| Age | Commit message (Collapse) | Author |
|---|
|
|
|
This patch moves the user account password hashes from /etc/passwd,
where they were world-readable, to /etc/shadow, where only root can
access them.
The Core::Account class is extended to support both authentication
against, and modification of /etc/shadow.
The default password for "anon" as of this commit is "foo" :^)
|
|
|
|
|
|
The settings are also saved to the config file to survive reboots.
|
|
The DevFS along with DevPtsFS give a complete solution for populating
device nodes in /dev. The main purpose of DevFS is to eliminate the
need of device nodes generation when building the system.
Later on, DevFS will assist with exposing disk partition nodes.
|
|
|
|
This adds the ability to specify cursor attributes as part of their
file names, which allows us to remove hard coded values like the hot
spot from the code. The attributes can be specified between the last
two dots of the file name. Each attribute begins with a character,
followed by one or more digits that specify a uint value.
Supported attributes:
x: The x-coordinate of the cursor hotspot
y: The y-coordinate of the cursor hotspot
f: The number of animated frames horizontally in the image
t: The number of milliseconds per frame
For example, the filename wait.f14t100.png specifies that the image
contains 14 frames that should be cycled through at a rate of 100ms.
The hotspot is not specified, so it defaults to the center.
|
|
Currently we only print a backtrace. In the future, we could do something nice in the GUI.
|
|
HackStudio no longer has dedicated project files, so let's get rid of
the *.hsp file concept. It'll eventually produce some files again,
but they won't be the same kind of "project" files.
|
|
|
|
This moves file extension to icon mappings from compile time macros to an
INI config file (/etc/FileIconProvider.ini), so file icons can easily be
customized and extended :^)
I also switched the format from a static file extension (".foo") to
glob-like patterns ("*.foo", using StringUtils::matches()), which allows
us to assign icons to specific exactly matching file names, like many
IDEs do - e.g. "CMakeLists.txt" or ".prettierrc".
|
|
|
|
Also adds a very primitive systemwide ca_certs.ini file.
|
|
|
|
The configuration key [DNS] Nameserver has been renamed to Nameservers
and accepts a comma-separated list of nameserver addresses, which will
be queried in the given order until a response has been received.
The new default value is still Cloudflare's 1.1.1.1 as well as their
secondary DNS server 1.0.0.1.
|
|
|
|
|
|
This functionality is being moved to HackStudio so let's not confuse
people by keeping the old stuff around.
|
|
The language server keeps track of the content of currently edited
files by receiving updates about edit actions.
Also, C++ autocompletion is no longer tied to HackStudio itself and
moved to be part of the language server.
|
|
To keep track of ongoing terminal sessions, we now have a sort-of
traditional /var/run/utmp file, like other Unix systems.
Unlike other Unix systems however, ours is of course JSON. :^)
The /bin/utmpupdate program is used to update the file, which is
not writable by regular user accounts. This helper program is
set-GID "utmp".
|
|
Let's be reasonable and have a writable /etc by default.
|
|
|
|
|
|
|
|
|
|
This introduces a new X86 CPU emulator for running SerenityOS userspace
programs in a virtualized interpreter environment.
The main goal is to be able to instrument memory accesses and catch
interesting bugs that are very hard to find otherwise. But before we
can do fancy things like that, we have to build a competent emulator
able to actually run programs.
This initial version is able to run a very small program that makes
some tiny syscalls, but nothing more.
|
|
|
|
SystemDialog is no longer a standalone binary.
|
|
|
|
Dr. Bugaev says this is the most appropriate priority. :^)
|
|
Everyone who connects to ProtocolServer now gets his own instance.
This means that different users can no longer talk to the same exact
ProtocolServer process, enhanching security and stability.
|
|
|
|
|
|
The new ImageDecoder service (available for members of "image" via
/tmp/portal/image) allows you to decode images in a separate process.
This will allow programs to confidently load untrusted images, since
the bulk of the security concerns are sandboxed to a separate process.
The only API right now is a synchronous IPC DecodeImage() call that
takes a shbuf with encoded image data and returns a shared buffer and
metadata for the decoded image.
It also comes with a very simple library for interfacing with the
ImageDecoder service: LibImageDecoderClient. The name is a bit of a
mouthful but I guess we can rename it later if we think of something
nicer to call it.
There's obviously a bit of overhead to spawning a separate process
for every image decode, so this is mostly only appropriate for
untrusted images (e.g stuff downloaded from the web) and not necessary
for trusted local images (e.g stuff in /res)
|
|
Port the WebContent service to the new MultiInstance mechanism that
Sergey added. This means that every new WebContentView gets its very
own segregated WebContent process.
|
|
The "WebContent" service provides a very restricted instance of LibWeb
running as an unprivileged user account. This will be used to implement
process separation in Browser, among other things.
This first cut of the service only spawns a single WebContent process
when someone connects to /tmp/portal/webcontent. We will soon switch
this over to spawning a new process for each connection.
Since this feature is very immature, we'll be bringing it up inside of
Demos/WebView as a separate demo program. Eventually this will become
a reusable widget that anyone can embed and easily get out-of-process
web content in their GUI.
This is pretty, pretty cool! :^)
|
|
We were getting a little overly memey in some places, so let's scale
things back to business-casual.
Informal language is fine in comments, commits and debug logs,
but let's keep the runtime nice and presentable. :^)
|
|
|
|
We remount /home and /root as read-write, to keep the ability to modify files
there. /tmp remains read-write, as it is mounted from a TmpFS.
|
|
Now that we have SystemServer that can (re)spawn the Shell, we don't need a
separate server just for that.
The two shells (on tty0 and tty1) are configured to only be started when booting
in text mode. This means you can now simply say boot_mode=text on the kernel
command line, and SystemServer will set up the system and spawn a comfy root
shell for you :^)
|
|
|
|
Notably, adjust service priorities.
|
|
It will listen for clipboard content changes in the backgroud. Once you click
on its icon, it will pop up a window listing all recorded clipboard contents.
You can then double-click on an item to copy it again.
|
|
Otherwise it fails to even start.
|
|
This commit moves the clipboard from WindowServer into a new Clipboard
service program. Clipboard runs as the unprivileged "clipboard" user
and with a much tighter pledge than WindowServer.
To keep things working as before, all GUI::Application users now make
a connection to Clipboard after making the connection to WindowServer.
It could be interesting to connect to Clipboard on demand, but right
now that would necessitate expanding every GUI app's pledge to include
"unix" and also unveiling the clipboard portal, which I prefer not to.
|
|
|
|
The LaunchServer is personal to "anon" and we don't want other users
accessing it to launch anything.
|
|
Step one of moving DesktopServices::open handling out of process. This
makes it easier to do things like read in associations for which program
opens which files or protocols. This gives users the ability to modify
the associations without having to rebuild :^)
|
|
|
