| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
We should handle this in the low-level protocol code as much as possible
to avoid mistakes. This way the rest of the code can assume that strings
are always UTF-8 with \n line endings.
|
| |\ |
|
| | |
| |
| |
| | |
It doesn't use any exceptions, so stop including the header for it.
|
| | |
| |
| |
| | |
It's just confusing that we have our own variety that isn't compatible.
|
| | |
| |
| |
| |
| | |
It has now been replaced, mostly by std::string, so remove the actual
type definition.
|
| | |
| |
| |
| |
| | |
Let's use a more common type instead of something homegrown. Should be
more familiar to new developers.
|
| | |
| |
| |
| |
| |
| | |
We mostly use classical C strings, but the memory management around them
can get confusing and error prone. Let's use std::string for the cases
where we need to return a newly allocated string.
|
| | |
| |
| |
| |
| | |
We know the needed space here, so let's keep it simple with a constant
size string buffer.
|
| | |
| |
| |
| |
| | |
It should return a path to the directory itself, just like its sister
function getuserhomedir().
|
| | |
| |
| |
| | |
All library functions should be in a proper namespace.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This mimics how some system functions (like inet_ntop()) work, and
avoids complexity around ownership of the returned string buffer.
The downside is that the string must be consumed directly as it will be
overwritten on the next call, but that is not an issue with the current
usage.
|
| | |
| |
| |
| |
| | |
We don't need to make extra copies of the string in most cases, so let's
simplify the code and access the string directly when we can.
|
| | |
| |
| |
| |
| | |
Avoid having our own custom stuff and instead use the modern, standard
types, for familiarity.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Addresses the following AVC denial:
type=PROCTITLE msg=audit(01/12/2023 02:58:12.648:696) : proctitle=/usr/sbin/vncsession fedora :1
type=PATH msg=audit(01/12/2023 02:58:12.648:696) : item=1 name=/home/fedora/.vnc nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0
type=PATH msg=audit(01/12/2023 02:58:12.648:696) : item=0 name=/home/fedora/ inode=262145 dev=fc:02 mode=dir,700 ouid=fedora ogid=fedora rdev=00:00 obj=unconfined_u:object_r:user_home_dir_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0
type=CWD msg=audit(01/12/2023 02:58:12.648:696) : cwd=/home/fedora
type=SYSCALL msg=audit(01/12/2023 02:58:12.648:696) : arch=x86_64 syscall=mkdir success=no exit=EACCES(Permission denied) a0=0x7fff47d52540 a1=0755 a2=0x0 a3=0x0 items=2 ppid=2869 pid=2880 auid=fedora uid=fedora gid=fedora euid=fedora suid=fedora fsuid=fedora egid=fedora sgid=fedora fsgid=fedora tty=(none) ses=8 comm=vncsession exe=/usr/sbin/vncsession subj=system_u:system_r:vnc_session_t:s0 key=(null)
type=AVC msg=audit(01/12/2023 02:58:12.648:696) : avc: denied { create } for pid=2880 comm=vncsession name=.vnc scontext=system_u:system_r:vnc_session_t:s0 tcontext=system_u:object_r:vnc_home_t:s0 tclass=dir permissive=0
Resolves: rhbz#2143704
|
| |/
|
|
|
| |
Make sure we don't send a bogus request to the X server in the (common)
case that we don't actually have anything to restore.
|
| |
|
|
|
|
| |
These are supported by gcc and clang, and I don't think MSVC works well
with our code anyway, so let's keep things simple and use these
directly.
|
| |
|
|
|
| |
These types caused an incorrect signed/unsigned behaviour, so let's make
sure we use the appropriate type.
|
| |
|
|
| |
gcc can get upset if they aren't in this order.
|
| |
|
|
|
| |
This allows us to separate accidentally unused, from explicitly unused
parameters, which allows us to turn on such checks in the compiler.
|
| |
|
|
|
| |
This makes sure the compiler doesn't complain about problems in those
files.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Delay startup of VNC sessions until user databases are up and running.
This is the same ordering that GDM imposes to make sure users can
actually log in.
|
| |\ \
| | |
| | |
| | | |
https://github.com/grulja/tigervnc
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We have to check whether we update cursor position/shape only in case
the cursor is on our display, otherwise in zaphod mode, ie. when having
two instances of x0vncserver on screens :0.0 and :0.1 we would be having
the cursor duplicated and actually not funcional (aka ghost cursor) as
it would be actually not present. We also additionally watch EnterNotify
and LeaveNotify events in order to show/hide cursor accordingly.
Change made with help from Olivier Fourdan <ofourdan@redhat.com>
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| | |
We might often fail to find a matching X11 keycode when the client has
a different keyboard layout and end up with no key event. To avoid a
failure we add it as a new keysym/keycode pair so the next time a keysym
from the client that is unknown to the server is send, we will find a
match and proceed with key event. This is same behavior used in Xvnc or
x11vnc, although Xvnc has more advanced mapping from keysym to keycode.
|
| | |
| |
| |
| |
| |
| | |
These require a key to have been set up on the server beforehand, so
they do not give a good default experience as clients will be unable to
connect.
|
| | |
| |
| |
| |
| | |
The order is important in the servers, so make sure the man pages follow
the code properly.
|
| |/ |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
The previous commit was incorrect in that it overrides automake's
dependency list, rather than adding to it. So we need to make sure
things are duplicated between Xvnc_DEPENDENCIES and Xvnc_LDADD as
appropriate.
Use the same approach as the Xorg binary to keep things familiar.
|
| |
|
|
|
|
| |
These aren't crucial for a clean build, but must be set for Xvnc to be
properly rebuilt if anything in the Xorg tree changes. automake doesn't
properly deduce these automatically from Xvnc_LDADD, unfortunately.
|
| |
|
|
|
|
|
| |
We need to get to the point of starting the session script before we
consider things a success. So this can fail in many different ways, not
just the daemonization. Adjust the error message to something more
generic to reflect this.
|
| |
|
|
|
|
| |
Instead of HOME_ROOT/.vnc, /root/.vnc should be used
for user root's home to specify default file context
as HOME_ROOT actually means base for home dirs (usually /home).
|
| |
|
|
|
|
| |
Avoid duplication, and add logging for some more error conditions so
it's possible to see in the logs why a resize has failed or produced
unexpected results.
|
| |
|
|
| |
Otherwise things might be logged under the wrong label.
|
| |\ |
|
| | | |
|
| | |
| |
| |
| | |
There is no such thing as XDG_DESKTOP_NAMES.
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
The generally recommended way is to include it from source files, not
headers. We had a mix of both. Let's try to be consistent and follow the
recommended way.
|
| | | |
|
| | |
| |
| |
| |
| | |
VENDOR_STRING is gone as is DEFAULT_LOG_VERBOSITY
site.h has been removed and is not needed.
|
| | | |
|
| |/ |
|
| | |
|
| |\ |
|
| | |
| |
| |
| |
| |
| | |
The new vnc_home_t type for HOME/.vnc directory was added to the policy,
backed by a name transition. The vnc_session_t domain can manage files
and directories of this type.
|
| | |
| |
| |
| |
| |
| |
| | |
The permissions set to manage directories and files with the nfs_t type
is allowed when the use_nfs_home_dirs boolean is turned on.
Resolves: https://github.com/TigerVNC/tigervnc/issues/1189
|
| | |
| |
| |
| |
| |
| | |
Sections and rules blocks reordered according to the Style guide.
https://github.com/TresysTechnology/refpolicy/wiki/StyleGuide
|
