_NO_SIMD")) { + pa_cpu_init_x86(); + pa_cpu_init_arm(); + } pa_assert_se(mainloop = pa_mainloop_new()); @@ -1021,6 +1033,9 @@ finish: if (valid_pid_file) pa_pid_file_remove(); + /* This has no real purpose except making things valgrind-clean */ + pa_unset_env_recorded(); + #ifdef OS_IS_WIN32 WSACleanup(); #endif diff --git a/src/daemon/org.pulseaudio.policy.in b/src/daemon/org.pulseaudio.policy.in deleted file mode 100644 index 1d0b6a7d..00000000 --- a/src/daemon/org.pulseaudio.policy.in +++ /dev/null @@ -1,50 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?><!--*-nxml-*--> -<!DOCTYPE policyconfig PUBLIC - "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN" - "http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd"> - -<!-- -This file is part of PulseAudio. - -PulseAudio is free software; you can redistribute it and/or modify it -under the terms of the GNU Lesser General Public License as -published by the Free Software Foundation; either version 2.1 of the -License, or (at your option) any later version. - -PulseAudio is distributed in the hope that it will be useful, but WITHOUT -ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General -Public License for more details. - -You should have received a copy of the GNU Lesser General Public -License along with PulseAudio; if not, write to the Free Software -Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 -USA. ---> - -<policyconfig> - <vendor>The PulseAudio Project</vendor> - <vendor_url>http://pulseaudio.org/</vendor_url> - <icon_name>audio-card</icon_name> - - <action id="org.pulseaudio.acquire-real-time"> - <_description>Real-time scheduling for the PulseAudio daemon</_description> - <_message>System policy prevents PulseAudio from acquiring real-time scheduling.</_message> - <defaults> - <allow_any>no</allow_any> - <allow_inactive>no</allow_inactive> - <allow_active>no</allow_active> - </defaults> - </action> - - <action id="org.pulseaudio.acquire-high-priority"> - <_description>High-priority scheduling (negative Unix nice level) for the PulseAudio daemon</_description> - <_message>System policy prevents PulseAudio from acquiring high-priority scheduling.</_message> - <defaults> - <allow_any>no</allow_any> - <allow_inactive>no</allow_inactive> - <allow_active>no</allow_active> - </defaults> - </action> - -</policyconfig> diff --git a/src/daemon/polkit.c b/src/daemon/polkit.c deleted file mode 100644 index 9799e094..00000000 --- a/src/daemon/polkit.c +++ /dev/null @@ -1,172 +0,0 @@ -/*** - This file is part of PulseAudio. - - Copyright 2004-2006 Lennart Poettering - Copyright 2006 Pierre Ossman <ossman@cendio.se> for Cendio AB - - PulseAudio is free software; you can redistribute it and/or modify - it under the terms of the GNU Lesser General Public License as published - by the Free Software Foundation; either version 2.1 of the License, - or (at your option) any later version. - - PulseAudio is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU Lesser General Public License - along with PulseAudio; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 - USA. -***/ - -#ifdef HAVE_CONFIG_H -#include <config.h> -#endif - -#include <unistd.h> -#include <stdlib.h> -#include <inttypes.h> - -#include <dbus/dbus.h> -#include <polkit-dbus/polkit-dbus.h> - -#include <pulse/i18n.h> - -#include <pulsecore/log.h> -#include <pulsecore/macro.h> - -#include "polkit.h" - -int pa_polkit_check(const char *action_id) { - int ret = -1; - DBusError dbus_error; - DBusConnection *bus = NULL; - PolKitCaller *caller = NULL; - PolKitAction *action = NULL; - PolKitContext *context = NULL; - PolKitError *polkit_error = NULL; - PolKitSession *session = NULL; - PolKitResult polkit_result; - - dbus_error_init(&dbus_error); - - if (!(bus = dbus_bus_get(DBUS_BUS_SYSTEM, &dbus_error))) { - pa_log_error(_("Cannot connect to system bus: %s"), dbus_error.message); - goto finish; - } - - /* There seems to be a bug in some versions of D-Bus that causes - * dbus_shutdown() to call exit() when a connection without this - * flag disabled was created during runtime.