rpms/gdm
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Update tons of patches

Browse Source
This commit is contained in:
Matthias Clasen 2007-05-21 18:00:19 +00:00
parent 30fade7e26
commit 6941265f47
18 changed files with 1515 additions and 1873 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.cvsignore
View File

@ -1,2 +1 @@
gdm-2.18.0.tar.bz2
fedora-faces-20070319.tar.bz2
gdm-2.19.1.tar.bz2

171
gdm-2.17.6-audit-login.patch
View File

@ -1,171 +0,0 @@
--- gdm-2.17.6/configure.ac.audit-login 2007-01-30 16:21:18.000000000 -0500
+++ gdm-2.17.6/configure.ac 2007-02-07 22:27:55.000000000 -0500
@@ -825,6 +825,10 @@
AC_SUBST(logdir, ${localstatedir}/log/gdm)
AC_SUBST(pixmapdir, ${datadir}/pixmaps)
+AC_ARG_WITH(libaudit,
+ [ --with-libaudit=[auto/yes/no] Add Linux audit support [default=auto]],,
+ with_libaudit=auto)
+
withval=""
AC_ARG_WITH(at-bindir,
[ --with-at-bindir=<PATH> PATH to Accessible Technology programs [default=BINDIR]],)
@@ -936,6 +940,24 @@
AC_MSG_RESULT(no)
fi
+# Check for Linux auditing API
+#
+# libaudit detection
+if test x$with_libaudit = xno ; then
+ have_libaudit=no;
+else
+ # See if we have audit daemon library
+ AC_CHECK_LIB(audit, audit_log_user_message,
+ have_libaudit=yes, have_libaudit=no)
+fi
+
+AM_CONDITIONAL(HAVE_LIBAUDIT, test x$have_libaudit = xyes)
+
+if test x$have_libaudit = xyes ; then
+ EXTRA_DAEMON_LIBS="$EXTRA_DAEMON_LIBS -laudit"
+ AC_DEFINE(HAVE_LIBAUDIT,1,[linux audit support])
+fi
+
# Check for Solaris auditing API
# Note, Solaris auditing not supported for Solaris 9 or earlier and
# should not be used on these versions of Solaris if auditing is
--- gdm-2.17.6/daemon/verify-pam.c.audit-login 2007-02-07 22:05:17.000000000 -0500
+++ gdm-2.17.6/daemon/verify-pam.c 2007-02-07 22:30:55.000000000 -0500
@@ -47,6 +47,14 @@
#include <bsm/adt_event.h>
#endif /* HAVE_ADT */
+#define AU_FAILED 0
+#define AU_SUCCESS 1
+#ifdef HAVE_LIBAUDIT
+#include <libaudit.h>
+#else
+#define log_to_audit_system(l,h,d,s) do { ; } while (0)
+#endif
+
/* Evil, but this way these things are passed to the child session */
static pam_handle_t *pamh = NULL;
@@ -784,6 +792,53 @@
return TRUE;
}
+/**
+ * log_to_audit_system:
+ * @login: Name of user
+ * @hostname: Name of host machine
+ * @tty: Name of display
+ * @success: 1 for success, 0 for failure
+ *
+ * Logs the success or failure of the login attempt with the linux kernel
+ * audit system. The intent is to capture failed events where the user
+ * fails authentication or otherwise is not permitted to login. There are
+ * many other places where pam could potentially fail and cause login to
+ * fail, but these are system failures rather than the signs of an account
+ * being hacked.
+ *
+ * Returns nothing.
+ */
+
+#ifdef HAVE_LIBAUDIT
+static void
+log_to_audit_system(const char *login,
+ const char *hostname,
+ const char *tty,
+ gboolean success)
+{
+ struct passwd *pw;
+ char buf[64];
+ int audit_fd;
+
+ audit_fd = audit_open();
+ if (login)
+ pw = getpwnam(login);
+ else {
+ login = "unknown";
+ pw = NULL;
+ }
+ if (pw) {
+ snprintf(buf, sizeof(buf), "uid=%d", pw->pw_uid);
+ audit_log_user_message(audit_fd, AUDIT_USER_LOGIN,
+ buf, hostname, NULL, tty, (int)success);
+ } else {
+ snprintf(buf, sizeof(buf), "acct=%s", login);
+ audit_log_user_message(audit_fd, AUDIT_USER_LOGIN,
+ buf, hostname, NULL, tty, (int)success);
+ }
+ close(audit_fd);
+}
+#endif
/**
* gdm_verify_user:
@@ -903,6 +958,9 @@
/* Start authentication session */
did_we_ask_for_password = FALSE;
if ((pamerr = pam_authenticate (pamh, null_tok)) != PAM_SUCCESS) {
+ /* Log the failed login attempt */
+ log_to_audit_system(login, d->hostname, display, AU_FAILED);
+
if ( ! ve_string_empty (selected_user)) {
pam_handle_t *tmp_pamh;
@@ -1024,6 +1082,8 @@
( ! gdm_get_value_bool (GDM_KEY_ALLOW_REMOTE_ROOT) && ! local) ) &&
pwent != NULL &&
pwent->pw_uid == 0) {
+ /* Log the failed login attempt */
+ log_to_audit_system(login, d->hostname, display, AU_FAILED);
gdm_error (_("Root login disallowed on display '%s'"),
display);
gdm_slave_greeter_ctl_no_ret (GDM_ERRBOX,
@@ -1057,6 +1117,8 @@
break;
case PAM_NEW_AUTHTOK_REQD :
if ((pamerr = pam_chauthtok (pamh, PAM_CHANGE_EXPIRED_AUTHTOK)) != PAM_SUCCESS) {
+ /* Log the failed login attempt */
+ log_to_audit_system(login, d->hostname, display, AU_FAILED);
gdm_error (_("Authentication token change failed for user %s"), login);
gdm_slave_greeter_ctl_no_ret (GDM_ERRBOX,
_("\nThe change of the authentication token failed. "
@@ -1074,18 +1136,24 @@
#endif /* HAVE_ADT */
break;
case PAM_ACCT_EXPIRED :
+ /* Log the failed login attempt */
+ log_to_audit_system(login, d->hostname, display, AU_FAILED);
gdm_error (_("User %s no longer permitted to access the system"), login);
gdm_slave_greeter_ctl_no_ret (GDM_ERRBOX,
_("\nThe system administrator has disabled your account."));
error_msg_given = TRUE;
goto pamerr;
case PAM_PERM_DENIED :
+ /* Log the failed login attempt */
+ log_to_audit_system(login, d->hostname, display, AU_FAILED);
gdm_error (_("User %s not permitted to gain access at this time"), login);
gdm_slave_greeter_ctl_no_ret (GDM_ERRBOX,
_("\nThe system administrator has disabled access to the system temporarily."));
error_msg_given = TRUE;
goto pamerr;
default :
+ /* Log the failed login attempt */
+ log_to_audit_system(login, d->hostname, display, AU_FAILED);
if (gdm_slave_action_pending ())
gdm_error (_("Couldn't set acct. mgmt for %s"), login);
goto pamerr;
@@ -1137,6 +1205,8 @@
gdm_error (_("Couldn't open session for %s"), login);
goto pamerr;
}
+ /* Login succeeded */
+ log_to_audit_system(login, d->hostname, display, AU_SUCCESS);
/* Workaround to avoid gdm messages being logged as PAM_pwdb */
closelog ();

92
gdm-2.18.0-add-lowres-fix.patch
View File

@ -1,92 +0,0 @@
--- gdm-2.18.0/gui/greeter/greeter_item.c.add-lowres-fix 2007-03-11 17:46:10.000000000 -0400
+++ gdm-2.18.0/gui/greeter/greeter_item.c 2007-03-20 12:13:24.000000000 -0400
@@ -26,6 +26,7 @@
#include <unistd.h>
#include "gdm.h"
+#include "gdmwm.h"
#include "gdmconfig.h"
#include "gdmcommon.h"
#include "misc.h"
@@ -181,6 +182,10 @@
! (info->show_modes & GREETER_ITEM_SHOW_REMOTE))
return FALSE;
+ if ((gdm_wm_screen.width < info->minimum_required_screen_width) ||
+ (gdm_wm_screen.height < info->minimum_required_screen_height))
+ return FALSE;
+
sysmenu = gdm_config_get_bool (GDM_KEY_SYSTEM_MENU);
if (( ! gdm_config_get_bool (GDM_KEY_CONFIG_AVAILABLE) ||
--- gdm-2.18.0/gui/greeter/greeter_parser.c.add-lowres-fix 2007-03-20 12:13:24.000000000 -0400
+++ gdm-2.18.0/gui/greeter/greeter_parser.c 2007-03-20 12:45:26.000000000 -0400
@@ -27,6 +27,7 @@
#include <gdk/gdkx.h>
#include <locale.h>
#include <glib/gi18n.h>
+#include <syslog.h>
#include "gdmwm.h"
#include "gdmcommon.h"
@@ -597,7 +598,23 @@
}
xmlFree (prop);
}
-
+
+ prop = xmlGetProp (node,(const xmlChar *) "min-screen-width");
+ if (prop != NULL)
+ {
+ syslog (LOG_ERR, "minimum width is %d", info->minimum_required_screen_height);
+ info->minimum_required_screen_width = atoi ((char *) prop);
+ xmlFree (prop);
+ }
+
+ prop = xmlGetProp (node,(const xmlChar *) "min-screen-height");
+ if (prop != NULL)
+ {
+ info->minimum_required_screen_height = atoi ((char *) prop);
+ syslog (LOG_ERR, "minimum height is %d", info->minimum_required_screen_height);
+ xmlFree (prop);
+ }
+
prop = xmlGetProp (node,(const xmlChar *) "modes");
if (prop != NULL)
{
--- gdm-2.18.0/gui/greeter/greeter_item.h.add-lowres-fix 2007-03-20 12:13:24.000000000 -0400
+++ gdm-2.18.0/gui/greeter/greeter_item.h 2007-03-20 12:13:24.000000000 -0400
@@ -89,6 +89,10 @@
float y;
float width;
float height;
+
+ int minimum_required_screen_width;
+ int minimum_required_screen_height;
+
GreeterItemPosType x_type:2;
GreeterItemPosType y_type:2;
GreeterItemSizeType width_type:4;
--- gdm-2.18.0/docs/C/gdm.xml.add-lowres-fix 2007-03-20 12:53:33.000000000 -0400
+++ gdm-2.18.0/docs/C/gdm.xml 2007-03-20 12:56:20.000000000 -0400
@@ -6544,6 +6544,20 @@
</para>
<para>
+ Alternatively, you can specify a &quot;min-screen-width&quot; or
+ &quot;min-screen-height&quot; value to indicate that certain
+ items should only be displayed if the screen resolution is the
+ at least the given required size.
+ </para>
+
+ <para>
+ For example:
+<screen>
+&lt;show min-screen-height=&quot;768&quot;/&gt;
+</screen>
+ </para>
+
+ <para>
Note that if SystemMenu is off then the halt, restart, suspend,
chooser and config choices will not be shown, so this is a global
toggle for them all. See some of the standard themes for how the

