rpms/gdm
6
0
Fork 0
Code Issues Pull Requests Releases Activity

import CS gdm-40.1-38.el9_7

Browse Source
This commit is contained in:
eabdullin 2025-11-11 18:06:18 +00:00
parent 8e57e95658
commit 5bdaeddc5e
5 changed files with 667 additions and 91 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

422
SOURCES/0001-Handle-conflicting-sessions.patch Normal file
View File

@ -0,0 +1,422 @@
From e204ee23d7626ee09684494b49774d8fae4d6056 Mon Sep 17 00:00:00 2001
From: Joan Torres <joantolo@redhat.com>
Date: Thu, 8 May 2025 11:27:03 +0200
Subject: [PATCH 1/3] manager: Use full verification on incompatible login
session
Two sessions are incompatible if they don't share the same
seat_id.
From a login session, when the logged in user session was previously
started and is incompatible with this login session, don't do the
reauthentication process and do the full verification instead. This will
be used in next commits to shutdown the previously started session and
start a new session.
Part-of<https://gitlab.gnome.org/GNOME/gdm/-/merge_requests/233>
---
daemon/gdm-manager.c | 92 ++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 92 insertions(+)
diff --git a/daemon/gdm-manager.c b/daemon/gdm-manager.c
index 9c10adff3..051420ac8 100644
--- a/daemon/gdm-manager.c
+++ b/daemon/gdm-manager.c
@@ -28,6 +28,7 @@
#include <signal.h>
#include <sys/stat.h>
#include <sys/types.h>
+#include <systemd/sd-login.h>
#include <glib.h>
#include <glib/gi18n.h>
@@ -1116,6 +1117,85 @@ open_temporary_reauthentication_channel (GdmManager *self,
return g_strdup (address);
}
+static gboolean
+is_session_graphical (const char *session_id)
+{
+ const char * const graphical_session_types[] = { "wayland", "x11", NULL };
+ int res;
+ g_autofree char *type = NULL;
+
+ res = sd_session_get_type (session_id, &type);
+ if (res < 0)
+ return FALSE;
+
+ return g_strv_contains (graphical_session_types, type);
+}
+
+static gboolean
+is_session_active (const char *session_id)
+{
+ const char * const active_states[] = { "active", "online", NULL };
+ int res;
+ g_autofree char *state = NULL;
+
+ res = sd_session_get_state (session_id, &state);
+ if (res < 0)
+ return FALSE;
+
+ return g_strv_contains (active_states, state);
+}
+
+static gboolean
+is_session_on_seat (const char *session_id,
+ const char *seat_id)
+{
+ int res;
+ g_autofree char *session_seat = NULL;
+
+ res = sd_session_get_seat (session_id, &session_seat);
+ if (res < 0)
+ return FALSE;
+
+ return g_strcmp0 (seat_id, session_seat) == 0;
+}
+
+static char **
+find_conflicting_sessions (const char *username,
+ const char *seat_id)
+{
+ struct passwd *passwd_entry;
+ g_auto (GStrv) sessions = NULL;
+ g_autoptr (GStrvBuilder) builder = NULL;
+ int n_sessions;
+ int i;
+ uid_t uid;
+
+ gdm_get_pwent_for_name (username, &passwd_entry);
+ if (passwd_entry == NULL) {
+ return FALSE;
+ }
+
+ builder = g_strv_builder_new ();
+
+ uid = passwd_entry->pw_uid;
+
+ n_sessions = sd_uid_get_sessions (uid, 0, &sessions);
+ for (i = n_sessions - 1; i >= 0; i--) {
+ if (!is_session_graphical (sessions[i]))
+ continue;
+
+ if (!is_session_active (sessions[i]))
+ continue;
+
+ if (is_session_on_seat (sessions[i], seat_id))
+ continue;
+
+ g_strv_builder_add (builder, g_strdup (sessions[i]));
+ }
+
+ return g_strv_builder_end (builder);
+}
+
static gboolean
gdm_manager_handle_open_reauthentication_channel (GdmDBusManager *manager,
GDBusMethodInvocation *invocation,
@@ -1154,6 +1234,18 @@ gdm_manager_handle_open_reauthentication_channel (GdmDBusManager *manager
username,
seat_id,
NULL);
+ if (session == NULL) {
+ g_auto (GStrv) conflicting_sessions = NULL;
+
+ conflicting_sessions = find_conflicting_sessions (username, seat_id);
+ if (g_strv_length (conflicting_sessions) != 0) {
+ g_dbus_method_invocation_return_error_literal (invocation,
+ G_DBUS_ERROR,
+ G_DBUS_ERROR_ACCESS_DENIED,
+ "Found incompatible user session");
+ return TRUE;
+ }
+ }
} else {
g_debug ("GdmManager: looking for user session on display");
session = get_user_session_for_display (display);
--
2.49.0
From 239aefa42bcba99fa7eac12b98b4dd7f64ef9608 Mon Sep 17 00:00:00 2001
From: Joan Torres <joantolo@redhat.com>
Date: Thu, 8 May 2025 11:50:26 +0200
Subject: [PATCH 2/3] session: Stop conflicting session
This happens when at the login gnome-shell it's been displayed the dialog
requesting to logout the existing session. When the user chose to stop
the existing session it will use the method "StopConflictingSession"
and then the manager kills that session using logind interface.
