- Try opening the console-kit session after the user's UID has already been
granted access to the server by localuser.sh, so that console-kit-daemon can connect and ask the server for information just by having switch to the user's UID (#287941).
This commit is contained in:
parent
67a11219f7
commit
6a6479cb4b
90
ck-xinit-session.c
Normal file
90
ck-xinit-session.c
Normal file
@ -0,0 +1,90 @@
|
|||||||
|
/*
|
||||||
|
* Copyright Red Hat, Inc. 2007.
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions are met:
|
||||||
|
*
|
||||||
|
* * Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* * Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
* * Neither the name of Red Hat, Inc., nor the names of its
|
||||||
|
* contributors may be used to endorse or promote products derived
|
||||||
|
* from this software without specific prior written permission.
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
|
||||||
|
* IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
|
||||||
|
* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
||||||
|
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
|
||||||
|
* OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
|
||||||
|
* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
|
||||||
|
* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
|
||||||
|
* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
||||||
|
* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
|
||||||
|
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
||||||
|
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* Gate a process inside of a ConsoleKit session.
|
||||||
|
*
|
||||||
|
* We want to do this instead of doing it from inside of xinit because at the
|
||||||
|
* point we're doing it, we've already added the user's UID to the list of
|
||||||
|
* allowed clients for the X server, so the ConsoleKit daemon, which assumes
|
||||||
|
* the user's UID, will be able to connect without needing to be able to read
|
||||||
|
* the user's X cookies.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <sys/types.h>
|
||||||
|
#include <sys/wait.h>
|
||||||
|
#include <paths.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <syslog.h>
|
||||||
|
#include <unistd.h>
|
||||||
|
#include <ck-connector.h>
|
||||||
|
|
||||||
|
int
|
||||||
|
main(int argc, char **argv)
|
||||||
|
{
|
||||||
|
CkConnector *ckc = NULL;
|
||||||
|
DBusError error;
|
||||||
|
const char *shell;
|
||||||
|
pid_t pid;
|
||||||
|
int status;
|
||||||
|
|
||||||
|
ckc = ck_connector_new();
|
||||||
|
if (ckc != NULL) {
|
||||||
|
dbus_error_init (&error);
|
||||||
|
if (ck_connector_open_session(ckc, &error)) {
|
||||||
|
pid = fork();
|
||||||
|
switch (pid) {
|
||||||
|
case -1:
|
||||||
|
syslog(LOG_ERR, "error forking child");
|
||||||
|
break;
|
||||||
|
case 0:
|
||||||
|
setenv("XDG_SESSION_COOKIE",
|
||||||
|
ck_connector_get_cookie(ckc), 1);
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
waitpid(pid, &status, 0);
|
||||||
|
exit(status);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
syslog(LOG_ERR, "error connecting to console-kit");
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
syslog(LOG_ERR, "error setting up to connect to console-kit");
|
||||||
|
}
|
||||||
|
if (argc > 1) {
|
||||||
|
execvp(argv[1], argv + 1);
|
||||||
|
} else {
|
||||||
|
shell = getenv("SHELL");
|
||||||
|
if (shell == NULL) {
|
||||||
|
shell = _PATH_BSHELL;
|
||||||
|
}
|
||||||
|
execlp(shell, shell, NULL);
|
||||||
|
}
|
||||||
|
_exit(1);
|
||||||
|
}
|
8
xinitrc
8
xinitrc
@ -18,11 +18,11 @@
|
|||||||
# The user may have their own clients they want to run. If they don't,
|
# The user may have their own clients they want to run. If they don't,
|
||||||
# fall back to system defaults.
|
# fall back to system defaults.
|
||||||
if [ -f $HOME/.Xclients ]; then
|
if [ -f $HOME/.Xclients ]; then
|
||||||
exec $SSH_AGENT $DBUS_LAUNCH $HOME/.Xclients || \
|
exec $CK_XINIT_SESSION $SSH_AGENT $DBUS_LAUNCH $HOME/.Xclients || \
|
||||||
exec $SSH_AGENT $HOME/.Xclients
|
exec $CK_XINIT_SESSION $SSH_AGENT $HOME/.Xclients
|
||||||
elif [ -f /etc/X11/xinit/Xclients ]; then
|
elif [ -f /etc/X11/xinit/Xclients ]; then
|
||||||
exec $SSH_AGENT $DBUS_LAUNCH /etc/X11/xinit/Xclients || \
|
exec $CK_XINIT_SESSION $SSH_AGENT $DBUS_LAUNCH /etc/X11/xinit/Xclients || \
|
||||||
exec $SSH_AGENT /etc/X11/xinit/Xclients
|
exec $CK_XINIT_SESSION $SSH_AGENT /etc/X11/xinit/Xclients
|
||||||
else
|
else
|
||||||
# Failsafe settings. Although we should never get here
|
# Failsafe settings. Although we should never get here
|
||||||
# (we provide fallbacks in Xclients as well) it can't hurt.
|
# (we provide fallbacks in Xclients as well) it can't hurt.
|
||||||
|
@ -71,3 +71,5 @@ fi
|
|||||||
DBUS_LAUNCH=
|
DBUS_LAUNCH=
|
||||||
[ -x /usr/bin/dbus-launch -a -z "$DBUS_SESSION_BUS_ADDRESS" ] && DBUS_LAUNCH="/usr/bin/dbus-launch --exit-with-session"
|
[ -x /usr/bin/dbus-launch -a -z "$DBUS_SESSION_BUS_ADDRESS" ] && DBUS_LAUNCH="/usr/bin/dbus-launch --exit-with-session"
|
||||||
|
|
||||||
|
CK_XINIT_SESSION=
|
||||||
|
[ -x /usr/bin/ck-xinit-session ] && CK_XINIT_SESSION="/usr/bin/ck-xinit-session"
|
||||||
|
@ -3,7 +3,7 @@
|
|||||||
Summary: X.Org X11 X Window System xinit startup scripts
|
Summary: X.Org X11 X Window System xinit startup scripts
|
||||||
Name: xorg-x11-%{pkgname}
|
Name: xorg-x11-%{pkgname}
|
||||||
Version: 1.0.7
|
Version: 1.0.7
|
||||||
Release: 1%{?dist}
|
Release: 2%{?dist}
|
||||||
License: MIT/X11
|
License: MIT/X11
|
||||||
Group: User Interface/X
|
Group: User Interface/X
|
||||||
URL: http://www.x.org
|
URL: http://www.x.org
|
||||||
@ -19,6 +19,7 @@ Source14: Xresources
|
|||||||
# here instead of the xdm package.
|
# here instead of the xdm package.
|
||||||
Source16: Xsession
|
Source16: Xsession
|
||||||
Source17: localuser.sh
|
Source17: localuser.sh
|
||||||
|
Source100: ck-xinit-session.c
|
||||||
|
|
||||||
Patch1: xinit-1.0.2-client-session.patch
|
Patch1: xinit-1.0.2-client-session.patch
|
||||||
Patch2: xinit-1.0.7-poke-ck.patch
|
Patch2: xinit-1.0.7-poke-ck.patch
|
||||||
@ -54,7 +55,7 @@ X.Org X11 X Window System xinit startup scripts
|
|||||||
%prep
|
%prep
|
||||||
%setup -q -n %{pkgname}-%{version}
|
%setup -q -n %{pkgname}-%{version}
|
||||||
%patch1 -p1 -b .client-session
|
%patch1 -p1 -b .client-session
|
||||||
%patch2 -p1 -b .poke-ck
|
#%patch2 -p1 -b .poke-ck
|
||||||
|
|
||||||
%build
|
%build
|
||||||
autoreconf
|
autoreconf
|
||||||
@ -62,12 +63,17 @@ autoreconf
|
|||||||
# FIXME: Upstream should default to XINITDIR being this. Make a patch to
|
# FIXME: Upstream should default to XINITDIR being this. Make a patch to
|
||||||
# Makefile.am and submit it in a bug report or check into CVS.
|
# Makefile.am and submit it in a bug report or check into CVS.
|
||||||
make XINITDIR=/etc/X11/xinit
|
make XINITDIR=/etc/X11/xinit
|
||||||
|
%{__cc} -o ck-xinit-session \
|
||||||
|
`pkg-config --cflags ck-connector` $RPM_OPT_FLAGS \
|
||||||
|
$RPM_SOURCE_DIR/ck-xinit-session.c \
|
||||||
|
`pkg-config --libs ck-connector`
|
||||||
|
|
||||||
%install
|
%install
|
||||||
rm -rf $RPM_BUILD_ROOT
|
rm -rf $RPM_BUILD_ROOT
|
||||||
# FIXME: Upstream should default to XINITDIR being this. Make a patch to
|
# FIXME: Upstream should default to XINITDIR being this. Make a patch to
|
||||||
# Makefile.am and submit it in a bug report or check into CVS.
|
# Makefile.am and submit it in a bug report or check into CVS.
|
||||||
%makeinstall XINITDIR=$RPM_BUILD_ROOT/etc/X11/xinit
|
%makeinstall XINITDIR=$RPM_BUILD_ROOT/etc/X11/xinit
|
||||||
|
install -m755 ck-xinit-session $RPM_BUILD_ROOT/%{_bindir}
|
||||||
|
|
||||||
# Install Red Hat custom xinitrc, etc.
|
# Install Red Hat custom xinitrc, etc.
|
||||||
{
|
{
|
||||||
@ -92,6 +98,7 @@ rm -rf $RPM_BUILD_ROOT
|
|||||||
%doc AUTHORS COPYING README NEWS ChangeLog
|
%doc AUTHORS COPYING README NEWS ChangeLog
|
||||||
%{_bindir}/startx
|
%{_bindir}/startx
|
||||||
%{_bindir}/xinit
|
%{_bindir}/xinit
|
||||||
|
%{_bindir}/ck-xinit-session
|
||||||
%dir %{_sysconfdir}/X11
|
%dir %{_sysconfdir}/X11
|
||||||
%dir %{_sysconfdir}/X11/xinit
|
%dir %{_sysconfdir}/X11/xinit
|
||||||
%{_sysconfdir}/X11/xinit/xinitrc
|
%{_sysconfdir}/X11/xinit/xinitrc
|
||||||
@ -108,6 +115,12 @@ rm -rf $RPM_BUILD_ROOT
|
|||||||
%{_mandir}/man1/xinit.1*
|
%{_mandir}/man1/xinit.1*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Oct 12 2007 Nalin Dahyabhai <nalin@redhat.com> 1.0.7-2
|
||||||
|
- Try opening the console-kit session after the user's UID has already
|
||||||
|
been granted access to the server by localuser.sh, so that console-kit-daemon
|
||||||
|
can connect and ask the server for information just by having switch to the
|
||||||
|
user's UID (#287941).
|
||||||
|
|
||||||
* Mon Sep 24 2007 Adam Jackson <ajax@redhat.com> 1.0.7-1
|
* Mon Sep 24 2007 Adam Jackson <ajax@redhat.com> 1.0.7-1
|
||||||
- xinit 1.0.7
|
- xinit 1.0.7
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user