69
gdm-2.18.0-dont-expect-utf8.patch
View File

@ -1,69 +0,0 @@
--- gdm-2.18.0/gui/gdmlogin.c.dont-expect-utf8 2007-04-05 12:02:47.000000000 -0400
+++ gdm-2.18.0/gui/gdmlogin.c 2007-04-05 12:03:24.000000000 -0400
@@ -2042,8 +2042,8 @@
char *label;
char *login, *gecos;
- login = g_markup_escape_text (usr->login, -1);
- gecos = g_markup_escape_text (usr->gecos, -1);
+ login = gdm_common_text_to_escaped_utf8 (usr->login);
+ gecos = gdm_common_text_to_escaped_utf8 (usr->gecos);
label = g_strdup_printf ("<b>%s</b>\n%s",
login,
--- gdm-2.18.0/gui/gdmcommon.c.dont-expect-utf8 2007-04-05 11:59:23.000000000 -0400
+++ gdm-2.18.0/gui/gdmcommon.c 2007-04-05 12:02:29.000000000 -0400
@@ -379,6 +379,29 @@
return pixbuf;
}
+gchar *
+gdm_common_text_to_escaped_utf8 (const char *text)
+{
+ gchar *utf8_string, *escaped_string, *p;
+ const gchar *q;
+
+ utf8_string = g_strdup (text);
+ p = utf8_string;
+ while ((*p != '\0') &&
+ !g_utf8_validate (p, -1, &q)) {
+ p = (gchar *) q;
+ *p = '?';
+ p++;
+ }
+
+ g_assert (g_utf8_validate (utf8_string, -1, NULL));
+
+ escaped_string = g_markup_escape_text (utf8_string, -1);
+ g_free (utf8_string);
+
+ return escaped_string;
+}
+
gchar *
gdm_common_get_config_file (void)
{
--- gdm-2.18.0/gui/gdmcommon.h.dont-expect-utf8 2007-04-05 11:59:37.000000000 -0400
+++ gdm-2.18.0/gui/gdmcommon.h 2007-04-05 12:00:40.000000000 -0400
@@ -58,6 +58,7 @@
guint max_width,
guint max_height);
+gchar* gdm_common_text_to_escaped_utf8 (const char *text);
gchar* gdm_common_get_config_file (void);
gchar* gdm_common_get_custom_config_file (void);
gboolean gdm_common_select_time_format (void);
--- gdm-2.18.0/gui/greeter/greeter_item_ulist.c.dont-expect-utf8 2007-04-05 11:59:05.000000000 -0400
+++ gdm-2.18.0/gui/greeter/greeter_item_ulist.c 2007-04-05 12:02:09.000000000 -0400
@@ -181,9 +181,9 @@
gboolean active;
if (usr->gecos && strcmp (usr->gecos, "") != 0) {
- name = g_markup_escape_text (usr->gecos, -1);
+ name = gdm_common_text_to_escaped_utf8 (usr->gecos);
} else {
- name = g_markup_escape_text (usr->login, -1);
+ name = gdm_common_text_to_escaped_utf8 (usr->login);
}
if (g_hash_table_lookup (displays_hash, usr->login))

13
gdm-2.18.0-dont-strcpy-overlapping-strings.patch
View File

@ -1,13 +0,0 @@
--- gdm-2.18.0/gui/gdmlanguages.c.dont-strcpy-overlapping-strings 2007-03-29 15:03:42.000000000 -0400
+++ gdm-2.18.0/gui/gdmlanguages.c 2007-03-29 15:05:07.000000000 -0400
@@ -445,7 +445,9 @@
if (no_group) {
char *p = strchr (name, '|');
if (p != NULL) {
- strcpy (name, p+1);
+ p = g_strdup (p + 1);
+ g_free (name);
+ name = p;
}
}

115
gdm-2.17.8-a11y-fixes-for-themed-greeter.patch → gdm-2.19.1-a11y-fixes-for-themed-greeter.patch
View File

@ -1,9 +1,7 @@
Index: gui/greeter/greeter_item_ulist.c
===================================================================
--- gui/greeter/greeter_item_ulist.c (revision 4626)
+++ gui/greeter/greeter_item_ulist.c (working copy)
@@ -217,18 +217,41 @@
void
--- gdm-2.19.1/gui/greeter/greeter_item_ulist.c.a11y-fixes 2007-05-21 13:32:04.000000000 -0400
+++ gdm-2.19.1/gui/greeter/greeter_item_ulist.c 2007-05-21 13:32:04.000000000 -0400
@@ -236,17 +236,40 @@ greeter_populate_user_list (GtkTreeModel
void
greeter_item_ulist_select_user (gchar *login)
{
- printf ("%c%c%c%s\n", STX, BEL,
@ -27,7 +25,7 @@ Index: gui/greeter/greeter_item_ulist.c
+ gboolean is_button_press;
+ guint64 button_msec;
+ guint64 key_msec;
+
+ /* HACK: determine whether selection changed because of key or
+ * button press
+ *
@ -42,11 +40,10 @@ Index: gui/greeter/greeter_item_ulist.c
+ if (button_msec > key_msec) {
+ is_button_press = TRUE;
+ }
+
if (gtk_tree_selection_get_selected (selection, &tm, &iter)) {
char *login;
@@ -236,14 +259,19 @@
@@ -255,14 +278,19 @@ user_selected (GtkTreeSelection *selecti
&login, -1);
if (login != NULL) {
if (selecting_user && greeter_probably_login_prompt) {
@ -68,22 +65,22 @@ Index: gui/greeter/greeter_item_ulist.c
if (selected_user != NULL)
g_free (selected_user);
selected_user = g_strdup (login);
@@ -253,11 +281,28 @@
@@ -272,9 +300,26 @@ user_selected (GtkTreeSelection *selecti
}
static void
-browser_change_focus (GtkWidget *widget, GdkEventButton *event, gpointer data)
+row_activated (GtkTreeView *tree_view, GtkTreePath *path, GtkTreeViewColumn *column, gpointer data)
{
- gtk_widget_grab_focus (pam_entry);
+{
+ if (selecting_user && greeter_probably_login_prompt) {
+ greeter_item_ulist_select_user (selected_user);
+ }
}
+}
+
+static gboolean
+tv_key_press (GtkWidget *entry, GdkEventKey *event, gpointer data)
+{
{
- gtk_widget_grab_focus (pam_entry);
+ g_get_current_time (&last_key_press);
+ return FALSE;
+}
@ -94,13 +91,11 @@ Index: gui/greeter/greeter_item_ulist.c
+{
+ g_get_current_time (&last_button_press);
+ return FALSE;
+}
+
}
static void
greeter_generate_userlist (GtkWidget *tv)
{
@@ -267,6 +312,12 @@
GreeterItemInfo *info;
@@ -285,6 +330,12 @@ greeter_generate_userlist (GtkWidget *tv
GtkTreeSelection *selection;
GList *list, *li;
+ AtkObject *atk_widget;
@ -112,7 +107,7 @@ Index: gui/greeter/greeter_item_ulist.c
gdm_greeter_users_init ();
check_for_displays ();
@@ -279,11 +330,14 @@
@@ -297,10 +348,13 @@ greeter_generate_userlist (GtkWidget *tv
g_signal_connect (selection, "changed",
G_CALLBACK (user_selected),
NULL);
@ -129,77 +124,3 @@ Index: gui/greeter/greeter_item_ulist.c
tm = (GtkTreeModel *)gtk_list_store_new (4,
GDK_TYPE_PIXBUF,
Index: gui/greeter/greeter_item_pam.c
===================================================================
--- gui/greeter/greeter_item_pam.c (revision 4626)
+++ gui/greeter/greeter_item_pam.c (working copy)
@@ -184,14 +184,6 @@
const char *login_string;
GtkWidget *entry = GNOME_CANVAS_WIDGET (entry_info->item)->widget;
- if ((event->keyval == GDK_Tab ||
- event->keyval == GDK_KP_Tab) &&
- (event->state & (GDK_CONTROL_MASK|GDK_MOD1_MASK|GDK_SHIFT_MASK)) == 0)
- {
- greeter_item_pam_login (GTK_ENTRY (entry), entry_info);
- return TRUE;
- }
-
if (gtk_ok_button != NULL)
{
/*
@@ -208,6 +200,19 @@
return FALSE;
}
+/* We *never* want to lose focus when we are in the process of
+ * authenticating the user */
+static gboolean
+pam_focus_out_event (GtkWidget *widget,
+ GdkEventFocus *event,
+ gpointer user_data)
+{
+ if (!greeter_probably_login_prompt) {
+ gtk_widget_grab_focus (widget);
+ }
+ return FALSE;
+}
+
gboolean
greeter_item_pam_setup (void)
{
@@ -238,7 +243,9 @@
g_signal_connect (entry, "activate",
G_CALLBACK (greeter_item_pam_login), entry_info);
g_signal_connect (G_OBJECT (entry), "key_release_event",
- G_CALLBACK (pam_key_release_event), NULL);
+ G_CALLBACK (pam_key_release_event), NULL);
+ g_signal_connect (G_OBJECT (entry), "focus-out-event",
+ G_CALLBACK (pam_focus_out_event), NULL);
}
return TRUE;
@@ -260,6 +267,21 @@
if (conversation_info)
{
set_text (conversation_info, message);
+
+ if (entry_info != NULL) {
+ GnomeCanvasWidget *item = GNOME_CANVAS_WIDGET (entry_info->item);
+ if (item != NULL) {
+ GtkWidget *widget = item->widget;
+ if (widget != NULL) {
+ AtkObject *atk_widget;
+ atk_widget = gtk_widget_get_accessible (widget);
+ if (atk_widget != NULL) {
+ atk_object_set_name (atk_widget, message);
+ }
+ }
+ }
+ }
+
}
if (entry_info && entry_info->item &&

