From a8d53877631c1b651f34b48d00a6bc113b432ed438d19bdcd137e751f44b1598 Mon Sep 17 00:00:00 2001 From: Vincent Untz Date: Wed, 7 Sep 2011 12:34:54 +0000 Subject: [PATCH] Accepting request 81300 from home:vuntz:branches:GNOME:Factory Fix gdm to work :-) OBS-URL: https://build.opensuse.org/request/show/81300 OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/gdm?expand=0&rev=174 --- gdm-autologin.pamd | 1 + gdm-desktop-session-env-pam.patch | 56 ++++++++++++++++++++++++++++--- gdm-helper-directory.patch | 36 ++++++++++++++++++-- gdm-welcome.pamd | 1 + gdm.changes | 19 +++++++++-- gdm.pamd | 1 + gdm.spec | 27 +++++++++++---- 7 files changed, 126 insertions(+), 15 deletions(-) diff --git a/gdm-autologin.pamd b/gdm-autologin.pamd index bc5148e..8931018 100644 --- a/gdm-autologin.pamd +++ b/gdm-autologin.pamd @@ -1,4 +1,5 @@ #%PAM-1.0 +# GDM PAM configuration for autologin auth required pam_permit.so account include common-account password include common-password diff --git a/gdm-desktop-session-env-pam.patch b/gdm-desktop-session-env-pam.patch index ca04731..83efec6 100644 --- a/gdm-desktop-session-env-pam.patch +++ b/gdm-desktop-session-env-pam.patch @@ -2,11 +2,45 @@ Index: gdm-3.1.90/daemon/gdm-session-worker.c =================================================================== --- gdm-3.1.90.orig/daemon/gdm-session-worker.c +++ gdm-3.1.90/daemon/gdm-session-worker.c -@@ -2011,11 +2011,20 @@ static void +@@ -139,6 +139,8 @@ struct GdmSessionWorkerPrivate + + GdmSessionAuditor *auditor; + GdmSessionSettings *user_settings; ++ ++ char *suse_session_name; + }; + + enum { +@@ -152,6 +154,11 @@ static void gdm_session_worker_final + + static void queue_state_change (GdmSessionWorker *worker); + ++static void ++gdm_session_worker_set_environment_variable (GdmSessionWorker *worker, ++ const char *key, ++ const char *value); ++ + typedef int (* GdmSessionWorkerPamNewMessagesFunc) (int, + const struct pam_message **, + struct pam_response **, +@@ -1166,6 +1173,9 @@ gdm_session_worker_initialize_pam (GdmSe + } + #endif + ++ if (worker->priv->suse_session_name) ++ gdm_session_worker_set_environment_variable (worker, "DESKTOP_SESSION", worker->priv->suse_session_name); ++ + g_debug ("GdmSessionWorker: state SETUP_COMPLETE"); + worker->priv->state = GDM_SESSION_WORKER_STATE_SETUP_COMPLETE; + +@@ -2011,11 +2021,26 @@ static void gdm_session_worker_set_session_name (GdmSessionWorker *worker, const char *session_name) { -+ gdm_session_worker_set_environment_variable (worker, "DESKTOP_SESSION", session_name); ++ if (worker->priv->pam_handle != NULL) ++ gdm_session_worker_set_environment_variable (worker, "DESKTOP_SESSION", session_name); ++ g_free (worker->priv->suse_session_name); ++ worker->priv->suse_session_name = g_strdup (session_name); + gdm_session_settings_set_session_name (worker->priv->user_settings, session_name); @@ -16,14 +50,17 @@ Index: gdm-3.1.90/daemon/gdm-session-worker.c +gdm_session_worker_set_default_session_name (GdmSessionWorker *worker, + const char *session_name) +{ -+ gdm_session_worker_set_environment_variable (worker, "DESKTOP_SESSION", session_name); ++ if (worker->priv->pam_handle != NULL) ++ gdm_session_worker_set_environment_variable (worker, "DESKTOP_SESSION", session_name); ++ g_free (worker->priv->suse_session_name); ++ worker->priv->suse_session_name = g_strdup (session_name); +} + +static void on_set_session_name (GdmSessionWorker *worker, DBusMessage *message) { -@@ -2068,6 +2077,28 @@ on_set_session_type (GdmSessionWorker *w +@@ -2068,6 +2093,28 @@ on_set_session_type (GdmSessionWorker *w } static void @@ -52,7 +89,7 @@ Index: gdm-3.1.90/daemon/gdm-session-worker.c