From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from atuin.qyliss.net (localhost [IPv6:::1]) by atuin.qyliss.net (Postfix) with ESMTP id 684171DA3E; Wed, 10 Dec 2025 12:48:34 +0000 (UTC) Received: by atuin.qyliss.net (Postfix, from userid 993) id 115711D95B; Wed, 10 Dec 2025 12:48:27 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on atuin.qyliss.net X-Spam-Level: X-Spam-Status: No, score=-0.8 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DMARC_MISSING,RCVD_IN_DNSWL_LOW,SPF_HELO_PASS autolearn=unavailable autolearn_force=no version=4.0.1 Received: from fout-a6-smtp.messagingengine.com (fout-a6-smtp.messagingengine.com [103.168.172.149]) by atuin.qyliss.net (Postfix) with ESMTPS id 8DA041D9BD for ; Wed, 10 Dec 2025 12:48:24 +0000 (UTC) Received: from phl-compute-01.internal (phl-compute-01.internal [10.202.2.41]) by mailfout.phl.internal (Postfix) with ESMTP id EDE42EC0598 for ; Wed, 10 Dec 2025 07:48:21 -0500 (EST) Received: from phl-mailfrontend-02 ([10.202.2.163]) by phl-compute-01.internal (MEProxy); Wed, 10 Dec 2025 07:48:21 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alyssa.is; h=cc :content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to; s=fm3; t=1765370901; x= 1765457301; bh=MUMh/zP3gvXkt0hB+nsWDZ97DNFQTk9UxWqPPIrH5Us=; b=F WFKzU2e/Y8aeRe98IwCfHM9bVrjPdROmVmbnE72ueTmDHSX/SYFMhBQ84RLwzHgg xW8qkHI40+E7+hLyYkL/8yTdTjduVFFUpoyR356OsEKegcT/1Aj2TKBFqqG+ij05 nsWp/kjhbwOtwTXr1sCxvP2tD1EEexavQHy2i8ak6x6Jyc4hu11f2dhMwJAtHfJR /G/8iRKHVBBokUG7CCC2q2nOKdbDQ0lWxYlBfiHCmxebjBeav3/iTSGtOjhLEMIj +6EDDAhEFP1Uo5e0YvJsafZAZYVf7CWqqYiksb3KDZBaM2ayJ0NVPv6FRl0x9PR/ kIrF1zdZELTSR+v78Y+AA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:date:feedback-id:feedback-id:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:subject :subject:to:to:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm1; t=1765370901; x=1765457301; bh=MUMh/zP3gvXkt0hB+nsWDZ97DNFQ Tk9UxWqPPIrH5Us=; b=CTrarZ+LiEvCKBmnQbo4MqjdUa4CAK3lV+dP0uxcfmrZ Nzer9925uww2feWF/NiP6OGE4GmZlt67AQ4yc/g/Y6DpqczN9wPxxLuAA+AYZETn r4KiabwHEhVQaXvUO/X5h85HNOGetqhDDILuiLjVPh30ktflKg6ABqu5b54BcKOY +j3S+hhLRERi8VPtrhzuKM8zQSDHC5ZAHplSZGSIj+pDC+5zz4dWoSR+dpispatx DHunbQueiXZsGHSr/Kd5ZWuCLjK1XlkDGBcpQg39xJoc1qSMNeHk0mlKAFDnbCCI P1yhfJBoYMONlvMfGxJ+yKNX9vcJtqgLzAsCZ1VcuA== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefgedrtddtgddvvdegjecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpuffrtefokffrpgfnqfghnecuuegr ihhlohhuthemuceftddtnecunecujfgurhephffvufffkffojghfggfgsedtkeertdertd dtnecuhfhrohhmpeetlhihshhsrgcutfhoshhsuceohhhisegrlhihshhsrgdrihhsqeen ucggtffrrghtthgvrhhnpeefveeivddvveeileethfdvfedvgeeuueeihfefvdelieeuhe fhgeeugeeftdegffenucffohhmrghinheptghonhhfrdhinhdpghhithhhuhgsrdgtohhm necuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhephhhise grlhihshhsrgdrihhspdhnsggprhgtphhtthhopedupdhmohguvgepshhmthhpohhuthdp rhgtphhtthhopeguvghvvghlsehsphgvtghtrhhumhdqohhsrdhorhhg X-ME-Proxy: Feedback-ID: i12284293:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA for ; Wed, 10 Dec 2025 07:48:21 -0500 (EST) Received: by fw12.qyliss.net (Postfix, from userid 1000) id 6BA766C8FD4C; Wed, 10 Dec 2025 13:48:05 +0100 (CET) From: Alyssa Ross To: devel@spectrum-os.org Subject: [PATCH 4/8] host/rootfs: run xdg-desktop-portal-spectrum-host as non-root Date: Wed, 10 Dec 2025 13:47:53 +0100 Message-ID: <20251210124757.1080443-4-hi@alyssa.is> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251210124757.1080443-1-hi@alyssa.is> References: <20251210124757.1080443-1-hi@alyssa.is> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Message-ID-Hash: JYAWKOZQ62HV5FYXSWRJSGCOWRK3QZKY X-Message-ID-Hash: JYAWKOZQ62HV5FYXSWRJSGCOWRK3QZKY X-MailFrom: hi@alyssa.is X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-devel.spectrum-os.org-0; header-match-devel.spectrum-os.org-1; header-match-devel.spectrum-os.org-2; header-match-devel.spectrum-os.org-3; header-match-devel.spectrum-os.org-4; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.9 Precedence: list List-Id: Patches and low-level development discussion Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Signed-off-by: Alyssa Ross --- host/rootfs/file-list.mk | 1 + host/rootfs/image/etc/dbus-portal.conf.in | 11 +++++++++++ .../template/data/service/dbus/run | 8 +++++++- .../xdg-desktop-portal-spectrum-host/run | 2 ++ host/rootfs/image/usr/bin/run-appimage | 1 + host/rootfs/image/usr/bin/run-flatpak | 1 + host/rootfs/image/usr/bin/vm-import | 1 + host/rootfs/image/usr/bin/vm-start | 19 ++++++++++++++++++- 8 files changed, 42 insertions(+), 2 deletions(-) create mode 100644 host/rootfs/image/etc/dbus-portal.conf.in diff --git a/host/rootfs/file-list.mk b/host/rootfs/file-list.mk index f69775d2..59d83b7e 100644 --- a/host/rootfs/file-list.mk +++ b/host/rootfs/file-list.mk @@ -2,6 +2,7 @@ # SPDX-FileCopyrightText: 2025 Demi Marie Obenour FILES = \ + image/etc/dbus-portal.conf.in \ image/etc/fonts/fonts.conf \ image/etc/fstab \ image/etc/init \ diff --git a/host/rootfs/image/etc/dbus-portal.conf.in b/host/rootfs/image/etc/dbus-portal.conf.in new file mode 100644 index 00000000..3e0e6725 --- /dev/null +++ b/host/rootfs/image/etc/dbus-portal.conf.in @@ -0,0 +1,11 @@ + + + + + + /usr/share/dbus-1/session.conf + + + + + diff --git a/host/rootfs/image/etc/s6-linux-init/run-image/service/vm-services/template/data/service/dbus/run b/host/rootfs/image/etc/s6-linux-init/run-image/service/vm-services/template/data/service/dbus/run index 83e97c65..20f1daff 100755 --- a/host/rootfs/image/etc/s6-linux-init/run-image/service/vm-services/template/data/service/dbus/run +++ b/host/rootfs/image/etc/s6-linux-init/run-image/service/vm-services/template/data/service/dbus/run @@ -4,11 +4,17 @@ importas -i VM VM +if { + redirfd -w 1 data/dbus.conf + sed "s/@XDP_SPECTRUM_USER@/xdp-spectrum-${VM}/g" /etc/dbus-portal.conf.in +} + s6-ipcserver-socketbinder -B /run/portal-bus/${VM} fdmove -c 3 0 redirfd -r 0 /dev/null +getcwd -E dir nsenter --mount=/run/vm/by-id/${VM}/mount unshare --cgroup --ipc --net --uts @@ -17,6 +23,6 @@ export LISTEN_FDS 1 getpid LISTEN_PID dbus-daemon - --config-file /usr/share/dbus-1/session.conf + --config-file ${dir}/data/dbus.conf --print-address 4 --address systemd: diff --git a/host/rootfs/image/etc/s6-linux-init/run-image/service/vm-services/template/data/service/xdg-desktop-portal-spectrum-host/run