171
gdm-2.19.1-audit-login.patch Normal file
View File

@ -0,0 +1,171 @@
--- gdm-2.19.1/daemon/verify-pam.c.audit-login 2007-05-13 22:08:24.000000000 -0400
+++ gdm-2.19.1/daemon/verify-pam.c 2007-05-21 11:59:00.000000000 -0400
@@ -55,6 +55,14 @@
#include <bsm/adt_event.h>
#endif /* HAVE_ADT */
+#define AU_FAILED 0
+#define AU_SUCCESS 1
+#ifdef HAVE_LIBAUDIT
+#include <libaudit.h>
+#else
+#define log_to_audit_system(l,h,d,s) do { ; } while (0)
+#endif
+
/* Evil, but this way these things are passed to the child session */
static pam_handle_t *pamh = NULL;
@@ -789,6 +797,54 @@ create_pamh (GdmDisplay *d,
}
/**
+ * log_to_audit_system:
+ * @login: Name of user
+ * @hostname: Name of host machine
+ * @tty: Name of display
+ * @success: 1 for success, 0 for failure
+ *
+ * Logs the success or failure of the login attempt with the linux kernel
+ * audit system. The intent is to capture failed events where the user
+ * fails authentication or otherwise is not permitted to login. There are
+ * many other places where pam could potentially fail and cause login to
+ * fail, but these are system failures rather than the signs of an account
+ * being hacked.
+ *
+ * Returns nothing.
+ */
+
+#ifdef HAVE_LIBAUDIT
+static void
+log_to_audit_system(const char *login,
+ const char *hostname,
+ const char *tty,
+ gboolean success)
+{
+ struct passwd *pw;
+ char buf[64];
+ int audit_fd;
+
+ audit_fd = audit_open();
+ if (login)
+ pw = getpwnam(login);
+ else {
+ login = "unknown";
+ pw = NULL;
+ }
+ if (pw) {
+ snprintf(buf, sizeof(buf), "uid=%d", pw->pw_uid);
+ audit_log_user_message(audit_fd, AUDIT_USER_LOGIN,
+ buf, hostname, NULL, tty, (int)success);
+ } else {
+ snprintf(buf, sizeof(buf), "acct=%s", login);
+ audit_log_user_message(audit_fd, AUDIT_USER_LOGIN,
+ buf, hostname, NULL, tty, (int)success);
+ }
+ close(audit_fd);
+}
+#endif
+
+/**
* gdm_verify_user:
* @username: Name of user or NULL if we should ask
* @display: Name of display to register with the authentication system
@@ -910,6 +966,8 @@ gdm_verify_user (GdmDisplay *d,
/* Start authentication session */
did_we_ask_for_password = FALSE;
if ((pamerr = pam_authenticate (pamh, null_tok)) != PAM_SUCCESS) {
+ /* Log the failed login attempt */
+ log_to_audit_system(login, d->hostname, display, AU_FAILED);
if ( ! ve_string_empty (selected_user)) {
pam_handle_t *tmp_pamh;
@@ -1030,6 +1088,8 @@ gdm_verify_user (GdmDisplay *d,
( ! gdm_daemon_config_get_value_bool (GDM_KEY_ALLOW_REMOTE_ROOT) && ! local) ) &&
pwent != NULL &&
pwent->pw_uid == 0) {
+ /* Log the failed login attempt */
+ log_to_audit_system(login, d->hostname, display, AU_FAILED);
gdm_error (_("Root login disallowed on display '%s'"),
display);
gdm_slave_greeter_ctl_no_ret (GDM_ERRBOX,
@@ -1063,6 +1123,8 @@ gdm_verify_user (GdmDisplay *d,
break;
case PAM_NEW_AUTHTOK_REQD :
if ((pamerr = pam_chauthtok (pamh, PAM_CHANGE_EXPIRED_AUTHTOK)) != PAM_SUCCESS) {
+ /* Log the failed login attempt */
+ log_to_audit_system(login, d->hostname, display, AU_FAILED);
gdm_error (_("Authentication token change failed for user %s"), login);
gdm_slave_greeter_ctl_no_ret (GDM_ERRBOX,
_("\nThe change of the authentication token failed. "
@@ -1080,18 +1142,24 @@ gdm_verify_user (GdmDisplay *d,
#endif /* HAVE_ADT */
break;
case PAM_ACCT_EXPIRED :
+ /* Log the failed login attempt */
+ log_to_audit_system(login, d->hostname, display, AU_FAILED);
gdm_error (_("User %s no longer permitted to access the system"), login);
gdm_slave_greeter_ctl_no_ret (GDM_ERRBOX,
_("\nThe system administrator has disabled your account."));
error_msg_given = TRUE;
goto pamerr;
case PAM_PERM_DENIED :
+ /* Log the failed login attempt */
+ log_to_audit_system(login, d->hostname, display, AU_FAILED);
gdm_error (_("User %s not permitted to gain access at this time"), login);
gdm_slave_greeter_ctl_no_ret (GDM_ERRBOX,
_("\nThe system administrator has disabled access to the system temporarily."));
error_msg_given = TRUE;
goto pamerr;
default :
+ /* Log the failed login attempt */
+ log_to_audit_system(login, d->hostname, display, AU_FAILED);
if (gdm_slave_action_pending ())
gdm_error (_("Couldn't set acct. mgmt for %s"), login);
goto pamerr;
@@ -1143,6 +1211,8 @@ gdm_verify_user (GdmDisplay *d,
gdm_error (_("Couldn't open session for %s"), login);
goto pamerr;
}
+ /* Login succeeded */
+ log_to_audit_system(login, d->hostname, display, AU_SUCCESS);
/* Workaround to avoid gdm messages being logged as PAM_pwdb */
gdm_log_shutdown ();
--- gdm-2.19.1/configure.ac.audit-login 2007-05-13 22:08:48.000000000 -0400
+++ gdm-2.19.1/configure.ac 2007-05-21 11:37:59.000000000 -0400
@@ -837,6 +837,10 @@ else
fi
AC_SUBST(logdir, $GDM_LOG_DIR)
+AC_ARG_WITH(libaudit,
+ [ --with-libaudit=[auto/yes/no] Add Linux audit support [default=auto]],,
+ with_libaudit=auto)
+
withval=""
AC_ARG_WITH(at-bindir,
[ --with-at-bindir=<PATH> PATH to Accessible Technology programs [default=BINDIR]],)
@@ -948,6 +952,24 @@ else
AC_MSG_RESULT(no)
fi
+# Check for Linux auditing API
+#
+# libaudit detection
+if test x$with_libaudit = xno ; then
+ have_libaudit=no;
+else
+ # See if we have audit daemon library
+ AC_CHECK_LIB(audit, audit_log_user_message,
+ have_libaudit=yes, have_libaudit=no)
+fi
+
+AM_CONDITIONAL(HAVE_LIBAUDIT, test x$have_libaudit = xyes)
+
+if test x$have_libaudit = xyes ; then
+ EXTRA_DAEMON_LIBS="$EXTRA_DAEMON_LIBS -laudit"
+ AC_DEFINE(HAVE_LIBAUDIT,1,[linux audit support])
+fi
+
# Check for Solaris auditing API
# Note, Solaris auditing not supported for Solaris 9 or earlier and
# should not be used on these versions of Solaris if auditing is

58
gdm-2.18.0-change-defaults.patch → gdm-2.19.1-change-defaults.patch
View File

@ -1,6 +1,6 @@
--- gdm-2.18.0/config/gdm.conf.in.orig 2007-03-11 17:46:16.000000000 -0400
+++ gdm-2.18.0/config/gdm.conf.in 2007-03-13 18:25:12.000000000 -0400
@@ -66,9 +66,9 @@
--- gdm-2.19.1/config/gdm.conf.in.change-defaults 2007-05-13 22:08:25.000000000 -0400
+++ gdm-2.19.1/config/gdm.conf.in 2007-05-21 11:16:43.000000000 -0400
@@ -66,9 +66,9 @@ TimedLoginDelay=30
# should leave this alone.
#Chooser=@libexecdir@/gdmchooser
@ -13,7 +13,7 @@
# The greeter for xdmcp logins, usually you want a less graphically intensive
# greeter here so it's better to leave this with gdmlogin
@@ -78,23 +78,21 @@
@@ -78,23 +78,23 @@ TimedLoginDelay=30
# This is useful for enabling additional feature support e.g. GNOME
# accessibility framework. Only "trusted" modules should be allowed to minimize
# security holes
@ -34,26 +34,28 @@
-#RootPath=/sbin:/usr/sbin:@GDM_USER_PATH@
+RootPath=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin
-# If you are having trouble with using a single server for a long time and want
-# GDM to kill/restart the server, turn this on. On Solaris, this value is
-# always true and this configuration setting is ignored.
-#AlwaysRestartServer=false
+# Whether to restart X server after the user logs out or not.
# If you are having trouble with using a single server for a long time and want
# GDM to kill/restart the server, turn this on. On Solaris, this value is
# always true and this configuration setting is ignored.
-#AlwaysRestartServer=@ALWAYS_RESTART_SERVER@
+AlwaysRestartServer=true
# User and group used for running GDM GUI applicaitons. By default this is set
# User and group used for running GDM GUI applications. By default this is set
# to user "gdm" and group "gdm". This user/group should have very limited
@@ -125,22 +123,21 @@
XKeepsCrashing=@gdmconfdir@/XKeepsCrashing
@@ -126,9 +126,9 @@ XKeepsCrashing=@gdmconfdir@/XKeepsCrashi
#
# Reboot, Halt and suspend commands, you can add different commands separated
# by a semicolon. GDM will use the first one it can find.
-#RebootCommand=@REBOOT_COMMAND@
-#HaltCommand=@HALT_COMMAND@
-#SuspendCommand=@SUSPEND_COMMAND@
-RebootCommand=@REBOOT_COMMAND@
-HaltCommand=@HALT_COMMAND@
-SuspendCommand=@SUSPEND_COMMAND@
+#
+RebootCommand=/sbin/reboot;/sbin/shutdown -r now;/usr/sbin/shutdown -r now;/usr/bin/reboot
+HaltCommand=/sbin/poweroff;/sbin/shutdown -h now;/usr/sbin/shutdown -h now;/usr/bin/poweroff
# Probably should not touch the below this is the standard setup.
ServAuthDir=@authdir@
# The following options specify how GDM system commands are supported.
#
@@ -158,14 +158,14 @@ ServAuthDir=@authdir@
# This is our standard startup script. A bit different from a normal X
# session, but it shares a lot of stuff with that. See the provided default
# for more information.
@ -70,7 +72,7 @@
# Better leave this blank and HOME will be used. You can use syntax ~/ below
# to indicate home directory of the user. You can also set this to something
# like /tmp if you don't want the authorizations to be in home directories.
@@ -148,11 +145,11 @@
@@ -173,11 +173,11 @@ BaseXsession=@gdmconfdir@/Xsession
# is the home directory the UserAuthFBDir will still be used in case the home
# directory is NFS, see security/NeverPlaceCookiesOnNFS to override this
# behavior.
@ -84,7 +86,7 @@
# The X server to use if we can't figure out what else to run.
StandardXServer=@X_SERVER@
# The maximum number of flexible X servers to run.
@@ -173,7 +170,7 @@
@@ -209,7 +209,7 @@ XnestUnscaledFontPath=@X_XNEST_UNSCALED_
#DoubleLoginWarning=true
# Should a second login always resume the current session and switch VT's on
# Linux and FreeBSD systems for console logins
@ -93,7 +95,7 @@
# If true then the last login information is printed to the user before being
# prompted for password. While this gives away some info on what users are on
@@ -297,7 +294,7 @@
@@ -333,7 +333,7 @@ Enable=false
#GtkRC=@datadir@/themes/Default/gtk-2.0/gtkrc
# The GTK+ theme to use for the GUI.
@ -102,7 +104,7 @@
# If to allow changing the GTK+ (widget) theme from the greeter. Currently
# this only affects the standard greeter as the graphical greeter does not yet
# have this ability.
@@ -318,7 +315,7 @@
@@ -354,7 +354,7 @@ Enable=false
# themed login (gdmgreeter).
#
# The standard login has a title bar that the user can move.
@ -111,7 +113,7 @@
# Don't allow user to move the standard login window. Only makes sense if
# TitleBar is on.
#LockPosition=false
@@ -342,7 +339,7 @@
@@ -378,7 +378,7 @@ Browser=false
# User ID's less than the MinimalUID value will not be included in the face
# browser or in the gdmselection list for Automatic/Timed login. They will not
# be displayed regardless of the settings for Include and Exclude.
@ -120,7 +122,7 @@
# Users listed in Include will be included in the face browser and in the
# gdmsetup selection list for Automatic/Timed login. Users should be separated
# by commas.
@@ -359,7 +356,7 @@
@@ -395,7 +395,7 @@ Browser=false
# large numbers of users and this feature should not be used in such
# environments. The setting of IncludeAll does nothing if Include is set to a
# non-empty value.
@ -129,7 +131,7 @@
# If user or user.png exists in this dir it will be used as his picture.
#GlobalFaceDir=@datadir@/pixmaps/faces/
@@ -368,7 +365,7 @@
@@ -404,7 +404,7 @@ Browser=false
# file, although GDM will be able to read a standard locale.alias file as well.
#LocaleFile=@gdmlocaledir@/locale.alias
# Logo shown in the standard greeter.
@ -138,7 +140,7 @@
# Logo shown on file chooser button in gdmsetup (do not modify this value).
#ChooserButtonLogo=@pixmapdir@/gdm-foot-logo.png
# The standard greeter should shake if a user entered the wrong username or
@@ -415,8 +412,9 @@
@@ -451,8 +451,9 @@ DefaultRemoteWelcome=true
# The Standard greeter (gdmlogin) uses BackgroundColor as the background
# color, while the themed greeter (gdmgreeter) uses GraphicalThemedColor
# as the background color.
@ -150,7 +152,7 @@
# XDMCP session should only get a color, this is the sanest setting since you
# don't want to take up too much bandwidth
#BackgroundRemoteOnlyColor=true
@@ -437,8 +435,8 @@
@@ -473,8 +474,8 @@ GraphicalThemedColor=#76848F
# Show the Failsafe sessions. These are much MUCH nicer (focus for xterm for
# example) and more failsafe then those supplied by scripts so distros should
# use this rather then just running an xterm from a script.
@ -161,7 +163,7 @@
# Normally there is a session type called 'Last' that is shown which refers to
# the last session the user used. If off, we will be in 'switchdesk' mode
# where the session saving stuff is disabled in GDM
@@ -457,7 +455,7 @@
@@ -493,7 +494,7 @@ GraphicalThemedColor=#76848F
# list then provide a list that is delimited by /: to the GraphicalThemes
# key and set GraphicalThemeRand to true. Otherwise use GraphicalTheme
# and specify just one theme.
@ -170,7 +172,7 @@
#GraphicalThemes=circles/:happygnome
GraphicalThemeDir=@datadir@/gdm/themes/
GraphicalThemeRand=false
@@ -561,7 +559,7 @@
@@ -597,7 +598,7 @@ Gestures=false
# Definition of the standard X server.
[server-Standard]
name=Standard server

14
gdm-2.19.1-clean-up-xsession-errors.patch Normal file
View File

@ -0,0 +1,14 @@
--- gdm-2.19.1/daemon/slave.c.clean-up-xsession-errors 2007-05-13 22:08:25.000000000 -0400
+++ gdm-2.19.1/daemon/slave.c 2007-05-21 11:27:27.000000000 -0400
@@ -4523,6 +4523,11 @@ gdm_slave_session_stop (gboolean run_pos
finish_session_output (run_post_session /* do_read */);
+ /* If successfully exited then clear the log file
+ */
+ if (d->xsession_errors_filename != NULL)
+ VE_IGNORE_EINTR (unlink (d->xsession_errors_filename)
+
if (local_login == NULL)
pwent = NULL;
else

61
gdm-2.17.8-hide-uninstalled-languages.patch → gdm-2.19.1-hide-uninstalled-languages.patch
View File

@ -1,38 +1,6 @@
--- gdm-2.17.8/gui/gdmcommon.h.hide-uninstalled-languages 2007-03-09 12:30:58.000000000 -0500
+++ gdm-2.17.8/gui/gdmcommon.h 2007-03-09 12:31:59.000000000 -0500
@@ -67,5 +67,5 @@
void gdm_common_atspi_launch (void);
gchar* gdm_common_expand_text (const gchar *text);
gchar* gdm_common_get_clock (struct tm **the_tm);
-
+gboolean gdm_common_locale_is_displayable (const gchar *locale);
#endif /* GDM_COMMON_H */
--- gdm-2.17.8/gui/gdmlogin.c.hide-uninstalled-languages 2007-03-09 12:22:36.000000000 -0500
+++ gdm-2.17.8/gui/gdmlogin.c 2007-03-09 12:22:39.000000000 -0500
@@ -1192,6 +1192,11 @@
li->data = NULL;
+ if (!gdm_common_locale_is_displayable (lang)) {
+ g_free (lang);
+ continue;
+ }
+
group = name = gdm_lang_name (lang,
FALSE /* never_encoding */,
FALSE /* no_group */,
@@ -1202,6 +1207,8 @@
continue;
}
+
+
untranslated = gdm_lang_untranslated_name (lang,
TRUE /* markup */);
--- gdm-2.17.8/gui/gdmcommon.c.hide-uninstalled-languages 2007-02-26 03:59:31.000000000 -0500
+++ gdm-2.17.8/gui/gdmcommon.c 2007-03-09 12:21:29.000000000 -0500
@@ -33,6 +33,8 @@
--- gdm-2.19.1/gui/gdmcommon.c.hide-uninstalled-languages 2007-05-13 22:08:15.000000000 -0400
+++ gdm-2.19.1/gui/gdmcommon.c 2007-05-21 13:24:20.000000000 -0400
@@ -32,6 +32,8 @@
#include <sys/types.h>
#include <signal.h>
@ -41,8 +9,8 @@
#include <glib/gi18n.h>
#include <gdk/gdkx.h>
#include <gtk/gtk.h>
@@ -843,3 +845,95 @@
return g_string_free (str, FALSE);
@@ -928,3 +930,95 @@ gdm_common_expand_text (const gchar *tex
return g_string_free (str, FALSE);
}
+typedef enum
@ -137,17 +105,26 @@
+ g_free (language_code);
+ return is_displayable;
+}
--- gdm-2.17.8/gui/greeter/greeter_action_language.c.hide-uninstalled-languages 2007-02-26 03:59:30.000000000 -0500
+++ gdm-2.17.8/gui/greeter/greeter_action_language.c 2007-03-09 12:37:17.000000000 -0500
@@ -86,6 +86,11 @@
--- gdm-2.19.1/gui/gdmlanguages.c.hide-uninstalled-languages 2007-05-21 13:29:38.000000000 -0400
+++ gdm-2.19.1/gui/gdmlanguages.c 2007-05-21 13:30:28.000000000 -0400
@@ -705,6 +705,11 @@ gdm_lang_initialize_model (gchar * local
li->data = NULL;
+ if (!gdm_common_locale_is_displayable (lang)) {
+ g_free (lang);
+ continue;
+ g_free (lang);
+ continue;
+ }
+
name = gdm_lang_name (lang,
FALSE /* never_encoding */,
TRUE /* no_group */,
--- gdm-2.19.1/gui/gdmcommon.h.hide-uninstalled-languages 2007-05-13 22:08:15.000000000 -0400
+++ gdm-2.19.1/gui/gdmcommon.h 2007-05-21 13:24:20.000000000 -0400
@@ -70,5 +70,5 @@ void gdm_common_pre_fetch_launch
void gdm_common_atspi_launch (void);
gchar* gdm_common_expand_text (const gchar *text);
gchar* gdm_common_get_clock (struct tm **the_tm);
-
+gboolean gdm_common_locale_is_displayable (const gchar *locale);
#endif /* GDM_COMMON_H */

182
gdm-2.17.7-move-default-message.patch → gdm-2.19.1-move-default-message.patch
View File

@ -1,56 +1,6 @@
--- gdm-2.17.7/gui/gdmlogin.c.move-default-message 2007-02-12 00:40:13.000000000 -0500
+++ gdm-2.17.7/gui/gdmlogin.c 2007-02-23 22:53:47.000000000 -0500
@@ -160,6 +160,7 @@
extern const gchar *current_session;
extern gboolean session_dir_whacked_out;
extern gint gdm_timed_delay;
+static gboolean using_fallback_message = FALSE;
static gboolean first_prompt = TRUE;
@@ -1558,9 +1559,20 @@
gdm_config_get_string (GDM_KEY_SOUND_ON_LOGIN_FILE),
gdm_config_get_bool (GDM_KEY_SOUND_ON_LOGIN));
gtk_label_set_text_with_mnemonic (GTK_LABEL (label), _("_Username:"));
+ if (ve_string_empty (gtk_label_get_text (GTK_LABEL (msg)))) {
+ gtk_label_set_text (GTK_LABEL (msg),
+ _("Please enter your username"));
+ using_fallback_message = TRUE;
+ }
+
} else {
if (tmp != NULL)
gtk_label_set_text (GTK_LABEL (label), tmp);
+ if (using_fallback_message) {
+ gtk_label_set_text (GTK_LABEL (msg), "");
+ using_fallback_message = FALSE;
+ }
+
}
g_free (tmp);
@@ -1648,6 +1660,7 @@
g_free (tmp);
}
replace_msg = FALSE;
+ using_fallback_message = FALSE;
gtk_widget_show (GTK_WIDGET (msg));
printf ("%c\n", STX);
@@ -1828,9 +1841,7 @@
if (browser_ok && gdm_config_get_bool (GDM_KEY_BROWSER))
gtk_widget_set_sensitive (GTK_WIDGET (browser), TRUE);
- tmp = ve_locale_to_utf8 (args);
- gtk_label_set_text (GTK_LABEL (msg), tmp);
- g_free (tmp);
+ gtk_label_set_text (GTK_LABEL (msg), "");
gtk_widget_show (GTK_WIDGET (msg));
printf ("%c\n", STX);
--- gdm-2.17.7/gui/greeter/greeter_item_pam.c.move-default-message 2007-02-12 00:40:12.000000000 -0500
+++ gdm-2.17.7/gui/greeter/greeter_item_pam.c 2007-02-23 22:50:22.000000000 -0500
@@ -46,6 +46,7 @@
--- gdm-2.19.1/gui/greeter/greeter_item_pam.c.move-default-message 2007-05-13 22:08:14.000000000 -0400
+++ gdm-2.19.1/gui/greeter/greeter_item_pam.c 2007-05-21 12:05:21.000000000 -0400
@@ -47,6 +47,7 @@ gchar *greeter_current_user = NULL;
gboolean require_quarter = FALSE;
extern gboolean greeter_probably_login_prompt;
@ -58,7 +8,7 @@
extern GtkButton *gtk_ok_button;
extern GtkButton *gtk_start_again_button;
@@ -250,13 +251,35 @@
@@ -249,13 +250,35 @@ greeter_item_pam_prompt (const char *mes
int entry_len,
gboolean entry_visible)
{
@ -94,7 +44,7 @@
if (conversation_info)
{
set_text (conversation_info, message);
@@ -296,6 +319,7 @@
@@ -320,6 +343,7 @@ greeter_item_pam_message (const char *me
* we try to collect them until the next prompt or reset or
* whatnot */
if ( ! replace_msg &&
@ -102,7 +52,7 @@
/* empty message is for clearing */
! ve_string_empty (message))
{
@@ -315,6 +339,7 @@
@@ -339,6 +363,7 @@ greeter_item_pam_message (const char *me
set_text (message_info, message);
}
replace_msg = FALSE;
@ -110,38 +60,88 @@
}
--- gdm-2.17.7/daemon/verify-pam.c.move-default-message 2007-02-23 22:50:22.000000000 -0500
+++ gdm-2.17.7/daemon/verify-pam.c 2007-02-23 22:50:22.000000000 -0500
@@ -534,12 +534,6 @@
case PAM_PROMPT_ECHO_ON:
if (strcmp (m, _("Username:")) == 0) {
if ( ve_string_empty (selected_user)) {
- /* this is an evil hack, but really there is no way we'll
- know this is a username prompt. However we SHOULD NOT
- rely on this working. The pam modules can set their
- prompt to whatever they wish to */
- gdm_slave_greeter_ctl_no_ret
- (GDM_MSG, _("Please enter your username"));
s = gdm_slave_greeter_ctl (GDM_PROMPT, m);
/* this will clear the message */
gdm_slave_greeter_ctl_no_ret (GDM_MSG, "");
--- gdm-2.17.7/daemon/verify-crypt.c.move-default-message 2007-02-12 00:40:19.000000000 -0500
+++ gdm-2.17.7/daemon/verify-crypt.c 2007-02-23 22:50:22.000000000 -0500
@@ -115,7 +115,6 @@
authenticate_again:
/* Ask for the user's login */
gdm_verify_select_user (NULL);
- gdm_slave_greeter_ctl_no_ret (GDM_MSG, _("Please enter your username"));
login = gdm_slave_greeter_ctl (GDM_PROMPT, _("Username:"));
if (login == NULL ||
gdm_slave_greeter_check_interruption ()) {
--- gdm-2.17.7/daemon/verify-shadow.c.move-default-message 2007-02-12 00:40:19.000000000 -0500
+++ gdm-2.17.7/daemon/verify-shadow.c 2007-02-23 22:50:22.000000000 -0500
@@ -114,7 +114,6 @@
authenticate_again:
/* Ask for the user's login */
gdm_verify_select_user (NULL);
- gdm_slave_greeter_ctl_no_ret (GDM_MSG, _("Please enter your username"));
login = gdm_slave_greeter_ctl (GDM_PROMPT, _("Username:"));
if (login == NULL ||
gdm_slave_greeter_check_interruption ()) {
--- gdm-2.19.1/gui/gdmlogin.c.move-default-message 2007-05-13 22:08:15.000000000 -0400
+++ gdm-2.19.1/gui/gdmlogin.c 2007-05-21 12:05:21.000000000 -0400
@@ -169,6 +169,7 @@ extern gchar *default_session;
extern const gchar *current_session;
extern gboolean session_dir_whacked_out;
extern gint gdm_timed_delay;
+static gboolean using_fallback_message = FALSE;
static gboolean first_prompt = TRUE;
@@ -1357,9 +1358,20 @@ process_operation (guchar op_code,
gdm_config_get_string (GDM_KEY_SOUND_ON_LOGIN_FILE),
gdm_config_get_bool (GDM_KEY_SOUND_ON_LOGIN));
gtk_label_set_text_with_mnemonic (GTK_LABEL (label), _("_Username:"));
+ if (ve_string_empty (gtk_label_get_text (GTK_LABEL (msg)))) {
+ gtk_label_set_text (GTK_LABEL (msg),
+ _("Please enter your username"));
+ using_fallback_message = TRUE;
+ }
+
} else {
if (tmp != NULL)
gtk_label_set_text (GTK_LABEL (label), tmp);
+ if (using_fallback_message) {
+ gtk_label_set_text (GTK_LABEL (msg), "");
+ using_fallback_message = FALSE;
+ }
+
}
g_free (tmp);
@@ -1447,6 +1459,7 @@ process_operation (guchar op_code,
g_free (tmp);
}
replace_msg = FALSE;
+ using_fallback_message = FALSE;
gtk_widget_show (GTK_WIDGET (msg));
printf ("%c\n", STX);
@@ -1625,9 +1638,7 @@ process_operation (guchar op_code,
if (browser_ok && gdm_config_get_bool (GDM_KEY_BROWSER))
gtk_widget_set_sensitive (GTK_WIDGET (browser), TRUE);
- tmp = ve_locale_to_utf8 (args);
- gtk_label_set_text (GTK_LABEL (msg), tmp);
- g_free (tmp);
+ gtk_label_set_text (GTK_LABEL (msg), "");
gtk_widget_show (GTK_WIDGET (msg));
printf ("%c\n", STX);
--- gdm-2.19.1/daemon/verify-pam.c.move-default-message 2007-05-21 12:05:21.000000000 -0400
+++ gdm-2.19.1/daemon/verify-pam.c 2007-05-21 12:07:50.000000000 -0400
@@ -539,12 +539,6 @@ gdm_verify_pam_conv (int num_msg, struct
case PAM_PROMPT_ECHO_ON:
if (strcmp (m, _("Username:")) == 0) {
if ( ve_string_empty (selected_user)) {
- /* this is an evil hack, but really there is no way we'll
- know this is a username prompt. However we SHOULD NOT
- rely on this working. The pam modules can set their
- prompt to whatever they wish to */
- gdm_slave_greeter_ctl_no_ret
- (GDM_MSG, _("Please enter your username"));
s = gdm_slave_greeter_ctl (GDM_PROMPT, m);
/* this will clear the message */
gdm_slave_greeter_ctl_no_ret (GDM_MSG, "");
--- gdm-2.19.1/daemon/verify-shadow.c.move-default-message 2007-05-13 22:08:24.000000000 -0400
+++ gdm-2.19.1/daemon/verify-shadow.c 2007-05-21 12:11:06.000000000 -0400
@@ -127,7 +127,6 @@ gdm_verify_user (GdmDisplay *d,
authenticate_again:
/* Ask for the user's login */
gdm_verify_select_user (NULL);
- gdm_slave_greeter_ctl_no_ret (GDM_MSG, _("Please enter your username"));
login = gdm_slave_greeter_ctl (GDM_PROMPT, _("Username:"));
if (login == NULL ||
gdm_slave_greeter_check_interruption ()) {
--- gdm-2.19.1/daemon/verify-crypt.c.move-default-message 2007-05-13 22:08:24.000000000 -0400
+++ gdm-2.19.1/daemon/verify-crypt.c 2007-05-21 12:10:33.000000000 -0400
@@ -125,7 +125,6 @@ gdm_verify_user (GdmDisplay *d,
authenticate_again:
/* Ask for the user's login */
gdm_verify_select_user (NULL);
- gdm_slave_greeter_ctl_no_ret (GDM_MSG, _("Please enter your username"));
login = gdm_slave_greeter_ctl (GDM_PROMPT, _("Username:"));
if (login == NULL ||
gdm_slave_greeter_check_interruption ()) {

316
gdm-2.17.7-pass-at-to-session-4.patch → gdm-2.19.1-pass-ats-to-session.patch
View File

@ -1,8 +1,28 @@
Index: gui/modules/dwellmouselistener.c
===================================================================
--- gui/modules/dwellmouselistener.c (revision 4608)
+++ gui/modules/dwellmouselistener.c (working copy)
@@ -665,6 +665,8 @@
--- gdm-2.19.1/gui/gdmlogin.c.pass-ats-to-session 2007-05-21 13:38:32.000000000 -0400
+++ gdm-2.19.1/gui/gdmlogin.c 2007-05-21 13:38:32.000000000 -0400
@@ -1576,6 +1576,19 @@ process_operation (guchar op_code,
fflush (stdout);
break;
+ case GDM_A11Y:
+ {
+ const char *ats_launched;
+ /* print out the assistive technologies that we've started for the user */
+ ats_launched = g_getenv ("GDM_ATS");
+ if (ats_launched != NULL)
+ printf ("%c%s\n", STX, ats_launched);
+ else
+ printf ("%c\n", STX);
+ fflush (stdout);
+ break;
+ }
+
case GDM_LANG:
gdm_lang_op_lang (args);
break;
--- gdm-2.19.1/gui/modules/dwellmouselistener.c.pass-ats-to-session 2007-05-13 22:08:12.000000000 -0400
+++ gdm-2.19.1/gui/modules/dwellmouselistener.c 2007-05-21 13:38:32.000000000 -0400
@@ -678,6 +678,8 @@ leave_enter_emission_hook (GSignalInvoca
G_CALLBACK (gtk_widget_destroy), NULL);
gtk_widget_show (dialog);
} else {
@ -11,7 +31,7 @@ Index: gui/modules/dwellmouselistener.c
GdkCursor *cursor = gdk_cursor_new (GDK_WATCH);
gdk_window_set_cursor (gdk_get_default_root_window (),
cursor);
@@ -673,6 +675,26 @@
@@ -686,6 +688,26 @@ leave_enter_emission_hook (GSignalInvoca
latch_core_pointer = FALSE;
/* once we've recognized a gesture, we need to *
* leave the pointer alone */
@ -38,11 +58,64 @@ Index: gui/modules/dwellmouselistener.c
}
}
}
Index: gui/modules/keymouselistener.c
===================================================================
--- gui/modules/keymouselistener.c (revision 4608)
+++ gui/modules/keymouselistener.c (working copy)
@@ -937,6 +937,8 @@
--- gdm-2.19.1/gui/modules/AccessKeyMouseEvents.in.pass-ats-to-session 2007-05-13 22:08:12.000000000 -0400
+++ gdm-2.19.1/gui/modules/AccessKeyMouseEvents.in 2007-05-21 13:43:54.000000000 -0400
@@ -78,14 +78,14 @@
#
# press ctrl-s for 1 second to launch orca in speech mode
#
-<Control>s 1 1000 10000 @AT_BINDIR@/orca -n -d main-window
+<Control>s 1 1000 10000 @AT_BINDIR@/orca -n -d main-window #AT_TYPE=screenreader
# press ctrl-m for 1 second to launch orca in mag mode
#
-<Control>m 1 1000 10000 @AT_BINDIR@/orca -n -d main-window -d speech -e magnifier
+<Control>m 1 1000 10000 @AT_BINDIR@/orca -n -d main-window -d speech -e magnifier #AT_TYPE=magnifier
# press ctrl-o or ctrl-g for 1 second to launch orca in speech and mag mode
#
-<Control>o 1 1000 10000 @AT_BINDIR@/orca -n -d main-window -e magnifier
-<Control>g 1 1000 10000 @AT_BINDIR@/orca -n -d main-window -e magnifier
+<Control>o 1 1000 10000 @AT_BINDIR@/orca -n -d main-window -e magnifier #AT_TYPE=screenreader magnifier
+<Control>g 1 1000 10000 @AT_BINDIR@/orca -n -d main-window -e magnifier #AT_TYPE=screenreader magnifier
--- gdm-2.19.1/gui/modules/AccessDwellMouseEvents.in.pass-ats-to-session 2007-05-13 22:08:12.000000000 -0400
+++ gdm-2.19.1/gui/modules/AccessDwellMouseEvents.in 2007-05-21 13:40:39.000000000 -0400
@@ -38,10 +38,10 @@
# Support several different options for different user needs. Note these
# gestures all start by moving the mouse into the top window border.
#
-TBLR I 10000 @AT_BINDIR@/gok --login --access-method=dwellselection
-TLBR I 10000 @AT_BINDIR@/gok --login --access-method=automaticscanning --scan-action=switch1 --select-action=switch1
-TRBL I 10000 @AT_BINDIR@/gok --login --access-method=inversescanning --scan-action=switch1 --select-action=switch2
-TBRL I 10000 @AT_BINDIR@/gok --login --access-method=automaticscanning --scan-action=switch3 --select-action=switch3
+TBLR I 10000 @AT_BINDIR@/gok --login --access-method=dwellselection #AT_TYPE=onscreenkeyboard
+TLBR I 10000 @AT_BINDIR@/gok --login --access-method=automaticscanning --scan-action=switch1 --select-action=switch1 #AT_TYPE=onscreenkeyboard
+TRBL I 10000 @AT_BINDIR@/gok --login --access-method=inversescanning --scan-action=switch1 --select-action=switch2 #AT_TYPE=onscreenkeyboard
+TBRL I 10000 @AT_BINDIR@/gok --login --access-method=automaticscanning --scan-action=switch3 --select-action=switch3 #AT_TYPE=onscreenkeyboard
# AT Program - ORCA
#
@@ -50,13 +50,13 @@ TBRL I 10000 @AT_BINDIR@/gok --login
#
# Speech
#
-BTRL I 10000 @AT_BINDIR@/orca -n -d main-window
+BTRL I 10000 @AT_BINDIR@/orca -n -d main-window #AT_TYPE=screenreader
# Magnifier
#
-BTLR I 10000 @AT_BINDIR@/orca -n -d main-window -d speech -e magnifier
+BTLR I 10000 @AT_BINDIR@/orca -n -d main-window -d speech -e magnifier #AT_TYPE=magnifier
# Speech and Magnifier
#
-BRTL I 10000 @AT_BINDIR@/orca -n -d main-window -e magnifier
+BRTL I 10000 @AT_BINDIR@/orca -n -d main-window -e magnifier #AT_TYPE=screenreader magnifier
--- gdm-2.19.1/gui/modules/keymouselistener.c.pass-ats-to-session 2007-05-13 22:08:12.000000000 -0400
+++ gdm-2.19.1/gui/modules/keymouselistener.c 2007-05-21 13:38:32.000000000 -0400
@@ -951,6 +951,8 @@ gestures_filter (GdkXEvent *gdk_xevent,
NULL);
gtk_widget_show (dialog);
} else {
@ -51,7 +124,7 @@ Index: gui/modules/keymouselistener.c
GdkCursor *cursor = gdk_cursor_new (GDK_WATCH);
gdk_window_set_cursor (gdk_get_default_root_window (),
cursor);
@@ -944,6 +946,26 @@
@@ -958,6 +960,26 @@ gestures_filter (GdkXEvent *gdk_xevent,
g_timeout_add (2000,
change_cursor_back,
NULL);
@ -78,74 +151,9 @@ Index: gui/modules/keymouselistener.c
}
}
return GDK_FILTER_CONTINUE;
Index: gui/modules/AccessDwellMouseEvents.in
===================================================================
--- gui/modules/AccessDwellMouseEvents.in (revision 4608)
+++ gui/modules/AccessDwellMouseEvents.in (working copy)
@@ -37,23 +37,23 @@
# user needs. Note these gestures all start by moving the mouse into the top
# window border.
#
-TBLR I 10000 @AT_BINDIR@/gok --login --access-method=dwellselection
-TLBR I 10000 @AT_BINDIR@/gok --login --access-method=automaticscanning --scan-action=switch1 --select-action=switch1
-TRBL I 10000 @AT_BINDIR@/gok --login --access-method=inversescanning --scan-action=switch1 --select-action=switch2
-TBRL I 10000 @AT_BINDIR@/gok --login --access-method=automaticscanning --scan-action=switch3 --select-action=switch3
+TBLR I 10000 @AT_BINDIR@/gok --login --access-method=dwellselection #AT_TYPE=onscreenkeyboard
+TLBR I 10000 @AT_BINDIR@/gok --login --access-method=automaticscanning --scan-action=switch1 --select-action=switch1 #AT_TYPE=onscreenkeyboard
+TRBL I 10000 @AT_BINDIR@/gok --login --access-method=inversescanning --scan-action=switch1 --select-action=switch2 #AT_TYPE=onscreenkeyboard
+TBRL I 10000 @AT_BINDIR@/gok --login --access-method=automaticscanning --scan-action=switch3 --select-action=switch3 #AT_TYPE=onscreenkeyboard
# Orca. Note these gestures all start by moving the mouse into the
# bottom window border.
#
# Speech
#
-BTRL I 10000 @AT_BINDIR@/orca -n -d main-window
+BTRL I 10000 @AT_BINDIR@/orca -n -d main-window #AT_TYPE=screenreader
# Magnifier
#
-BTLR I 10000 @AT_BINDIR@/orca -n -d main-window -d speech -e magnifier
+BTLR I 10000 @AT_BINDIR@/orca -n -d main-window -d speech -e magnifier #AT_TYPE=magnifier
# Speech and Magnifier
#
-BRTL I 10000 @AT_BINDIR@/orca -n -d main-window -e magnifier
+BRTL I 10000 @AT_BINDIR@/orca -n -d main-window -e magnifier #AT_TYPE=screenreader magnifier
Index: gui/modules/AccessKeyMouseEvents.in
===================================================================
--- gui/modules/AccessKeyMouseEvents.in (revision 4608)
+++ gui/modules/AccessKeyMouseEvents.in (working copy)
@@ -69,18 +69,18 @@
# press ctrl-s for 1 second to launch orca in speech mode
#
-<Control>s 1 1000 10000 @AT_BINDIR@/orca -n -d main-window
+<Control>s 1 1000 10000 @AT_BINDIR@/orca -n -d main-window #AT_TYPE=screenreader
# press ctrl-m for 1 second to launch orca in mag mode
#
-<Control>m 1 1000 10000 @AT_BINDIR@/orca -n -d main-window -d speech -e magnifier
+<Control>m 1 1000 10000 @AT_BINDIR@/orca -n -d main-window -d speech -e magnifier #AT_TYPE=magnifier
# press ctrl-o or ctrl-g for 1 second to launch orca in speech and mag mode
#
-<Control>o 1 1000 10000 @AT_BINDIR@/orca -n -d main-window -e magnifier
-<Control>g 1 1000 10000 @AT_BINDIR@/orca -n -d main-window -e magnifier
+<Control>o 1 1000 10000 @AT_BINDIR@/orca -n -d main-window -e magnifier #AT_TYPE=screenreader magnifier
+<Control>g 1 1000 10000 @AT_BINDIR@/orca -n -d main-window -e magnifier #AT_TYPE=screenreader magnifier
# Start GOK with direct selection mode.
#
-<Control>k 5 1000 10000 @AT_BINDIR@/gok --login --access-method=directselection
+<Control>k 5 1000 10000 @AT_BINDIR@/gok --login --access-method=directselection #AT_TYPE=onscreenkeyboard
Index: gui/greeter/greeter.c
===================================================================
--- gui/greeter/greeter.c (revision 4608)
+++ gui/greeter/greeter.c (working copy)
@@ -340,6 +340,19 @@
--- gdm-2.19.1/gui/greeter/greeter.c.pass-ats-to-session 2007-05-21 13:38:32.000000000 -0400
+++ gdm-2.19.1/gui/greeter/greeter.c 2007-05-21 13:38:32.000000000 -0400
@@ -390,6 +390,19 @@ process_operation (guchar op_code,
g_free (session);
break;
@ -163,25 +171,21 @@ Index: gui/greeter/greeter.c
+ }
+
case GDM_LANG:
language = greeter_language_get_language (args);
if (greeter_language_get_save_language () == GTK_RESPONSE_CANCEL)
Index: daemon/gdm.h
===================================================================
--- daemon/gdm.h (revision 4608)
+++ daemon/gdm.h (working copy)
@@ -98,6 +98,7 @@
gdm_lang_op_lang (args);
break;
--- gdm-2.19.1/daemon/gdm-socket-protocol.h.pass-ats-to-session 2007-05-21 13:44:35.000000000 -0400
+++ gdm-2.19.1/daemon/gdm-socket-protocol.h 2007-05-21 13:45:04.000000000 -0400
@@ -41,6 +41,7 @@
#define GDM_PROMPT 'N'
#define GDM_SESS 'G'
#define GDM_LANG '&'
+#define GDM_A11Y 'Z'
#define GDM_SSESS 'C'
#define GDM_SLANG 'R'
#define GDM_RESET 'A'
Index: daemon/slave.c
===================================================================
--- daemon/slave.c (revision 4608)
+++ daemon/slave.c (working copy)
@@ -3430,6 +3430,7 @@
#define GDM_SETLANG 'L'
--- gdm-2.19.1/daemon/slave.c.pass-ats-to-session 2007-05-21 13:38:32.000000000 -0400
+++ gdm-2.19.1/daemon/slave.c 2007-05-21 13:50:08.000000000 -0400
@@ -3489,6 +3489,7 @@ session_child_run (struct passwd *pwent,
const char *session,
const char *save_session,
const char *language,
@ -189,91 +193,73 @@ Index: daemon/slave.c
const char *gnome_session,
gboolean usrcfgok,
gboolean savesess,
@@ -3522,6 +3523,9 @@
g_setenv ("XDG_SESSION_COOKIE", ck_session_cookie, TRUE);
@@ -3579,6 +3580,9 @@ session_child_run (struct passwd *pwent,
}
#endif
g_setenv ("PWD", home_dir, TRUE);
+ if (a11y_ats != NULL) {
+ g_setenv ("GDM_ATS", a11y_ats, TRUE);
+ }
g_setenv ("GDMSESSION", session, TRUE);
g_setenv ("DESKTOP_SESSION", session, TRUE);
g_setenv ("SHELL", pwent->pw_shell, TRUE);
@@ -4016,7 +4020,7 @@
{
struct passwd *pwent;
const char *home_dir = NULL;
- char *save_session = NULL, *session = NULL, *language = NULL, *usrsess, *usrlang;
+ char *save_session = NULL, *session = NULL, *language = NULL, *a11y_ats = NULL, *usrsess, *usrlang;
char *gnome_session = NULL;
@@ -3989,6 +3993,7 @@ gdm_slave_session_start (void)
struct passwd *pwent;
const char *home_dir = NULL;
char *save_session = NULL, *session = NULL, *language = NULL, *usrsess, *usrlang;
+ char *a11y_ats = NULL;
char *gnome_session = NULL;
#ifdef WITH_CONSOLE_KIT
char *ck_session_cookie;
@@ -4187,9 +4191,19 @@
g_free (usrlang);
return;
}
char *ck_session_cookie;
@@ -4157,9 +4162,19 @@ gdm_slave_session_start (void)
g_free (usrlang);
return;
}
+
+ a11y_ats = gdm_slave_greeter_ctl (GDM_A11Y, NULL);
+ if (a11y_ats != NULL &&
+ strcmp (a11y_ats, GDM_RESPONSE_CANCEL) == 0) {
+ gdm_debug ("User canceled login");
+ gdm_verify_cleanup (d);
+ session_started = FALSE;
+ return;
+ }
} else {
session = g_strdup (usrsess);
language = g_strdup (usrlang);
+ a11y_ats = NULL;
}
+ a11y_ats = gdm_slave_greeter_ctl (GDM_A11Y, NULL);
+ if (a11y_ats != NULL &&
+ strcmp (a11y_ats, GDM_RESPONSE_CANCEL) == 0) {
+ gdm_debug ("User canceled login");
+ gdm_verify_cleanup (d);
+ session_started = FALSE;
+ return;
+ }
} else {
session = g_strdup (usrsess);
language = g_strdup (usrlang);
+ a11y_ats = NULL;
}
tmp = gdm_strip_extension (session, ".desktop");
@@ -4210,11 +4224,16 @@
language = NULL;
}
tmp = gdm_strip_extension (session, ".desktop");
@@ -4180,10 +4195,15 @@ gdm_slave_session_start (void)
language = NULL;
}
+ if G_LIKELY (ve_string_empty (a11y_ats)) {
+ g_free (a11y_ats);
+ a11y_ats = NULL;
+ }
+ if G_LIKELY (ve_string_empty (a11y_ats)) {
+ g_free (a11y_ats);
+ a11y_ats = NULL;
+ }
+
g_free (usrsess);
g_free (usrlang);
g_free (usrsess);
- gdm_debug ("Initial setting: session: '%s' language: '%s'\n",
- session, ve_sure_string (language));
+ gdm_debug ("Initial setting: session: '%s' language: '%s' ATs enabled in gdm: '%s'\n",
+ session, ve_sure_string (language), ve_sure_string (a11y_ats));
- gdm_debug ("Initial setting: session: '%s' language: '%s'\n",
- session, ve_sure_string (language));
+ gdm_debug ("Initial setting: session: '%s' language: '%s'i ATs enabled in gdm: '%s'\n",
+ session, ve_sure_string (language), ve_sure_string (a11y_ats));
/* save this session as the users session */
save_session = g_strdup (session);
@@ -4378,6 +4397,7 @@
session,
save_session,
language,
+ a11y_ats,
gnome_session,
usrcfgok,
savesess,
--- gui/gdmlogin.c.orig 2007-03-19 23:32:04.000000000 -0400
+++ gui/gdmlogin.c 2007-03-19 23:32:33.000000000 -0400
@@ -1784,6 +1784,19 @@
fflush (stdout);
break;
+ case GDM_A11Y:
+ {
+ const char *ats_launched;
+ /* print out the assistive technologies that we've started for the user */
+ ats_launched = g_getenv ("GDM_ATS");
+ if (ats_launched != NULL)
+ printf ("%c%s\n", STX, ats_launched);
+ else
+ printf ("%c\n", STX);
+ fflush (stdout);
+ break;
+ }
/* save this session as the users session */
save_session = g_strdup (session);
@@ -4377,6 +4397,7 @@ gdm_slave_session_start (void)
session,
save_session,
lang,
+ a11y_ats,
gnome_session,
usrcfgok,
savesess,
@@ -5893,4 +5914,4 @@ gboolean
gdm_is_user_valid (const char *username)
{
return (NULL != getpwnam (username));
-}
+
case GDM_LANG:
gdm_login_language_lookup (args);
if (savelang == GTK_RESPONSE_CANCEL)

136
gdm-2.17.7-reset-pam.patch → gdm-2.19.1-reset-pam.patch
View File

@ -1,14 +1,14 @@
--- gdm-2.17.7/gui/greeter/greeter.c.reset-pam 2007-02-12 00:40:12.000000000 -0500
+++ gdm-2.17.7/gui/greeter/greeter.c 2007-02-23 22:54:28.000000000 -0500
@@ -171,7 +171,6 @@
--- gdm-2.19.1/gui/greeter/greeter.c.reset-pam 2007-05-13 22:08:14.000000000 -0400
+++ gdm-2.19.1/gui/greeter/greeter.c 2007-05-21 12:37:13.000000000 -0400
@@ -224,7 +224,6 @@ process_operation (guchar op_code,
GtkWidget *dlg;
char *tmp;
char *session;
- GreeterItemInfo *conversation_info;
static GnomeCanvasItem *disabled_cover = NULL;
gchar *language;
gchar *selected_user = NULL;
@@ -380,17 +379,10 @@
gint lookup_status = SESSION_LOOKUP_SUCCESS;
gchar *firstmsg = NULL;
@@ -428,17 +427,10 @@ process_operation (guchar op_code,
first_prompt = TRUE;
@ -30,11 +30,11 @@
printf ("%c\n", STX);
fflush (stdout);
greeter_ignore_buttons (FALSE);
--- gdm-2.17.7/daemon/slave.c.reset-pam 2007-02-23 22:54:28.000000000 -0500
+++ gdm-2.17.7/daemon/slave.c 2007-02-23 22:54:28.000000000 -0500
@@ -133,6 +133,12 @@
static int greeter_fd_out = -1;
static int greeter_fd_in = -1;
--- gdm-2.19.1/daemon/slave.c.reset-pam 2007-05-13 22:08:25.000000000 -0400
+++ gdm-2.19.1/daemon/slave.c 2007-05-21 12:39:57.000000000 -0400
@@ -146,6 +146,12 @@ static int gdm_normal_runlevel =
static pid_t extra_process = 0;
static int extra_status = 0;
+/* a dup of the other side of greeter_fd_in so that
+ * the slave can talk to itself from its sig handler
@ -45,7 +45,7 @@
#ifdef HAVE_TSOL
static gboolean have_suntsol_extension = FALSE;
#endif
@@ -626,7 +632,7 @@
@@ -632,7 +638,7 @@ ignore_xerror_handler (Display *disp, XE
}
static void
@ -54,7 +54,7 @@
{
if (greeter_fd_out > 0)
VE_IGNORE_EINTR (close (greeter_fd_out));
@@ -634,6 +640,9 @@
@@ -640,6 +646,9 @@ whack_greeter_fds (void)
if (greeter_fd_in > 0)
VE_IGNORE_EINTR (close (greeter_fd_in));
greeter_fd_in = -1;
@ -64,7 +64,7 @@
}
static void
@@ -1084,7 +1093,7 @@
@@ -1102,7 +1111,7 @@ gdm_slave_whack_greeter (void)
d->greetpid = 0;
@ -73,7 +73,7 @@
gdm_slave_send_num (GDM_SOP_GREETPID, 0);
@@ -1887,7 +1896,7 @@
@@ -1936,7 +1945,7 @@ restart_the_greeter (void)
d->greetpid = 0;
@ -82,7 +82,7 @@
gdm_slave_send_num (GDM_SOP_GREETPID, 0);
}
@@ -2124,6 +2133,12 @@
@@ -2177,6 +2186,12 @@ gdm_slave_wait_for_login (void)
break;
}
@ -93,39 +93,31 @@
+ }
+
if (login == NULL) {
char *failuresound = gdm_get_value_string (GDM_KEY_SOUND_ON_LOGIN_FAILURE_FILE);
const char *failuresound = gdm_daemon_config_get_value_string (GDM_KEY_SOUND_ON_LOGIN_FAILURE_FILE);
@@ -2723,9 +2738,9 @@
default:
VE_IGNORE_EINTR (close (pipe1[0]));
- VE_IGNORE_EINTR (close (pipe2[1]));
+ whack_greeter_and_slave_fds ();
@@ -2780,10 +2795,10 @@ gdm_slave_greeter (void)
- whack_greeter_fds ();
+ slave_fd_out = pipe2[1];
greeter_fd_out = pipe1[1];
greeter_fd_in = pipe2[0];
@@ -4784,7 +4799,7 @@
greet = FALSE;
d->greetpid = 0;
- whack_greeter_fds ();
+ whack_greeter_and_slave_fds ();
gdm_slave_send_num (GDM_SOP_GREETPID, 0);
do_restart_greeter = TRUE;
@@ -4796,7 +4811,7 @@
continue;
}
default:
VE_IGNORE_EINTR (close (pipe1[0]));
- VE_IGNORE_EINTR (close (pipe2[1]));
- whack_greeter_fds ();
+ whack_greeter_and_slave_fds ();
/* if greet is TRUE, then the greeter died outside of our
* control really, so clean up and die, something is wrong
@@ -4939,6 +4954,11 @@
+ slave_fd_out = pipe2[1];
greeter_fd_out = pipe1[1];
greeter_fd_in = pipe2[0];
@@ -4740,7 +4755,7 @@ gdm_slave_child_handler (int sig)
greet = FALSE;
d->greetpid = 0;
- whack_greeter_fds ();
+ whack_greeter_and_slave_fds ();
gdm_slave_send_num (GDM_SOP_GREETPID, 0);
do_restart_greeter = TRUE;
@@ -4895,6 +4910,11 @@ gdm_slave_handle_usr2_message (void)
gdm_wait_for_go = FALSE;
} else if (strcmp (&s[1], GDM_NOTIFY_TWIDDLE_POINTER) == 0) {
gdm_twiddle_pointer (d);
@ -137,40 +129,42 @@
}
} else if (s[0] == GDM_SLAVE_NOTIFY_RESPONSE) {
gdm_got_ack = TRUE;
--- gdm-2.17.7/daemon/gdm.h.reset-pam 2007-02-12 00:40:19.000000000 -0500
+++ gdm-2.17.7/daemon/gdm.h 2007-02-23 22:54:28.000000000 -0500
@@ -749,6 +749,9 @@
--- gdm-2.19.1/daemon/gdm-daemon-config-keys.h.reset-pam 2007-05-21 12:43:21.000000000 -0400
+++ gdm-2.19.1/daemon/gdm-daemon-config-keys.h 2007-05-21 12:43:42.000000000 -0400
@@ -226,6 +226,7 @@ G_BEGIN_DECLS
#define GDM_NOTIFY_SOFT_RESTART_SERVERS "SOFT_RESTART_SERVERS"
#define GDM_NOTIFY_GO "GO"
#define GDM_NOTIFY_TWIDDLE_POINTER "TWIDDLE_POINTER"
+#define GDM_NOTIFY_RESET "RESET"
G_END_DECLS
--- gdm-2.19.1/daemon/gdm.c.reset-pam 2007-05-13 22:08:24.000000000 -0400
+++ gdm-2.19.1/daemon/gdm.c 2007-05-21 12:45:14.000000000 -0400
@@ -2585,6 +2585,14 @@ gdm_handle_message (GdmConnection *conn,
TRUE /* handled */,
FALSE /* chooser */,
NULL, 0, NULL, NULL, NULL);
+} else if (strcmp (msg, GDM_SOP_CANCEL_LOGIN_REQUESTS) == 0) {
+ GSList *li;
+ for (li = displays; li != NULL; li = li->next) {
+ GdmDisplay *d = li->data;
+ if (!d->logged_in) {
+ send_slave_command (d, GDM_NOTIFY_RESET);
+ }
+ }
} else if (strncmp (msg, "opcode="GDM_SOP_SHOW_ERROR_DIALOG,
strlen ("opcode="GDM_SOP_SHOW_ERROR_DIALOG)) == 0) {
GdmDisplay *d;
--- gdm-2.19.1/daemon/gdm-socket-protocol.h.reset-pam 2007-05-21 12:42:32.000000000 -0400
+++ gdm-2.19.1/daemon/gdm-socket-protocol.h 2007-05-21 12:42:58.000000000 -0400
@@ -155,6 +155,9 @@
#define GDM_SOP_SHOW_QUESTION_DIALOG "SHOW_QUESTION_DIALOG" /* show the question dialog from daemon */
#define GDM_SOP_SHOW_ASKBUTTONS_DIALOG "SHOW_ASKBUTTON_DIALOG" /* show the askbutton dialog from daemon */
+/* Reset any in progress authentication conversations */
+#define GDM_SOP_CANCEL_LOGIN_REQUESTS "CANCEL_LOGIN_REQUESTS" /* no arguments */
+
/* Notification protocol */
/* keys */
#define GDM_NOTIFY_ALLOW_REMOTE_ROOT "AllowRemoteRoot" /* <true/false as int> */
@@ -776,6 +779,7 @@
#define GDM_NOTIFY_SOFT_RESTART_SERVERS "SOFT_RESTART_SERVERS"
#define GDM_NOTIFY_GO "GO"
#define GDM_NOTIFY_TWIDDLE_POINTER "TWIDDLE_POINTER"
+#define GDM_NOTIFY_RESET "RESET"
/* Ack for a slave message */
/* Note that an extra response can follow an 'ack' */
--- gdm-2.17.7/daemon/gdm.c.reset-pam 2007-02-12 00:40:19.000000000 -0500
+++ gdm-2.17.7/daemon/gdm.c 2007-02-23 22:55:35.000000000 -0500
@@ -2557,6 +2557,14 @@
TRUE /* handled */,
FALSE /* chooser */,
NULL, 0, NULL, NULL, NULL);
+ } else if (strcmp (msg, GDM_SOP_CANCEL_LOGIN_REQUESTS) == 0) {
+ GSList *li;
+ for (li = displays; li != NULL; li = li->next) {
+ GdmDisplay *d = li->data;
+ if (!d->logged_in) {
+ send_slave_command (d, GDM_NOTIFY_RESET);
+ }
+ }
} else if (strncmp (msg, "opcode="GDM_SOP_SHOW_ERROR_DIALOG,
strlen ("opcode="GDM_SOP_SHOW_ERROR_DIALOG)) == 0) {
GdmDisplay *d;

1746
gdm-2.18.0-security-tokens.patch → gdm-2.19.1-security-tokens.patch
View File

File diff suppressed because it is too large Load Diff

165
gdm-2.16.0-wtmp.patch → gdm-2.19.1-wtmp.patch
View File

@ -1,5 +1,5 @@
--- gdm-2.16.0/config/PreSession.in.wtmp 2006-04-26 21:06:05.000000000 -0400
+++ gdm-2.16.0/config/PreSession.in 2006-10-15 20:05:45.000000000 -0400
--- gdm-2.19.1/config/PreSession.in.wtmp 2007-05-13 22:08:25.000000000 -0400
+++ gdm-2.19.1/config/PreSession.in 2007-05-21 13:17:09.000000000 -0400
@@ -68,17 +68,4 @@ if [ "x$XSETROOT" != "x" ] ; then
"$XSETROOT" -cursor_name left_ptr -solid "$BACKCOLOR"
fi
@ -18,90 +18,51 @@
-# some output for easy debugging
-echo "$0: could not find the sessreg utility, cannot update wtmp and utmp"
exit 0
--- gdm-2.16.0/daemon/slave.c.wtmp 2006-10-15 20:05:45.000000000 -0400
+++ gdm-2.16.0/daemon/slave.c 2006-10-15 20:05:45.000000000 -0400
@@ -4315,6 +4315,14 @@ gdm_slave_session_start (void)
g_free (language);
g_free (gnome_session);
--- gdm-2.19.1/daemon/slave.c.wtmp 2007-05-21 13:17:09.000000000 -0400
+++ gdm-2.19.1/daemon/slave.c 2007-05-21 13:20:51.000000000 -0400
@@ -4426,6 +4426,13 @@ gdm_slave_session_start (void)
g_free (language);
g_free (gnome_session);
+ gdm_verify_write_record (d,
+ GDM_VERIFY_RECORD_TYPE_LOGIN,
+ pwent->pw_name,
+ d->name,
+ !d->attached? d->hostname : NULL,
+ pid);
+ gdm_verify_write_record (d,
+ GDM_VERIFY_RECORD_TYPE_LOGIN,
+ pwent->pw_name,
+ d->name,
+ !d->attached? d->hostname : NULL,
+ pid);
+
gdm_slave_send_num (GDM_SOP_SESSPID, pid);
gdm_sigchld_block_push ();
@@ -4488,6 +4495,17 @@ gdm_slave_session_start (void)
}
#endif
+ if ((pid != 0) && (d->last_sess_status != -1)) {
+ gdm_debug ("session '%d' exited with status '%d', recording logout",
+ pid, d->last_sess_status);
+ gdm_verify_write_record (d,
+ GDM_VERIFY_RECORD_TYPE_LOGOUT,
+ pwent->pw_name,
+ d->name,
+ !d->attached? d->hostname : NULL,
+ pid);
+ }
+
gdm_slave_send_num (GDM_SOP_SESSPID, pid);
gdm_slave_session_stop (pid != 0 /* run_post_session */,
FALSE /* no_shutdown_check */);
gdm_sigchld_block_push ();
@@ -4363,6 +4371,17 @@ gdm_slave_session_start (void)
uid, gid);
}
+ if ((pid != 0) && (d->last_sess_status != -1)) {
+ gdm_debug ("session '%d' exited with status '%d', recording logout",
+ pid, d->last_sess_status);
+ gdm_verify_write_record (d,
+ GDM_VERIFY_RECORD_TYPE_LOGOUT,
+ pwent->pw_name,
+ d->name,
+ !d->attached? d->hostname : NULL,
+ pid);
+ }
+
gdm_slave_session_stop (pid != 0 /* run_post_session */,
FALSE /* no_shutdown_check */);
@@ -4721,7 +4740,7 @@ gdm_slave_child_handler (int sig)
}
} else if (pid != 0 && pid == d->sesspid) {
d->sesspid = 0;
- if (WIFEXITED (status))
+ if (WIFEXITED (status))
d->last_sess_status = WEXITSTATUS (status);
else
d->last_sess_status = -1;
--- gdm-2.16.0/daemon/verify.h.wtmp 2005-11-03 19:51:21.000000000 -0500
+++ gdm-2.16.0/daemon/verify.h 2006-10-15 20:05:45.000000000 -0400
@@ -21,6 +21,12 @@
#include "gdm.h"
+typedef enum {
+ GDM_VERIFY_RECORD_TYPE_LOGIN,
+ GDM_VERIFY_RECORD_TYPE_LOGOUT,
+ GDM_VERIFY_RECORD_TYPE_FAILED_ATTEMPT
+} GdmVerifyRecordType;
+
/* If username is NULL, we ask, if local is FALSE, don't start
* the timed login timer */
gchar *gdm_verify_user (GdmDisplay *d,
@@ -30,6 +36,13 @@ gchar *gdm_verify_user (GdmDisplay *d
void gdm_verify_cleanup (GdmDisplay *d);
void gdm_verify_check (void);
void gdm_verify_select_user (const char *user);
+void gdm_verify_write_record (GdmDisplay *d,
+ GdmVerifyRecordType record_type,
+ const gchar *username,
+ const gchar *console_name,
+ const gchar *host_name,
+ GPid pid);
+
/* used in pam */
gboolean gdm_verify_setup_env (GdmDisplay *d);
gboolean gdm_verify_setup_user (GdmDisplay *d,
--- gdm-2.16.0/daemon/verify-pam.c.wtmp 2006-10-15 20:05:45.000000000 -0400
+++ gdm-2.16.0/daemon/verify-pam.c 2006-10-15 20:08:48.000000000 -0400
@@ -29,6 +29,7 @@
#ifdef sun
--- gdm-2.19.1/daemon/verify-pam.c.wtmp 2007-05-21 13:17:09.000000000 -0400
+++ gdm-2.19.1/daemon/verify-pam.c 2007-05-21 13:23:28.000000000 -0400
@@ -32,6 +32,7 @@
#ifdef __sun
#include <fcntl.h>
#endif
+#include <utmp.h>
#include <glib/gi18n.h>
@@ -55,6 +56,14 @@
@@ -63,6 +64,14 @@
#define log_to_audit_system(l,h,d,s) do { ; } while (0)
#endif
@ -116,7 +77,7 @@
/* Evil, but this way these things are passed to the child session */
static pam_handle_t *pamh = NULL;
@@ -417,6 +426,125 @@ gdm_verify_select_user (const char *user
@@ -427,6 +436,125 @@ gdm_verify_select_user (const char *user
selected_user = g_strdup (user);
}
@ -242,16 +203,44 @@
static const char *
perhaps_translate_message (const char *msg)
{
@@ -1173,6 +1301,12 @@ authenticate_again:
* message from the PAM subsystem */
if ( ! error_msg_given &&
gdm_slave_action_pending ()) {
@@ -1234,6 +1362,11 @@ gdm_verify_user (GdmDisplay *d,
* message from the PAM subsystem */
if ( ! error_msg_given &&
gdm_slave_action_pending ()) {
+ gdm_verify_write_record (d, GDM_VERIFY_RECORD_TYPE_FAILED_ATTEMPT,
+ login, display,
+ d->attached? NULL : d->hostname,
+ getpid ());
+
+ gdm_verify_write_record (d, GDM_VERIFY_RECORD_TYPE_FAILED_ATTEMPT,
+ login, display,
+ d->attached? NULL : d->hostname,
+ getpid ());
/*
* I'm not sure yet if I should display this message for any
* other issues - heeten
--- gdm-2.19.1/daemon/verify.h.wtmp 2007-05-13 22:08:25.000000000 -0400
+++ gdm-2.19.1/daemon/verify.h 2007-05-21 13:17:09.000000000 -0400
@@ -22,6 +22,12 @@
#include "gdm.h"
#include "display.h"
+typedef enum {
+ GDM_VERIFY_RECORD_TYPE_LOGIN,
+ GDM_VERIFY_RECORD_TYPE_LOGOUT,
+ GDM_VERIFY_RECORD_TYPE_FAILED_ATTEMPT
+} GdmVerifyRecordType;
+
/* I'm not sure yet if I should display this message for any other issues - heeten */
if (pamerr == PAM_AUTH_ERR ||
pamerr == PAM_USER_UNKNOWN) {
/* If username is NULL, we ask, if local is FALSE, don't start
* the timed login timer */
gchar *gdm_verify_user (GdmDisplay *d,
@@ -32,6 +38,13 @@ gchar *gdm_verify_user (GdmDisplay *d
void gdm_verify_cleanup (GdmDisplay *d);
void gdm_verify_check (void);
void gdm_verify_select_user (const char *user);
+void gdm_verify_write_record (GdmDisplay *d,
+ GdmVerifyRecordType record_type,
+ const gchar *username,
+ const gchar *console_name,
+ const gchar *host_name,
+ GPid pid);
+
/* used in pam */
gboolean gdm_verify_setup_env (GdmDisplay *d);
gboolean gdm_verify_setup_user (GdmDisplay *d,

16
gdm-2.8.0.2-clean-up-xsession-errors.patch
View File

@ -1,16 +0,0 @@
--- gdm-2.6.0.5/daemon/slave.c.old 2004-10-20 05:58:05.449740960 -0400
+++ gdm-2.6.0.5/daemon/slave.c 2004-10-20 05:58:37.230909488 -0400
@@ -4293,7 +4293,12 @@
#endif
finish_session_output (run_post_session /* do_read */);
-
+
+ /* If successfully exited then clear the log file
+ */
+ if (d->xsession_errors_filename != NULL)
+ VE_IGNORE_EINTR (unlink (d->xsession_errors_filename));
+
if (local_login == NULL)
pwent = NULL;
else

57
gdm.spec
View File

@ -16,13 +16,13 @@
Summary: The GNOME Display Manager
Name: gdm
Version: 2.18.0
Release: 14%{?dist}
Version: 2.19.1
Release: 1%{?dist}
Epoch: 1
License: LGPL/GPL
Group: User Interface/X
URL: ftp://ftp.gnome.org/pub/GNOME/sources/gdm
Source: http://ftp.gnome.org/pub/gnome/sources/gdm/2.18/gdm-%{version}.tar.bz2
URL: ftp://download.gnome.org/sources/gdm
Source: http://download.gnome.org/sources/gdm/2.19/gdm-%{version}.tar.bz2
Source1: gdm-pam
Source2: gdm-autologin-pam
Source3: gdmsetup-pam
@ -30,25 +30,19 @@ Source4: 90-grant-audio-devices-to-gdm.fdi
Source5: fedora-faces-20070319.tar.bz2
Source6: default.desktop
Patch1: gdm-2.18.0-change-defaults.patch
Patch1: gdm-2.19.1-change-defaults.patch
Patch4: gdm-2.13.0.4-update-switchdesk-location.patch
# http://bugzilla.gnome.org/show_bug.cgi?id=301817
Patch6: gdm-2.8.0.2-clean-up-xsession-errors.patch
# http://bugzilla.gnome.org/show_bug.cgi?id=301826
Patch7: gdm-2.8.0.2-merge-resources.patch
# http://bugzilla.gnome.org/show_bug.cgi?id=349835
Patch12: gdm-2.17.6-audit-login.patch
Patch12: gdm-2.19.1-audit-login.patch
# http://bugzilla.gnome.org/show_bug.cgi?id=347798
Patch19: gdm-2.17.7-move-default-message.patch
Patch20: gdm-2.17.7-reset-pam.patch
Patch21: gdm-2.18.0-security-tokens.patch
Patch19: gdm-2.19.1-move-default-message.patch
Patch20: gdm-2.19.1-reset-pam.patch
Patch21: gdm-2.19.1-security-tokens.patch
# http://bugzilla.gnome.org/show_bug.cgi?id=347871
Patch24: gdm-2.16.0-wtmp.patch
Patch24: gdm-2.19.1-wtmp.patch
# https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=203917
Patch25: gdm-2.16.0-indic-langs.patch
@ -59,27 +53,18 @@ Patch28: gdm-2.17.1-desensitize-entry.patch
Patch29: gdm-2.17.7-greeter.patch
# http://bugzilla.gnome.org/show_bug.cgi?id=426653
Patch31: gdm-2.17.8-hide-uninstalled-languages.patch
Patch31: gdm-2.19.1-hide-uninstalled-languages.patch
# http://bugzilla.gnome.org/show_bug.cgi?id=412576
Patch32: gdm-2.17.8-a11y-fixes-for-themed-greeter.patch
Patch32: gdm-2.19.1-a11y-fixes-for-themed-greeter.patch
# http://bugzilla.gnome.org/show_bug.cgi?id=411501
Patch33: gdm-2.17.7-pass-at-to-session-4.patch
# http://bugzilla.gnome.org/show_bug.cgi?id=420610
Patch34: gdm-2.18.0-add-lowres-fix.patch
# http://bugzilla.gnome.org/show_bug.cgi?id=424229
Patch35: gdm-2.18.0-dont-strcpy-overlapping-strings.patch
# http://bugzilla.gnome.org/show_bug.cgi?id=426647
Patch36: gdm-2.18.0-dont-expect-utf8.patch
Patch33: gdm-2.19.1-pass-ats-to-session.patch
Patch37: gdm-2.18.0-hide-disabled-users.patch
# https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=234567
Patch99: gdm-2.18.0-be-more-verbose.patch
#Patch99: gdm-2.18.0-be-more-verbose.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@ -154,8 +139,6 @@ Extra icons / faces for the GNOME Display Manager.
%patch1 -p1 -b .change-defaults
%patch4 -p1 -b .update-switchdesk-location
%patch6 -p1 -b .clean-up-xsession-errors
%patch7 -p1 -b .merge-resources
%patch12 -p1 -b .audit-login
%patch19 -p1 -b .move-default-message
%patch20 -p1 -b .reset-pam
@ -165,13 +148,10 @@ Extra icons / faces for the GNOME Display Manager.
%patch28 -p1 -b .desensitize-entry
%patch29 -p0 -b .greeter
%patch31 -p1 -b .hide-uninstalled-languages
%patch32 -p0 -b .a11y-fixes
%patch33 -p0 -b .pass-ats-to-session
%patch34 -p1 -b .add-lowres-fix
%patch35 -p1 -b .dont-strcpy-overlapping-strings
%patch36 -p1 -b .dont-expect-utf8
%patch32 -p1 -b .a11y-fixes
%patch33 -p1 -b .pass-ats-to-session
%patch37 -p1 -b hide-disabled-users
%patch99 -p1 -b .be-more-verbose
#%patch99 -p1 -b .be-more-verbose
%build
cp -f %{SOURCE1} config/gdm
@ -394,6 +374,9 @@ fi
%{_datadir}/pixmaps/faces/extras/*.jpg
%changelog
* Mon May 21 2007 Matthias Clasen <mclasen@redhat.com> - 1:2.19.1-1
- Update to 2.19.1
* Tue May 15 2007 Ray Strode <rstrode@redhat.com> - 1:2.18.0-14
- hide users from userlist that have disabled shells
(bug 240148)

3
sources
View File

@ -1,2 +1 @@
a569a8275f0e0396e6ef5f63c5f56ad5 gdm-2.18.0.tar.bz2
7387935ad09f746889b58bd69bf815e1 fedora-faces-20070319.tar.bz2
b18053fc83f66649e4c53939503c325c gdm-2.19.1.tar.bz2