rpms/gdm
5
0
Fork 0
Code Issues Pull Requests Releases Activity
1e99f58161
gdm/fix-path.patch
Ray Strode 1e99f58161 Fix PATH 
Resolves: #1095344
2014-05-08 15:13:17 -04:00

506 lines
17 KiB
Diff
Raw Blame History

From c9bebed00008724600aef6c401f21245f7678e45 Mon Sep 17 00:00:00 2001
From: Ray Strode <rstrode@redhat.com>
Date: Tue, 22 Apr 2014 15:00:44 -0400
Subject: [PATCH 1/2] Revert "worker: get PATH from parent instead of #define"
This reverts commit e546e4dc6649a4fdf9065322420a28fa7e666782.
It's causing problems because bindir and sbindir are in the wrong
order for a user session.
---
common/Makefile.am | 1 +
common/gdm-common.c | 2 +-
configure.ac | 17 +++++++++++++++++
daemon/Makefile.am | 1 +
daemon/gdm-session-worker.c | 15 +++++++++++----
5 files changed, 31 insertions(+), 5 deletions(-)
diff --git a/common/Makefile.am b/common/Makefile.am
index ece167b..2e97090 100644
--- a/common/Makefile.am
+++ b/common/Makefile.am
@@ -1,52 +1,53 @@
## Process this file with automake to produce Makefile.in
NULL =
AM_CPPFLAGS = \
-I. \
-I.. \
-DGNOMELOCALEDIR=\""$(datadir)/locale"\" \
-DBINDIR=\"$(bindir)\" \
-DDATADIR=\"$(datadir)\" \
-DDMCONFDIR=\"$(dmconfdir)\" \
-DGDMCONFDIR=\"$(gdmconfdir)\" \
-DGDMLOCALEDIR=\"$(gdmlocaledir)\" \
-DLIBDIR=\"$(libdir)\" \
-DLIBEXECDIR=\"$(libexecdir)\" \
-DLOGDIR=\"$(logdir)\" \
-DPIXMAPDIR=\"$(pixmapdir)\" \
-DSBINDIR=\"$(sbindir)\" \
-DGNOMELOCALEDIR=\""$(datadir)/locale"\" \
-DGDM_DEFAULTS_CONF=\"$(GDM_DEFAULTS_CONF)\" \
-DGDM_CUSTOM_CONF=\"$(GDM_CUSTOM_CONF)\" \
-DGDM_OLD_CONF=\"$(GDM_OLD_CONF)\" \
+ -DGDM_SESSION_DEFAULT_PATH=\"$(GDM_SESSION_DEFAULT_PATH)\" \
$(COMMON_CFLAGS) \
$(NULL)
noinst_LTLIBRARIES = \
libgdmcommon.la \
$(NULL)
gdmdir = $(datadir)/gdm
gdm_DATA = gdb-cmd
if MKDTEMP_MISSING
MKDTEMP_FILES = mkdtemp.c mkdtemp.h
else
MKDTEMP_FILES =
endif
libgdmcommon_la_SOURCES = \
gdm-address.h \
gdm-address.c \
gdm-common.h \
gdm-common.c \
gdm-profile.c \
gdm-profile.h \
gdm-settings.c \
gdm-settings.h \
gdm-settings-backend.c \
gdm-settings-backend.h \
gdm-settings-desktop-backend.c \
gdm-settings-desktop-backend.h \
gdm-settings-keys.h \
diff --git a/common/gdm-common.c b/common/gdm-common.c
index aeb873b..4017313 100644
--- a/common/gdm-common.c
+++ b/common/gdm-common.c
@@ -882,61 +882,61 @@ gdm_get_script_environment (const char *username,
if (username != NULL) {
g_hash_table_insert (hash, g_strdup ("LOGNAME"),
g_strdup (username));
g_hash_table_insert (hash, g_strdup ("USER"),
g_strdup (username));
g_hash_table_insert (hash, g_strdup ("USERNAME"),
g_strdup (username));
gdm_get_pwent_for_name (username, &pwent);
if (pwent != NULL) {
if (pwent->pw_dir != NULL && pwent->pw_dir[0] != '\0') {
g_hash_table_insert (hash, g_strdup ("HOME"),
g_strdup (pwent->pw_dir));
