app: hardlink sockets to process-specific share local to XDG_RUNTIME_DIR

This avoids adding ACLs to the PulseAudio directory. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-10-10 12:44:08 +09:00
parent 2220055e26
commit 86cb5ac1db
4 changed files with 47 additions and 10 deletions
--- a/internal/app/share.display.go
+++ b/internal/app/share.display.go
@@ -35,9 +35,11 @@ func (seal *appSeal) shareDisplay() error {
 		if wd, ok := os.LookupEnv(waylandDisplay); !ok {
 			return (*ErrDisplayEnv)(wrapError(ErrWayland, "WAYLAND_DISPLAY is not set"))
 		} else {
-			// wayland socket path
+			// hardlink wayland socket
 			wp := path.Join(seal.RuntimePath, wd)
-			seal.appendEnv(waylandDisplay, wp)
+			wpi := path.Join(seal.shareLocal, "wayland")
+			seal.sys.link(wp, wpi)
+			seal.appendEnv(waylandDisplay, wpi)

 			// ensure Wayland socket ACL (e.g. `/run/user/%d/wayland-%d`)
 			seal.sys.updatePerm(wp, acl.Read, acl.Write, acl.Execute)