[poky] [PATCH 2/2] xserver-nodm-init: add rootless-x support

Yu Ke ke.yu at intel.com
Tue Feb 22 18:14:33 PST 2011 

most rootless X work are already done in the kernel, xserver and
graphics driver, this patches add the the remaining userspace setting:

- create /etc/X11/Xusername to set rootless X user
- add rootless X user to group video, tty to access /dev/tty[0-4]
  and /dev/dri/card0
- grant rootless X user access right to /dev/input/*, /var/log

Signed-off-by: Yu Ke <ke.yu at intel.com>
---
 .../x11-common/xserver-nodm-init.bb                |   22 +++++++++++++++++++-
 .../x11-common/xserver-nodm-init/Xusername         |    1 +
 .../x11-common/xserver-nodm-init/xserver-nodm      |    4 +++
 3 files changed, 26 insertions(+), 1 deletions(-)
 create mode 100644 meta/recipes-graphics/x11-common/xserver-nodm-init/Xusername

diff --git a/meta/recipes-graphics/x11-common/xserver-nodm-init.bb b/meta/recipes-graphics/x11-common/xserver-nodm-init.bb
index 03a6ca3..a93acc9 100644
--- a/meta/recipes-graphics/x11-common/xserver-nodm-init.bb
+++ b/meta/recipes-graphics/x11-common/xserver-nodm-init.bb
@@ -3,10 +3,11 @@ LICENSE = "GPLv2"
 LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe"
 SECTION = "x11"
 PRIORITY = "optional"
-PR = "r23"
+PR = "r24"
 RDEPENDS_${PN} = "dbus-wait sudo"
 
 SRC_URI = "file://xserver-nodm \
+           file://Xusername \
            file://gplv2-license.patch"
 
 S = ${WORKDIR}
@@ -17,6 +18,25 @@ do_install() {
     install -d ${D}/etc
     install -d ${D}/etc/init.d
     install xserver-nodm ${D}/etc/init.d
+    if [ "${ROOTLESS_X}" = "1" ] ; then
+        install -d ${D}/etc/X11
+        install Xusername ${D}/etc/X11
+    fi
+}
+
+pkg_postinst_${PN} () {
+    if [ "x$D" != "x" ] ; then
+        exit 1
+    fi
+
+    if [ -f /etc/X11/Xusername ]; then
+        # create the rootless X user, and add user to group tty, video
+        username=`cat /etc/X11/Xusername`
+        adduser --disabled-password $username
+        # FIXME: use addgroup if busybox addgroup is ready
+        sed -i -e "s/^video:.*/&${username}/g" /etc/group
+        sed -i -e "s/^tty:.*/&${username}/g" /etc/group
+    fi
 }
 
 inherit update-rc.d
diff --git a/meta/recipes-graphics/x11-common/xserver-nodm-init/Xusername b/meta/recipes-graphics/x11-common/xserver-nodm-init/Xusername
new file mode 100644
index 0000000..7060e5e
--- /dev/null
+++ b/meta/recipes-graphics/x11-common/xserver-nodm-init/Xusername
@@ -0,0 +1 @@
+xuser
diff --git a/meta/recipes-graphics/x11-common/xserver-nodm-init/xserver-nodm b/meta/recipes-graphics/x11-common/xserver-nodm-init/xserver-nodm
index 69ea949..d8c4ba0 100755
--- a/meta/recipes-graphics/x11-common/xserver-nodm-init/xserver-nodm
+++ b/meta/recipes-graphics/x11-common/xserver-nodm-init/xserver-nodm
@@ -30,6 +30,10 @@ case "$1" in
        echo "Starting Xserver"
        if [ -f /etc/X11/Xusername ]; then
            username=`cat /etc/X11/Xusername`
+           # setting for rootless X
+           chmod o+w /var/log
+           chmod g+r /dev/tty[0-3]
+           chmod o+rw /dev/input/*
        fi
        # Using sudo -i here has the nice side effect of making sire
        # HOME, USER and other previously problematic variables
-- 
1.7.0.4

More information about the poky mailing list