Release 2.4.0

- Migrate to wlroots 0.18 - Improve documentation - CONTRIBUTING.md - README.md - Drop privilege correctly, even on some BSDs #81 (would be denial of service, not priv escalation) - Improve resilience by mirroring packages, doc and code elsewhere - Add setmodecursor command - Fix typo in FAQ (#76 by meisme-dev)
project-repo · Oct 7, 2024 · 7d07dfd · 7d07dfd
1 parent ace4ff0
commit 7d07dfd
Show file tree

Hide file tree

Showing 52 changed files with 546 additions and 351 deletions.
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -45,8 +45,7 @@ at the time of release.
 
 However, Cagebreak may also work on other distributions given the
 proper library versions (Some package maintainers have done this and it
-seems to work (To date, we dealt with a few Issues and never felt the
-need to ask for the distribution the user was having the issue on.)).
+seems to work.
 
 [![Packaging status](https://repology.org/badge/vertical-allrepos/cagebreak.svg)](https://repology.org/project/cagebreak/versions)
 
@@ -120,12 +119,6 @@ time has to be set in `meson.build`:
 meson compile adjust-epoch -C build
 ```
 
-or
-
-```
-./scripts/adjust-epoch
-```
-
 #### Git tag
 
 If you are on the master branch, everything is ready and you want to create
@@ -138,12 +131,6 @@ meson compile git-tag -C build
 If you want to use another signing key than the prespecified one, configure
 Cagebreak with `-Dgpg_id=GPGID`.
 
-```
-./scripts/git-tag GPGID CBVERSION
-```
-
-can be used alternatively.
-
 #### Output Hashes
 
 Hashes of release versions of all binaries can be output to `local-hashes.txt`
@@ -153,14 +140,6 @@ via:
 meson compile output-hashes -C build
 ```
 
-Or
-
-```
-./scripts/output-hashes VERSION
-```
-
-if meson is unavailable.
-
 #### Create Signatures
 
 Creation of signatures for releases can be achieved through:
@@ -172,12 +151,6 @@ meson compile create-sigs -C build
 Configure Cagebreak with `-Dgpg_id=GPGID` for a different gpg signing
 key.
 
-Without meson use:
-
-```
-./scripts/create-signatures GPGID
-```
-
 #### Set Version Number
 
 Once the version number is set within meson.build, you can use
@@ -304,12 +277,6 @@ We have found code path discovery to increase rapidly when the fuzzer is supplie
 with an initial config file. We are working on improving our fuzzing coverage to
 find bugs in other areas of the code.
 
-### Caveat
-
-Currently, there are memory leaks which do not seem to stem from our code but rather
-the code of wlroots or some other library we depend on. We are working on the problem.
-In the meantime, add `-Db_detect-leaks=0` to the meson command to exclude memory leaks.
-
 ## Reproducible Builds
 
 Cagebreak offers reproducible builds given the exact library versions specified

diff --git a/FAQ.md b/FAQ.md
@@ -42,7 +42,7 @@ Execute the following commands with the appropriate env vars:
 
 ```
 export XDG_SESSION_TYPE=wayland
-export XDG_CURRENT_DESKTIP=sway
+export XDG_CURRENT_DESKTOP=sway
 /usr/lib/xdg-desktop-portal -r
 /usr/lib/xdg-desktop-portal-wlr
 ```