Part-of<https://gitlab.gnome.org/GNOME/gdm/-/merge_requests/233>
---
common/gdm-common.c | 32 ++++++++++++++++++++++++++++++++
common/gdm-common.h | 4 ++++
daemon/gdm-manager.c | 28 ++++++++++++++++++++++++++++
daemon/gdm-session.c | 41 +++++++++++++++++++++++++++++++++++++++++
daemon/gdm-session.xml | 2 ++
5 files changed, 107 insertions(+)
diff --git a/common/gdm-common.c b/common/gdm-common.c
index 92029027b..d5290acdd 100644
--- a/common/gdm-common.c
+++ b/common/gdm-common.c
@@ -381,6 +381,38 @@ gdm_activate_session_by_id (GDBusConnection *connection,
return TRUE;
}
+gboolean
+gdm_terminate_session_by_id (GDBusConnection *connection,
+ GCancellable *cancellable,
+ const char *session_id)
+{
+ GError *local_error = NULL;
+ GVariant *reply;
+
+ g_return_val_if_fail (G_IS_DBUS_CONNECTION (connection), FALSE);
+ g_return_val_if_fail (session_id != NULL, FALSE);
+
+ reply = g_dbus_connection_call_sync (connection,
+ "org.freedesktop.login1",
+ "/org/freedesktop/login1",
+ "org.freedesktop.login1.Manager",
+ "TerminateSession",
+ g_variant_new ("(s)", session_id),
+ NULL,
+ G_DBUS_CALL_FLAGS_NONE,
+ -1,
+ cancellable, &local_error);
+ if (reply == NULL) {
+ g_warning ("Unable to terminate session: %s", local_error->message);
+ g_error_free (local_error);
+ return FALSE;
+ }
+
+ g_variant_unref (reply);
+
+ return TRUE;
+}
+
gboolean
gdm_get_login_window_session_id (const char *seat_id,
char **session_id)
diff --git a/common/gdm-common.h b/common/gdm-common.h
index c42f556a4..ea012dc88 100644
--- a/common/gdm-common.h
+++ b/common/gdm-common.h
@@ -91,6 +91,10 @@ gboolean gdm_activate_session_by_id (GDBusConnection *connection,
const char *seat_id,
const char *session_id);
+gboolean gdm_terminate_session_by_id (GDBusConnection *connection,
+ GCancellable *cancellable,
+ const char *session_id);
+
void gdm_load_env_d (GdmLoadEnvVarFunc load_env_func,
GdmExpandVarFunc expand_func,
gpointer user_data);
diff --git a/daemon/gdm-manager.c b/daemon/gdm-manager.c
index 051420ac8..4f68448e3 100644
--- a/daemon/gdm-manager.c
+++ b/daemon/gdm-manager.c
@@ -2152,6 +2152,37 @@ on_session_reauthenticated (GdmSession *session,
switch_to_compatible_user_session (manager, session, fail_if_already_switched);
}
+static void
+on_stop_conflicting_session (GdmSession *login_session,
+ const char *username,
+ GdmManager *manager)
+{
+ g_auto (GStrv) session_ids = NULL;
+ const char *seat_id;
+ int i;
+
+ seat_id = gdm_session_get_display_seat_id (login_session);
+
+ session_ids = find_conflicting_sessions (username, seat_id);
+ if (g_strv_length (session_ids) == 0) {
+ g_warning ("Couldn't find conflicting sessions for user");
+ return;
+ }
+
+ for (i = 0; i < g_strv_length (session_ids); i++) {
+ // Don't kill conflicting session if it's not tracked,
+ // this ensures the new session isn't killed (because
+ // it's considered a conflicting session).
