On Sun Jan 04, 2026 at 10:06:01AM -0700, Theo de Raadt wrote: > > alternatively for a port, we can patch to hardcode the path. > > I don't think that's the way to handle this. > > It is better to dynamically remember the path, in userland, when the > filename open succeeds. Just copy it at that point, in userland.
Welcome to the world of Linux(tm) Wayland. That was also my case. In KWin, the class "ClientConnection::" uses wl_client_get_credentials() to find out what the client's path is (or was at the start) in order to restrictions the DBus communications from/to this client. https://wayland.freedesktop.org/docs/html/apc.html: wl_client_get_credentials - Return Unix credentials for the client. void wl_client_get_credentials(const struct wl_client *client, pid_t *pid, uid_t *uid, gid_t *gid) client The display object pid Returns the process ID uid Returns the user ID gid Returns the group ID This function returns the process ID, the user ID and the group ID for the given client. The credentials come from getsockopt() with SO_PEERCRED, on the client socket fd. All the pointers can be NULL, if the caller is not interested in a particular ID. Note, process IDs are subject to race conditions and are not a reliable way to identify a client. Be aware that for clients that a compositor forks and execs and then connects using socketpair(), this function will return the credentials for the compositor. The credentials for the socketpair are set at creation time in the compositor.
