Add option to specify privileged gamemode group

2025-06-04 22:57:21 +02:00 · 2022-07-27 10:27:03 -04:00 · 2022-07-27 10:27:03 -04:00 · 1e24067430
commit 1e24067430
parent e34e9c5a43
6 changed files with 39 additions and 26 deletions
--- a/data/10-gamemode.conf.in
+++ b/data/10-gamemode.conf.in
@ -1 +1 @@
-@@LIMITSGROUP@ - nice -10
+@@GAMEMODE_PRIVILEGED_GROUP@ - nice -10
--- a/data/gamemode.conf
+++ b/data/gamemode.conf
@ -1 +0,0 @@
-g gamemode - -
--- a/data/gamemode.conf.in
+++ b/data/gamemode.conf.in
@ -0,0 +1 @@
+g @GAMEMODE_PRIVILEGED_GROUP@ - -
--- a/data/meson.build
+++ b/data/meson.build
@ -4,6 +4,7 @@ data_conf.set('LIBEXECDIR', path_libexecdir)
 data_conf.set('SYSCONFDIR', path_sysconfdir)
 data_conf.set('GAMEMODE_PREFIX', path_prefix)
 data_conf.set('GAMEMODE_VERSION', meson.project_version())
+data_conf.set('GAMEMODE_PRIVILEGED_GROUP', with_privileged_group)

 # Pull in the example config
 config_example = run_command(
@ -25,13 +26,25 @@ if sd_bus_provider == 'systemd'
    endif
    if with_systemd_group
        # Install the sysusers.d file
-        install_data(
-            files('gamemode.conf'),
-            install_dir: path_systemd_group_dir,
+        configure_file(
+          input: 'gamemode.conf.in',
+          output: 'gamemode.conf',
+          configuration: data_conf,
+          install_dir: path_systemd_group_dir,
        )
    endif
 endif

+if with_pam_renicing
+  # Install the limits.d configuration file
+  configure_file(
+      input: '10-gamemode.conf.in',
+      output: '10-gamemode.conf',
+      configuration: data_conf,
+      install_dir: '/etc/security/limits.d',
+  )
+endif
+
 # Install the D-BUS service file
 configure_file(
  input: 'com.feralinteractive.GameMode.service.in',
--- a/meson.build
+++ b/meson.build
@ -102,6 +102,8 @@ dep_threads = dependency('threads')
 # On non glibc systems this might be a stub, i.e. for musl
 libdl = cc.find_library('dl', required: false)

+with_privileged_group = get_option('with-privileged-group')
+
 # Determine the location for the systemd unit
 if sd_bus_provider == 'systemd'
    with_systemd_unit = get_option('with-systemd-user-unit')
@ -113,28 +115,25 @@ if sd_bus_provider == 'systemd'
            path_systemd_unit_dir = pkgconfig_systemd.get_pkgconfig_variable('systemduserunitdir')
        endif
    endif
-    with_systemd_group = get_option('with-systemd-group')
-    if with_systemd_group
-        path_systemd_group_dir = get_option('with-systemd-group-dir')
-        if path_systemd_group_dir == ''
-            message('Asking pkg-config for systemd\'s \'sysusersdir\' directory')
-            pkgconfig_systemd = dependency('systemd')
-            path_systemd_group_dir = pkgconfig_systemd.get_pkgconfig_variable('sysusersdir')
-        endif
+    if with_privileged_group != ''
+      with_systemd_group = get_option('with-systemd-group')
+      if with_systemd_group
+          path_systemd_group_dir = get_option('with-systemd-group-dir')
+          if path_systemd_group_dir == ''
+              message('Asking pkg-config for systemd\'s \'sysusersdir\' directory')
+              pkgconfig_systemd = dependency('systemd')
+              path_systemd_group_dir = pkgconfig_systemd.get_pkgconfig_variable('sysusersdir')
+          endif
+      endif
+    else
+      with_systemd_group = false
    endif
 endif

-with_limits_conf = get_option('with-pam-group')
-if with_limits_conf != ''
-  ldata = configuration_data()
-  ldata.set('LIMITSGROUP', with_limits_conf)
-  # Install the limits.d configuration file
-  configure_file(
-      input: 'data/10-gamemode.conf.in',
-      output: '10-gamemode.conf',
-      configuration: ldata,
-      install_dir: '/etc/security/limits.d',
-  )
+if with_privileged_group != ''
+  with_pam_renicing = get_option('with-pam-renicing')
+else
+  with_pam_renicing = false
 endif

 # Set the dbus path as appropriate.
--- a/meson_options.txt
+++ b/meson_options.txt
@ -1,5 +1,5 @@
 # limits.d
-option('with-pam-group', type: 'string', description: 'Install the limits.d configuration file to allow renicing as an unpriviledged user being part of the specified group')
+option('with-pam-renicing', type: 'boolean', description: 'Install the limits.d configuration file to allow renicing as a user being part of the privileged gamemode group', value: 'true')

 # sd-bus provider
 option('with-sd-bus-provider', type: 'combo', choices: ['systemd', 'elogind', 'no-daemon'], value: 'systemd')
@ -7,7 +7,7 @@ option('with-sd-bus-provider', type: 'combo', choices: ['systemd', 'elogind', 'n
 # systemd specific
 option('with-systemd-user-unit', type: 'boolean', description: 'Install systemd user unit', value: 'true')
 option('with-systemd-user-unit-dir', type: 'string', description: 'Explicitly set the systemd user unit directory')
-option('with-systemd-group', type: 'boolean', description: 'Install systemd group', value: 'true')
+option('with-systemd-group', type: 'boolean', description: 'Install privileged gamemode group with systemd', value: 'true')
 option('with-systemd-group-dir', type: 'string', description: 'Explicitly set the systemd group directory')

 # Not using systemd
@ -16,3 +16,4 @@ option('with-dbus-service-dir', type: 'string', description: 'Explicitly set the
 # General options
 option('with-examples', type: 'boolean', description: 'Build sample programs', value: 'true')
 option('with-util', type: 'boolean', description: 'Build the utilities', value: 'true')
+option('with-privileged-group', type: 'string', description: 'Group that has access to privileged gamemode features', value: 'gamemode')