+ if (!gdm_display_store_find (manager->priv->display_store,
+ lookup_by_session_id,
+ (gpointer) session_ids[i]))
+ continue;
+
+ if (!gdm_terminate_session_by_id (manager->priv->connection, NULL, session_ids[i]))
+ g_warning ("Failed to terminate conflicting session: %s", session_ids[i]);
+ }
+}
+
static void
on_session_client_ready_for_session_to_start (GdmSession *session,
const char *service_name,
@@ -2443,6 +2467,10 @@ create_user_session_for_display (GdmManager *manager,
"reauthenticated",
G_CALLBACK (on_session_reauthenticated),
manager);
+ g_signal_connect (session,
+ "stop-conflicting-session",
+ G_CALLBACK (on_stop_conflicting_session),
+ manager);
g_signal_connect (session,
"client-ready-for-session-to-start",
G_CALLBACK (on_session_client_ready_for_session_to_start),
diff --git a/daemon/gdm-session.c b/daemon/gdm-session.c
index a010cecf5..7ea6c3fb7 100644
--- a/daemon/gdm-session.c
+++ b/daemon/gdm-session.c
@@ -137,6 +137,7 @@ struct _GdmSession
guint32 is_program_session : 1;
guint32 display_is_initial : 1;
+ guint32 is_opened : 1;
};
enum {
@@ -177,6 +178,7 @@ enum {
SESSION_DIED,
REAUTHENTICATION_STARTED,
REAUTHENTICATED,
+ STOP_CONFLICTING_SESSION,
LAST_SIGNAL
};
@@ -895,6 +897,8 @@ on_opened (GdmDBusWorker *worker,
g_debug ("GdmSession: Emitting 'session-opened' signal");
g_signal_emit (self, signals[SESSION_OPENED], 0, service_name, session_id);
+
+ self->is_opened = TRUE;
} else {
report_and_stop_conversation (self, service_name, error);
@@ -1572,6 +1576,28 @@ gdm_session_handle_get_timed_login_details (GdmDBusGreeter *greeter_inter
return TRUE;
}
+static gboolean
+gdm_session_handle_client_stop_conflicting_session (GdmDBusGreeter *greeter_interface,
+ GDBusMethodInvocation *invocation,
+ GdmSession *self)
+{
+ if (!self->is_opened) {
+ g_dbus_method_invocation_return_error_literal (invocation, G_DBUS_ERROR,
+ G_DBUS_ERROR_ACCESS_DENIED,
+ "Can't stop conflicting session if this session is not opened yet");
+ return TRUE;
+ }
+
+ g_signal_emit (self, signals[STOP_CONFLICTING_SESSION], 0, self->selected_user);
+
+ if (self->greeter_interface != NULL) {
+ gdm_dbus_greeter_complete_stop_conflicting_session (self->greeter_interface,
+ invocation);
+ }
+
+ return TRUE;
+}
+
static gboolean
gdm_session_handle_client_begin_auto_login (GdmDBusGreeter *greeter_interface,
GDBusMethodInvocation *invocation,
@@ -1675,6 +1701,10 @@ export_greeter_interface (GdmSession *self,
"handle-get-timed-login-details",
G_CALLBACK (gdm_session_handle_get_timed_login_details),
self);
+ g_signal_connect (greeter_interface,
+ "handle-stop-conflicting-session",
+ G_CALLBACK (gdm_session_handle_client_stop_conflicting_session),
+ self);
g_dbus_interface_skeleton_export (G_DBUS_INTERFACE_SKELETON (greeter_interface),
connection,
