Ray Strode
parent
d3d8f74ba5
commit
3fdf0be9ef
120
fix-user-switching.patch
Normal file
120
fix-user-switching.patch
Normal file
@ -0,0 +1,120 @@
|
||||
From 0ecacfd6123e4026c78d5d61670da0abdcbf7559 Mon Sep 17 00:00:00 2001
|
||||
From: Ray Strode <rstrode@redhat.com>
|
||||
Date: Thu, 22 Jan 2015 11:51:18 -0500
|
||||
Subject: [PATCH] manager: allow the login screen to do reauthentication
|
||||
|
||||
At the moment, we only allow the user session to do reauthentication
|
||||
from its lock screen. If a user does user switching we instead open
|
||||
a new session for checking the user's password.
|
||||
|
||||
This commit enables reauthentication from the login screen as well.
|
||||
---
|
||||
daemon/gdm-manager.c | 23 ++++++++++++++---------
|
||||
1 file changed, 14 insertions(+), 9 deletions(-)
|
||||
|
||||
diff --git a/daemon/gdm-manager.c b/daemon/gdm-manager.c
|
||||
index 8c41045..0278512 100644
|
||||
--- a/daemon/gdm-manager.c
|
||||
+++ b/daemon/gdm-manager.c
|
||||
@@ -1161,84 +1161,89 @@ open_temporary_reauthentication_channel (GdmManager *self,
|
||||
self);
|
||||
|
||||
address = gdm_session_get_server_address (session);
|
||||
|
||||
return g_strdup (address);
|
||||
}
|
||||
|
||||
static gboolean
|
||||
gdm_manager_handle_open_reauthentication_channel (GdmDBusManager *manager,
|
||||
GDBusMethodInvocation *invocation,
|
||||
const char *username)
|
||||
{
|
||||
GdmManager *self = GDM_MANAGER (manager);
|
||||
const char *sender;
|
||||
GdmDisplay *display = NULL;
|
||||
GdmSession *session;
|
||||
GDBusConnection *connection;
|
||||
char *seat_id = NULL;
|
||||
char *session_id = NULL;
|
||||
GPid pid = 0;
|
||||
uid_t uid = (uid_t) -1;
|
||||
gboolean is_login_screen = FALSE;
|
||||
gboolean is_remote = FALSE;
|
||||
|
||||
g_debug ("GdmManager: trying to open reauthentication channel for user %s", username);
|
||||
|
||||
sender = g_dbus_method_invocation_get_sender (invocation);
|
||||
connection = g_dbus_method_invocation_get_connection (invocation);
|
||||
get_display_and_details_for_bus_sender (self, connection, sender, &display, &seat_id, &session_id, &pid, &uid, &is_login_screen, &is_remote);
|
||||
|
||||
- if (is_login_screen) {
|
||||
- g_dbus_method_invocation_return_error_literal (invocation,
|
||||
- G_DBUS_ERROR,
|
||||
- G_DBUS_ERROR_ACCESS_DENIED,
|
||||
- "Login screen not allow to open reauthentication channel");
|
||||
- return TRUE;
|
||||
- }
|
||||
-
|
||||
if (session_id == NULL || pid == 0 || uid == (uid_t) -1) {
|
||||
g_dbus_method_invocation_return_error_literal (invocation,
|
||||
G_DBUS_ERROR,
|
||||
G_DBUS_ERROR_ACCESS_DENIED,
|
||||
_("No session available"));
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
- session = get_seed_session_for_display (display);
|
||||
+ if (is_login_screen) {
|
||||
+ session = find_session_for_user_on_seat (self,
|
||||
+ username,
|
||||
+ seat_id,
|
||||
+ NULL);
|
||||
+ } else {
|
||||
+ session = get_seed_session_for_display (display);
|
||||
+ }
|
||||
|
||||
if (session != NULL && gdm_session_is_running (session)) {
|
||||
gdm_session_start_reauthentication (session, pid, uid);
|
||||
g_hash_table_insert (self->priv->open_reauthentication_requests,
|
||||
GINT_TO_POINTER (pid),
|
||||
invocation);
|
||||
+ } else if (is_login_screen) {
|
||||
+ g_dbus_method_invocation_return_error_literal (invocation,
|
||||
+ G_DBUS_ERROR,
|
||||
+ G_DBUS_ERROR_ACCESS_DENIED,
|
||||
+ "Login screen only allowed to open reauthentication channels for running sessions");
|
||||
+ return TRUE;
|
||||
} else {
|
||||
char *address;
|
||||
address = open_temporary_reauthentication_channel (self,
|
||||
seat_id,
|
||||
session_id,
|
||||
pid,
|
||||
uid,
|
||||
is_remote);
|
||||
gdm_dbus_manager_complete_open_reauthentication_channel (GDM_DBUS_MANAGER (manager),
|
||||
invocation,
|
||||
address);
|
||||
g_free (address);
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
static void
|
||||
manager_interface_init (GdmDBusManagerIface *interface)
|
||||
{
|
||||
interface->handle_open_session = gdm_manager_handle_open_session;
|
||||
interface->handle_open_reauthentication_channel = gdm_manager_handle_open_reauthentication_channel;
|
||||
}
|
||||
|
||||
static void
|
||||
set_up_greeter_session (GdmManager *manager,
|
||||
GdmDisplay *display)
|
||||
{
|
||||
char *allowed_user;
|
||||
struct passwd *passwd_entry;
|
||||
--
|
||||
2.2.1
|
||||
|
||||
8
gdm.spec
8
gdm.spec
@ -12,7 +12,7 @@
|
||||
Summary: The GNOME Display Manager
|
||||
Name: gdm
|
||||
Version: 3.15.3.1
|
||||
Release: 2%{?dist}
|
||||
Release: 3%{?dist}
|
||||
Epoch: 1
|
||||
License: GPLv2+
|
||||
Group: User Interface/X
|
||||
@ -21,6 +21,7 @@ URL: http://download.gnome.org/sources/gdm
|
||||
Source: http://download.gnome.org/sources/gdm/3.15/gdm-%{version}.tar.xz
|
||||
Source1: org.gnome.login-screen.gschema.override
|
||||
Patch0: fix-pam-ecryptfs.patch
|
||||
Patch1: fix-user-switching.patch
|
||||
|
||||
BuildRequires: pkgconfig(libcanberra-gtk)
|
||||
BuildRequires: pango-devel >= 0:%{pango_version}
|
||||
@ -107,6 +108,7 @@ files needed to build custom greeters.
|
||||
%prep
|
||||
%setup -q
|
||||
%patch0 -p1 -b .fix-pam-ecryptfs
|
||||
%patch1 -p1 -b .fix-user-switching
|
||||
|
||||
autoreconf -i -f
|
||||
intltoolize -f
|
||||
@ -296,6 +298,10 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor >&/dev/null || :
|
||||
%{_libdir}/pkgconfig/gdm.pc
|
||||
|
||||
%changelog
|
||||
* Thu Jan 22 2015 Ray Strode <rstrode@redhat.com> 3.15.3.1-3
|
||||
- Fix user switching
|
||||
Resolves: #1184933
|
||||
|
||||
* Fri Jan 16 2015 Ray Strode <rstrode@redhat.com> 3.13.91-2
|
||||
- Fix pam_ecryptfs. unfortunately adds back gross last login messages.
|
||||
Resolves: #1174366
|
||||
|
||||
Loading…
Reference in New Issue
Block a user