*/ - dbus_connection_set_exit_on_disconnect(bus, FALSE); - - if (!(caller = polkit_caller_new_from_pid(bus, getpid(), &dbus_error))) { - pa_log_error(_("Cannot get caller from PID: %s"), dbus_error.message); - goto finish; - } - - /* This function is called when PulseAudio is called SUID root. We - * want to authenticate the real user that called us and not the - * effective user we gained through being SUID root. Hence we - * overwrite the UID caller data here explicitly, just for - * paranoia. In fact PolicyKit should fill in the UID here anyway - * -- an not the EUID or any other user id. */ - - if (!(polkit_caller_set_uid(caller, getuid()))) { - pa_log_error(_("Cannot set UID on caller object.")); - goto finish; - } - - if (!(polkit_caller_get_ck_session(caller, &session))) { - pa_log_error(_("Failed to get CK session.")); - goto finish; - } - - /* We need to overwrite the UID in both the caller and the session - * object */ - - if (!(polkit_session_set_uid(session, getuid()))) { - pa_log_error(_("Cannot set UID on session object.")); - goto finish; - } - - if (!(action = polkit_action_new())) { - pa_log_error(_("Cannot allocate PolKitAction.")); - goto finish; - } - - if (!polkit_action_set_action_id(action, action_id)) { - pa_log_error(_("Cannot set action_id")); - goto finish; - } - - if (!(context = polkit_context_new())) { - pa_log_error(_("Cannot allocate PolKitContext.")); - goto finish; - } - - if (!polkit_context_init(context, &polkit_error)) { - pa_log_error(_("Cannot initialize PolKitContext: %s"), polkit_error_get_error_message(polkit_error)); - goto finish; - } - - for (;;) { - - polkit_result = polkit_context_is_caller_authorized(context, action, caller, TRUE, &polkit_error); - - if (polkit_error_is_set(polkit_error)) { - pa_log_error(_("Could not determine whether caller is authorized: %s"), polkit_error_get_error_message(polkit_error)); - goto finish; - } - - if (polkit_result == POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH || - polkit_result == POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_SESSION || - polkit_result == POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_ALWAYS || - polkit_result == POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_ONE_SHOT || - polkit_result == POLKIT_RESULT_ONLY_VIA_SELF_AUTH || - polkit_result == POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_SESSION || - polkit_result == POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_ALWAYS || - polkit_result == POLKIT_RESULT_ONLY_VIA_SELF_AUTH_ONE_SHOT - ) { - - if (polkit_auth_obtain(action_id, 0, getpid(), &dbus_error)) { - polkit_result = POLKIT_RESULT_YES; - break; - } - - if (dbus_error_is_set(&dbus_error)) { - pa_log_error(_("Cannot obtain auth: %s"), dbus_error.message); - goto finish; - } - } - - break; - } - - if (polkit_result != POLKIT_RESULT_YES && polkit_result != POLKIT_RESULT_NO) - pa_log_warn(_("PolicyKit responded with '%s'"), polkit_result_to_string_representation(polkit_result)); - - ret = polkit_result == POLKIT_RESULT_YES; - -finish: - - if (caller) - polkit_caller_unref(caller); - - if (action) - polkit_action_unref(action); - - if (context) - polkit_context_unref(context); - - if (bus) - dbus_connection_unref(bus); - - dbus_error_free(&dbus_error); - - if (polkit_error) - polkit_error_free(polkit_error); - - return ret; -} diff --git a/src/daemon/polkit.h b/src/daemon/polkit.h deleted file mode 100644 index 018f6ef1..00000000 --- a/src/daemon/polkit.h +++ /dev/null @@ -1,27 +0,0 @@ -#ifndef foopolkithfoo -#define foopolkithfoo - -/*** - This file is part of PulseAudio. - - Copyright 2007 Lennart Poettering - - PulseAudio is free software; you can redistribute it and/or modify - it under the terms of the GNU Lesser General Public License as published - by the Free Software Foundation; either version 2.1 of the License, - or (at your option) any later version. - - PulseAudio is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU Lesser General Public License - along with PulseAudio; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 - USA. -***/ - -int pa_polkit_check(const char *action); - -#endif |