diff options
Diffstat (limited to 'poky/meta/recipes-graphics/x11-common')
3 files changed, 15 insertions, 2 deletions
diff --git a/poky/meta/recipes-graphics/x11-common/xserver-nodm-init/capability.conf b/poky/meta/recipes-graphics/x11-common/xserver-nodm-init/capability.conf new file mode 100644 index 000000000..7ab746081 --- /dev/null +++ b/poky/meta/recipes-graphics/x11-common/xserver-nodm-init/capability.conf @@ -0,0 +1,2 @@ +cap_sys_admin @USER@ +none * diff --git a/poky/meta/recipes-graphics/x11-common/xserver-nodm-init/xserver-nodm b/poky/meta/recipes-graphics/x11-common/xserver-nodm-init/xserver-nodm index 6c548551b..116bb278b 100755 --- a/poky/meta/recipes-graphics/x11-common/xserver-nodm-init/xserver-nodm +++ b/poky/meta/recipes-graphics/x11-common/xserver-nodm-init/xserver-nodm @@ -38,6 +38,14 @@ case "$1" in if [ -e /dev/hidraw0 ]; then chmod o+rw /dev/hidraw* fi + # Make sure that the Xorg has the cap_sys_admin capability which is + # needed for setting the drm master + if ! grep -q "^auth.*pam_cap\.so" /etc/pam.d/su; then + echo "auth optional pam_cap.so" >>/etc/pam.d/su + fi + if ! /usr/sbin/getcap $XSERVER | grep -q cap_sys_admin; then + /usr/sbin/setcap cap_sys_admin+eip $XSERVER + fi fi # Using su rather than sudo as latest 1.8.1 cause failure [YOCTO #1211] diff --git a/poky/meta/recipes-graphics/x11-common/xserver-nodm-init_3.0.bb b/poky/meta/recipes-graphics/x11-common/xserver-nodm-init_3.0.bb index 385fea5e8..c2995f99f 100644 --- a/poky/meta/recipes-graphics/x11-common/xserver-nodm-init_3.0.bb +++ b/poky/meta/recipes-graphics/x11-common/xserver-nodm-init_3.0.bb @@ -10,6 +10,7 @@ SRC_URI = "file://xserver-nodm \ file://gplv2-license.patch \ file://xserver-nodm.service.in \ file://xserver-nodm.conf.in \ + file://capability.conf \ " S = "${WORKDIR}" @@ -19,7 +20,7 @@ PACKAGE_ARCH = "${MACHINE_ARCH}" inherit update-rc.d systemd features_check -REQUIRED_DISTRO_FEATURES = "x11" +REQUIRED_DISTRO_FEATURES = "x11 ${@oe.utils.conditional('ROOTLESS_X', '1', 'pam', '', d)}" PACKAGECONFIG ??= "blank" # dpms and screen saver will be on only if 'blank' is in PACKAGECONFIG @@ -40,6 +41,8 @@ do_install() { if [ "${ROOTLESS_X}" = "1" ] ; then XUSER_HOME="/home/xuser" XUSER="xuser" + install -D capability.conf ${D}${sysconfdir}/security/capability.conf + sed -i "s:@USER@:${XUSER}:" ${D}${sysconfdir}/security/capability.conf else XUSER_HOME=${ROOT_HOME} XUSER="root" @@ -60,7 +63,7 @@ do_install() { fi } -RDEPENDS_${PN} = "xinit ${@oe.utils.conditional('ROOTLESS_X', '1', 'xuser-account', '', d)}" +RDEPENDS_${PN} = "xinit ${@oe.utils.conditional('ROOTLESS_X', '1', 'xuser-account libcap libcap-bin', '', d)}" INITSCRIPT_NAME = "xserver-nodm" INITSCRIPT_PARAMS = "start 9 5 . stop 20 0 1 2 3 6 ." |