[arch-commits] Commit in gdm/trunk (8 files)
Ionut Biru
ibiru at archlinux.org
Sat Sep 3 19:58:51 UTC 2011
Date: Saturday, September 3, 2011 @ 15:58:51
Author: ibiru
Revision: 136952
customize pam to accommodate our needs
Added:
gdm/trunk/gdm-fingerprint.pam
gdm/trunk/gdm-password.pam
gdm/trunk/gdm-smartcard.pam
gdm/trunk/gdm-welcome.pam
Modified:
gdm/trunk/PKGBUILD
gdm/trunk/gdm-autologin.pam
Deleted:
gdm/trunk/2.91_fix_external_program_directories.patch
gdm/trunk/gdm-vt-allocation-hack.patch
---------------------------------------------+
2.91_fix_external_program_directories.patch | 48 ----------
PKGBUILD | 34 +++----
gdm-autologin.pam | 24 +++--
gdm-fingerprint.pam | 18 +++
gdm-password.pam | 20 ++++
gdm-smartcard.pam | 18 +++
gdm-vt-allocation-hack.patch | 118 --------------------------
gdm-welcome.pam | 12 ++
8 files changed, 102 insertions(+), 190 deletions(-)
Deleted: 2.91_fix_external_program_directories.patch
===================================================================
--- 2.91_fix_external_program_directories.patch 2011-09-03 17:04:39 UTC (rev 136951)
+++ 2.91_fix_external_program_directories.patch 2011-09-03 19:58:51 UTC (rev 136952)
@@ -1,48 +0,0 @@
-diff -Nur gdm-2.91.91.orig/daemon/gdm-server.c gdm-2.91.91/daemon/gdm-server.c
---- gdm-2.91.91.orig/daemon/gdm-server.c 2011-02-17 19:27:53.000000000 -0800
-+++ gdm-2.91.91/daemon/gdm-server.c 2011-02-27 16:56:51.283347074 -0800
-@@ -131,7 +131,7 @@
- g_return_val_if_fail (GDM_IS_SERVER (server), NULL);
-
- error = NULL;
-- command = g_strdup_printf (LIBEXECDIR "/ck-get-x11-display-device --display %s",
-+ command = g_strdup_printf ("/usr/lib/ConsoleKit/ck-get-x11-display-device --display %s",
- server->priv->display_name);
-
- g_debug ("GdmServer: Running helper %s", command);
-diff -Nur gdm-2.91.91.orig/data/greeter-autostart/gnome-settings-daemon.desktop.in.in gdm-2.91.91/data/greeter-autostart/gnome-settings-daemon.desktop.in.in
---- gdm-2.91.91.orig/data/greeter-autostart/gnome-settings-daemon.desktop.in.in 2011-02-17 19:27:53.000000000 -0800
-+++ gdm-2.91.91/data/greeter-autostart/gnome-settings-daemon.desktop.in.in 2011-02-26 08:43:28.700009251 -0800
-@@ -1,8 +1,8 @@
- [Desktop Entry]
- Type=Application
- _Name=GNOME Settings Daemon
--TryExec=@LIBEXECDIR@/gnome-settings-daemon
--Exec=@LIBEXECDIR@/gnome-settings-daemon
-+TryExec=/usr/bin/gnome-settings-daemon
-+Exec=/usr/bin/gnome-settings-daemon
- OnlyShowIn=GNOME;
- X-GNOME-Autostart-Phase=Initialization
- X-GNOME-Autostart-Notify=true
-diff -Nur gdm-2.91.91.orig/data/greeter-autostart/polkit-gnome-authentication-agent-1.desktop.in.in gdm-2.91.91/data/greeter-autostart/polkit-gnome-authentication-agent-1.desktop.in.in
---- gdm-2.91.91.orig/data/greeter-autostart/polkit-gnome-authentication-agent-1.desktop.in.in 2011-02-17 19:27:53.000000000 -0800
-+++ gdm-2.91.91/data/greeter-autostart/polkit-gnome-authentication-agent-1.desktop.in.in 2011-02-26 08:44:06.810009153 -0800
-@@ -1,5 +1,5 @@
- [Desktop Entry]
- Type=Application
- _Name=PolicyKit Authentication Agent