diff --git a/Hashes.md b/Hashes.md
@@ -1,5 +1,25 @@
 # Hashes
 
+2.4.0 cagebreak
+
+  * sha 256: 510b848cde5719234338d7e4e710233f69c08c3b3953bdda5d1f021bd66996a9
+  * sha 512: 6645e9a27aef030ac065edde7bf7f8d3c9e75ea2efc72016cbe639b93fbf2d5a961c93b0c7f0dbaf2b35655c75c74cf8d84a1aba98c49fb51868065d5d17f478
+
+2.4.0 cagebreak.1
+
+  * sha 256: 9cf5b33bebe9778a0c670ce9723692f1788684ea26a8fe33fa100c8f9bbab3a8
+  * sha 512: fb4fa9fc4e1b95aef54f5411c312b6b50b65442abd98c22ede6a18ff354769d31b2b7949a85e133af73ca0d2a89d6706bc2eca8c1c84727c5e7fbf2a35e0d582
+
+2.4.0 cagebreak-config.5
+
+  * sha 256: ce12966517e2f3bcbb5fba2c82ae6aaed2ec072d19ecea609dade802085271ab
+  * sha 512: 420872f557347d16993765e91fbe475d3290ff562e9f63e97395b71078fc29fa21e29adcc90d8b5abe98f61e2563aab65bc86e5b6c2bb1304a3b0c22aa8005a9
+
+2.4.0 cagebreak-socket.7
+
+  * sha 256: ddf4b9150f15f225bfcd4dbdc2255d3a355ccd1ed9abc68c7c7b874b63226d34
+  * sha 512: 5bbeed9b5539fd0ca10241589bafc714c9e539ee6d46f9c8c9054b483ad32140b70c0e45996175ec9a72c9fb0e08651fbd7734fdbd3ba2ee8b04c43abe4ce98a
+
 2.3.1 cagebreak
 
   * sha 256: 51d76608726a6251690d6dd1371cdfaa6eae5188a08798cda9c9280b3fcbe3fa

diff --git a/README.md b/README.md
@@ -1,6 +1,6 @@
 # Cagebreak: A Tiling Wayland Compositor
 
-[![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/6532/badge)](https://bestpractices.coreinfrastructure.org/projects/6532) [![Packaging status](https://repology.org/badge/tiny-repos/cagebreak.svg)](https://repology.org/project/cagebreak/versions) [![AUR package](https://repology.org/badge/version-for-repo/aur/cagebreak.svg?minversion=2.3.1)](https://repology.org/project/cagebreak/versions)
+[![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/6532/badge)](https://bestpractices.coreinfrastructure.org/projects/6532) [![Packaging status](https://repology.org/badge/tiny-repos/cagebreak.svg)](https://repology.org/project/cagebreak/versions) [![AUR package](https://repology.org/badge/version-for-repo/aur/cagebreak.svg?minversion=2.4.0)](https://repology.org/project/cagebreak/versions)
 
 [![Contact](img/mail.svg)](SECURITY.md) [![Manuals](img/manuals.svg)](manuals.md) [![FAQ](img/faq.svg)](FAQ.md) [![CONTRIBUTING](img/contributing.svg)](CONTRIBUTING.md) [![ArchWiki](img/archwiki.svg)](https://wiki.archlinux.org/title/Cagebreak) [![AUR](img/aur.svg)](https://aur.archlinux.org/packages?O=0&K=cagebreak)
 
@@ -178,6 +178,21 @@ as a source of inspiration and explanation for certain particularities.
 
 > Example scripts can be found in the repository under `example_scripts/`.
 
+## Resilience
+
+To become more resilient to outages of GitHub, we have created a [website](https://cagebreak.project-repo.co).
+
+It is not possible to open issues on the website directly, use the mail contact
+if GitHub is down.
+
+The following links may be useful:
+
+  * [Artefacts mirror](https://cagebreak.project-repo.co/release-artefacts.html)
+  * [PKGBUILD depending on the mirror](https://cagebreak.project-repo.co/cb-red-pkgb/PKGBUILD)
+  * [binary PKGBUILD depending on the mirror](https://cagebreak.project-repo.co/cb-red-bin-pkgb/PKGBUILD)
+  * [cagebreak repo mirror](https://cagebreak.project-repo.co/cagebreak.git)
+  * [cagebreak-bin repo mirror](https://cagebreak.project-repo.co/cagebreak-pkgbuild.git)
+
 ## Roadmap
 
