On 12/9/25 13:24, Alyssa Ross wrote: > WAYLAND_DISPLAY is moved from /run/wayland to /run/wayland/wayland > because the wayland user doesn't have permission to create a file in > /run. > > Signed-off-by: Alyssa Ross > --- > host/rootfs/image/etc/s6-linux-init/env/WAYLAND_DISPLAY | 2 +- > host/rootfs/image/etc/s6-linux-init/run-image/etc/group | 6 +++--- > host/rootfs/image/etc/s6-linux-init/run-image/etc/passwd | 1 + > .../etc/s6-linux-init/run-image/service/root-terminal/run | 2 ++ > host/rootfs/image/etc/s6-rc/weston/run | 3 +++ > 5 files changed, 10 insertions(+), 4 deletions(-) > > diff --git a/host/rootfs/image/etc/s6-linux-init/env/WAYLAND_DISPLAY b/host/rootfs/image/etc/s6-linux-init/env/WAYLAND_DISPLAY > index bbd390c4..111060fc 100644 > --- a/host/rootfs/image/etc/s6-linux-init/env/WAYLAND_DISPLAY > +++ b/host/rootfs/image/etc/s6-linux-init/env/WAYLAND_DISPLAY > @@ -1 +1 @@ > -/run/wayland > +/run/wayland/wayland > diff --git a/host/rootfs/image/etc/s6-linux-init/run-image/etc/group b/host/rootfs/image/etc/s6-linux-init/run-image/etc/group > index fe72eb76..019f5525 100644 > --- a/host/rootfs/image/etc/s6-linux-init/run-image/etc/group > +++ b/host/rootfs/image/etc/s6-linux-init/run-image/etc/group > @@ -2,9 +2,9 @@ root:x:0:root > clock:x:1: > dialout:x:2: > kmem:x:3: > -input:x:4: > +input:x:4:wayland > tty:x:5: > -video:x:6: > +video:x:6:wayland > render:x:7: > sgx:x:8: > audio:x:9: > @@ -13,4 +13,4 @@ disk:x:11: > cdrom:x:12: > tape:x:13: > kvm:x:14: > -wayland:x:15: > +wayland:x:15:wayland > diff --git a/host/rootfs/image/etc/s6-linux-init/run-image/etc/passwd b/host/rootfs/image/etc/s6-linux-init/run-image/etc/passwd > index 29f3b252..50def56d 100644 > --- a/host/rootfs/image/etc/s6-linux-init/run-image/etc/passwd > +++ b/host/rootfs/image/etc/s6-linux-init/run-image/etc/passwd > @@ -1 +1,2 @@ > root:x:0:0:System administrator:/:/bin/sh > +wayland:x:15:15:Wayland compositor:/:/bin/nologin > diff --git a/host/rootfs/image/etc/s6-linux-init/run-image/service/root-terminal/run b/host/rootfs/image/etc/s6-linux-init/run-image/service/root-terminal/run > index 67ccfb45..86b9a1ef 100755 > --- a/host/rootfs/image/etc/s6-linux-init/run-image/service/root-terminal/run > +++ b/host/rootfs/image/etc/s6-linux-init/run-image/service/root-terminal/run > @@ -4,6 +4,8 @@ > > s6-ipcserver-socketbinder -a 0700 /run/root-terminal > > +if { chown wayland /run/root-terminal } > + > fdmove 1 3 > s6-ipcserverd -1P > > diff --git a/host/rootfs/image/etc/s6-rc/weston/run b/host/rootfs/image/etc/s6-rc/weston/run > index 2674ec0b..7d10b5b4 100644 > --- a/host/rootfs/image/etc/s6-rc/weston/run > +++ b/host/rootfs/image/etc/s6-rc/weston/run > @@ -34,10 +34,13 @@ backtick HOME { > homeof $user > } > > +if { install -do wayland -g wayland -m 0770 /run/wayland } > +if { chown wayland /dev/tty0 /dev/tty1 } Why chown and not setfacl? > redirfd -r 0 /dev/tty1 > > importas -i home HOME > cd $home > if { udevadm wait /dev/dri/card0 } > unshare --cgroup --ipc --net --uts > +s6-setuidgid wayland > weston -S $WAYLAND_DISPLAY -- Sincerely, Demi Marie Obenour (she/her/hers)