about summary refs log tree commit diff
path: root/pkgs/kde/plasma/kwin
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/kde/plasma/kwin')
-rw-r--r--pkgs/kde/plasma/kwin/0001-Lower-CAP_SYS_NICE-from-the-ambient-set.patch40
-rw-r--r--pkgs/kde/plasma/kwin/default.nix12
2 files changed, 52 insertions, 0 deletions
diff --git a/pkgs/kde/plasma/kwin/0001-Lower-CAP_SYS_NICE-from-the-ambient-set.patch b/pkgs/kde/plasma/kwin/0001-Lower-CAP_SYS_NICE-from-the-ambient-set.patch
new file mode 100644
index 0000000000000..e6408605aa431
--- /dev/null
+++ b/pkgs/kde/plasma/kwin/0001-Lower-CAP_SYS_NICE-from-the-ambient-set.patch
@@ -0,0 +1,40 @@
+From 232e480ab1303f37d37d295b57fdcbb6b6648bca Mon Sep 17 00:00:00 2001
+From: Alois Wohlschlager <alois1@gmx-topmail.de>
+Date: Sun, 7 Aug 2022 16:12:31 +0200
+Subject: [PATCH] Lower CAP_SYS_NICE from the ambient set
+
+The capabilities wrapper raises CAP_SYS_NICE into the ambient set so it
+is inherited by the wrapped program. However, we don't want it to leak
+into the entire desktop environment.
+
+Lower the capability again at startup so that the kernel will clear it
+on exec.
+---
+ src/main_wayland.cpp | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/main_wayland.cpp b/src/main_wayland.cpp
+index 1720e14e7..f2bb446b0 100644
+--- a/src/main_wayland.cpp
++++ b/src/main_wayland.cpp
+@@ -39,7 +39,9 @@
+ #include <QWindow>
+ #include <qplatformdefs.h>
+ 
++#include <linux/capability.h>
+ #include <sched.h>
++#include <sys/prctl.h>
+ #include <sys/resource.h>
+ 
+ #include <iomanip>
+@@ -285,6 +287,7 @@ static QString automaticBackendSelection()
+ 
+ int main(int argc, char *argv[])
+ {
++    prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_LOWER, CAP_SYS_NICE, 0, 0);
+     KWin::Application::setupMalloc();
+     KWin::Application::setupLocalizedString();
+     KWin::gainRealTime();
+-- 
+2.37.1
+
diff --git a/pkgs/kde/plasma/kwin/default.nix b/pkgs/kde/plasma/kwin/default.nix
index fc5f00991d9ee..ffa7e146ece68 100644
--- a/pkgs/kde/plasma/kwin/default.nix
+++ b/pkgs/kde/plasma/kwin/default.nix
@@ -8,7 +8,9 @@
   qtwayland,
   libinput,
   xorg,
+  xwayland,
   libdisplay-info,
+  libei,
   mesa,
   lcms2,
   libcap,
@@ -26,12 +28,19 @@ mkKdeDerivation {
     # The rest are NixOS-specific hacks
     ./0003-plugins-qpa-allow-using-nixos-wrapper.patch
     ./0001-NixOS-Unwrap-executable-name-for-.desktop-search.patch
+    ./0001-Lower-CAP_SYS_NICE-from-the-ambient-set.patch
   ];
 
   postPatch = ''
     patchShebangs src/plugins/strip-effect-metadata.py
   '';
 
+  # TZDIR may be unset when running through the kwin_wayland wrapper,
+  # but we need it for the lockscreen clock to render
+  qtWrapperArgs = [
+    "--set-default TZDIR /etc/zoneinfo"
+  ];
+
   extraNativeBuildInputs = [pkg-config python3];
   extraBuildInputs = [
     qtquick3d
@@ -46,9 +55,12 @@ mkKdeDerivation {
     lcms2
     libcap
     libdisplay-info
+    libei
     libinput
     pipewire
 
     xorg.libxcvt
+    # we need to provide this so it knows our xwayland supports new features
+    xwayland
   ];
 }
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-26 07:48:16 +0000