 Cagebreak plans to do or keep doing the following things

diff --git a/cagebreak.c b/cagebreak.c
@@ -7,6 +7,7 @@
 
 #include <fontconfig/fontconfig.h>
 #include <getopt.h>
+#include <grp.h>
 #include <pango.h>
 #include <pango/pangocairo.h>
 #include <signal.h>
@@ -30,7 +31,6 @@
 #include <wlr/types/wlr_idle_inhibit_v1.h>
 #include <wlr/types/wlr_idle_notify_v1.h>
 #include <wlr/types/wlr_output_layout.h>
-#include <wlr/types/wlr_presentation_time.h>
 #include <wlr/types/wlr_primary_selection_v1.h>
 #include <wlr/types/wlr_scene.h>
 #include <wlr/types/wlr_screencopy_v1.h>
@@ -83,8 +83,16 @@ set_sig_handler(int sig, void (*action)(int)) {
 static bool
 drop_permissions(void) {
 	if(getuid() != geteuid() || getgid() != getegid()) {
+		// Drop ancillary groups
+		gid_t gid = getgid();
+		setgroups(1, &gid);
 		// Set gid before uid
+#ifdef linux
 		if(setgid(getgid()) != 0 || setuid(getuid()) != 0) {
+#else
+		if(setregid(getgid(), getgid()) != 0 ||
+		   setreuid(getuid(), getuid()) != 0) {
+#endif
 			wlr_log(WLR_ERROR, "Unable to drop root, refusing to start");
 			return false;
 		}
@@ -278,15 +286,17 @@ main(int argc, char *argv[]) {
 	struct wlr_screencopy_manager_v1 *screencopy_manager = NULL;
 	struct wlr_data_control_manager_v1 *data_control_manager = NULL;
 	struct wlr_viewporter *viewporter = NULL;
-	struct wlr_presentation *presentation = NULL;
 	struct wlr_xdg_output_manager_v1 *output_manager = NULL;
 	struct wlr_xdg_shell *xdg_shell = NULL;
 	wl_list_init(&server.input_config);
 	wl_list_init(&server.output_config);
 	wl_list_init(&server.output_priorities);
+	wl_list_init(&server.xdg_decorations);
 
 	int ret = 0;
 	server.bs = 0;
+	server.set_mode_cursor = strdup("cell");
+	server.message_config.enabled = true;
 
 	char *config_path = NULL;
 	if(!parse_args(&server, argc, argv, &config_path)) {
@@ -369,8 +379,8 @@ main(int argc, char *argv[]) {
 	    wl_event_loop_add_signal(event_loop, SIGPIPE, handle_signal, &server);
 	server.event_loop = event_loop;
 
-	backend = wlr_backend_autocreate(server.wl_display, &server.session);
-	server.headless_backend = wlr_headless_backend_create(server.wl_display);
+	backend = wlr_backend_autocreate(event_loop, &server.session);
+	server.headless_backend = wlr_headless_backend_create(event_loop);
 	if(!backend) {
 		wlr_log(WLR_ERROR, "Unable to create the wlroots backend");
 		ret = 1;
@@ -411,7 +421,7 @@ main(int argc, char *argv[]) {
 	wl_list_init(&server.outputs);
 	wl_list_init(&server.disabled_outputs);
 
-	server.output_layout = wlr_output_layout_create();
+	server.output_layout = wlr_output_layout_create(server.wl_display);
 	if(!server.output_layout) {
 		wlr_log(WLR_ERROR, "Unable to create output layout");
 		ret = 1;
@@ -470,7 +480,7 @@ main(int argc, char *argv[]) {
 	server.new_output.notify = handle_new_output;
 	wl_signal_add(&backend->events.new_output, &server.new_output);
 
-	server.seat = seat_create(&server, backend);
+	server.seat = seat_create(&server);
 	if(!server.seat) {
 		wlr_log(WLR_ERROR, "Unable to create the seat");
 		ret = 1;
@@ -489,15 +499,15 @@ main(int argc, char *argv[]) {
 	              &server.new_idle_inhibitor_v1);
 	wl_list_init(&server.inhibitors);
 
