rpms/gdm
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Fix user switching

Browse Source 
Resolves: #1184933
This commit is contained in:
Ray Strode 2015-01-22 14:53:39 -05:00
parent d3d8f74ba5
commit 3fdf0be9ef
2 changed files with 127 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

120
fix-user-switching.patch Normal file
View File

@ -0,0 +1,120 @@
From 0ecacfd6123e4026c78d5d61670da0abdcbf7559 Mon Sep 17 00:00:00 2001
From: Ray Strode <rstrode@redhat.com>
Date: Thu, 22 Jan 2015 11:51:18 -0500
Subject: [PATCH] manager: allow the login screen to do reauthentication
At the moment, we only allow the user session to do reauthentication
from its lock screen. If a user does user switching we instead open
a new session for checking the user's password.
This commit enables reauthentication from the login screen as well.
---
daemon/gdm-manager.c | 23 ++++++++++++++---------
1 file changed, 14 insertions(+), 9 deletions(-)
diff --git a/daemon/gdm-manager.c b/daemon/gdm-manager.c
index 8c41045..0278512 100644
--- a/daemon/gdm-manager.c
+++ b/daemon/gdm-manager.c
@@ -1161,84 +1161,89 @@ open_temporary_reauthentication_channel (GdmManager *self,
self);
address = gdm_session_get_server_address (session);
return g_strdup (address);
}
static gboolean
gdm_manager_handle_open_reauthentication_channel (GdmDBusManager *manager,
GDBusMethodInvocation *invocation,
const char *username)
{
GdmManager *self = GDM_MANAGER (manager);
const char *sender;
GdmDisplay *display = NULL;
GdmSession *session;
GDBusConnection *connection;
char *seat_id = NULL;
char *session_id = NULL;
GPid pid = 0;
uid_t uid = (uid_t) -1;
gboolean is_login_screen = FALSE;
gboolean is_remote = FALSE;
g_debug ("GdmManager: trying to open reauthentication channel for user %s", username);
sender = g_dbus_method_invocation_get_sender (invocation);
connection = g_dbus_method_invocation_get_connection (invocation);
get_display_and_details_for_bus_sender (self, connection, sender, &display, &seat_id, &session_id, &pid, &uid, &is_login_screen, &is_remote);
- if (is_login_screen) {
- g_dbus_method_invocation_return_error_literal (invocation,
- G_DBUS_ERROR,
- G_DBUS_ERROR_ACCESS_DENIED,
- "Login screen not allow to open reauthentication channel");
- return TRUE;
- }
-
if (session_id == NULL || pid == 0 || uid == (uid_t) -1) {
g_dbus_method_invocation_return_error_literal (invocation,
G_DBUS_ERROR,
G_DBUS_ERROR_ACCESS_DENIED,
_("No session available"));
return TRUE;
}
- session = get_seed_session_for_display (display);
+ if (is_login_screen) {
+ session = find_session_for_user_on_seat (self,
+ username,
+ seat_id,
+ NULL);
+ } else {
+ session = get_seed_session_for_display (display);
+ }
if (session != NULL && gdm_session_is_running (session)) {
gdm_session_start_reauthentication (session, pid, uid);
g_hash_table_insert (self->priv->open_reauthentication_requests,
GINT_TO_POINTER (pid),
invocation);
+ } else if (is_login_screen) {
+ g_dbus_method_invocation_return_error_literal (invocation,
+ G_DBUS_ERROR,
+ G_DBUS_ERROR_ACCESS_DENIED,
+ "Login screen only allowed to open reauthentication channels for running sessions");
+ return TRUE;
} else {
char *address;
address = open_temporary_reauthentication_channel (self,
seat_id,
session_id,
pid,
uid,
is_remote);
gdm_dbus_manager_complete_open_reauthentication_channel (GDM_DBUS_MANAGER (manager),
invocation,
address);
g_free (address);
}
return TRUE;
}
static void
manager_interface_init (GdmDBusManagerIface *interface)
{
interface->handle_open_session = gdm_manager_handle_open_session;
interface->handle_open_reauthentication_channel = gdm_manager_handle_open_reauthentication_channel;
}
static void
set_up_greeter_session (GdmManager *manager,
GdmDisplay *display)
{
char *allowed_user;
struct passwd *passwd_entry;
--
2.2.1

8
gdm.spec
View File

@ -12,7 +12,7 @@
Summary: The GNOME Display Manager Summary: The GNOME Display Manager
Name: gdm Name: gdm
Version: 3.15.3.1 Version: 3.15.3.1
Release: 2%{?dist} Release: 3%{?dist}
Epoch: 1 Epoch: 1
License: GPLv2+ License: GPLv2+
Group: User Interface/X Group: User Interface/X
@ -21,6 +21,7 @@ URL: http://download.gnome.org/sources/gdm
Source: http://download.gnome.org/sources/gdm/3.15/gdm-%{version}.tar.xz Source: http://download.gnome.org/sources/gdm/3.15/gdm-%{version}.tar.xz
Source1: org.gnome.login-screen.gschema.override Source1: org.gnome.login-screen.gschema.override
Patch0: fix-pam-ecryptfs.patch Patch0: fix-pam-ecryptfs.patch
Patch1: fix-user-switching.patch
BuildRequires: pkgconfig(libcanberra-gtk) BuildRequires: pkgconfig(libcanberra-gtk)
BuildRequires: pango-devel >= 0:%{pango_version} BuildRequires: pango-devel >= 0:%{pango_version}
@ -107,6 +108,7 @@ files needed to build custom greeters.
%prep %prep
%setup -q %setup -q
%patch0 -p1 -b .fix-pam-ecryptfs %patch0 -p1 -b .fix-pam-ecryptfs
%patch1 -p1 -b .fix-user-switching
autoreconf -i -f autoreconf -i -f
intltoolize -f intltoolize -f
@ -296,6 +298,10 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor >&/dev/null || :
%{_libdir}/pkgconfig/gdm.pc %{_libdir}/pkgconfig/gdm.pc
%changelog %changelog
* Thu Jan 22 2015 Ray Strode <rstrode@redhat.com> 3.15.3.1-3
- Fix user switching
Resolves: #1184933
* Fri Jan 16 2015 Ray Strode <rstrode@redhat.com> 3.13.91-2 * Fri Jan 16 2015 Ray Strode <rstrode@redhat.com> 3.13.91-2
- Fix pam_ecryptfs. unfortunately adds back gross last login messages. - Fix pam_ecryptfs. unfortunately adds back gross last login messages.
Resolves: #1174366 Resolves: #1174366