From 952bb841aeadb56ab106eb62cdd128f446a47db0 Mon Sep 17 00:00:00 2001 From: Kanashimia Date: Tue, 24 Oct 2023 21:38:32 +0300 Subject: [PATCH] Revert "nixos/sway: add enableRealtime option" --- nixos/modules/programs/wayland/sway.nix | 13 ------ .../window-managers/sway/default.nix | 2 - .../sway/drop_ambient_capabilities.patch | 41 ------------------- 3 files changed, 56 deletions(-) delete mode 100644 pkgs/applications/window-managers/sway/drop_ambient_capabilities.patch diff --git a/nixos/modules/programs/wayland/sway.nix b/nixos/modules/programs/wayland/sway.nix index de739faabee9..698d9c2b46c4 100644 --- a/nixos/modules/programs/wayland/sway.nix +++ b/nixos/modules/programs/wayland/sway.nix @@ -42,11 +42,6 @@ in { and "man 5 sway" for more information''); - enableRealtime = mkEnableOption (lib.mdDoc '' - add CAP_SYS_NICE capability on `sway` binary for realtime scheduling - privileges. This may improve latency and reduce stuttering, specially in - high load scenarios'') // { default = true; }; - package = mkOption { type = with types; nullOr package; default = defaultSwayPackage; @@ -154,14 +149,6 @@ in { "sway/config".source = mkOptionDefault "${cfg.package}/etc/sway/config"; }; }; - security.wrappers = mkIf (cfg.enableRealtime && cfg.package != null) { - sway = { - owner = "root"; - group = "root"; - source = "${cfg.package}/bin/sway"; - capabilities = "cap_sys_nice+ep"; - }; - }; # To make a Sway session available if a display manager like SDDM is enabled: services.xserver.displayManager.sessionPackages = optionals (cfg.package != null) [ cfg.package ]; } (import ./wayland-session.nix { inherit lib pkgs; }) diff --git a/pkgs/applications/window-managers/sway/default.nix b/pkgs/applications/window-managers/sway/default.nix index a830a6a5752d..6e11d842fe92 100644 --- a/pkgs/applications/window-managers/sway/default.nix +++ b/pkgs/applications/window-managers/sway/default.nix @@ -44,8 +44,6 @@ stdenv.mkDerivation (finalAttrs: { # Use /run/current-system/sw/share and /etc instead of /nix/store # references: ./sway-config-nixos-paths.patch - # Drop ambient capabilities after getting SCHED_RR - ./drop_ambient_capabilities.patch ]; strictDeps = true; diff --git a/pkgs/applications/window-managers/sway/drop_ambient_capabilities.patch b/pkgs/applications/window-managers/sway/drop_ambient_capabilities.patch deleted file mode 100644 index 17010ede25a7..000000000000 --- a/pkgs/applications/window-managers/sway/drop_ambient_capabilities.patch +++ /dev/null @@ -1,41 +0,0 @@ -From e7d9098e81289ae99d07ec3eac1fec1d303b8fe4 Mon Sep 17 00:00:00 2001 -From: Thiago Kenji Okada -Date: Thu, 5 Oct 2023 15:23:35 +0100 -Subject: [PATCH] drop ambient capabilities - -Within NixOS the only possibility to gain cap_sys_nice is using the -security.wrapper infrastructure. However to pass the capabilities to the -wrapped program, they are raised to the ambient set. To fix this we make -sure to drop the ambient capabilities during sway startup and realtime -setup. Otherwise all programs started by sway also gain cap_sys_nice, -which is not something we want. - -Co-authored-by: Rouven Czerwinski ---- - sway/realtime.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/sway/realtime.c b/sway/realtime.c -index 11154af0..06f872a8 100644 ---- a/sway/realtime.c -+++ b/sway/realtime.c -@@ -3,6 +3,7 @@ - #include - #include - #include "sway/server.h" -+#include "sys/prctl.h" - #include "log.h" - - static void child_fork_callback(void) { -@@ -10,6 +11,8 @@ static void child_fork_callback(void) { - - param.sched_priority = 0; - -+ prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_CLEAR_ALL, 0, 0, 0); -+ - int ret = pthread_setschedparam(pthread_self(), SCHED_OTHER, ¶m); - if (ret != 0) { - sway_log(SWAY_ERROR, "Failed to reset scheduler policy on fork"); --- -2.42.0 -