- Nag user if they try to log in as root

2010-01-15 19:38:38 +00:00 · 2010-01-15 19:38:38 +00:00 · 9249560deb
commit 9249560deb
parent ecc151e53e
2 changed files with 180 additions and 1 deletions
--- a/gnome-session.spec
+++ b/gnome-session.spec
@ -207,7 +207,6 @@ fi
 * Thu Aug 13 2009 Matthias Clasen  <mclasen@redhat.com> - 2.27.5-2
 - Require polkit-desktop-policy

->>>>>>> 1.254
 * Tue Jul 28 2009 Matthias Clasen  <mclasen@redhat.com> - 2.27.5-1
 - Update to 2.27.5

--- a/nag-root-user.patch
+++ b/nag-root-user.patch
@ -0,0 +1,180 @@
+From 04bfd175f1284576d9ddf51e13f073dc50f18f83 Mon Sep 17 00:00:00 2001
+From: Ray Strode <rstrode@redhat.com>
+Date: Fri, 15 Jan 2010 12:52:50 -0500
+Subject: [PATCH] Nag users when they try to log in as root
+
+Root login does not work very well, in general.
+PolicyKit, IRC, and other random things just don't
+function right when run as root.  This commit adds
+a nag screen to warn the user that they might not
+have a good experience.
+
+https://bugzilla.gnome.org/show_bug.cgi?id=607094
+---
+ data/gnome-session.schemas.in.in |   11 ++++++
+ gnome-session/gsm-manager.c      |   22 +++++++++++++
+ gnome-session/gsm-util.c         |   64 ++++++++++++++++++++++++++++++++++++++
+ gnome-session/gsm-util.h         |    3 ++
+ 4 files changed, 100 insertions(+), 0 deletions(-)
+
+diff --git a/data/gnome-session.schemas.in.in b/data/gnome-session.schemas.in.in
+index 2cd5e2d..146319f 100644
+--- a/data/gnome-session.schemas.in.in
+++ b/data/gnome-session.schemas.in.in
+@@ -3,6 +3,17 @@
+    <schemalist>
+ 
+       <schema>
+         <key>/schemas/apps/gnome-session/options/show_root_warning</key>
+         <applyto>/apps/gnome-session/options/show_root_warning</applyto>
+         <owner>gnome</owner>
+         <type>bool</type>
+         <default>true</default>
+         <locale name="C">
+            <short>Warn user against running gnome-session from root account</short>
+            <long>If a user tries to login as root, show a dialog telling them it's a bad idea</long>
+         </locale>
+      </schema>
+      <schema>
+          <key>/schemas/apps/gnome-session/options/show_splash_screen</key>
+          <applyto>/apps/gnome-session/options/show_splash_screen</applyto>
+          <owner>gnome</owner>
+diff --git a/gnome-session/gsm-manager.c b/gnome-session/gsm-manager.c
+index 49fefe6..6fbd312 100644
+--- a/gnome-session/gsm-manager.c
+++ b/gnome-session/gsm-manager.c
+@@ -85,6 +85,8 @@
+ 
+ #define KEY_SLEEP_LOCK            "/apps/gnome-screensaver/lock_enabled"
+ 
+#define KEY_SHOW_ROOT_WARNING     "/apps/gnome-session/options/show_root_warning"
+
+ #define IS_STRING_EMPTY(x) ((x)==NULL||(x)[0]=='\0')
+ 
+ typedef enum
+@@ -467,6 +469,26 @@ end_phase (GsmManager *manager)
+                 manager->priv->phase_timeout_id = 0;
+         }
+ 
+        /* If we just finished the phase before the phase where applications
+         * are started, then nag the user if they're root.  We could do it earlier,
+         * but that would mean showing a bare dialog with nothing around it
+         * (and potentially without decorations, font settings loaded, etc).  We
+         * could do it later, but that would be mean things loading around it and
+         * covering it up, etc.
+         */
+        if (manager->priv->phase + 1 == GSM_MANAGER_PHASE_APPLICATION) {
+                if (getuid () == 0) {
+                        gsm_util_nag_message (KEY_SHOW_ROOT_WARNING, FALSE,
+                                              _("You are currently trying to run as the "
+                                                "root super user.  The super user is a "
+                                                "specialized account that is not designed "
+                                                "to run a normal user session.  Various programs "
