121 lines
5.4 KiB
Diff
121 lines
5.4 KiB
Diff
From 0ecacfd6123e4026c78d5d61670da0abdcbf7559 Mon Sep 17 00:00:00 2001
|
|
From: Ray Strode <rstrode@redhat.com>
|
|
Date: Thu, 22 Jan 2015 11:51:18 -0500
|
|
Subject: [PATCH] manager: allow the login screen to do reauthentication
|
|
|
|
At the moment, we only allow the user session to do reauthentication
|
|
from its lock screen. If a user does user switching we instead open
|
|
a new session for checking the user's password.
|
|
|
|
This commit enables reauthentication from the login screen as well.
|
|
---
|
|
daemon/gdm-manager.c | 23 ++++++++++++++---------
|
|
1 file changed, 14 insertions(+), 9 deletions(-)
|
|
|
|
diff --git a/daemon/gdm-manager.c b/daemon/gdm-manager.c
|
|
index 8c41045..0278512 100644
|
|
--- a/daemon/gdm-manager.c
|
|
+++ b/daemon/gdm-manager.c
|
|
@@ -1161,84 +1161,89 @@ open_temporary_reauthentication_channel (GdmManager *self,
|
|
self);
|
|
|
|
address = gdm_session_get_server_address (session);
|
|
|
|
return g_strdup (address);
|
|
}
|
|
|
|
static gboolean
|
|
gdm_manager_handle_open_reauthentication_channel (GdmDBusManager *manager,
|
|
GDBusMethodInvocation *invocation,
|
|
const char *username)
|
|
{
|
|
GdmManager *self = GDM_MANAGER (manager);
|
|
const char *sender;
|
|
GdmDisplay *display = NULL;
|
|
GdmSession *session;
|
|
GDBusConnection *connection;
|
|
char *seat_id = NULL;
|
|
char *session_id = NULL;
|
|
GPid pid = 0;
|
|
uid_t uid = (uid_t) -1;
|
|
gboolean is_login_screen = FALSE;
|
|
gboolean is_remote = FALSE;
|
|
|
|
g_debug ("GdmManager: trying to open reauthentication channel for user %s", username);
|
|
|
|
sender = g_dbus_method_invocation_get_sender (invocation);
|
|
connection = g_dbus_method_invocation_get_connection (invocation);
|
|
get_display_and_details_for_bus_sender (self, connection, sender, &display, &seat_id, &session_id, &pid, &uid, &is_login_screen, &is_remote);
|
|
|
|
- if (is_login_screen) {
|
|
- g_dbus_method_invocation_return_error_literal (invocation,
|
|
- G_DBUS_ERROR,
|
|
- G_DBUS_ERROR_ACCESS_DENIED,
|
|
- "Login screen not allow to open reauthentication channel");
|
|
- return TRUE;
|
|
- }
|
|
-
|
|
if (session_id == NULL || pid == 0 || uid == (uid_t) -1) {
|
|
g_dbus_method_invocation_return_error_literal (invocation,
|
|
G_DBUS_ERROR,
|
|
G_DBUS_ERROR_ACCESS_DENIED,
|
|
_("No session available"));
|
|
|
|
return TRUE;
|
|
}
|
|
|
|
- session = get_seed_session_for_display (display);
|
|
+ if (is_login_screen) {
|
|
+ session = find_session_for_user_on_seat (self,
|
|
+ username,
|
|
+ seat_id,
|
|
+ NULL);
|
|
+ } else {
|
|
+ session = get_seed_session_for_display (display);
|
|
+ }
|
|
|
|
if (session != NULL && gdm_session_is_running (session)) {
|
|
gdm_session_start_reauthentication (session, pid, uid);
|
|
g_hash_table_insert (self->priv->open_reauthentication_requests,
|
|
GINT_TO_POINTER (pid),
|
|
invocation);
|
|
+ } else if (is_login_screen) {
|
|
+ g_dbus_method_invocation_return_error_literal (invocation,
|
|
+ G_DBUS_ERROR,
|
|
+ G_DBUS_ERROR_ACCESS_DENIED,
|
|
+ "Login screen only allowed to open reauthentication channels for running sessions");
|
|
+ return TRUE;
|
|
} else {
|
|
char *address;
|
|
address = open_temporary_reauthentication_channel (self,
|
|
seat_id,
|
|
session_id,
|
|
pid,
|
|
uid,
|
|
is_remote);
|
|
gdm_dbus_manager_complete_open_reauthentication_channel (GDM_DBUS_MANAGER (manager),
|
|
invocation,
|
|
address);
|
|
g_free (address);
|
|
}
|
|
|
|
return TRUE;
|
|
}
|
|
|
|
static void
|
|
manager_interface_init (GdmDBusManagerIface *interface)
|
|
{
|
|
interface->handle_open_session = gdm_manager_handle_open_session;
|
|
interface->handle_open_reauthentication_channel = gdm_manager_handle_open_reauthentication_channel;
|
|
}
|
|
|
|
static void
|
|
set_up_greeter_session (GdmManager *manager,
|
|
GdmDisplay *display)
|
|
{
|
|
char *allowed_user;
|
|
struct passwd *passwd_entry;
|
|
--
|
|
2.2.1
|
|
|