diff --git a/SOURCES/0001-Handle-conflicting-sessions.patch b/SOURCES/0001-Handle-conflicting-sessions.patch new file mode 100644 index 0000000..bfebf39 --- /dev/null +++ b/SOURCES/0001-Handle-conflicting-sessions.patch @@ -0,0 +1,422 @@ +From e204ee23d7626ee09684494b49774d8fae4d6056 Mon Sep 17 00:00:00 2001 +From: Joan Torres +Date: Thu, 8 May 2025 11:27:03 +0200 +Subject: [PATCH 1/3] manager: Use full verification on incompatible login + session + +Two sessions are incompatible if they don't share the same +seat_id. + +From a login session, when the logged in user session was previously +started and is incompatible with this login session, don't do the +reauthentication process and do the full verification instead. This will +be used in next commits to shutdown the previously started session and +start a new session. + +Part-of +--- + daemon/gdm-manager.c | 92 ++++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 92 insertions(+) + +diff --git a/daemon/gdm-manager.c b/daemon/gdm-manager.c +index 9c10adff3..051420ac8 100644 +--- a/daemon/gdm-manager.c ++++ b/daemon/gdm-manager.c +@@ -28,6 +28,7 @@ + #include + #include + #include ++#include + + #include + #include +@@ -1116,6 +1117,85 @@ open_temporary_reauthentication_channel (GdmManager *self, + return g_strdup (address); + } + ++static gboolean ++is_session_graphical (const char *session_id) ++{ ++ const char * const graphical_session_types[] = { "wayland", "x11", NULL }; ++ int res; ++ g_autofree char *type = NULL; ++ ++ res = sd_session_get_type (session_id, &type); ++ if (res < 0) ++ return FALSE; ++ ++ return g_strv_contains (graphical_session_types, type); ++} ++ ++static gboolean ++is_session_active (const char *session_id) ++{ ++ const char * const active_states[] = { "active", "online", NULL }; ++ int res; ++ g_autofree char *state = NULL; ++ ++ res = sd_session_get_state (session_id, &state); ++ if (res < 0) ++ return FALSE; ++ ++ return g_strv_contains (active_states, state); ++} ++ ++static gboolean ++is_session_on_seat (const char *session_id, ++ const char *seat_id) ++{ ++ int res; ++ g_autofree char *session_seat = NULL; ++ ++ res = sd_session_get_seat (session_id, &session_seat); ++ if (res < 0) ++ return FALSE; ++ ++ return g_strcmp0 (seat_id, session_seat) == 0; ++} ++ ++static char ** ++find_conflicting_sessions (const char *username, ++ const char *seat_id) ++{ ++ struct passwd *passwd_entry; ++ g_auto (GStrv) sessions = NULL; ++ g_autoptr (GStrvBuilder) builder = NULL; ++ int n_sessions; ++ int i; ++ uid_t uid; ++ ++ gdm_get_pwent_for_name (username, &passwd_entry); ++ if (passwd_entry == NULL) { ++ return FALSE; ++ } ++ ++ builder = g_strv_builder_new (); ++ ++ uid = passwd_entry->pw_uid; ++ ++ n_sessions = sd_uid_get_sessions (uid, 0, &sessions); ++ for (i = n_sessions - 1; i >= 0; i--) { ++ if (!is_session_graphical (sessions[i])) ++ continue; ++ ++ if (!is_session_active (sessions[i])) ++ continue; ++ ++ if (is_session_on_seat (sessions[i], seat_id)) ++ continue; ++ ++ g_strv_builder_add (builder, g_strdup (sessions[i])); ++ } ++ ++ return g_strv_builder_end (builder); ++} ++ + static gboolean + gdm_manager_handle_open_reauthentication_channel (GdmDBusManager *manager, + GDBusMethodInvocation *invocation, +@@ -1154,6 +1234,18 @@ gdm_manager_handle_open_reauthentication_channel (GdmDBusManager *manager + username, + seat_id, + NULL); ++ if (session == NULL) { ++ g_auto (GStrv) conflicting_sessions = NULL; ++ ++ conflicting_sessions = find_conflicting_sessions (username, seat_id); ++ if (g_strv_length (conflicting_sessions) != 0) { ++ g_dbus_method_invocation_return_error_literal (invocation, ++ G_DBUS_ERROR, ++ G_DBUS_ERROR_ACCESS_DENIED, ++ "Found incompatible user session"); ++ return TRUE; ++ } ++ } + } else { + g_debug ("GdmManager: looking for user session on display"); + session = get_user_session_for_display (display); +-- +2.49.0 + + +From 239aefa42bcba99fa7eac12b98b4dd7f64ef9608 Mon Sep 17 00:00:00 2001 +From: Joan Torres +Date: Thu, 8 May 2025 11:50:26 +0200 +Subject: [PATCH 2/3] session: Stop conflicting session + +This happens when at the login gnome-shell it's been displayed the dialog +requesting to logout the existing session. When the user chose to stop +the existing session it will use the method "StopConflictingSession" +and then the manager kills that session using logind interface. + +Part-of +--- + common/gdm-common.c | 32 ++++++++++++++++++++++++++++++++ + common/gdm-common.h | 4 ++++ + daemon/gdm-manager.c | 28 ++++++++++++++++++++++++++++ + daemon/gdm-session.c | 41 +++++++++++++++++++++++++++++++++++++++++ + daemon/gdm-session.xml | 2 ++ + 5 files changed, 107 insertions(+) + +diff --git a/common/gdm-common.c b/common/gdm-common.c +index 92029027b..d5290acdd 100644 +--- a/common/gdm-common.c ++++ b/common/gdm-common.c +@@ -381,6 +381,38 @@ gdm_activate_session_by_id (GDBusConnection *connection, + return TRUE; + } + ++gboolean ++gdm_terminate_session_by_id (GDBusConnection *connection, ++ GCancellable *cancellable, ++ const char *session_id) ++{ ++ GError *local_error = NULL; ++ GVariant *reply; ++ ++ g_return_val_if_fail (G_IS_DBUS_CONNECTION (connection), FALSE); ++ g_return_val_if_fail (session_id != NULL, FALSE); ++ ++ reply = g_dbus_connection_call_sync (connection, ++ "org.freedesktop.login1", ++ "/org/freedesktop/login1", ++ "org.freedesktop.login1.Manager", ++ "TerminateSession", ++ g_variant_new ("(s)", session_id), ++ NULL, ++ G_DBUS_CALL_FLAGS_NONE, ++ -1, ++ cancellable, &local_error); ++ if (reply == NULL) { ++ g_warning ("Unable to terminate session: %s", local_error->message); ++ g_error_free (local_error); ++ return FALSE; ++ } ++ ++ g_variant_unref (reply); ++ ++ return TRUE; ++} ++ + gboolean + gdm_get_login_window_session_id (const char *seat_id, + char **session_id) +diff --git a/common/gdm-common.h b/common/gdm-common.h +index c42f556a4..ea012dc88 100644 +--- a/common/gdm-common.h ++++ b/common/gdm-common.h +@@ -91,6 +91,10 @@ gboolean gdm_activate_session_by_id (GDBusConnection *connection, + const char *seat_id, + const char *session_id); + ++gboolean gdm_terminate_session_by_id (GDBusConnection *connection, ++ GCancellable *cancellable, ++ const char *session_id); ++ + void gdm_load_env_d (GdmLoadEnvVarFunc load_env_func, + GdmExpandVarFunc expand_func, + gpointer user_data); +diff --git a/daemon/gdm-manager.c b/daemon/gdm-manager.c +index 051420ac8..4f68448e3 100644 +--- a/daemon/gdm-manager.c ++++ b/daemon/gdm-manager.c +@@ -2152,6 +2152,37 @@ on_session_reauthenticated (GdmSession *session, + switch_to_compatible_user_session (manager, session, fail_if_already_switched); + } + ++static void ++on_stop_conflicting_session (GdmSession *login_session, ++ const char *username, ++ GdmManager *manager) ++{ ++ g_auto (GStrv) session_ids = NULL; ++ const char *seat_id; ++ int i; ++ ++ seat_id = gdm_session_get_display_seat_id (login_session); ++ ++ session_ids = find_conflicting_sessions (username, seat_id); ++ if (g_strv_length (session_ids) == 0) { ++ g_warning ("Couldn't find conflicting sessions for user"); ++ return; ++ } ++ ++ for (i = 0; i < g_strv_length (session_ids); i++) { ++ // Don't kill conflicting session if it's not tracked, ++ // this ensures the new session isn't killed (because ++ // it's considered a conflicting session). ++ if (!gdm_display_store_find (manager->priv->display_store, ++ lookup_by_session_id, ++ (gpointer) session_ids[i])) ++ continue; ++ ++ if (!gdm_terminate_session_by_id (manager->priv->connection, NULL, session_ids[i])) ++ g_warning ("Failed to terminate conflicting session: %s", session_ids[i]); ++ } ++} ++ + static void + on_session_client_ready_for_session_to_start (GdmSession *session, + const char *service_name, +@@ -2443,6 +2467,10 @@ create_user_session_for_display (GdmManager *manager, + "reauthenticated", + G_CALLBACK (on_session_reauthenticated), + manager); ++ g_signal_connect (session, ++ "stop-conflicting-session", ++ G_CALLBACK (on_stop_conflicting_session), ++ manager); + g_signal_connect (session, + "client-ready-for-session-to-start", + G_CALLBACK (on_session_client_ready_for_session_to_start), +diff --git a/daemon/gdm-session.c b/daemon/gdm-session.c +index a010cecf5..7ea6c3fb7 100644 +--- a/daemon/gdm-session.c ++++ b/daemon/gdm-session.c +@@ -137,6 +137,7 @@ struct _GdmSession + + guint32 is_program_session : 1; + guint32 display_is_initial : 1; ++ guint32 is_opened : 1; + }; + + enum { +@@ -177,6 +178,7 @@ enum { + SESSION_DIED, + REAUTHENTICATION_STARTED, + REAUTHENTICATED, ++ STOP_CONFLICTING_SESSION, + LAST_SIGNAL + }; + +@@ -895,6 +897,8 @@ on_opened (GdmDBusWorker *worker, + + g_debug ("GdmSession: Emitting 'session-opened' signal"); + g_signal_emit (self, signals[SESSION_OPENED], 0, service_name, session_id); ++ ++ self->is_opened = TRUE; + } else { + report_and_stop_conversation (self, service_name, error); + +@@ -1572,6 +1576,28 @@ gdm_session_handle_get_timed_login_details (GdmDBusGreeter *greeter_inter + return TRUE; + } + ++static gboolean ++gdm_session_handle_client_stop_conflicting_session (GdmDBusGreeter *greeter_interface, ++ GDBusMethodInvocation *invocation, ++ GdmSession *self) ++{ ++ if (!self->is_opened) { ++ g_dbus_method_invocation_return_error_literal (invocation, G_DBUS_ERROR, ++ G_DBUS_ERROR_ACCESS_DENIED, ++ "Can't stop conflicting session if this session is not opened yet"); ++ return TRUE; ++ } ++ ++ g_signal_emit (self, signals[STOP_CONFLICTING_SESSION], 0, self->selected_user); ++ ++ if (self->greeter_interface != NULL) { ++ gdm_dbus_greeter_complete_stop_conflicting_session (self->greeter_interface, ++ invocation); ++ } ++ ++ return TRUE; ++} ++ + static gboolean + gdm_session_handle_client_begin_auto_login (GdmDBusGreeter *greeter_interface, + GDBusMethodInvocation *invocation, +@@ -1675,6 +1701,10 @@ export_greeter_interface (GdmSession *self, + "handle-get-timed-login-details", + G_CALLBACK (gdm_session_handle_get_timed_login_details), + self); ++ g_signal_connect (greeter_interface, ++ "handle-stop-conflicting-session", ++ G_CALLBACK (gdm_session_handle_client_stop_conflicting_session), ++ self); + + g_dbus_interface_skeleton_export (G_DBUS_INTERFACE_SKELETON (greeter_interface), + connection, +@@ -3943,6 +3973,17 @@ gdm_session_class_init (GdmSessionClass *session_class) + g_cclosure_marshal_VOID__VOID, + G_TYPE_NONE, + 0); ++ signals [STOP_CONFLICTING_SESSION] = ++ g_signal_new ("stop-conflicting-session", ++ GDM_TYPE_SESSION, ++ G_SIGNAL_RUN_FIRST, ++ 0, ++ NULL, ++ NULL, ++ NULL, ++ G_TYPE_NONE, ++ 1, ++ G_TYPE_STRING); + + g_object_class_install_property (object_class, + PROP_VERIFICATION_MODE, +diff --git a/daemon/gdm-session.xml b/daemon/gdm-session.xml +index 137be5e27..e5a1e4bb3 100644 +--- a/daemon/gdm-session.xml ++++ b/daemon/gdm-session.xml +@@ -114,6 +114,8 @@ + + + ++ ++ + + + +-- +2.49.0 + + +From b70145ecaabe57e947bfb703bbd5d2e7b953609d Mon Sep 17 00:00:00 2001 +From: Joan Torres +Date: Thu, 8 May 2025 11:52:40 +0200 +Subject: [PATCH 3/3] session: On greeter add SessionOpenedWithSessionId signal + +This session_id will be used by the gnome-shell at login session when +searching if there's already a user session opened, ignoring this one which is +being opened. + +Part-of +--- + daemon/gdm-session.c | 3 +++ + daemon/gdm-session.xml | 4 ++++ + 2 files changed, 7 insertions(+) + +diff --git a/daemon/gdm-session.c b/daemon/gdm-session.c +index 8e7c6774a..cd758e18f 100644 +--- a/daemon/gdm-session.c ++++ b/daemon/gdm-session.c +@@ -976,6 +976,9 @@ on_opened (GdmDBusWorker *worker, + if (self->greeter_interface != NULL) { + gdm_dbus_greeter_emit_session_opened (self->greeter_interface, + service_name); ++ gdm_dbus_greeter_emit_session_opened_with_session_id (self->greeter_interface, ++ service_name, ++ session_id); + } + + g_debug ("GdmSession: Emitting 'session-opened' signal"); +diff --git a/daemon/gdm-session.xml b/daemon/gdm-session.xml +index f22e37c8c..9ba2fb213 100644 +--- a/daemon/gdm-session.xml ++++ b/daemon/gdm-session.xml +@@ -156,6 +156,10 @@ + + + ++ ++ ++ ++ + + + +-- +2.49.0 + diff --git a/SOURCES/0001-libgdm-Don-t-collect-twice-sessions-on-usr-share.patch b/SOURCES/0001-libgdm-Don-t-collect-twice-sessions-on-usr-share.patch new file mode 100644 index 0000000..fe19d32 --- /dev/null +++ b/SOURCES/0001-libgdm-Don-t-collect-twice-sessions-on-usr-share.patch @@ -0,0 +1,167 @@ +From b52648f991e4537b18620444f4d7b2f9663aed33 Mon Sep 17 00:00:00 2001 +From: Joan Torres Lopez +Date: Mon, 9 Jun 2025 17:00:54 +0200 +Subject: [PATCH 1/2] libgdm: Don't collect twice sessions on /usr/share + +Using system_data_dirs already includes /usr/share, so we don't need to +add it manually. +--- + docs/C/index.docbook | 4 ++-- + libgdm/gdm-sessions.c | 9 --------- + 2 files changed, 2 insertions(+), 11 deletions(-) + +diff --git a/docs/C/index.docbook b/docs/C/index.docbook +index 134b9bc..ab2a87f 100644 +--- a/docs/C/index.docbook ++++ b/docs/C/index.docbook +@@ -2002,8 +2002,8 @@ AutostartCondition=GNOME /desktop/gnome/applications/at/screen_keyboard_enabled + search the following directories in this order to find desktop files: + <etc>/X11/sessions/, + <dmconfdir>/Sessions, +- <share>/xsessions, and +- <share>/gdm/BuiltInSessions. By default the ++ <share>/gdm/BuiltInSessions, and ++ <share>/xsessions. By default the + <dmconfdir> is set to + <etc>/dm/ unless GDM is configured to use + a different directory via the "--with-dmconfdir" option. +diff --git a/libgdm/gdm-sessions.c b/libgdm/gdm-sessions.c +index f078e04..e4a0e6b 100644 +--- a/libgdm/gdm-sessions.c ++++ b/libgdm/gdm-sessions.c +@@ -275,7 +275,6 @@ collect_sessions (void) + "/etc/X11/sessions/", + DMCONFDIR "/Sessions/", + DATADIR "/gdm/BuiltInSessions/", +- DATADIR "/xsessions/", + }; + g_auto (GStrv) supported_session_types = NULL; + +@@ -296,20 +295,12 @@ collect_sessions (void) + } + + #ifdef ENABLE_WAYLAND_SUPPORT +- const char *wayland_search_dirs[] = { +- DATADIR "/wayland-sessions/", +- }; +- + wayland_search_array = g_ptr_array_new_with_free_func (g_free); + + for (i = 0; system_data_dirs[i]; i++) { + session_dir = g_build_filename (system_data_dirs[i], "wayland-sessions", NULL); + g_ptr_array_add (wayland_search_array, session_dir); + } +- +- for (i = 0; i < G_N_ELEMENTS (wayland_search_dirs); i++) { +- g_ptr_array_add (wayland_search_array, g_strdup (wayland_search_dirs[i])); +- } + #endif + + if (gdm_available_sessions_map == NULL) { +-- +2.50.1 + +From ac9d403b5b27cbd8396a696223cd96fbac56f142 Mon Sep 17 00:00:00 2001 +From: Joan Torres Lopez +Date: Mon, 9 Jun 2025 17:11:01 +0200 +Subject: [PATCH 2/2] libgdm: Ensure loading session files is done in the right + order + +Loading session files is done with the following precedence order: +1. Sessions defined in /etc/X11/sessions/ +2. Sessions defined in /Sessions +3. Built-in sessions in /gdm/BuiltInSessions +4. X11 sessions in system_data_dirs +5. Wayland sessions in system_data_dirs + +Sessions dirs have precedence in the order they are added to +dirs_search_array. + +This fixes an issue where sessions at system_data_dirs were being added +before sessions in /etc/. +--- + libgdm/gdm-sessions.c | 49 +++++++++++++++++-------------------------- + 1 file changed, 19 insertions(+), 30 deletions(-) + +diff --git a/libgdm/gdm-sessions.c b/libgdm/gdm-sessions.c +index e4a0e6b..e0d0044 100644 +--- a/libgdm/gdm-sessions.c ++++ b/libgdm/gdm-sessions.c +@@ -267,8 +267,7 @@ static void + collect_sessions (void) + { + g_autoptr(GHashTable) names_seen_before = NULL; +- g_autoptr(GPtrArray) xorg_search_array = NULL; +- g_autoptr(GPtrArray) wayland_search_array = NULL; ++ g_autoptr(GPtrArray) dirs_search_array = NULL; + gchar *session_dir = NULL; + int i; + const char *xorg_search_dirs[] = { +@@ -281,26 +280,30 @@ collect_sessions (void) + supported_session_types = g_strsplit (g_getenv ("GDM_SUPPORTED_SESSION_TYPES"), ":", -1); + + names_seen_before = g_hash_table_new (g_str_hash, g_str_equal); +- xorg_search_array = g_ptr_array_new_with_free_func (g_free); ++ dirs_search_array = g_ptr_array_new_with_free_func (g_free); + + const gchar * const *system_data_dirs = g_get_system_data_dirs (); + +- for (i = 0; system_data_dirs[i]; i++) { +- session_dir = g_build_filename (system_data_dirs[i], "xsessions", NULL); +- g_ptr_array_add (xorg_search_array, session_dir); +- } ++ if (!supported_session_types || g_strv_contains ((const char * const *) supported_session_types, "x11")) { ++ for (i = 0; i < G_N_ELEMENTS (xorg_search_dirs); i++) { ++ g_ptr_array_add (dirs_search_array, g_strdup (xorg_search_dirs[i])); ++ } + +- for (i = 0; i < G_N_ELEMENTS (xorg_search_dirs); i++) { +- g_ptr_array_add (xorg_search_array, g_strdup (xorg_search_dirs[i])); ++ for (i = 0; system_data_dirs[i]; i++) { ++ session_dir = g_build_filename (system_data_dirs[i], "xsessions", NULL); ++ g_ptr_array_add (dirs_search_array, session_dir); ++ } + } + + #ifdef ENABLE_WAYLAND_SUPPORT +- wayland_search_array = g_ptr_array_new_with_free_func (g_free); +- +- for (i = 0; system_data_dirs[i]; i++) { +- session_dir = g_build_filename (system_data_dirs[i], "wayland-sessions", NULL); +- g_ptr_array_add (wayland_search_array, session_dir); ++#ifdef ENABLE_USER_DISPLAY_SERVER ++ if (!supported_session_types || g_strv_contains ((const char * const *) supported_session_types, "wayland")) { ++ for (i = 0; system_data_dirs[i]; i++) { ++ session_dir = g_build_filename (system_data_dirs[i], "wayland-sessions", NULL); ++ g_ptr_array_add (dirs_search_array, session_dir); ++ } + } ++#endif + #endif + + if (gdm_available_sessions_map == NULL) { +@@ -308,22 +311,10 @@ collect_sessions (void) + g_free, (GDestroyNotify)gdm_session_file_free); + } + +- if (!supported_session_types || g_strv_contains ((const char * const *) supported_session_types, "x11")) { +- for (i = 0; i < xorg_search_array->len; i++) { +- collect_sessions_from_directory (g_ptr_array_index (xorg_search_array, i)); +- } ++ for (i = dirs_search_array->len - 1; i >= 0; i--) { ++ collect_sessions_from_directory (g_ptr_array_index (dirs_search_array, i)); + } + +-#ifdef ENABLE_WAYLAND_SUPPORT +-#ifdef ENABLE_USER_DISPLAY_SERVER +- if (!supported_session_types || g_strv_contains ((const char * const *) supported_session_types, "wayland")) { +- for (i = 0; i < wayland_search_array->len; i++) { +- collect_sessions_from_directory (g_ptr_array_index (wayland_search_array, i)); +- } +- } +-#endif +-#endif +- + g_hash_table_foreach_remove (gdm_available_sessions_map, + remove_duplicate_sessions, + names_seen_before); diff --git a/SOURCES/0001-manager-allow-multiple-xdmcp-logins-for-the-same-use.patch b/SOURCES/0001-manager-allow-multiple-xdmcp-logins-for-the-same-use.patch index f514073..184f163 100644 --- a/SOURCES/0001-manager-allow-multiple-xdmcp-logins-for-the-same-use.patch +++ b/SOURCES/0001-manager-allow-multiple-xdmcp-logins-for-the-same-use.patch @@ -181,34 +181,7 @@ index e1bc62d7..08c3cc17 100644 { const char *username; char *display_name, *hostname, *display_device, *display_seat_id; -@@ -1096,92 +1109,114 @@ open_temporary_reauthentication_channel (GdmManager *self, - g_signal_connect (session, - "client-disconnected", - G_CALLBACK (on_reauthentication_client_disconnected), - self); - g_signal_connect (session, - "client-rejected", - G_CALLBACK (on_reauthentication_client_rejected), - self); - g_signal_connect (session, - "cancelled", - G_CALLBACK (on_reauthentication_cancelled), - self); - g_signal_connect (session, - "conversation-started", - G_CALLBACK (on_reauthentication_conversation_started), - self); - g_signal_connect (session, - "conversation-stopped", - G_CALLBACK (on_reauthentication_conversation_stopped), - self); - g_signal_connect (session, - "verification-complete", - G_CALLBACK (on_reauthentication_verification_complete), - self); - - address = gdm_session_get_server_address (session); - +@@ -1129,6 +1142,21 @@ open_temporary_reauthentication_channel (GdmManager *self, return g_strdup (address); } @@ -225,36 +198,12 @@ index e1bc62d7..08c3cc17 