+                                                "will not function properly, and actions "
+                                                "performed under this account can cause unrecoverable "
+                                                "damage to the operating system."));
+                }
+        }
+
+         switch (manager->priv->phase) {
+         case GSM_MANAGER_PHASE_STARTUP:
+         case GSM_MANAGER_PHASE_INITIALIZATION:
+diff --git a/gnome-session/gsm-util.c b/gnome-session/gsm-util.c
+index d139b95..b60d994 100644
+--- a/gnome-session/gsm-util.c
+++ b/gnome-session/gsm-util.c
+@@ -35,6 +35,7 @@
+ #include <dbus/dbus-glib.h>
+ 
+ #include "gsm-util.h"
+#include "gsm-gconf.h"
+ 
+ static gchar *_saved_session_dir = NULL;
+ 
+@@ -373,6 +374,69 @@ gsm_util_init_error (gboolean    fatal,
+ }
+ 
+ /**
+ * gsm_util_nag_message:
+ * @key: gconf configuration key to save user's "don't nag me" state
+ * @nag_only_once: Initial state of the "don't nag me" checkbox
+ * @format: printf-style error message format
+ * @...: error message args
+ *
+ * Displays a nag message to the user along with a check button that says something
+ * like "Don't show this again". If @nag_only_once is %TRUE, the check button will
+ * default to checked.  The state of the dialog is stored as a boolean at the
+ * gconf path specified by @key
+ *
+ * This should be called for informative messages that the user may or may
+ * not care about.
+ **/
+void
+gsm_util_nag_message (const char *key,
+                      gboolean    nag_only_once,
+                      const char *format, ...)
+{
+        GtkWidget *dialog;
+        GtkWidget *content_area;
+        GtkWidget *check_button;
+        char      *msg;
+        va_list    args;
+        GConfClient *client;
+        gboolean should_nag;
+
+        client = gconf_client_get_default ();
+        should_nag = gconf_client_get_bool (client, key, NULL);
+
+        if (!should_nag) {
+                goto out;
+        }
+
+        va_start (args, format);
+        msg = g_strdup_vprintf (format, args);
+        va_end (args);
+
+        dialog = gtk_message_dialog_new (NULL, 0, GTK_MESSAGE_ERROR,
+                                         GTK_BUTTONS_CLOSE, "%s", msg);
+
+        g_free (msg);
+
+        content_area = gtk_dialog_get_content_area (GTK_DIALOG (dialog));
+        check_button = gtk_check_button_new_with_label (_("Do not show me this again"));
+
+        gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (check_button), nag_only_once != FALSE);
+        gtk_widget_show (check_button);
+
+        gtk_container_add (GTK_CONTAINER (content_area), check_button);
+
+        gtk_window_set_position (GTK_WINDOW (dialog), GTK_WIN_POS_CENTER);
+        gtk_dialog_run (GTK_DIALOG (dialog));
+
+        should_nag = gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (check_button)) == FALSE;
+        gconf_client_set_bool (client, key, should_nag != FALSE, NULL);
+        gtk_widget_destroy (dialog);
+
+out:
+        g_object_unref (client);
+}
+
+/**
+  * gsm_util_generate_startup_id:
+  *
+  * Generates a new SM client ID.
+diff --git a/gnome-session/gsm-util.h b/gnome-session/gsm-util.h
+index b67a4ab..f7318a7 100644
+--- a/gnome-session/gsm-util.h
+++ b/gnome-session/gsm-util.h
+@@ -41,6 +41,9 @@ gboolean    gsm_util_text_is_blank                  (const char *str);
+ 
+ void        gsm_util_init_error                     (gboolean    fatal,
+                                                      const char *format, ...);
+void        gsm_util_nag_message                    (const char *key,
+                                                     gboolean    nag_only_once,
+                                                     const char *format, ...);
+ 
+ char *      gsm_util_generate_startup_id            (void);
+ 
+-- 
+1.6.5.3
+