@@ -3943,6 +3973,17 @@ gdm_session_class_init (GdmSessionClass *session_class)
g_cclosure_marshal_VOID__VOID,
G_TYPE_NONE,
0);
+ signals [STOP_CONFLICTING_SESSION] =
+ g_signal_new ("stop-conflicting-session",
+ GDM_TYPE_SESSION,
+ G_SIGNAL_RUN_FIRST,
+ 0,
+ NULL,
+ NULL,
+ NULL,
+ G_TYPE_NONE,
+ 1,
+ G_TYPE_STRING);
g_object_class_install_property (object_class,
PROP_VERIFICATION_MODE,
diff --git a/daemon/gdm-session.xml b/daemon/gdm-session.xml
index 137be5e27..e5a1e4bb3 100644
--- a/daemon/gdm-session.xml
+++ b/daemon/gdm-session.xml
@@ -114,6 +114,8 @@
<arg name="service_name" direction="in" type="s"/>
<arg name="should_start_session" direction="in" type="b"/>
</method>
+ <method name="StopConflictingSession">
+ </method>
<signal name="SelectedUserChanged">
<arg name="username" type="s"/>
</signal>
--
2.49.0
From b70145ecaabe57e947bfb703bbd5d2e7b953609d Mon Sep 17 00:00:00 2001
From: Joan Torres <joantolo@redhat.com>
Date: Thu, 8 May 2025 11:52:40 +0200
Subject: [PATCH 3/3] session: On greeter add SessionOpenedWithSessionId signal
This session_id will be used by the gnome-shell at login session when
searching if there's already a user session opened, ignoring this one which is
being opened.
Part-of<https://gitlab.gnome.org/GNOME/gdm/-/merge_requests/233>
---
daemon/gdm-session.c | 3 +++
daemon/gdm-session.xml | 4 ++++
2 files changed, 7 insertions(+)
diff --git a/daemon/gdm-session.c b/daemon/gdm-session.c
index 8e7c6774a..cd758e18f 100644
--- a/daemon/gdm-session.c
+++ b/daemon/gdm-session.c
@@ -976,6 +976,9 @@ on_opened (GdmDBusWorker *worker,
if (self->greeter_interface != NULL) {
gdm_dbus_greeter_emit_session_opened (self->greeter_interface,
service_name);
+ gdm_dbus_greeter_emit_session_opened_with_session_id (self->greeter_interface,
+ service_name,
+ session_id);
}
g_debug ("GdmSession: Emitting 'session-opened' signal");
diff --git a/daemon/gdm-session.xml b/daemon/gdm-session.xml
index f22e37c8c..9ba2fb213 100644
--- a/daemon/gdm-session.xml
+++ b/daemon/gdm-session.xml
@@ -156,6 +156,10 @@
<signal name="SessionOpened">
<arg name="service_name" type="s"/>
</signal>
+ <signal name="SessionOpenedWithSessionId">
+ <arg name="service_name" type="s"/>
+ <arg name="session_id" type="s"/>
+ </signal>
<signal name="Reauthenticated">
<arg name="service_name" type="s"/>
</signal>
--
2.49.0

167
SOURCES/0001-libgdm-Don-t-collect-twice-sessions-on-usr-share.patch Normal file
View File

@ -0,0 +1,167 @@
From b52648f991e4537b18620444f4d7b2f9663aed33 Mon Sep 17 00:00:00 2001
From: Joan Torres Lopez <joantolo@redhat.com>
Date: Mon, 9 Jun 2025 17:00:54 +0200
Subject: [PATCH 1/2] libgdm: Don't collect twice sessions on /usr/share
Using system_data_dirs already includes /usr/share, so we don't need to
add it manually.