gdm_session_worker_set_language_name (GdmSessionWorker *worker, const char *language_name) { -@@ -2774,6 +2805,8 @@ worker_dbus_handle_message (DBusConnecti +@@ -2774,6 +2821,8 @@ worker_dbus_handle_message (DBusConnecti on_set_session_name (worker, message); } else if (dbus_message_is_signal (message, GDM_SESSION_DBUS_INTERFACE, "SetSessionType")) { on_set_session_type (worker, message); @@ -61,6 +98,15 @@ Index: gdm-3.1.90/daemon/gdm-session-worker.c } else { return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; } +@@ -2944,6 +2993,8 @@ gdm_session_worker_finalize (GObject *ob + g_free (worker->priv->server_address); + g_strfreev (worker->priv->arguments); + ++ g_free (worker->priv->suse_session_name); ++ + G_OBJECT_CLASS (gdm_session_worker_parent_class)->finalize (object); + } + Index: gdm-3.1.90/daemon/gdm-session-direct.c =================================================================== --- gdm-3.1.90.orig/daemon/gdm-session-direct.c diff --git a/gdm-helper-directory.patch b/gdm-helper-directory.patch index d974859..b4730bb 100644 --- a/gdm-helper-directory.patch +++ b/gdm-helper-directory.patch @@ -2,7 +2,7 @@ Index: gdm-3.1.90/configure.ac =================================================================== --- gdm-3.1.90.orig/configure.ac +++ gdm-3.1.90/configure.ac -@@ -1045,6 +1045,14 @@ fi +@@ -1045,6 +1045,22 @@ fi AC_SUBST(GDM_CUSTOM_CONF) AC_SUBST(GDM_OLD_CONF, '${gdmconfdir}/gdm.conf') @@ -13,15 +13,24 @@ Index: gdm-3.1.90/configure.ac + +CONSOLEKIT_DIR=$with_consolekit_directory +AC_SUBST(CONSOLEKIT_DIR) ++ ++AC_ARG_WITH(check-accelerated-directory, ++ [AC_HELP_STRING([--with-check-accelerated-directory], ++ [Specify the directory of gnome-session-check-accelerated @<:@default=libexecdir@:>@])],, ++ [with_check_accelerated_directory="\${libexecdir}"]) ++ ++CHECK_ACCELERATED_DIR=$with_check_accelerated_directory ++AC_SUBST(CHECK_ACCELERATED_DIR) + dnl --------------------------------------------------------------------------- dnl - Check for XEvIE extension support dnl --------------------------------------------------------------------------- -@@ -1497,6 +1505,7 @@ echo " +@@ -1497,6 +1513,8 @@ echo " dmconfdir: ${dmconfdir} localstatedir: ${localstatedir} datadir: ${datadir} + consolekit location: ${with_consolekit_directory} ++ gnome-session-check-accel location: ${with_check_accelerated_directory} source code location: ${srcdir} compiler: ${CC} cflags: ${CFLAGS} @@ -50,3 +59,26 @@ Index: gdm-3.1.90/daemon/gdm-server.c server->priv->display_name); g_debug ("GdmServer: Running helper %s", command); +Index: gdm-3.1.90/data/gdm-shell.session.in +=================================================================== +--- gdm-3.1.90.orig/data/gdm-shell.session.in ++++ gdm-3.1.90/data/gdm-shell.session.in +@@ -1,5 +1,5 @@ + [GNOME Session] + Name=Display Manager + RequiredComponents=gnome-shell;gnome-settings-daemon; +-IsRunnableHelper=bash -c "gnome-shell --help | grep -q gdm-mode && (gnome-shell --version | grep -q '3.1.90$' && false || true) && (mutter --version | grep -q '3.1.90$' && false || true) && @libexecdir@/gnome-session-check-accelerated" ++IsRunnableHelper=bash -c "gnome-shell --help | grep -q gdm-mode && (gnome-shell --version | grep -q '3.1.90$' && false || true) && (mutter --version | grep -q '3.1.90$' && false || true) && @CHECK_ACCELERATED_DIR@/gnome-session-check-accelerated" + FallbackSession=gdm-fallback +Index: gdm-3.1.90/data/Makefile.am +=================================================================== +--- gdm-3.1.90.orig/data/Makefile.am ++++ gdm-3.1.90/data/Makefile.am +@@ -77,6 +77,7 @@ gdm.schemas.in: $(srcdir)/gdm.schemas.in + + gdm-shell.session: $(srcdir)/gdm-shell.session.in + sed -e 's,[@]libexecdir[@],$(libexecdir),g' \ ++ -e 's,[@]CHECK_ACCELERATED_DIR[@],$(CHECK_ACCELERATED_DIR),g' \ + < $(srcdir)/gdm-shell.session.in > gdm-shell.session + + localealiasdir = $(datadir)/gdm diff --git a/gdm-welcome.pamd b/gdm-welcome.pamd index bc5148e..c788c3b 100644 --- a/gdm-welcome.pamd +++ b/gdm-welcome.pamd @@ -1,4 +1,5 @@ #%PAM-1.0 +# GDM PAM configuration used only for the greeter session auth required pam_permit.so account include common-account password include common-password diff --git a/gdm.changes b/gdm.changes index 9539db4..80c458a 100644 --- a/gdm.changes +++ b/gdm.changes @@ -11,8 +11,10 @@ Wed Sep 7 01:32:23 UTC 2011 - vuntz@opensuse.org + Updated translations. - Rebase gdm-helper-directory.patch: we don't need as many specific libexecdirs as before, as several autostart files got removed. + Also add a --with-check-accelerated-directory flag, to specify + where to find gnome-session-check-accelerated. - Update gdm-desktop-session-env-pam.patch: rebase/port for pam - multistack support, and use some new function that appeared in + multistack support, using some new function that appeared in the meantime to simplify. - Rebase gdm-xauthlocalhostname.patch. - Add explicit dbus-1-glib-devel BuildRequires: it used to be @@ -36,7 +38,9 @@ Wed Sep 7 01:32:23 UTC 2011 - vuntz@opensuse.org libgdmgreeter library now. - Stop passing --with-gnome-settings-daemon-directory and --with-polkit-gnome-directory to configure as we removed those - options from gdm-helper-directory.patch. + options from gdm-helper-directory.patch. However, add the + --with-check-accelerated-directory configure flag that got added + to the patch. - Add a enable_split_authentication define, to easily enable the split authentication feature (see bnc#699999): + Pass --enable-split-authentication or @@ -49,6 +53,10 @@ Wed Sep 7 01:32:23 UTC 2011 - vuntz@opensuse.org + Stop manually creating %{_libdir}/gdm/simple-greeter/extensions in %install if %enable_split_authentication is set since it'll be there already. + + Remove /etc/pam.d/gdm-password in %install as it will get + replaced by our own configuration. + + Fail the build in %install since we need to investigate what to + put in /etc/pam.d/gdm-{fingerprint,smartcard}. - Fix a typo: %{_localstatedir} instead of {_localstatedir}. - Make sure to not package simple-greeter extensions data files twice, thanks to an %exclude in the main subpackage. @@ -56,6 +64,13 @@ Wed Sep 7 01:32:23 UTC 2011 - vuntz@opensuse.org configuration file that is being used to register the gdm greeter session. It is actually using the same configuration as gdm-autologin.pamd. +- Link /etc/pam.d/gdm-password to /etc/pam.d/gdm: our standard gdm + PAM configuration is what we want to use for password-based PAM + conversations. We need to provide it, even if we don't built with + split authentication as the GNOME Shell-based greeter session is + using it. +- Add comments to gdm.pamd and gdm-autologin.pamd to explain how + those pam configuration files are used. ------------------------------------------------------------------- Wed Sep 7 01:15:11 UTC 2011 - vuntz@opensuse.org diff --git a/gdm.pamd b/gdm.pamd index 6dcaffa..ccbac7b 100644 --- a/gdm.pamd +++ b/gdm.pamd @@ -1,4 +1,5 @@ #%PAM-1.0 +# GDM PAM standard configuration (with passwords) auth include common-auth account include common-account password include common-password diff --git a/gdm.spec b/gdm.spec index f824a8d..b4ce1fc 100644 --- a/gdm.spec +++ b/gdm.spec @@ -37,7 +37,7 @@ Source5: X11-displaymanager-gdm Patch0: gdm-plymouth.patch # PATCH-FIX-UPSTREAM gdm-plymouth-X-nr.patch vuntz@opensuse.org -- Patch on top of the previous patch (we keep it separate so it's easy to sync with Fedora) to use -nr when starting X Patch1: gdm-plymouth-X-nr.patch -# PATCH-FIX-UPSTREAM gdm-helper-directory.patch bgo582320 vuntz@novell.com -- Add --with-consolekit-directory +# PATCH-FIX-UPSTREAM gdm-helper-directory.patch bgo582320 vuntz@novell.com -- Add --with-consolekit-directory, --with-check-accelerated-directory Patch2: gdm-helper-directory.patch # PATCH-FIX-OPENSUSE gdm-is-not-unstable-unless.patch vuntz@opensuse.org -- Make gdm think it's never running a development version unless SUSE_ENABLE_UNSTABLE_CHECK is set. This disables fatal warnings as well as abusive log Patch3: gdm-is-not-unstable-unless.patch @@ -243,6 +243,7 @@ autoreconf -f -i --localstatedir=%{_localstatedir} \ --with-at-spi-registryd-directory=%{_libexecdir}/at-spi \ --with-consolekit-directory=%{_libexecdir}/ConsoleKit \ + --with-check-accelerated-directory=%{_libexecdir} \ --with-selinux \ --enable-ipv6 \ %if %{enable_split_authentication} @@ -267,11 +268,22 @@ mkdir -p %{buildroot}%{_libdir}/gdm/simple-greeter/extensions %endif # Remove wrapper, it is not needed. mv $RPM_BUILD_ROOT%{_sbindir}/gdm-binary $RPM_BUILD_ROOT%{_sbindir}/gdm -# Install PAM files. +## Install PAM files. mkdir -p $RPM_BUILD_ROOT/etc/pam.d +# Generic pam config cp %{SOURCE1} $RPM_BUILD_ROOT/etc/pam.d/gdm +# Pam config for autologin cp %{SOURCE2} $RPM_BUILD_ROOT/etc/pam.d/gdm-autologin +# Pam config for the greeter session cp %{SOURCE3} $RPM_BUILD_ROOT/etc/pam.d/gdm-welcome +# The default gdm pam configuration is the one to be used as pam-password too +%if %{enable_split_authentication} +rm $RPM_BUILD_ROOT/etc/pam.d/gdm-password +echo "We are not ready for this, we need to know what to put in gdm-fingerprint and gdm-smartcard pam config files." +false +%endif +ln -s gdm $RPM_BUILD_ROOT/etc/pam.d/gdm-password +## Install other files # Install PostLogin script. mv $RPM_BUILD_ROOT%{_sysconfdir}/gdm/PostLogin/Default.sample $RPM_BUILD_ROOT%{_sysconfdir}/gdm/PostLogin/Default # Move gdmflexiserver to libexecdir and replace it with the compatibility wrapper @@ -376,7 +388,12 @@ fi %dir %{_localstatedir}/cache/gdm %config /etc/pam.d/gdm %config /etc/pam.d/gdm-autologin +%config /etc/pam.d/gdm-password %config /etc/pam.d/gdm-welcome +%if %{enable_split_authentication} +%config /etc/pam.d/gdm-fingerprint +%config /etc/pam.d/gdm-smartcart +%endif %config %{_sysconfdir}/dbus-1/system.d/gdm.conf %{_sysconfdir}/dconf/db/gdm %{_sysconfdir}/dconf/profile/gdm @@ -401,23 +418,21 @@ fi %dir %{_libdir}/gdm %dir %{_libdir}/gdm/simple-greeter %dir %{_libdir}/gdm/simple-greeter/extensions +# The extension for non-split authentication +%{_datadir}/gdm/simple-greeter/extensions/unified/ %if %{enable_split_authentication} -%config /etc/pam.d/gdm-password %{_datadir}/gdm/simple-greeter/extensions/password/ %{_libdir}/gdm/simple-greeter/extensions/libpassword.so -%{_datadir}/gdm/simple-greeter/extensions/unified/ %endif %if %{enable_split_authentication} %files simple-greeter-extensions %defattr(-,root,root) # fingerprint -%config /etc/pam.d/gdm-fingerprint %{_datadir}/gdm/simple-greeter/extensions/fingerprint/ %{_libdir}/gdm/simple-greeter/extensions/libfingerprint.so %{_datadir}/glib-2.0/schemas/org.gnome.display-manager.extensions.fingerprint.gschema.xml # smartcard -%config /etc/pam.d/gdm-smartcart %{_datadir}/gdm/simple-greeter/extensions/smartcard/ %{_libdir}/gdm/simple-greeter/extensions/libsmartcard.so %{_datadir}/glib-2.0/schemas/org.gnome.display-manager.extensions.smartcard.gschema.xml