diff options
author | Stef Walter <stefw@gnome.org> | 2014-03-06 08:44:47 +0100 |
---|---|---|
committer | Stef Walter <stefw@gnome.org> | 2014-03-06 21:05:56 +0100 |
commit | 275a696131e41ea4be3d3ddf6690b8bcd0fe0105 (patch) | |
tree | dc095575ea0373c06159d3850efdd13fefa0a38f | |
parent | 43e71fef72da611bf6f806c3769a19e1c92c50bd (diff) |
daemon: Use $XDG_RUNTIME_DIR to create keyring socket directory
We create a predictable location under $XDG_RUNTIME_DIR. GNOME does
not support multiple GUI sessions per user, so using a predictable
directory works well for us.
If someone somewhere still wants an alternate location use the
--control-directory argument.
https://bugzilla.gnome.org/show_bug.cgi?id=725801
-rw-r--r-- | daemon/gkd-util.c | 84 | ||||
-rw-r--r-- | daemon/test-startup.c | 34 |
2 files changed, 87 insertions, 31 deletions
diff --git a/daemon/gkd-util.c b/daemon/gkd-util.c index 3ba2d0ca..35d1b049 100644 --- a/daemon/gkd-util.c +++ b/daemon/gkd-util.c @@ -84,48 +84,70 @@ uninit_master_directory (gpointer data) master_directory = NULL; } +static gboolean +validate_master_directory (const gchar *directory, + gboolean *exists) +{ + struct stat st; + + if (lstat (directory, &st) < 0) { + if (errno == ENOTDIR || errno == ENOENT) { + *exists = FALSE; + return TRUE; + } + g_message ("The gnome-keyring control directory cannot be accessed: %s: %s", + directory, g_strerror (errno)); + return FALSE; + } else if (st.st_uid != geteuid ()) { + g_message ("The gnome-keyring control directory is not owned with the same " + "credentials as the user login: %s", directory); + return FALSE; + } else if ((st.st_mode & 0777) != 0700) { + g_message ("The gnome-keyring control directory has invalid permissions. It " + "must be only be accessible by its owner (ie: 0700): %s", directory); + return FALSE; + } else { + *exists = TRUE; + return TRUE; + } +} + void gkd_util_init_master_directory (const gchar *replace) { gboolean exists = FALSE; - gboolean valid = FALSE; - struct stat st; - if (replace) { - exists = TRUE; - if (lstat (replace, &st) < 0) { - if (errno == ENOTDIR || errno == ENOENT) { - exists = FALSE; - valid = TRUE; - } - } else if (st.st_uid != geteuid ()) { - g_message ("The gnome-keyring control directory is not owned with the same " - "credentials as the user login: %s", replace); - } else if ((st.st_mode & 0777) != 0700) { - g_message ("The gnome-keyring control directory has invalid permissions. It " - "must be only be accessible by its owner (ie: 0700): %s", replace); - } else { - valid = TRUE; + g_free (master_directory); + master_directory = NULL; + + if (replace && validate_master_directory (replace, &exists)) { + master_directory = g_strdup (replace); + + /* Only use default directory if it has an predictable explicit path */ + } else if (g_getenv ("XDG_RUNTIME_DIR")) { + master_directory = g_build_filename (g_get_user_runtime_dir (), "keyring", NULL); + if (!validate_master_directory (master_directory, &exists)) { + g_free (master_directory); + master_directory = NULL; } } - /* Generate a new directory */ - if (!valid) { + /* No directory yet, make one up */ + if (!master_directory) { master_directory = g_build_filename (g_get_user_runtime_dir (), "keyring-XXXXXX", NULL); - if (g_mkdtemp (master_directory) == NULL) - g_warning ("couldn't create socket directory: %s", g_strerror (errno)); + if (g_mkdtemp (master_directory) == NULL) { + g_warning ("couldn't create socket directory: %s: %s", + master_directory, g_strerror (errno)); + } + exists = TRUE; + } /* A directory was supplied, but doesn't exist yet */ - } else if (!exists) { - g_assert (replace); - master_directory = g_strdup (replace); - if (g_mkdir_with_parents (master_directory, 0700) < 0) - g_warning ("couldn't create socket directory: %s", g_strerror (errno)); - - /* A valid existing directory was supplied */ - } else { - g_assert (replace); - master_directory = g_strdup (replace); + if (!exists) { + if (g_mkdir_with_parents (master_directory, 0700) < 0) { + g_warning ("couldn't create socket directory: %s: %s", + master_directory, g_strerror (errno)); + } } gkd_util_push_environment (GKD_UTIL_ENV_CONTROL, master_directory); diff --git a/daemon/test-startup.c b/daemon/test-startup.c index cea9f5d1..3391cd2d 100644 --- a/daemon/test-startup.c +++ b/daemon/test-startup.c @@ -177,6 +177,38 @@ test_control_badperm (Test *test, g_free (directory); } +static void +test_control_xdghome (Test *test, + gconstpointer unused) +{ + const gchar *argv[] = { + BUILDDIR "/gnome-keyring-daemon", "--foreground", + "--components=", NULL + }; + + gchar *directory; + gchar *expected; + GPid pid; + gchar **output; + gint status; + + directory = g_build_filename (test->directory, "different", NULL); + output = gkd_test_launch_daemon (test->directory, argv, &pid, + "XDG_RUNTIME_DIR", directory, + NULL); + + expected = g_build_filename (directory, "/keyring", NULL); + g_assert_cmpstr (g_environ_getenv (output, "GNOME_KEYRING_CONTROL"), ==, expected); + g_strfreev (output); + + g_assert (gkd_control_quit (expected, 0)); + g_assert_cmpint (waitpid (pid, &status, 0), ==, pid); + g_assert_cmpint (status, ==, 0); + + g_free (directory); + g_free (expected); +} + int main (int argc, char **argv) { @@ -190,6 +222,8 @@ main (int argc, char **argv) setup, test_control_noaccess, teardown); g_test_add ("/daemon/startup/control/badperm", Test, NULL, setup, test_control_badperm, teardown); + g_test_add ("/daemon/startup/control/xdghome", Test, NULL, + setup, test_control_xdghome, teardown); return g_test_run (); } |