This directory has to be writable if we want to install ports that have
been built inside Serenity. It's owned by root anyway, so having it be
read-only does not provide many security benefits.
There's a fair amount of VERIFY/TODO calls in LibSQL that will crash the
SQL server if we hit an unimplemented feature or some bug. Restart the
server if this happens to help with debugging / development.
This changes LibTimeZone to read the current time zone from the file
/etc/timezone rather than using tzset/tzname. Instead, in a subsequent
commit, LibC's time methods will be changed to used LibTimeZone to
retrieve the system time zone.
Also add an API to set the system time zone. This method is only allowed
when running within Serenity.
In CI / or local testing when you run `serenity.sh tests`, the system
will boot itself in self test mode, and the test runner will be launched
by SystemServer. Previously we were setting up settings for that
environment in the `SystemServer.ini`. This makes reproducing CI
failures a bit confusing, as the system will behavior differently if you
run in self-test mode, vs running `run-tests-and-shutdown.sh` or
`run-tests` manually in a session.
This change moves the settings to `run-tests`, so no matter how you try
to run the test runner, it will always behave the same.
Add option to reverse primary and secondary buttons in Mouse Settings.
- WindowServer.ini: add default entry
- switch-mouse-buttons.png: new icon for settings entry
- Mouse.gml/MouseWidget.*: new settings dialog
- ClientConnection/WindowManager/Server: window message for settings
- EventLoop.cpp: swap buttons 1 and 2 if settings are on
Commit cf0dbc906 recently added the ability for setuid binaries to be
located in /usr/Tests. This should really now be read only to mitigate
the potential misuse of any of the setuid binaries.
To ensure everything works as expected, a unit test was added with
multiple scenarios.
This binary has to have the SetUID flag, and we also bind-mount the
/usr/Tests directory to allow running of SetUID binaries.
ConfigServer is an IPC service that provides access to application
configuration and settings. The idea is to replace all uses of
Core::ConfigFile with IPC requests to ConfigServer.
This first cut of the API is pretty similar to Core::ConfigFile.
The old:
auto config = Core::ConfigFile::open_for_app("App");
auto value = config->read_entry("Group", "Key");
The new:
auto value = Config::read_string("App", "Group", "Key");
ConfigServer uses the ~/.config directory as its backing store
and all the files remain human-editable. :^)
The IRC Client application made some sense while our main communication
hub was an IRC channel. Now that we've moved on, IRC is just a random
protocol with no particular relevance to this project.
This also has the benefit of removing one major client of the single-
process Web::InProcessWebView class.
Now you can specify a CursorTheme key in /etc/WindowServer.ini. The
cursors are loaded from /res/cursor-themes/<name> directory. This
directory contains a Config.ini file with format similar to previous
Cursor section, except it uses relative paths.
This commit adds also Default theme, which uses cursors being
previously in /res/cursors.
The WidgetGallery is updated to match the new cursor path format.
A SPICE agent communicates with the host OS to provide nifty features
like clipboard sharing :^)
This patch implements only plain-text clipboard sharing.
See: github.com/freedesktop/spice-protocol/blob/master/spice/vd_agent.h
Adds new service FileSystemAccessServer which allows programs to
request a file descriptor for any file on the file system.
The user can be prompted to choose the path with a FilePicker, or the
path can be provided by the application which will show a MessageBox
showing the pid and name of the calling process and allows the user to
approve or deny the request.
This also adds the ability to query how many virtual desktops are
set up, and for the Taskbar to be notified when the active virtual
desktop has changed.
This will run all the tests that are children of this service with
deadly UBSAN, ensuring we don't get any UBSAN regressions in on-target
tests anymore. :^)
An Overlay is similar to a transparent window, but has less overhead
and does not get rendered within the window stack. Basically, the area
that an Overlay occupies forces transparency rendering for any window
underneath, which allows us to render them flicker-free.
This also adds a new API that allows displaying the screen numbers,
e.g. while the user configures the screen layout in DisplaySettings
Because other things like drag&drop or the window-size label are not
yet converted to use this new mechanism, they will be drawn over the
screen-number currently.
This allows WindowServer to use multiple framebuffer devices and
compose the desktop with any arbitrary layout. Currently, it is assumed
that it is configured contiguous and non-overlapping, but this should
eventually be enforced.
To make rendering efficient, each window now also tracks on which
screens it needs to be rendered. This way we don't have to iterate all
the windows for each screen but instead use the same rendering loop and
then only render to the screen (or screens) that the window actually
uses.
Adds Sectigo RSA Domain, Extended, and Organization cert subjects
to ca_certs.ini. These are the new names for the old Comodo CA
certs that are already trusted.
Some of these were using 660 permissions which meant that other users
in the "users" group could connect to anon's service processes.
Let's tighten things up by not allowing that. :^)