---
docs/C/index.docbook | 4 ++--
libgdm/gdm-sessions.c | 9 ---------
2 files changed, 2 insertions(+), 11 deletions(-)
diff --git a/docs/C/index.docbook b/docs/C/index.docbook
index 134b9bc..ab2a87f 100644
--- a/docs/C/index.docbook
+++ b/docs/C/index.docbook
@@ -2002,8 +2002,8 @@ AutostartCondition=GNOME /desktop/gnome/applications/at/screen_keyboard_enabled
search the following directories in this order to find desktop files:
<filename>&lt;etc&gt;/X11/sessions/</filename>,
<filename>&lt;dmconfdir&gt;/Sessions</filename>,
- <filename>&lt;share&gt;/xsessions</filename>, and
- <filename>&lt;share&gt;/gdm/BuiltInSessions</filename>. By default the
+ <filename>&lt;share&gt;/gdm/BuiltInSessions</filename>, and
+ <filename>&lt;share&gt;/xsessions</filename>. By default the
<filename>&lt;dmconfdir&gt;</filename> is set to
<filename>&lt;etc&gt;/dm/</filename> unless GDM is configured to use
a different directory via the "--with-dmconfdir" option.
diff --git a/libgdm/gdm-sessions.c b/libgdm/gdm-sessions.c
index f078e04..e4a0e6b 100644
--- a/libgdm/gdm-sessions.c
+++ b/libgdm/gdm-sessions.c
@@ -275,7 +275,6 @@ collect_sessions (void)
"/etc/X11/sessions/",
DMCONFDIR "/Sessions/",
DATADIR "/gdm/BuiltInSessions/",
- DATADIR "/xsessions/",
};
g_auto (GStrv) supported_session_types = NULL;
@@ -296,20 +295,12 @@ collect_sessions (void)
}
#ifdef ENABLE_WAYLAND_SUPPORT
- const char *wayland_search_dirs[] = {
- DATADIR "/wayland-sessions/",
- };
-
wayland_search_array = g_ptr_array_new_with_free_func (g_free);
for (i = 0; system_data_dirs[i]; i++) {
session_dir = g_build_filename (system_data_dirs[i], "wayland-sessions", NULL);
g_ptr_array_add (wayland_search_array, session_dir);
}
-
- for (i = 0; i < G_N_ELEMENTS (wayland_search_dirs); i++) {
- g_ptr_array_add (wayland_search_array, g_strdup (wayland_search_dirs[i]));
- }
#endif
if (gdm_available_sessions_map == NULL) {
--
2.50.1
From ac9d403b5b27cbd8396a696223cd96fbac56f142 Mon Sep 17 00:00:00 2001
From: Joan Torres Lopez <joantolo@redhat.com>
Date: Mon, 9 Jun 2025 17:11:01 +0200
Subject: [PATCH 2/2] libgdm: Ensure loading session files is done in the right
order
Loading session files is done with the following precedence order:
1. Sessions defined in /etc/X11/sessions/
2. Sessions defined in <dmconfdir>/Sessions
3. Built-in sessions in <share>/gdm/BuiltInSessions
4. X11 sessions in system_data_dirs
5. Wayland sessions in system_data_dirs
Sessions dirs have precedence in the order they are added to
dirs_search_array.
This fixes an issue where sessions at system_data_dirs were being added
before sessions in /etc/.
---
libgdm/gdm-sessions.c | 49 +++++++++++++++++--------------------------
1 file changed, 19 insertions(+), 30 deletions(-)
diff --git a/libgdm/gdm-sessions.c b/libgdm/gdm-sessions.c
index e4a0e6b..e0d0044 100644
--- a/libgdm/gdm-sessions.c
+++ b/libgdm/gdm-sessions.c
@@ -267,8 +267,7 @@ static void
collect_sessions (void)
{
g_autoptr(GHashTable) names_seen_before = NULL;
- g_autoptr(GPtrArray) xorg_search_array = NULL;
- g_autoptr(GPtrArray) wayland_search_array = NULL;
+ g_autoptr(GPtrArray) dirs_search_array = NULL;
gchar *session_dir = NULL;
int i;
const char *xorg_search_dirs[] = {
@@ -281,26 +280,30 @@ collect_sessions (void)
supported_session_types = g_strsplit (g_getenv ("GDM_SUPPORTED_SESSION_TYPES"), ":", -1);
names_seen_before = g_hash_table_new (g_str_hash, g_str_equal);
- xorg_search_array = g_ptr_array_new_with_free_func (g_free);
+ dirs_search_array = g_ptr_array_new_with_free_func (g_free);
const gchar * const *system_data_dirs = g_get_system_data_dirs ();
- for (i = 0; system_data_dirs[i]; i++) {
- session_dir = g_build_filename (system_data_dirs[i], "xsessions", NULL);
- g_ptr_array_add (xorg_search_array, session_dir);
- }
+ if (!supported_session_types || g_strv_contains ((const char * const *) supported_session_types, "x11")) {
+ for (i = 0; i < G_N_ELEMENTS (xorg_search_dirs); i++) {
+ g_ptr_array_add (dirs_search_array, g_strdup (xorg_search_dirs[i]));
+ }
- for (i = 0; i < G_N_ELEMENTS (xorg_search_dirs); i++) {
- g_ptr_array_add (xorg_search_array, g_strdup (xorg_search_dirs[i]));
+ for (i = 0; system_data_dirs[i]; i++) {
+ session_dir = g_build_filename (system_data_dirs[i], "xsessions", NULL);
+ g_ptr_array_add (dirs_search_array, session_dir);
+ }
}
#ifdef ENABLE_WAYLAND_SUPPORT
- wayland_search_array = g_ptr_array_new_with_free_func (g_free);
-
- for (i = 0; system_data_dirs[i]; i++) {
- session_dir = g_build_filename (system_data_dirs[i], "wayland-sessions", NULL);
- g_ptr_array_add (wayland_search_array, session_dir);
+#ifdef ENABLE_USER_DISPLAY_SERVER
+ if (!supported_session_types || g_strv_contains ((const char * const *) supported_session_types, "wayland")) {
+ for (i = 0; system_data_dirs[i]; i++) {
+ session_dir = g_build_filename (system_data_dirs[i], "wayland-sessions", NULL);
+ g_ptr_array_add (dirs_search_array, session_dir);
+ }
}
+#endif
#endif
if (gdm_available_sessions_map == NULL) {
@@ -308,22 +311,10 @@ collect_sessions (void)
g_free, (GDestroyNotify)gdm_session_file_free);
}
- if (!supported_session_types || g_strv_contains ((const char * const *) supported_session_types, "x11")) {
- for (i = 0; i < xorg_search_array->len; i++) {
- collect_sessions_from_directory (g_ptr_array_index (xorg_search_array, i));
- }
+ for (i = dirs_search_array->len - 1; i >= 0; i--) {
+ collect_sessions_from_directory (g_ptr_array_index (dirs_search_array, i));
}
-#ifdef ENABLE_WAYLAND_SUPPORT
-#ifdef ENABLE_USER_DISPLAY_SERVER
- if (!supported_session_types || g_strv_contains ((const char * const *) supported_session_types, "wayland")) {
- for (i = 0; i < wayland_search_array->len; i++) {
- collect_sessions_from_directory (g_ptr_array_index (wayland_search_array, i));
- }
- }
-#endif
-#endif
-
g_hash_table_foreach_remove (gdm_available_sessions_map,
remove_duplicate_sessions,
names_seen_before);

86
SOURCES/0001-manager-allow-multiple-xdmcp-logins-for-the-same-use.patch
View File

@ -181,34 +181,7 @@ index e1bc62d7..08c3cc17 100644
{
const char *username;
char *display_name, *hostname, *display_device, *display_seat_id;
@@ -1096,92 +1109,114 @@ open_temporary_reauthentication_channel (GdmManager *self,
g_signal_connect (session,
"client-disconnected",
G_CALLBACK (on_reauthentication_client_disconnected),
self);
g_signal_connect (session,
"client-rejected",
G_CALLBACK (on_reauthentication_client_rejected),
self);
g_signal_connect (session,
"cancelled",
G_CALLBACK (on_reauthentication_cancelled),
self);
g_signal_connect (session,
"conversation-started",
G_CALLBACK (on_reauthentication_conversation_started),
self);
g_signal_connect (session,
"conversation-stopped",
G_CALLBACK (on_reauthentication_conversation_stopped),
self);
g_signal_connect (session,
"verification-complete",
G_CALLBACK (on_reauthentication_verification_complete),
self);
address = gdm_session_get_server_address (session);
@@ -1129,6 +1142,21 @@ open_temporary_reauthentication_channel (GdmManager *self,
return g_strdup (address);
}
@ -225,36 +198,12 @@ index e1bc62d7..08c3cc17 100644
+
+ return enabled;
+}
+
+
static gboolean
gdm_manager_handle_open_reauthentication_channel (GdmDBusManager *manager,
GDBusMethodInvocation *invocation,
const char *username)
is_session_graphical (const char *session_id)
{
GdmManager *self = GDM_MANAGER (manager);
const char *sender;
GdmDisplay *display = NULL;
GdmSession *session;
GDBusConnection *connection;
char *seat_id = NULL;
char *session_id = NULL;
GPid pid = 0;
uid_t uid = (uid_t) -1;
gboolean is_login_screen = FALSE;
gboolean is_remote = FALSE;
g_debug ("GdmManager: trying to open reauthentication channel for user %s", username);
sender = g_dbus_method_invocation_get_sender (invocation);
connection = g_dbus_method_invocation_get_connection (invocation);
get_display_and_details_for_bus_sender (self, connection, sender, &display, &seat_id, &session_id, NULL, &pid, &uid, &is_login_screen, &is_remote);
if (session_id == NULL || pid == 0 || uid == (uid_t) -1) {
g_dbus_method_invocation_return_error_literal (invocation,
G_DBUS_ERROR,
G_DBUS_ERROR_ACCESS_DENIED,
_("No session available"));
@@ -1237,6 +1265,14 @@ gdm_manager_handle_open_reauthentication_channel (GdmDBusManager *manager
return TRUE;
}
@ -269,33 +218,6 @@ index e1bc62d7..08c3cc17 100644
if (is_login_screen) {
g_debug ("GdmManager: looking for login screen session for user %s on seat %s", username, seat_id);
session = find_session_for_user_on_seat (self,
username,
seat_id,
NULL);
} else {
g_debug ("GdmManager: looking for user session on display");
session = get_user_session_for_display (display);
}
if (session != NULL && gdm_session_is_running (session)) {
gdm_session_start_reauthentication (session, pid, uid);
g_hash_table_insert (self->priv->open_reauthentication_requests,
GINT_TO_POINTER (pid),
invocation);
} else if (is_login_screen) {
g_dbus_method_invocation_return_error_literal (invocation,
G_DBUS_ERROR,
G_DBUS_ERROR_ACCESS_DENIED,
"Login screen only allowed to open reauthentication channels for running sessions");
return TRUE;
} else {
char *address;
address = open_temporary_reauthentication_channel (self,
seat_id,
session_id,
pid,
uid,
is_remote);
diff --git a/data/gdm.schemas.in b/data/gdm.schemas.in
index a1035f95..929d13d9 100644
--- a/data/gdm.schemas.in

25
SOURCES/0001-meson-Define-missing-HAVE_LIBAUDIT.patch Normal file
View File

@ -0,0 +1,25 @@
From ca61c480ed7ec714f3253c221df7676c341c65c5 Mon Sep 17 00:00:00 2001
From: Joan Torres <joantolo@redhat.com>
Date: Wed, 7 May 2025 10:40:47 +0200
Subject: [PATCH] meson: Define missing HAVE_LIBAUDIT
This allows using libaudit to use audit logs.
---
meson.build | 1 +
1 file changed, 1 insertion(+)
diff --git a/meson.build b/meson.build
index 64b986285..867cb4e26 100644
--- a/meson.build
+++ b/meson.build
@@ -210,6 +210,7 @@ conf.set_quoted('GDM_PID_FILE', gdm_pid_file)
conf.set_quoted('GNOME_SETTINGS_DAEMON_DIR', gnome_settings_daemon_dir)
conf.set_quoted('LANG_CONFIG_FILE', lang_config_file)
conf.set('HAVE_ADT', have_adt)
+conf.set('HAVE_LIBAUDIT', libaudit_dep.found())
conf.set('HAVE_UTMP_H', have_utmp_header)
conf.set('HAVE_UTMPX_H', have_utmpx_header)
conf.set('HAVE_POSIX_GETPWNAM_R', have_posix_getpwnam_r)
--
2.49.0

58
SPECS/gdm.spec
View File

@ -11,7 +11,7 @@
Name: gdm
Epoch: 1
Version: 40.1
Release: 30%{?dist}
Release: 38%{?dist}
Summary: The GNOME Display Manager
License: GPLv2+
@ -62,7 +62,13 @@ Patch110001: 0001-display-Add-new-FAILING-state.patch
Patch110002: 0002-manager-Quit-plymouth-at-first-sign-of-failure.patch
Patch110003: 0003-manager-Quit-plymouth-synchronously.patch
Patch120001: 0001-session-Fix-memory-leak-on-new-outside-connection.patch
Patch120001: 0001-meson-Define-missing-HAVE_LIBAUDIT.patch
Patch130001: 0001-Handle-conflicting-sessions.patch
Patch140001: 0001-session-Fix-memory-leak-on-new-outside-connection.patch
Patch150001: 0001-libgdm-Don-t-collect-twice-sessions-on-usr-share.patch
# Non-upstreamable workarounds
Patch66610001: 0001-data-reap-gdm-sessions-on-shutdown.patch
@ -79,7 +85,6 @@ Patch99930001: 0001-data-add-system-dconf-databases-to-gdm-profile.patch
Patch99950001: 0001-data-Disable-network-configuration-on-login-screen.patch
BuildRequires: accountsservice-devel
BuildRequires: audit-libs-devel >= %{libauditver}
BuildRequires: dconf
@ -368,21 +373,56 @@ dconf update || :
%{_libdir}/pkgconfig/gdm-pam-extensions.pc
%changelog
* Fri Jun 20 2025 Joan Torres <joantolo@redhat.com> - 40.1-30
- Fix leak on new connections
Resolves: RHEL-98725
* Thu Oct 2 2025 Joan Torres Lopez <joantolo@redhat.com> - 40.1-38
- Fix issue on conflicting sessions when they are remote
Resolves: RHEL-123357
* Thu Jun 12 2025 Joan Torres <joantolo@redhat.com> - 40.1-29
* Thu Aug 21 2025 Joan Torres Lopez <joantolo@redhat.com> - 40.1-37
- Fix precedence order when loading sessions
Resolves: RHEL-4133
* Thu Jul 31 2025 Joan Torres <joantolo@redhat.com> - 40.1-36
- Remove adding -nocursor option. Using a cursor-theme already allows this.
Related: RHEL-81194
* Wed Jul 16 2025 Joan Torres <joantolo@redhat.com> - 40.1-35
- Instead of allowing adding custom parameters to Xorg,
only allow adding -nocursor. Allowing adding custom parameters
is a potential security issue.
Related: RHEL-81194
* Mon Jul 14 2025 Joan Torres <joantolo@redhat.com> - 40.1-34
- Allow adding custom parameters to Xorg
Resolves: RHEL-81194
* Fri Jun 20 2025 Joan Torres <joantolo@redhat.com> - 40.1-33
- Fix leak on new connections
Resolves: RHEL-98562
* Thu Jun 19 2025 Joan Torres <joantolo@redhat.com> - 40.1-32
- Leave session-opened signature the same as before and use a new
session-opened-with-session-id signal to keep ABI compatibility
Related: RHEL-46383
* Thu Jun 12 2025 Joan Torres <joantolo@redhat.com> - 40.1-31
- Fix legacy-xorg session switching
The fix that intended to fix the issue wasn't complete and also,
introduced a bug on user switching for non legacy-xorg servers.
This fix addresses both issues.
- Avoid waiting 10s when starting GDM in legacy-xorg mode
Resolves: RHEL-97492
Resolves: RHEL-72694
* Fri May 09 2025 Joan Torres <joantolo@redhat.com> - 40.1-30
- Handle conflicting sessions on greeter and allow terminating them
Resolves: RHEL-46383
* Wed May 07 2025 Joan Torres <joantolo@redhat.com> - 40.1-29
- Define missing HAVE_LIBAUDIT
Resolves: RHEL-89936
* Fri Mar 07 2025 Tomas Pelka - 40.1-28
- Use systemd sysusers config to create user and group
Resolves: RHEL-78738
Resolves: RHEL-82643
* Wed Jul 24 2024 Ray Strode <rstrode@redhat.com> - 40.1-27
- More fixes with wayland->xorg fallback