From: Randolph Sapp <rs@ti.com>
To: <rs@ti.com>, Ross Burton <Ross.Burton@arm.com>
Cc: "openembedded-core@lists.openembedded.org"
<openembedded-core@lists.openembedded.org>
Subject: Re: [oe-core][PATCH] sysvinit: create tmpfile dir for x11 domain socket
Date: Fri, 17 Oct 2025 19:01:11 -0500 [thread overview]
Message-ID: <DDL08YXMD0E7.BI7D2M6H4P10@ti.com> (raw)
In-Reply-To: <186EB9ECC2726DB8.13861@lists.openembedded.org>
On Wed Oct 15, 2025 at 12:22 PM CDT, Randolph Sapp via lists.openembedded.org wrote:
> On Wed Oct 15, 2025 at 9:37 AM CDT, Ross Burton wrote:
>> On 8 Oct 2025, at 00:48, rs@ti.com wrote:
>>>
>>> From: Randolph Sapp <rs@ti.com>
>>>
>>> Register a volatile directory entry for the x11 domain socket when not
>>> using systemd. This will make sure the directory is always created with
>>> the correct permissions. Systemd already provides their own tmpfile.d
>>> entry for the same behavior.
>>
>> We discussed this in the patch review call on Monday and concluded that it
>> definitely felt like it should be in the xserver recipe.
>
> Sure.
>
I am a little bummed that we don't want to have symmetry between init system
packages though. Gonna need a gross "VIRTUAL-RUNTIME_init_manager" check
to make sure we don't clash with tmpfiles.d entry.
>>> Currently some x11 related applications will create this directory if it
>>> doesn't already exist, but this is not true for everything. In addition,
>>> if the application in question isn't started as root, it's possible this
>>> directory can be owned by a non-root user. This isn't an issue by
>>> itself, but it can potentially lead to problems in a multi-user
>>> environment.
>>
>> Can you clarify what applications will create this directory and which will
>> not? Surely it’s the responsibility for the xserver to create the sockets?
>>
>> Ross
>
> Forgive me, as it's been quite some time since I initially tested this. I
> believe during testing with the current default xsession managers will create it
> but xwayland sessions will not. Given that systemd has determined they need to
> ship this as a global tmpfiles.d entry I assume there is more nuance to this
> than what I have outlined.
>
> - Randolph
Ah, now I remember, all rootless X sessions also have the capability of
generating this socket directory with the wrong owner, given that the server may
try to make the directory after it's already dropped to user permissions. It's
normally fine because they throw 777 at it. Not great, but whatever.
- Randolph
next prev parent reply other threads:[~2025-10-18 0:01 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-07 23:48 [oe-core][PATCH] sysvinit: create tmpfile dir for x11 domain socket rs
2025-10-15 14:37 ` Ross Burton
2025-10-15 17:22 ` Randolph Sapp
[not found] ` <186EB9ECC2726DB8.13861@lists.openembedded.org>
2025-10-18 0:01 ` Randolph Sapp [this message]
[not found] ` <186F6CDD2E45611C.1873@lists.openembedded.org>
2025-10-20 21:30 ` Randolph Sapp
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=DDL08YXMD0E7.BI7D2M6H4P10@ti.com \
--to=rs@ti.com \
--cc=Ross.Burton@arm.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox