rpms/gdm
7
0
Fork 0
Code Issues Pull Requests Releases Activity

- set XORG_RUN_AS_USER_OK in environment

Browse Source
This commit is contained in:
Ray Strode 2015-03-27 10:18:01 -04:00
parent 3d9b902890
commit fea58fe7a2
2 changed files with 87 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

81
0001-gdm-x-session-set-XORG_RUN_AS_USER_OK-1-environment-.patch Normal file
View File

@ -0,0 +1,81 @@
From 798a1ad79bdb937c4b0c9008562cd543acaf3206 Mon Sep 17 00:00:00 2001
From: Ray Strode <rstrode@redhat.com>
Date: Fri, 27 Mar 2015 10:10:54 -0400
Subject: [PATCH] gdm-x-session: set XORG_RUN_AS_USER_OK=1 environment variable
This lets the X server know that it can safely drop privileges.
https://bugzilla.gnome.org/show_bug.cgi?id=746891
---
daemon/gdm-x-session.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/daemon/gdm-x-session.c b/daemon/gdm-x-session.c
index dfd6016..3cc7d40 100644
--- a/daemon/gdm-x-session.c
+++ b/daemon/gdm-x-session.c
@@ -195,60 +195,61 @@ spawn_x_server (State *state,
{
GPtrArray *arguments = NULL;
GSubprocessLauncher *launcher = NULL;
GSubprocess *subprocess = NULL;
GInputStream *input_stream = NULL;
GDataInputStream *data_stream = NULL;
GError *error = NULL;
char *auth_file;
gboolean is_running = FALSE;
int ret;
int pipe_fds[2];
char *display_fd_string = NULL;
char *vt_string = NULL;
char *display_number;
gsize display_number_size;
auth_file = prepare_auth_file ();
g_debug ("Running X server");
ret = g_unix_open_pipe (pipe_fds, FD_CLOEXEC, &error);
if (!ret) {
g_debug ("could not open pipe: %s", error->message);
goto out;
}
arguments = g_ptr_array_new ();
launcher = g_subprocess_launcher_new (G_SUBPROCESS_FLAGS_STDIN_INHERIT);
+ g_subprocess_launcher_setenv (launcher, "XORG_RUN_AS_USER_OK", "1", TRUE);
g_subprocess_launcher_take_fd (launcher, pipe_fds[1], DISPLAY_FILENO);
if (g_getenv ("XDG_VTNR") != NULL) {
int vt;
vt = atoi (g_getenv ("XDG_VTNR"));
if (vt > 0 && vt < 64) {
vt_string = g_strdup_printf ("vt%d", vt);
}
}
display_fd_string = g_strdup_printf ("%d", DISPLAY_FILENO);
g_ptr_array_add (arguments, X_SERVER);
if (vt_string != NULL) {
g_ptr_array_add (arguments, vt_string);
}
g_ptr_array_add (arguments, "-displayfd");
g_ptr_array_add (arguments, display_fd_string);
g_ptr_array_add (arguments, "-auth");
g_ptr_array_add (arguments, auth_file);
if (!allow_remote_connections) {
g_ptr_array_add (arguments, "-nolisten");
g_ptr_array_add (arguments, "tcp");
}
--
2.3.3

7
gdm.spec
View File

@ -11,7 +11,7 @@
Summary: The GNOME Display Manager
Name: gdm
Version: 3.16.0.1
Release: 1%{?dist}
Release: 2%{?dist}
Epoch: 1
License: GPLv2+
Group: User Interface/X
@ -19,6 +19,7 @@ URL: https://wiki.gnome.org/Projects/GDM
#VCS: git:git://git.gnome.org/gdm
Source: http://download.gnome.org/sources/gdm/3.16/gdm-%{version}.tar.xz
Source1: org.gnome.login-screen.gschema.override
Patch0: 0001-gdm-x-session-set-XORG_RUN_AS_USER_OK-1-environment-.patch
BuildRequires: pam-devel >= 0:%{pam_version}
BuildRequires: fontconfig >= 0:%{fontconfig_version}
@ -104,6 +105,7 @@ files needed to build custom greeters.
%prep
%setup -q
%patch0 -p1 -b .xorg-run-as-user-ok
autoreconf -i -f
intltoolize -f
@ -294,6 +296,9 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor >&/dev/null || :
%{_libdir}/pkgconfig/gdm.pc
%changelog
* Fri Mar 27 2015 Ray Strode <rstrode@redhat.com> 3.16.0.1-2
- set XORG_RUN_AS_USER_OK in environment
* Tue Mar 24 2015 Kalev Lember <kalevlember@gmail.com> - 1:3.16.0.1-1
- Update to 3.16.0.1