aboutsummaryrefslogtreecommitdiff
path: root/src/kms
diff options
context:
space:
mode:
authordec05eba <dec05eba@protonmail.com>2023-04-08 07:04:58 +0200
committerdec05eba <dec05eba@protonmail.com>2023-04-08 07:05:30 +0200
commitd8d0e739e7e40c0b69ecd88160855646684ef3a8 (patch)
tree57c07f15c0af5f0efe495c2e35e55a4fad038ba4 /src/kms
parentbed3a2c681fd5827c22f02ad026dcff5fc7470fd (diff)
Only use flatpak-spawn if inside flatpak, use gsr-kms-server in PATH
Diffstat (limited to 'src/kms')
-rw-r--r--src/kms/kms_client.c19
1 files changed, 15 insertions, 4 deletions
diff --git a/src/kms/kms_client.c b/src/kms/kms_client.c
index 948a7b6..0b3083a 100644
--- a/src/kms/kms_client.c
+++ b/src/kms/kms_client.c
@@ -6,11 +6,16 @@
#include <unistd.h>
#include <signal.h>
#include <limits.h>
+#include <stdbool.h>
#include <sys/socket.h>
#include <sys/un.h>
#include <sys/wait.h>
#include <sys/capability.h>
+static bool is_inside_flatpak(void) {
+ return getenv("FLATPAK_ID") != NULL;
+}
+
static int send_msg_to_server(int server_fd, gsr_kms_request *request) {
struct iovec iov;
iov.iov_base = request;
@@ -67,12 +72,15 @@ int gsr_kms_client_init(gsr_kms_client *self, const char *card_path, const char
struct sockaddr_un local_addr = {0};
struct sockaddr_un remote_addr = {0};
+ bool inside_flatpak = is_inside_flatpak();
char server_filepath[PATH_MAX];
snprintf(server_filepath, sizeof(server_filepath), "%s/%s", program_dir, "gsr-kms-server");
+ if(access(server_filepath, F_OK) != 0 || inside_flatpak)
+ snprintf(server_filepath, sizeof(server_filepath), "gsr-kms-server"); // Assume gsr-kms-server is in $PATH
- int has_perm = 0;
+ bool has_perm = 0;
if(geteuid() == 0) {
- has_perm = 1;
+ has_perm = true;
} else {
cap_t kms_server_cap = cap_get_file(server_filepath);
if(kms_server_cap) {
@@ -80,7 +88,7 @@ int gsr_kms_client_init(gsr_kms_client *self, const char *card_path, const char
cap_get_flag(kms_server_cap, CAP_SYS_ADMIN, CAP_PERMITTED, &res);
if(res == CAP_SET) {
//fprintf(stderr, "has permission!\n");
- has_perm = 1;
+ has_perm = true;
} else {
//fprintf(stderr, "No permission:(\n");
}
@@ -89,7 +97,7 @@ int gsr_kms_client_init(gsr_kms_client *self, const char *card_path, const char
if(errno == ENODATA)
fprintf(stderr, "gsr info: gsr_kms_client_init: gsr-kms-server is missing sys_admin cap and will require root authentication. To bypass this automatically, run: sudo setcap cap_sys_admin+ep '%s'\n", server_filepath);
else
- fprintf(stderr, "failed to get cap\n");
+ fprintf(stderr, "gsr info: gsr_kms_client_init: failed to get cap\n");
}
}
@@ -133,6 +141,9 @@ int gsr_kms_client_init(gsr_kms_client *self, const char *card_path, const char
if(has_perm) {
const char *args[] = { server_filepath, self->socket_path, NULL };
execvp(args[0], (char *const*)args);
+ } else if(inside_flatpak) {
+ const char *args[] = { "pkexec", server_filepath, self->socket_path, NULL };
+ execvp(args[0], (char *const*)args);
} else {
const char *args[] = { "flatpak-spawn", "--host", "pkexec", server_filepath, self->socket_path, NULL };
execvp(args[0], (char *const*)args);