IRC Logs of #wayland on irc.freenode.net for 2023-01-01

02:15 smallville7123: welp i got a little more stuff to compile
02:16 smallville7123: still gotta fix a ton of errors and warnings ;-;
04:49 smallville7123: what syscalls does wayland use for signals ?
04:52 smallville7123: hmm apparently it uses the kill syscall (from event-loop-tests.c)
05:09 smallville7123: it appears that PostgreSQL has ported the signal and shm system to windows o.o
05:09 smallville7123: how well such works i dont know
05:18 smallville7123: tho... does the wayland event loop only ever catch SIGUSR1 or can it catch any other signal that can be caught with sigprogmask?
05:21 smallville7123: ill see how cygwin goes about signals
06:18 idkrn[m]: Anyone know if the xhost tool mentioned in https://wiki.gentoo.org/wiki/Simple_sandbox has a Wayland alternative?
16:37 tleydxdy: I think you can just give the user rw access to the wayland socket
17:36 idkrn[m]: <tleydxdy> "I think you can just give the..." <- How? I added them to the video group but I'm pretty sure that is useless
18:44 i509VCB: From the discussion about a wayland 2.0 adding 64-bit wire types, couldn't compatibility with 1.0 be done by lowering the 2.0 wire types to 1.0 wire types?
18:45 i509VCB: Then wayland-scanner or the wayland-rs scanner or etc could expose the 64-bit types in the generated protocol bindings
18:58 kennylevinsen: if something needs 64-bit it could just be sent as 2 32-bit ints - I think that's the least of the Wayland 2.0 concerns
20:02 daniels: idkrn[m]: socket access is all you need - either set permissions so you can access it, or as Flatpak does, bind-mount the socket into the sandbox
21:39 idkrn[m]: <daniels> "idkrn: socket access is all..." <- So bubblewrap works for it?
21:40 idkrn[m]: Set the permissions with what? Chmod?
21:44 idkrn[m]: I'm pretty sure you don't mean chmod
21:44 mjt: that's a difficult situation indeed.. if there's no other tool to set permissions, maybe such a tool should be written quickly
21:44 mjt: </sarcasm>
21:45 mjt: it is a socket file. that whole path needs to be accessible
21:46 mjt: usually /run/user/$UID/wayland-0
21:47 daniels: mjt: the sarcasm is pretty unnecessary tbh
21:48 mjt: it's sometimes difficult to resist :)
21:48 idkrn[m]: Yeah but it was a dumb question
21:48 daniels: idkrn[m]: indeed, Wayland itself doesn't enforce any extra checks on clients connecting to the socket. if the socket is accessible to the client (through permissions indeed), then it can speak to the server. if it isn't accessible, then you can make it accessible with permissions or ACLs. if it isn't visible in the path (e.g. chroot), then you can make it visible via a bind mount
21:48 idkrn[m]: daniels: It only needs to be visible?
21:49 daniels: idkrn[m]: visible (by path), and accessible (by permissions). if you have both of those things, then you're in, without anything extra like xhost
21:49 daniels: (bwrap uses bind mounts to do this)
21:50 idkrn[m]: daniels: Ok thanks
21:50 daniels: np :)
21:50 idkrn[m]: daniels: How do I let it use my Wayland socket when it's under a different UID
21:50 mjt: I guess it's easiest to bind-mount it (which might require root)
21:51 daniels: idkrn[m]: same answer - either bind-mount it in, or open the permissions out
21:51 idkrn[m]: daniels: So if I wanted to automate this for multiple applications, bubblewrap would he simplest?
21:51 idkrn[m]: Or just set the perms to 444
21:52 kennylevinsen: setfacl might do the trick
21:52 daniels: yeah, either setfacl to grant to individual UIDs, or if you're trying to start each app in an isolated UID (namespace), then I'd probably just use bwrap to begin with
21:52 mjt:just googled for "wayland as different user" -- as usual, the solution suggested is to chmod 0777 /run/user/$UID. Looks like this 777 will never die.. :( (don't do that)
21:53 idkrn[m]: Ok thanks everyone
21:53 daniels: np
21:53 idkrn[m]: <daniels> "mjt: the sarcasm is pretty..." <- Even for mjt :)
21:53 idkrn[m]: mjt: Seems like a bad idea lmao
21:54 daniels: idkrn[m]: we've all asked seemingly-dumb questions at one point in time, it's all good
21:54 idkrn[m]: stat /run/user/$UID/wayland-* gives 755 though
21:54 mjt: it is the directory which is restricted
21:54 idkrn[m]: mjt: Good to know
21:54 mjt: sockets ignore permissions, fwiw
21:55 idkrn[m]: Yes it seems to be 700
21:55 mjt: hmm. I'm not actually sure for sockets anymore, it was system-dependent, don't remember how it is on linux these days...
21:56 mjt: but either way it doesn't matter in this case
21:56 idkrn[m]: idkrn[m]: The directory I mean
22:01 mjt: touch /run/user/$UID2/wayland-0; mount --bind /run/user/$UID/wayland-0 /run/user/$UID2/wayland-0 -- this gives user with UID2 access to wayland socket of user with UID
22:22 idkrn[m]: Hmmm
22:22 idkrn[m]: I can sudo -u … bash
22:23 idkrn[m]: Still can't get my program to work…
22:25 idkrn[m]: I think maybe I could put up a pastebin of what I've done for people that have enough time to help
22:30 mjt: what are you trying to do anyway?