b/host/rootfs/image/etc/s6-linux-init/run-image/service/vm-services/template/data/service/xdg-desktop-portal-spectrum-host/run index 9e493dff..b83d23dd 100755 --- a/host/rootfs/image/etc/s6-linux-init/run-image/service/vm-services/template/data/service/xdg-desktop-portal-spectrum-host/run +++ b/host/rootfs/image/etc/s6-linux-init/run-image/service/vm-services/template/data/service/xdg-desktop-portal-spectrum-host/run @@ -13,4 +13,6 @@ s6-ipcserver-socketbinder -a 0700 /run/vsock/${VM}/vsock_219 if { fdmove 1 3 echo } fdclose 3 +s6-setuidgid xdp-spectrum-${VM} + xdg-desktop-portal-spectrum-host diff --git a/host/rootfs/image/usr/bin/run-appimage b/host/rootfs/image/usr/bin/run-appimage index 36f57b85..47cab4c5 100755 --- a/host/rootfs/image/usr/bin/run-appimage +++ b/host/rootfs/image/usr/bin/run-appimage @@ -5,6 +5,7 @@ backtick -E dir { mktemp -d /run/vm/by-id/XXXXXX } backtick -E id { basename -- $dir } if { useradd -P /run -Urd / -s /bin/nologin gpu-${id} } +if { useradd -P /run -Urd / -s /bin/nologin xdp-spectrum-${id} } if { mkdir -p /run/configs/${id}/fs } diff --git a/host/rootfs/image/usr/bin/run-flatpak b/host/rootfs/image/usr/bin/run-flatpak index 2ef20433..bb366735 100755 --- a/host/rootfs/image/usr/bin/run-flatpak +++ b/host/rootfs/image/usr/bin/run-flatpak @@ -5,6 +5,7 @@ backtick -E dir { mktemp -d /run/vm/by-id/XXXXXX } backtick -E id { basename -- $dir } if { useradd -P /run -Urd / -s /bin/nologin gpu-${id} } +if { useradd -P /run -Urd / -s /bin/nologin xdp-spectrum-${id} } if { elgetpositionals diff --git a/host/rootfs/image/usr/bin/vm-import b/host/rootfs/image/usr/bin/vm-import index 19a0df36..c848fe32 100755 --- a/host/rootfs/image/usr/bin/vm-import +++ b/host/rootfs/image/usr/bin/vm-import @@ -10,6 +10,7 @@ forx -po0 -E name { $names } backtick -E dir { mktemp -d /run/vm/by-id/XXXXXX } backtick -E id { basename -- $dir } if { useradd -P /run -Urd / -s /bin/nologin gpu-${id} } +if { useradd -P /run -Urd / -s /bin/nologin xdp-spectrum-${id} } if { ln -s -- ${dir} /run/vm/by-name/${1}.${name} } if { ln -s -- ${2}/${name} ${dir}/config } diff --git a/host/rootfs/image/usr/bin/vm-start b/host/rootfs/image/usr/bin/vm-start index 67480e52..c8031eec 100755 --- a/host/rootfs/image/usr/bin/vm-start +++ b/host/rootfs/image/usr/bin/vm-start @@ -20,4 +20,21 @@ foreground { redirfd -w 2 /dev/null s6-svwait -U /run/service/vmm/instance/${1} } -ch-remote --api-socket /run/vm/by-id/${1}/vmm boot +foreground { ch-remote --api-socket /run/vm/by-id/${1}/vmm boot } +importas -Siu ? +if { + if -t { test $? -eq 0 } + + # This is technically racy: if somehow we don't get here before the VM boots + # and connects to xdg-desktop-portal-spectrum-host, it won't be able to + # connect. The VM rebooting will also break this, because the socket will be + # re-created with the wrong mode, but VM reboots are broken anyway at the time + # of writing: + # + # https://github.com/cloud-hypervisor/cloud-hypervisor/issues/7547 + # + # Ideally we'd be able to give a listening socket FD to Cloud Hypervisor for + # its VSOCK socket. + chown xdp-spectrum-${1} /run/vsock/${1}/vsock +} +exit $? -- 2.51.0