100644 + + return enabled; +} ++ + static gboolean - gdm_manager_handle_open_reauthentication_channel (GdmDBusManager *manager, - GDBusMethodInvocation *invocation, - const char *username) + is_session_graphical (const char *session_id) { - GdmManager *self = GDM_MANAGER (manager); - const char *sender; - GdmDisplay *display = NULL; - GdmSession *session; - GDBusConnection *connection; - char *seat_id = NULL; - char *session_id = NULL; - GPid pid = 0; - uid_t uid = (uid_t) -1; - gboolean is_login_screen = FALSE; - gboolean is_remote = FALSE; - - g_debug ("GdmManager: trying to open reauthentication channel for user %s", username); - - sender = g_dbus_method_invocation_get_sender (invocation); - connection = g_dbus_method_invocation_get_connection (invocation); - get_display_and_details_for_bus_sender (self, connection, sender, &display, &seat_id, &session_id, NULL, &pid, &uid, &is_login_screen, &is_remote); - - if (session_id == NULL || pid == 0 || uid == (uid_t) -1) { - g_dbus_method_invocation_return_error_literal (invocation, - G_DBUS_ERROR, - G_DBUS_ERROR_ACCESS_DENIED, - _("No session available")); - +@@ -1237,6 +1265,14 @@ gdm_manager_handle_open_reauthentication_channel (GdmDBusManager *manager return TRUE; } @@ -269,33 +218,6 @@ index e1bc62d7..08c3cc17 100644 if (is_login_screen) { g_debug ("GdmManager: looking for login screen session for user %s on seat %s", username, seat_id); session = find_session_for_user_on_seat (self, - username, - seat_id, - NULL); - } else { - g_debug ("GdmManager: looking for user session on display"); - session = get_user_session_for_display (display); - } - - if (session != NULL && gdm_session_is_running (session)) { - gdm_session_start_reauthentication (session, pid, uid); - g_hash_table_insert (self->priv->open_reauthentication_requests, - GINT_TO_POINTER (pid), - invocation); - } else if (is_login_screen) { - g_dbus_method_invocation_return_error_literal (invocation, - G_DBUS_ERROR, - G_DBUS_ERROR_ACCESS_DENIED, - "Login screen only allowed to open reauthentication channels for running sessions"); - return TRUE; - } else { - char *address; - address = open_temporary_reauthentication_channel (self, - seat_id, - session_id, - pid, - uid, - is_remote); diff --git a/data/gdm.schemas.in b/data/gdm.schemas.in index a1035f95..929d13d9 100644 --- a/data/gdm.schemas.in diff --git a/SOURCES/0001-meson-Define-missing-HAVE_LIBAUDIT.patch b/SOURCES/0001-meson-Define-missing-HAVE_LIBAUDIT.patch new file mode 100644 index 0000000..12b32f6 --- /dev/null +++ b/SOURCES/0001-meson-Define-missing-HAVE_LIBAUDIT.patch @@ -0,0 +1,25 @@ +From ca61c480ed7ec714f3253c221df7676c341c65c5 Mon Sep 17 00:00:00 2001 +From: Joan Torres +Date: Wed, 7 May 2025 10:40:47 +0200 +Subject: [PATCH] meson: Define missing HAVE_LIBAUDIT + +This allows using libaudit to use audit logs. +--- + meson.build | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/meson.build b/meson.build +index 64b986285..867cb4e26 100644 +--- a/meson.build ++++ b/meson.build +@@ -210,6 +210,7 @@ conf.set_quoted('GDM_PID_FILE', gdm_pid_file) + conf.set_quoted('GNOME_SETTINGS_DAEMON_DIR', gnome_settings_daemon_dir) + conf.set_quoted('LANG_CONFIG_FILE', lang_config_file) + conf.set('HAVE_ADT', have_adt) ++conf.set('HAVE_LIBAUDIT', libaudit_dep.found()) + conf.set('HAVE_UTMP_H', have_utmp_header) + conf.set('HAVE_UTMPX_H', have_utmpx_header) + conf.set('HAVE_POSIX_GETPWNAM_R', have_posix_getpwnam_r) +-- +2.49.0 + diff --git a/SPECS/gdm.spec b/SPECS/gdm.spec index 210d949..0696d9c 100644 --- a/SPECS/gdm.spec +++ b/SPECS/gdm.spec @@ -11,7 +11,7 @@ Name: gdm Epoch: 1 Version: 40.1 -Release: 30%{?dist} +Release: 38%{?dist} Summary: The GNOME Display Manager License: GPLv2+ @@ -62,7 +62,13 @@ Patch110001: 0001-display-Add-new-FAILING-state.patch Patch110002: 0002-manager-Quit-plymouth-at-first-sign-of-failure.patch Patch110003: 0003-manager-Quit-plymouth-synchronously.patch -Patch120001: 0001-session-Fix-memory-leak-on-new-outside-connection.patch +Patch120001: 0001-meson-Define-missing-HAVE_LIBAUDIT.patch + +Patch130001: 0001-Handle-conflicting-sessions.patch + +Patch140001: 0001-session-Fix-memory-leak-on-new-outside-connection.patch + +Patch150001: 0001-libgdm-Don-t-collect-twice-sessions-on-usr-share.patch # Non-upstreamable workarounds Patch66610001: 0001-data-reap-gdm-sessions-on-shutdown.patch @@ -79,7 +85,6 @@ Patch99930001: 0001-data-add-system-dconf-databases-to-gdm-profile.patch Patch99950001: 0001-data-Disable-network-configuration-on-login-screen.patch - BuildRequires: accountsservice-devel BuildRequires: audit-libs-devel >= %{libauditver} BuildRequires: dconf @@ -368,21 +373,56 @@ dconf update || : %{_libdir}/pkgconfig/gdm-pam-extensions.pc %changelog -* Fri Jun 20 2025 Joan Torres - 40.1-30 -- Fix leak on new connections - Resolves: RHEL-98725 +* Thu Oct 2 2025 Joan Torres Lopez - 40.1-38 +- Fix issue on conflicting sessions when they are remote + Resolves: RHEL-123357 -* Thu Jun 12 2025 Joan Torres - 40.1-29 +* Thu Aug 21 2025 Joan Torres Lopez - 40.1-37 +- Fix precedence order when loading sessions + Resolves: RHEL-4133 + +* Thu Jul 31 2025 Joan Torres - 40.1-36 +- Remove adding -nocursor option. Using a cursor-theme already allows this. + Related: RHEL-81194 + +* Wed Jul 16 2025 Joan Torres - 40.1-35 +- Instead of allowing adding custom parameters to Xorg, + only allow adding -nocursor. Allowing adding custom parameters + is a potential security issue. + Related: RHEL-81194 + +* Mon Jul 14 2025 Joan Torres - 40.1-34 +- Allow adding custom parameters to Xorg + Resolves: RHEL-81194 + +* Fri Jun 20 2025 Joan Torres - 40.1-33 +- Fix leak on new connections + Resolves: RHEL-98562 + +* Thu Jun 19 2025 Joan Torres - 40.1-32 +- Leave session-opened signature the same as before and use a new + session-opened-with-session-id signal to keep ABI compatibility + Related: RHEL-46383 + +* Thu Jun 12 2025 Joan Torres - 40.1-31 - Fix legacy-xorg session switching The fix that intended to fix the issue wasn't complete and also, introduced a bug on user switching for non legacy-xorg servers. This fix addresses both issues. - Avoid waiting 10s when starting GDM in legacy-xorg mode - Resolves: RHEL-97492 + Resolves: RHEL-72694 + +* Fri May 09 2025 Joan Torres - 40.1-30 +- Handle conflicting sessions on greeter and allow terminating them + Resolves: RHEL-46383 + +* Wed May 07 2025 Joan Torres - 40.1-29 +- Define missing HAVE_LIBAUDIT + Resolves: RHEL-89936 * Fri Mar 07 2025 Tomas Pelka - 40.1-28 - Use systemd sysusers config to create user and group - Resolves: RHEL-78738 + Resolves: RHEL-82643 * Wed Jul 24 2024 Ray Strode - 40.1-27 - More fixes with wayland->xorg fallback