g_hash_table_insert (hash, g_strdup ("PWD"),
g_strdup (pwent->pw_dir));
}
g_hash_table_insert (hash, g_strdup ("SHELL"),
g_strdup (pwent->pw_shell));
}
}
if (display_hostname) {
g_hash_table_insert (hash, g_strdup ("REMOTE_HOST"), g_strdup (display_hostname));
}
/* Runs as root */
g_hash_table_insert (hash, g_strdup ("XAUTHORITY"), g_strdup (display_x11_authority_file));
g_hash_table_insert (hash, g_strdup ("DISPLAY"), g_strdup (display_name));
- g_hash_table_insert (hash, g_strdup ("PATH"), g_strdup (g_getenv ("PATH")));
+ g_hash_table_insert (hash, g_strdup ("PATH"), g_strdup (GDM_SESSION_DEFAULT_PATH));
g_hash_table_insert (hash, g_strdup ("RUNNING_UNDER_GDM"), g_strdup ("true"));
g_hash_table_remove (hash, "MAIL");
g_hash_table_foreach (hash, (GHFunc)listify_hash, env);
g_hash_table_destroy (hash);
g_ptr_array_add (env, NULL);
return env;
}
gboolean
gdm_run_script (const char *dir,
const char *username,
const char *display_name,
const char *display_hostname,
const char *display_x11_authority_file)
{
char *script;
char **argv;
gint status;
GError *error;
GPtrArray *env;
gboolean res;
gboolean ret;
ret = FALSE;
g_assert (dir != NULL);
diff --git a/configure.ac b/configure.ac
index 242a969..aa0a13f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -247,60 +247,77 @@ AC_ARG_WITH(systemd,
AS_HELP_STRING([--with-systemd],
[Add systemd support @<:@default=auto@:>@]),
[with_systemd=$withval], [with_systemd=auto])
AC_ARG_WITH([systemdsystemunitdir],
AS_HELP_STRING([--with-systemdsystemunitdir=DIR],
[Directory for systemd service files]),
[with_systemdsystemunitdir=$withval], [with_systemdsystemunitdir=$($PKG_CONFIG --variable=systemdsystemunitdir systemd)])
AC_ARG_ENABLE(systemd-journal,
AS_HELP_STRING([--enable-systemd-journal],
[Add journald support @<:@default=auto@:>@]),
[enable_systemd_journal=$enableval], [enable_systemd_journal=auto])
AC_ARG_ENABLE(wayland-support,
AS_HELP_STRING([--enable-wayland-support],
[Enable support for wayland sessions @<:@default=auto@:>@]),
[enable_wayland_support=$enableval],
[enable_wayland_support=auto])
AC_ARG_WITH(plymouth,
AS_HELP_STRING([--with-plymouth],
[Add plymouth support @<:@default=auto@:>@]),
[with_plymouth=$withval], [with_plymouth=auto])
AC_ARG_WITH(at-spi-registryd-directory,
AS_HELP_STRING([--with-at-spi-registryd-directory],
[Specify the directory of at-spi-registryd @<:@default=libexecdir@:>@])],,
[with_at_spi_registryd_directory="${libexecdir}"])
AT_SPI_REGISTRYD_DIR=$with_at_spi_registryd_directory
AC_SUBST(AT_SPI_REGISTRYD_DIR)
+# Allow configuration of default PATH
+#
+withval=""
+AC_ARG_WITH(default-path,
+ AS_HELP_STRING([--with-default-path=<PATH>],
+ [PATH GDM will use as the user's default PATH]),
+ [if test x$withval != x; then
+ AC_MSG_RESULT("PATH ${withval} will be the default PATH.")
+ fi])
+
+if test x$withval != x; then
+ GDM_SESSION_DEFAULT_PATH="$withval"
+else
+ GDM_SESSION_DEFAULT_PATH="/usr/local/bin:/usr/bin:/bin"
+fi
+AC_SUBST(GDM_SESSION_DEFAULT_PATH)
+
dnl
dnl file that sets LANG
dnl
withval=""
AC_ARG_WITH(lang-file,
AS_HELP_STRING([--with-lang-file=<filename>],
[file containing default language setting]),
[if test x$withval != x; then
AC_MSG_RESULT("System locale will be looked for in file ${withval}.")
fi])
if test x$withval != x; then
LANG_CONFIG_FILE="$withval"
else
LANG_CONFIG_FILE='$(sysconfdir)/locale.conf'
fi
AC_SUBST(LANG_CONFIG_FILE)
# stropts has been removed from glibc
# https://bugzilla.redhat.com/show_bug.cgi?id=436349
AC_CHECK_HEADERS(stropts.h)
dnl socklen_t may be declared, but not in a "standard" C header location
AC_CHECK_HEADERS(sys/socket.h)
AC_CHECK_TYPE(socklen_t,,
AC_DEFINE(socklen_t, size_t, [Compatibility type]),
[AC_INCLUDES_DEFAULT]
#ifdef HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
diff --git a/daemon/Makefile.am b/daemon/Makefile.am
index 6944baa..691c939 100644
--- a/daemon/Makefile.am
+++ b/daemon/Makefile.am
@@ -1,51 +1,52 @@
NULL =
AM_CPPFLAGS = \
-I. \
-I.. \
-I$(top_srcdir)/common \
-I$(top_builddir)/common \
-DBINDIR=\"$(bindir)\" \
-DDATADIR=\"$(datadir)\" \
-DDMCONFDIR=\"$(dmconfdir)\" \
-DGDMCONFDIR=\"$(gdmconfdir)\" \
-DLIBDIR=\"$(libdir)\" \
-DLIBEXECDIR=\"$(libexecdir)\" \
-DLOCALSTATEDIR=\"$(localstatedir)\" \
-DLOGDIR=\"$(logdir)\" \
-DSBINDIR=\"$(sbindir)\" \
-DGNOMELOCALEDIR=\""$(datadir)/locale"\" \
-DGDM_RUN_DIR=\"$(GDM_RUN_DIR)\" \
-DGDM_XAUTH_DIR=\"$(GDM_XAUTH_DIR)\" \
-DGDM_SCREENSHOT_DIR=\"$(GDM_SCREENSHOT_DIR)\" \
-DGDM_CACHE_DIR=\""$(localstatedir)/cache/gdm"\" \
+ -DGDM_SESSION_DEFAULT_PATH=\"$(GDM_SESSION_DEFAULT_PATH)\" \
-DCONSOLEKIT_DIR=\"$(CONSOLEKIT_DIR)\" \
$(DISABLE_DEPRECATED_CFLAGS) \
$(DAEMON_CFLAGS) \
$(XLIB_CFLAGS) \
$(WARN_CFLAGS) \
$(DEBUG_CFLAGS) \
$(SYSTEMD_CFLAGS) \
$(JOURNALD_CFLAGS) \
$(LIBSELINUX_CFLAGS) \
-DLANG_CONFIG_FILE=\"$(LANG_CONFIG_FILE)\" \
$(NULL)
BUILT_SOURCES = \
gdm-display-glue.h \
gdm-manager-glue.h \
gdm-static-display-glue.h \
gdm-transient-display-glue.h \
gdm-local-display-factory-glue.h \
gdm-session-glue.h \
gdm-session-worker-glue.h \
gdm-session-enum-types.h \
$(NULL)
gdm-session-enum-types.h: gdm-session-enum-types.h.in gdm-session.h
$(AM_V_GEN) glib-mkenums --template $^ > $@
gdm-session-enum-types.c: gdm-session-enum-types.c.in gdm-session.h
$(AM_V_GEN) glib-mkenums --template $^ > $@
gdm-display-glue.c gdm-display-glue.h: gdm-display.xml Makefile.am
diff --git a/daemon/gdm-session-worker.c b/daemon/gdm-session-worker.c
index 5fc42c6..8493fbd 100644
--- a/daemon/gdm-session-worker.c
+++ b/daemon/gdm-session-worker.c
@@ -63,60 +63,64 @@
#endif /* HAVE_SELINUX */
#include "gdm-common.h"
#include "gdm-log.h"
#include "gdm-session-worker.h"
#include "gdm-session-glue.h"
#include "gdm-session.h"
#if defined (HAVE_ADT)
#include "gdm-session-solaris-auditor.h"
#elif defined (HAVE_LIBAUDIT)
#include "gdm-session-linux-auditor.h"
