From a8bd58a0d835ceda1db21a30ced7d93db22cf8cf Mon Sep 17 00:00:00 2001
From: Yu Ke <ke.yu@intel.com>
Date: Tue, 22 Feb 2011 20:41:19 +0800
Subject: xserver-nodm-init: add rootless-x support

most rootless X work are already done in the kernel, xserver and
graphics driver, this patches add the the remaining userspace setting:

- create /etc/X11/Xusername to set rootless X user
- add rootless X user to group video, tty to access /dev/tty[0-4]
  and /dev/dri/card0
- grant rootless X user access right to /dev/input/*, /var/log

Signed-off-by: Yu Ke <ke.yu@intel.com>
---
 .../x11-common/xserver-nodm-init.bb                | 22 +++++++++++++++++++++-
 .../x11-common/xserver-nodm-init/Xusername         |  1 +
 .../x11-common/xserver-nodm-init/xserver-nodm      |  4 ++++
 3 files changed, 26 insertions(+), 1 deletion(-)
 create mode 100644 meta/recipes-graphics/x11-common/xserver-nodm-init/Xusername

(limited to 'meta/recipes-graphics/x11-common')

diff --git a/meta/recipes-graphics/x11-common/xserver-nodm-init.bb b/meta/recipes-graphics/x11-common/xserver-nodm-init.bb
index 03a6ca3b56..a93acc9ee3 100644
--- a/meta/recipes-graphics/x11-common/xserver-nodm-init.bb
+++ b/meta/recipes-graphics/x11-common/xserver-nodm-init.bb
@@ -3,10 +3,11 @@ LICENSE = "GPLv2"
 LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe"
 SECTION = "x11"
 PRIORITY = "optional"
-PR = "r23"
+PR = "r24"
 RDEPENDS_${PN} = "dbus-wait sudo"
 
 SRC_URI = "file://xserver-nodm \
+           file://Xusername \
            file://gplv2-license.patch"
 
 S = ${WORKDIR}
@@ -17,6 +18,25 @@ do_install() {
     install -d ${D}/etc
     install -d ${D}/etc/init.d
     install xserver-nodm ${D}/etc/init.d
+    if [ "${ROOTLESS_X}" = "1" ] ; then
+        install -d ${D}/etc/X11
+        install Xusername ${D}/etc/X11
+    fi
+}
+
+pkg_postinst_${PN} () {
+    if [ "x$D" != "x" ] ; then
+        exit 1
+    fi
+
+    if [ -f /etc/X11/Xusername ]; then
+        # create the rootless X user, and add user to group tty, video
+        username=`cat /etc/X11/Xusername`
+        adduser --disabled-password $username
+        # FIXME: use addgroup if busybox addgroup is ready
+        sed -i -e "s/^video:.*/&${username}/g" /etc/group
+        sed -i -e "s/^tty:.*/&${username}/g" /etc/group
+    fi
 }
 
 inherit update-rc.d
diff --git a/meta/recipes-graphics/x11-common/xserver-nodm-init/Xusername b/meta/recipes-graphics/x11-common/xserver-nodm-init/Xusername
new file mode 100644
index 0000000000..7060e5ec16
--- /dev/null
+++ b/meta/recipes-graphics/x11-common/xserver-nodm-init/Xusername
@@ -0,0 +1 @@
+xuser
diff --git a/meta/recipes-graphics/x11-common/xserver-nodm-init/xserver-nodm b/meta/recipes-graphics/x11-common/xserver-nodm-init/xserver-nodm
index 69ea949724..d8c4ba0d11 100755
--- a/meta/recipes-graphics/x11-common/xserver-nodm-init/xserver-nodm
+++ b/meta/recipes-graphics/x11-common/xserver-nodm-init/xserver-nodm
@@ -30,6 +30,10 @@ case "$1" in
        echo "Starting Xserver"
        if [ -f /etc/X11/Xusername ]; then
            username=`cat /etc/X11/Xusername`
+           # setting for rootless X
+           chmod o+w /var/log
+           chmod g+r /dev/tty[0-3]
+           chmod o+rw /dev/input/*
        fi
        # Using sudo -i here has the nice side effect of making sire
        # HOME, USER and other previously problematic variables
-- 
cgit 1.2.3-korg