From 798a1ad79bdb937c4b0c9008562cd543acaf3206 Mon Sep 17 00:00:00 2001 From: Ray Strode Date: Fri, 27 Mar 2015 10:10:54 -0400 Subject: [PATCH] gdm-x-session: set XORG_RUN_AS_USER_OK=1 environment variable This lets the X server know that it can safely drop privileges. https://bugzilla.gnome.org/show_bug.cgi?id=746891 --- daemon/gdm-x-session.c | 1 + 1 file changed, 1 insertion(+) diff --git a/daemon/gdm-x-session.c b/daemon/gdm-x-session.c index dfd6016..3cc7d40 100644 --- a/daemon/gdm-x-session.c +++ b/daemon/gdm-x-session.c @@ -195,60 +195,61 @@ spawn_x_server (State *state, { GPtrArray *arguments = NULL; GSubprocessLauncher *launcher = NULL; GSubprocess *subprocess = NULL; GInputStream *input_stream = NULL; GDataInputStream *data_stream = NULL; GError *error = NULL; char *auth_file; gboolean is_running = FALSE; int ret; int pipe_fds[2]; char *display_fd_string = NULL; char *vt_string = NULL; char *display_number; gsize display_number_size; auth_file = prepare_auth_file (); g_debug ("Running X server"); ret = g_unix_open_pipe (pipe_fds, FD_CLOEXEC, &error); if (!ret) { g_debug ("could not open pipe: %s", error->message); goto out; } arguments = g_ptr_array_new (); launcher = g_subprocess_launcher_new (G_SUBPROCESS_FLAGS_STDIN_INHERIT); + g_subprocess_launcher_setenv (launcher, "XORG_RUN_AS_USER_OK", "1", TRUE); g_subprocess_launcher_take_fd (launcher, pipe_fds[1], DISPLAY_FILENO); if (g_getenv ("XDG_VTNR") != NULL) { int vt; vt = atoi (g_getenv ("XDG_VTNR")); if (vt > 0 && vt < 64) { vt_string = g_strdup_printf ("vt%d", vt); } } display_fd_string = g_strdup_printf ("%d", DISPLAY_FILENO); g_ptr_array_add (arguments, X_SERVER); if (vt_string != NULL) { g_ptr_array_add (arguments, vt_string); } g_ptr_array_add (arguments, "-displayfd"); g_ptr_array_add (arguments, display_fd_string); g_ptr_array_add (arguments, "-auth"); g_ptr_array_add (arguments, auth_file); if (!allow_remote_connections) { g_ptr_array_add (arguments, "-nolisten"); g_ptr_array_add (arguments, "tcp"); } -- 2.3.3