#else
#include "gdm-session-auditor.h"
#endif
#include "gdm-session-settings.h"
#define GDM_SESSION_WORKER_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), GDM_TYPE_SESSION_WORKER, GdmSessionWorkerPrivate))
#define GDM_SESSION_DBUS_PATH "/org/gnome/DisplayManager/Session"
#define GDM_SESSION_DBUS_NAME "org.gnome.DisplayManager.Session"
#define GDM_SESSION_DBUS_ERROR_CANCEL "org.gnome.DisplayManager.Session.Error.Cancel"
#define GDM_WORKER_DBUS_PATH "/org/gnome/DisplayManager/Worker"
#ifndef GDM_PASSWD_AUXILLARY_BUFFER_SIZE
#define GDM_PASSWD_AUXILLARY_BUFFER_SIZE 1024
#endif
+#ifndef GDM_SESSION_DEFAULT_PATH
+#define GDM_SESSION_DEFAULT_PATH "/usr/local/bin:/usr/bin:/bin"
+#endif
+
#ifndef GDM_SESSION_ROOT_UID
#define GDM_SESSION_ROOT_UID 0
#endif
#ifndef GDM_SESSION_LOG_FILENAME
#define GDM_SESSION_LOG_FILENAME "session.log"
#endif
#define MAX_FILE_SIZE 65536
#define MAX_LOGS 5
enum {
GDM_SESSION_WORKER_STATE_NONE = 0,
GDM_SESSION_WORKER_STATE_SETUP_COMPLETE,
GDM_SESSION_WORKER_STATE_AUTHENTICATED,
GDM_SESSION_WORKER_STATE_AUTHORIZED,
GDM_SESSION_WORKER_STATE_ACCREDITED,
GDM_SESSION_WORKER_STATE_ACCOUNT_DETAILS_SAVED,
GDM_SESSION_WORKER_STATE_SESSION_OPENED,
GDM_SESSION_WORKER_STATE_SESSION_STARTED
};
typedef struct
{
GdmSessionWorker *worker;
GdmSession *session;
GPid pid_of_caller;
uid_t uid_of_caller;
} ReauthenticationRequest;
@@ -1476,64 +1480,67 @@ gdm_session_worker_accredit_user (GdmSessionWorker *worker,
_("no user account available"));
goto out;
}
uid = 0;
gid = 0;
res = _lookup_passwd_info (worker->priv->username,
&uid,
&gid,
&home,
&shell);
if (! res) {
g_debug ("GdmSessionWorker: Unable to lookup account info");
error_code = PAM_AUTHINFO_UNAVAIL;
g_set_error (error,
GDM_SESSION_WORKER_ERROR,
GDM_SESSION_WORKER_ERROR_GIVING_CREDENTIALS,
_("no user account available"));
goto out;
}
gdm_session_worker_update_environment_from_passwd_info (worker,
uid,
gid,
home,
shell);
/* Let's give the user a default PATH if he doesn't already have one
*/
if (!gdm_session_worker_environment_variable_is_set (worker, "PATH")) {
- const char *path;
-
- path = g_getenv ("PATH");
- gdm_session_worker_set_environment_variable (worker, "PATH", path);
+ if (strcmp (BINDIR, "/usr/bin") == 0) {
+ gdm_session_worker_set_environment_variable (worker, "PATH",
+ GDM_SESSION_DEFAULT_PATH);
+ } else {
+ gdm_session_worker_set_environment_variable (worker, "PATH",
+ BINDIR ":" GDM_SESSION_DEFAULT_PATH);
+ }
}
if (! _change_user (worker, uid, gid)) {
g_debug ("GdmSessionWorker: Unable to change to user");
error_code = PAM_SYSTEM_ERR;
g_set_error (error, GDM_SESSION_WORKER_ERROR,
GDM_SESSION_WORKER_ERROR_GIVING_CREDENTIALS,
"%s", _("Unable to change to user"));
goto out;
}
error_code = pam_setcred (worker->priv->pam_handle, worker->priv->cred_flags);
/* If the user is reauthenticating and they've made it this far, then there
* is no reason we should lock them out of their session. They've already
* proved they are they same person who logged in, and that's all we care
* about.
