luakit patch: use os.remove() instead of spawning rm(1) process

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

luakit patch: use os.remove() instead of spawning rm(1) process

Sebastien Marie-3
Hi,

The following diff is a backport of
https://github.com/luakit/luakit/commit/4b22c18d5eb5594136091b7b615dc8f9ded0e32f
commit in order to avoid using rm(1) process to remove a file, but use
os.remove() lua function.

It permits to me to remove a spawn call whereas I am looking to
properly unveil(2) luakit process.

Comments or OK ?
--
Sebastien Marie

diff 4bae7f609ba05ed86c7d87ec356d8a21321aaaf2 /home/semarie/repos/openbsd/ports
blob - 94524d60b60ed3f4999018ff3edd4310c0c9b8ab
file + www/luakit/Makefile
--- www/luakit/Makefile
+++ www/luakit/Makefile
@@ -7,7 +7,7 @@ COMMENT = fast, small, webkit based browser written in
 GH_ACCOUNT = luakit
 GH_TAGNAME = 2.2
 GH_PROJECT = luakit
-REVISION = 0
+REVISION = 1
 
 EPOCH = 1
 
blob - /dev/null
file + www/luakit/patches/patch-lib_session_lua
--- www/luakit/patches/patch-lib_session_lua
+++ www/luakit/patches/patch-lib_session_lua
@@ -0,0 +1,36 @@
+$OpenBSD$
+Use os.remove() instead of spawning rm(1) process.
+
+Backport https://github.com/luakit/luakit/commit/4b22c18d5eb5594136091b7b615dc8f9ded0e32f
+Index: lib/session.lua
+--- lib/session.lua.orig
++++ lib/session.lua
+@@ -19,10 +19,6 @@ local _M = {}
+
+ lousy.signal.setup(_M, true)
+
+-local function rm(file)
+-    luakit.spawn(string.format("rm %q", file))
+-end
+-
+ --- Path to session file.
+ -- @type string
+ -- @readwrite
+@@ -82,7 +78,7 @@ _M.save = function (file)
+         io.close(fh)
+         os.rename(tempfile, file)
+     else
+-        rm(file)
++        os.remove(file)
+     end
+ end
+
+@@ -220,7 +216,7 @@ window.add_signal("init", function (w)
+         local num_windows = #lousy.util.table.values(window.bywidget)
+         -- Remove the recovery session on a successful exit
+         if num_windows == 0 and os.exists(_M.recovery_file) then
+-            rm(_M.recovery_file)
++            os.remove(_M.recovery_file)
+         end
+     end)
+

Reply | Threaded
Open this post in threaded view
|

Re: luakit patch: use os.remove() instead of spawning rm(1) process

Stefan Hagen-3
Sebastien Marie wrote:
> The following diff is a backport of
> https://github.com/luakit/luakit/commit/4b22c18d5eb5594136091b7b615dc8f9ded0e32f
> commit in order to avoid using rm(1) process to remove a file, but use
> os.remove() lua function.
>
> It permits to me to remove a spawn call whereas I am looking to
> properly unveil(2) luakit process.
>
> Comments or OK ?

Looks good. OK from my side.
Do you have an unveiled version already?

Best Regards,
Stefan

Reply | Threaded
Open this post in threaded view
|

Re: luakit patch: use os.remove() instead of spawning rm(1) process

Sebastien Marie-3
On Thu, Sep 17, 2020 at 06:51:51PM +0200, Stefan Hagen wrote:

> Sebastien Marie wrote:
> > The following diff is a backport of
> > https://github.com/luakit/luakit/commit/4b22c18d5eb5594136091b7b615dc8f9ded0e32f
> > commit in order to avoid using rm(1) process to remove a file, but use
> > os.remove() lua function.
> >
> > It permits to me to remove a spawn call whereas I am looking to
> > properly unveil(2) luakit process.
> >
> > Comments or OK ?
>
> Looks good. OK from my side.
> Do you have an unveiled version already?
 
yes :-)

I am using/experimenting with the following (see attached files):

- unveil.lua : it unveils the luakit process.
  currently, it is mostly used for removing execve(2) capability.
 
- unveil_wm.lua : it unveils the WebKitProcess (content process)
  the filesystem is readonly except drm devices and /tmp

  with lariza (another webkit based browser), WebKitProcess needs to
  execve(2) "lpr" to print. here, I don't have test it for now so it
  is still commented.

- openbsd.c : lua module for unveil(2) (and pledge(2)) binding


And finally my ~/.config/luakit/userconf.lua contains:

        -- unveil luakit+WebKitProcess
        require "unveil"


$ ps ux | grep -E '(luakit|WebKit)'
semarie  72835  0.0  0.3 80848 98032 ??  SU      1:45PM    0:05.09 luakit
semarie  19656  0.0  0.2 60880 54764 ??  I       1:45PM    0:01.20 /usr/local/libexec/webkit2gtk-4.0/WebKitNetworkProcess 3 17 (WebKitNetworkPro)
semarie  95077  0.0  0.5 88148 142776 ??  SU      1:45PM    0:04.81 /usr/local/libexec/webkit2gtk-4.0/WebKitWebProcess 11 24
semarie  82971  0.0  0.3 76284 99312 ??  SU      1:47PM    0:03.12 /usr/local/libexec/webkit2gtk-4.0/WebKitWebProcess 18 34

So, on the three process types used, only the WebKitNetworkProcess
isn't unveiled. But I am unsure if it supports plugins and so if I can
inject unveil(2) or pledge(2). Something to see later.

With the attached code, it should be also possible to play with
pledge(2). But I need a working browser first (I am on the way to
reimplement few plugins I am using with firefox).

Thanks.
--
Sebastien Marie

unveil.lua (576 bytes) Download Attachment
openbsd.c (2K) Download Attachment
unveil_wm.lua (636 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: luakit patch: use os.remove() instead of spawning rm(1) process

Stefan Hagen-3
Sebastien Marie wrote:

> On Thu, Sep 17, 2020 at 06:51:51PM +0200, Stefan Hagen wrote:
> > Sebastien Marie wrote:
> > > The following diff is a backport of
> > > https://github.com/luakit/luakit/commit/4b22c18d5eb5594136091b7b615dc8f9ded0e32f
> > > commit in order to avoid using rm(1) process to remove a file, but use
> > > os.remove() lua function.
> > >
> > > It permits to me to remove a spawn call whereas I am looking to
> > > properly unveil(2) luakit process.
> > >
> > > Comments or OK ?
> >
> > Looks good. OK from my side.
> > Do you have an unveiled version already?
>  
> yes :-)
>
> I am using/experimenting with the following (see attached files):
>
> - unveil.lua : it unveils the luakit process.
>   currently, it is mostly used for removing execve(2) capability.
>  
> - unveil_wm.lua : it unveils the WebKitProcess (content process)
>   the filesystem is readonly except drm devices and /tmp
>
>   with lariza (another webkit based browser), WebKitProcess needs to
>   execve(2) "lpr" to print. here, I don't have test it for now so it
>   is still commented.
>
> - openbsd.c : lua module for unveil(2) (and pledge(2)) binding

I like this. Especially that it's an extension that can be loaded at
will.

Feel free to send it upstream once it's properly tested. All we would
need in the port then is a little sed the puts the require "unveil"
in place. Or some uname check in lua...

Thank you!
Stefan