diff options
3 files changed, 15 insertions, 2 deletions
diff --git a/meta/recipes-graphics/x11-common/xserver-nodm-init/capability.conf b/meta/recipes-graphics/x11-common/xserver-nodm-init/capability.conf new file mode 100644 index 0000000000..7ab7460816 --- /dev/null +++ b/meta/recipes-graphics/x11-common/xserver-nodm-init/capability.conf | |||
| @@ -0,0 +1,2 @@ | |||
| 1 | cap_sys_admin @USER@ | ||
| 2 | none * | ||
diff --git a/meta/recipes-graphics/x11-common/xserver-nodm-init/xserver-nodm b/meta/recipes-graphics/x11-common/xserver-nodm-init/xserver-nodm index 6c548551b8..116bb278bc 100755 --- a/meta/recipes-graphics/x11-common/xserver-nodm-init/xserver-nodm +++ b/meta/recipes-graphics/x11-common/xserver-nodm-init/xserver-nodm | |||
| @@ -38,6 +38,14 @@ case "$1" in | |||
| 38 | if [ -e /dev/hidraw0 ]; then | 38 | if [ -e /dev/hidraw0 ]; then |
| 39 | chmod o+rw /dev/hidraw* | 39 | chmod o+rw /dev/hidraw* |
| 40 | fi | 40 | fi |
| 41 | # Make sure that the Xorg has the cap_sys_admin capability which is | ||
| 42 | # needed for setting the drm master | ||
| 43 | if ! grep -q "^auth.*pam_cap\.so" /etc/pam.d/su; then | ||
| 44 | echo "auth optional pam_cap.so" >>/etc/pam.d/su | ||
| 45 | fi | ||
| 46 | if ! /usr/sbin/getcap $XSERVER | grep -q cap_sys_admin; then | ||
| 47 | /usr/sbin/setcap cap_sys_admin+eip $XSERVER | ||
| 48 | fi | ||
| 41 | fi | 49 | fi |
| 42 | 50 | ||
| 43 | # Using su rather than sudo as latest 1.8.1 cause failure [YOCTO #1211] | 51 | # Using su rather than sudo as latest 1.8.1 cause failure [YOCTO #1211] |
diff --git a/meta/recipes-graphics/x11-common/xserver-nodm-init_3.0.bb b/meta/recipes-graphics/x11-common/xserver-nodm-init_3.0.bb index 385fea5e83..c2995f99ff 100644 --- a/meta/recipes-graphics/x11-common/xserver-nodm-init_3.0.bb +++ b/meta/recipes-graphics/x11-common/xserver-nodm-init_3.0.bb | |||
| @@ -10,6 +10,7 @@ SRC_URI = "file://xserver-nodm \ | |||
| 10 | file://gplv2-license.patch \ | 10 | file://gplv2-license.patch \ |
| 11 | file://xserver-nodm.service.in \ | 11 | file://xserver-nodm.service.in \ |
| 12 | file://xserver-nodm.conf.in \ | 12 | file://xserver-nodm.conf.in \ |
| 13 | file://capability.conf \ | ||
| 13 | " | 14 | " |
| 14 | 15 | ||
| 15 | S = "${WORKDIR}" | 16 | S = "${WORKDIR}" |
| @@ -19,7 +20,7 @@ PACKAGE_ARCH = "${MACHINE_ARCH}" | |||
| 19 | 20 | ||
| 20 | inherit update-rc.d systemd features_check | 21 | inherit update-rc.d systemd features_check |
| 21 | 22 | ||
| 22 | REQUIRED_DISTRO_FEATURES = "x11" | 23 | REQUIRED_DISTRO_FEATURES = "x11 ${@oe.utils.conditional('ROOTLESS_X', '1', 'pam', '', d)}" |
| 23 | 24 | ||
| 24 | PACKAGECONFIG ??= "blank" | 25 | PACKAGECONFIG ??= "blank" |
| 25 | # dpms and screen saver will be on only if 'blank' is in PACKAGECONFIG | 26 | # dpms and screen saver will be on only if 'blank' is in PACKAGECONFIG |
| @@ -40,6 +41,8 @@ do_install() { | |||
| 40 | if [ "${ROOTLESS_X}" = "1" ] ; then | 41 | if [ "${ROOTLESS_X}" = "1" ] ; then |
| 41 | XUSER_HOME="/home/xuser" | 42 | XUSER_HOME="/home/xuser" |
| 42 | XUSER="xuser" | 43 | XUSER="xuser" |
| 44 | install -D capability.conf ${D}${sysconfdir}/security/capability.conf | ||
| 45 | sed -i "s:@USER@:${XUSER}:" ${D}${sysconfdir}/security/capability.conf | ||
| 43 | else | 46 | else |
| 44 | XUSER_HOME=${ROOT_HOME} | 47 | XUSER_HOME=${ROOT_HOME} |
| 45 | XUSER="root" | 48 | XUSER="root" |
| @@ -60,7 +63,7 @@ do_install() { | |||
| 60 | fi | 63 | fi |
| 61 | } | 64 | } |
| 62 | 65 | ||
| 63 | RDEPENDS_${PN} = "xinit ${@oe.utils.conditional('ROOTLESS_X', '1', 'xuser-account', '', d)}" | 66 | RDEPENDS_${PN} = "xinit ${@oe.utils.conditional('ROOTLESS_X', '1', 'xuser-account libcap libcap-bin', '', d)}" |
| 64 | 67 | ||
| 65 | INITSCRIPT_NAME = "xserver-nodm" | 68 | INITSCRIPT_NAME = "xserver-nodm" |
| 66 | INITSCRIPT_PARAMS = "start 9 5 . stop 20 0 1 2 3 6 ." | 69 | INITSCRIPT_PARAMS = "start 9 5 . stop 20 0 1 2 3 6 ." |