*/
if (worker->priv->is_reauth_session) {
error_code = PAM_SUCCESS;
}
if (error_code != PAM_SUCCESS) {
g_set_error (error,
GDM_SESSION_WORKER_ERROR,
GDM_SESSION_WORKER_ERROR_GIVING_CREDENTIALS,
"%s",
pam_strerror (worker->priv->pam_handle, error_code));
goto out;
}
--
1.9.0
From 1282e09a595b73ae530ccb4ed9f942947d1f3fba Mon Sep 17 00:00:00 2001
From: Ray Strode <rstrode@redhat.com>
Date: Tue, 22 Apr 2014 15:01:52 -0400
Subject: [PATCH 2/2] configure: change default PATH to include sbin
---
configure.ac | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index aa0a13f..26455f3 100644
--- a/configure.ac
+++ b/configure.ac
@@ -260,61 +260,61 @@ AC_ARG_ENABLE(wayland-support,
[Enable support for wayland sessions @<:@default=auto@:>@]),
[enable_wayland_support=$enableval],
[enable_wayland_support=auto])
AC_ARG_WITH(plymouth,
AS_HELP_STRING([--with-plymouth],
[Add plymouth support @<:@default=auto@:>@]),
[with_plymouth=$withval], [with_plymouth=auto])
AC_ARG_WITH(at-spi-registryd-directory,
AS_HELP_STRING([--with-at-spi-registryd-directory],
[Specify the directory of at-spi-registryd @<:@default=libexecdir@:>@])],,
[with_at_spi_registryd_directory="${libexecdir}"])
AT_SPI_REGISTRYD_DIR=$with_at_spi_registryd_directory
AC_SUBST(AT_SPI_REGISTRYD_DIR)
# Allow configuration of default PATH
#
withval=""
AC_ARG_WITH(default-path,
AS_HELP_STRING([--with-default-path=<PATH>],
[PATH GDM will use as the user's default PATH]),
[if test x$withval != x; then
AC_MSG_RESULT("PATH ${withval} will be the default PATH.")
fi])
if test x$withval != x; then
GDM_SESSION_DEFAULT_PATH="$withval"
else
- GDM_SESSION_DEFAULT_PATH="/usr/local/bin:/usr/bin:/bin"
+ GDM_SESSION_DEFAULT_PATH="/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin"
fi
AC_SUBST(GDM_SESSION_DEFAULT_PATH)
dnl
dnl file that sets LANG
dnl
withval=""
AC_ARG_WITH(lang-file,
AS_HELP_STRING([--with-lang-file=<filename>],
[file containing default language setting]),
[if test x$withval != x; then
AC_MSG_RESULT("System locale will be looked for in file ${withval}.")
fi])
if test x$withval != x; then
LANG_CONFIG_FILE="$withval"
else
LANG_CONFIG_FILE='$(sysconfdir)/locale.conf'
fi
AC_SUBST(LANG_CONFIG_FILE)
# stropts has been removed from glibc
# https://bugzilla.redhat.com/show_bug.cgi?id=436349
AC_CHECK_HEADERS(stropts.h)
dnl socklen_t may be declared, but not in a "standard" C header location
AC_CHECK_HEADERS(sys/socket.h)
AC_CHECK_TYPE(socklen_t,,
AC_DEFINE(socklen_t, size_t, [Compatibility type]),
[AC_INCLUDES_DEFAULT]
--
1.9.0
Reference in New Issue View Git Blame Copy Permalink