-	xdg_shell = wlr_xdg_shell_create(server.wl_display, 3);
+	xdg_shell = wlr_xdg_shell_create(server.wl_display, 5);
 	if(!xdg_shell) {
 		wlr_log(WLR_ERROR, "Unable to create the XDG shell interface");
 		ret = 1;
 		goto end;
 	}
-	server.new_xdg_shell_surface.notify = handle_xdg_shell_surface_new;
-	wl_signal_add(&xdg_shell->events.new_surface,
-	              &server.new_xdg_shell_surface);
+	server.new_xdg_shell_toplevel.notify = handle_xdg_shell_toplevel_new;
+	wl_signal_add(&xdg_shell->events.new_toplevel,
+	              &server.new_xdg_shell_toplevel);
 
 	xdg_decoration_manager =
 	    wlr_xdg_decoration_manager_v1_create(server.wl_display);
@@ -527,14 +537,6 @@ main(int argc, char *argv[]) {
 		goto end;
 	}
 
-	presentation = wlr_presentation_create(server.wl_display, server.backend);
-	if(!presentation) {
-		wlr_log(WLR_ERROR, "Unable to create the presentation interface");
-		ret = 1;
-		goto end;
-	}
-	wlr_scene_set_presentation(server.scene, presentation);
-
 	export_dmabuf_manager =
 	    wlr_export_dmabuf_manager_v1_create(server.wl_display);
 	if(!export_dmabuf_manager) {
@@ -589,8 +591,8 @@ main(int argc, char *argv[]) {
 	              &server.new_xwayland_surface);
 
 	if(setenv("DISPLAY", server.xwayland->display_name, true) < 0) {
-		wlr_log_errno(WLR_ERROR, "Unable to set DISPLAY for XWayland.",
-		              "Clients may not be able to connect");
+		wlr_log_errno(WLR_ERROR, "Unable to set DISPLAY for XWayland. Clients "
+		                         "may not be able to connect");
 	} else {
 		wlr_log(WLR_DEBUG, "XWayland is running on display %s",
 		        server.xwayland->display_name);
@@ -621,8 +623,8 @@ main(int argc, char *argv[]) {
 	}
 
 	if(setenv("WAYLAND_DISPLAY", socket, true) < 0) {
-		wlr_log_errno(WLR_ERROR, "Unable to set WAYLAND_DISPLAY.",
-		              "Clients may not be able to connect");
+		wlr_log_errno(WLR_ERROR, "Unable to set WAYLAND_DISPLAY. Clients may "
+		                         "not be able to connect");
 	} else {
 		fprintf(stdout,
 		        "Cagebreak " CG_VERSION " is running on Wayland display %s\n",
@@ -705,6 +707,10 @@ main(int argc, char *argv[]) {
 		}
 		free(server.modes);
 	}
+	if(server.set_mode_cursor != NULL) {
+		free(server.set_mode_cursor);
+		server.set_mode_cursor = NULL;
+	}
 
 	if(config_path != NULL) {
 		free(config_path);
@@ -752,8 +758,15 @@ main(int argc, char *argv[]) {
 	if(server.wl_display != NULL) {
 		wl_display_destroy(server.wl_display);
 	}
-	if(server.output_layout != NULL) {
-		wlr_output_layout_destroy(server.output_layout);
+
+	if(server.allocator != NULL) {
+		wlr_allocator_destroy(server.allocator);
+	}
+	if(server.renderer != NULL) {
+		wlr_renderer_destroy(server.renderer);
+	}
+	if(server.scene != NULL) {
+		wlr_scene_node_destroy(&server.scene->tree.node);
 	}
 
 	if(server.input != NULL) {

diff --git a/fuzz/execl_override.c b/fuzz/execl_override.c
@@ -3,11 +3,9 @@
 // This file is used by the fuzzer in order to prevent executing shell commands.
 
 #define _GNU_SOURCE
-#include "../output.h"
 #include <cairo.h>
 #include <cairo/cairo.h>
 #include <stdlib.h>
-#include <wlr/render/wlr_renderer.h>
 
 int
 fork(void) {