Create a *real* top level window

[Carsten Haitzler (The Rasterman)]

On Mon, 27 Sep 2010 16:13:34 +0300 Timo Juhani Lindfors <timo.lindfors at iki.fi>
said:

ok. this, though it seems to work for you, will have problems. though an
interesting hack and i'm glad you were inspired! i'm so happy to see the
"scratch an itch" thing still alive. :) problems you have.

1. if user client does an xgrab(server/keyboard/pointer) and u stop socat
before the grab is released.. you're SOL. a "race condition" or more a "state
condition" you havent accounted for.
2. user clients like the wm and cm will cease to work here while you have the
root stopping socat - this will effectively bring the display to a grinding
halt. much like #1.

as for shm 0 sure, the client can modify shm, but it'd require x protocol to
let the xserver know it has to read (or write to) that shm segment (as shm
pixmaps are deprecated now). either way - the client only modifies the shm
segment content and hat is just pixel data - so at worst they can spew out
garbage pixels. not too different to what many clients do anyway :) so this is
harmless.

> Carsten Haitzler (The Rasterman) <raster at rasterman.com> writes:
> > logged in user is king. you'd have to modify the xserver itself to have
> > such a separation and provide a back-channel that can only be accessed by
> > root to implement what you want. reality otherwise is that any x client can
> > kill off
> 
> Thank you, this discussion inspired me to write a hack. The basic idea
> is that Xorg listens on /tmp/.X11-unix/X1 instead of /X0 and a socat
> process proxies traffic from /X0 to /X1. When the SAK key is hit, root
> can kill -STOP socat to prevent the X clients of the normal user from
> interfering. root can then run X applications that talk directly to
> /X1.
> 
> 1) In /etc/X11/xdm/Xservers I replaced
> 
> :0 local /usr/bin/X :0 vt7 -nolisten tcp
> 
> with
> 
> :0 local /usr/local/bin/sido-X :1 vt8 -nolisten tcp
> 
> 2) I created /usr/local/bin/sido-X with
> 
> #!/bin/sh
> killall socat
> killall -9 socat
> (sleep 10; socat -lm UNIX-LISTEN:/tmp/.X11-unix/X0,fork,mode=777
> UNIX-CONNECT:/tmp/.X11-unix/X1) & exec Xorg "$@"
> 
> 3) I configured xsakd to run sido-sign-sak when ctrl-alt-del is
> hit. sido-sign-sak does
> 
> #!/bin/sh
> function get_window_list() {
> XAUTHORITY=$auth DISPLAY=:1 xwininfo -tree -root|grep '('|cut -d'(' -f1|awk
> '{print $1}'|grep ^0x }
> 
> killall -STOP socat
> t=$(mktemp)
> auth=$(ps -eocmd | grep " :1 " | grep ^Xorg | tr ' ' '\n' |grep ^/var/)
> 
> get_window_list > $t
> XAUTHORITY=$auth DISPLAY=:1 xterm -name SAK -title SAK -bg red -fg black
> -e /usr/lib/sido/sido-sign & pid=$!
> sleep 1
> t2=$(mktemp)
> get_window_list > $t2
> # XAUTHORITY=$auth DISPLAY=:1 xvkbd &
> # XAUTHORITY=$auth DISPLAY=:1 xwininfo -tree -root
> for w in $(sort -nr $t $t2 | uniq -u); do
>     XAUTHORITY=$auth DISPLAY=:1 show-window $w
> done
> wait $pid
> 
> killall -CONT socat
> 
> 3) show-window is just a quick'n'dirty helper application to make the
> xterm visible:
> 
> // gcc show-window.c -o show-window -lX11 -Wall -g
> #include <stdio.h>
> #include <stdlib.h>
> #include <string.h>
> #include <assert.h>
> #include <X11/Xlib.h>
> #include <X11/Xlibint.h>
> 
> int main(int argc, char *argv[]) {
>     int ret;
>     Display *dpy;
>     XSetWindowAttributes attr;
>     unsigned long window;
> 
>     assert(argc == 2);
>     window = strtoul(argv[1], NULL, 16);
>     assert(window > 0);
>     
>     dpy = XOpenDisplay(NULL);
>     assert(dpy);
> 
>     attr.override_redirect = True;
>     ret = XChangeWindowAttributes(dpy,
>                                   window,
>                                   CWOverrideRedirect,
>                                   &attr);
>     assert(ret);
> 
>     ret = XMapWindow(dpy,
>                      window);
>     assert(ret);
> 
>     ret = XRaiseWindow(dpy,
>                        window);
>     assert(ret);
> 
>     ret = XMoveResizeWindow(dpy,
>                             window,
>                             152,
>                             81,
>                             702,
>                             411);
>     assert(ret);
> 
>     ret = XSetInputFocus(dpy,
>                          window,
>                          RevertToParent,
>                          CurrentTime);
>     assert(ret);
>     
>     XCloseDisplay(dpy);
>     
>     
>     return 0;
> }
> 
> Is this a sound approach in general? I know that even when socat is
> stopped normal X clients can still use shm to affect the contents of
> the screen.
> 


-- 
------------- Codito, ergo sum - "I code, therefore I am" --------------
The Rasterman (Carsten Haitzler)    raster at rasterman.com