--Exec=@LIBEXECDIR@/polkit-gnome-authentication-agent-1
-+Exec=/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1
- OnlyShowIn=GNOME;
-diff -Nur gdm-2.91.91.orig/gui/simple-chooser/gdm-chooser-session.c gdm-2.91.91/gui/simple-chooser/gdm-chooser-session.c
---- gdm-2.91.91.orig/gui/simple-chooser/gdm-chooser-session.c 2011-02-17 19:27:53.000000000 -0800
-+++ gdm-2.91.91/gui/simple-chooser/gdm-chooser-session.c 2011-02-26 08:45:01.946675918 -0800
-@@ -131,7 +131,7 @@
- ret = FALSE;
-
- error = NULL;
-- g_spawn_command_line_async (LIBEXECDIR "/gnome-settings-daemon", &error);
-+ g_spawn_command_line_async ("/usr/bin/gnome-settings-daemon", &error);
- if (error != NULL) {
- g_warning ("Error starting settings daemon: %s", error->message);
- g_error_free (error);
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2011-09-03 17:04:39 UTC (rev 136951)
+++ PKGBUILD 2011-09-03 19:58:51 UTC (rev 136952)
@@ -2,28 +2,31 @@
# Maintainer: Jan de Groot <jgc at archlinux.org>
pkgname=gdm
pkgver=3.1.90
-pkgrel=2
+pkgrel=3
pkgdesc="Gnome Display Manager (a reimplementation of xdm)"
arch=('i686' 'x86_64')
license=('GPL')
url="http://www.gnome.org"
-backup=('etc/pam.d/gdm' 'etc/pam.d/gdm-autologin' 'etc/gdm/custom.conf')
+backup=('etc/pam.d/gdm-autologin' 'etc/pam.d/gdm-fingerprint' 'etc/pam.d/gdm' 'etc/pam.d/gdm-password'
+ 'etc/pam.d/gdm-smartcard' 'etc/pam.d/gdm-welcome' 'etc/gdm/custom.conf')
groups=('gnome-extra')
options=('!libtool')
-depends=('libcanberra' 'libxklavier' 'gnome-session' 'upower' 'accountsservice' 'consolekit' 'xorg-xrdb' 'nss')
+depends=('caribou' 'libcanberra' 'libxklavier' 'gnome-session' 'upower' 'accountsservice' 'consolekit' 'xorg-xrdb' 'nss')
makedepends=('intltool' 'gnome-doc-utils' 'xorg-server' 'gobject-introspection')
install=gdm.install
source=(http://ftp.gnome.org/pub/gnome/sources/${pkgname}/${pkgver%.*}/${pkgname}-${pkgver}.tar.xz
fix_external_program_directories.patch
- gdm.pam
- gdm-autologin.pam
- gdm)
+ gdm
+ gdm-autologin.pam gdm-fingerprint.pam gdm.pam gdm-password.pam gdm-smartcard.pam gdm-welcome.pam)
sha256sums=('3fb9c52b8a18f39539c53d84645b89836de25a3eb3a0b84388e76a4f988178bf'
'b7c19ab68dc38216f751be6d1e66d617fb9011e23185590e52ac1974d3bc1afb'
+ '272c08d8e8b50bf424d0705ac864d4c18c47ec4f6893b1af732c2efbc86c9550'
+ 'b30dfa217718b43ff3aa4e8af08985963175b79ff30698ec54e8396d2905922d'
+ '5bc3ff3ea7b31219dfcb7d9fc0eb2819eca1c5573a0f426d288a17560a69633e'
'f1dfa4d88288d4b0a631a68a51b46c2da537bee8fe5a99f9f288c8ff75a50b19'
- '3daff680ff6b7ea56f84f40843e46e72477c81e9e405028203c942af04d07ae5'
- '272c08d8e8b50bf424d0705ac864d4c18c47ec4f6893b1af732c2efbc86c9550')
-
+ '0dbb37b4e2a2a2dd2305f0f69cf32d63d353d34aacaf805d2c2ec52fbe558bb4'
+ 'df74b0dcfb17ea43cc1e268a27cd256c552672457db1af40b285452d16b3e2fd'
+ '39bf3824cc505043dc3136356da16dab9df9f369f1077435a324be2ac16cf834')
build() {
cd "${srcdir}/${pkgname}-${pkgver}"
patch -Np1 -i "${srcdir}/fix_external_program_directories.patch"
@@ -43,16 +46,13 @@
make GCONF_DISABLE_MAKEFILE_SCHEMA_INSTALL=1 DESTDIR="${pkgdir}" install
install -m755 -d "${pkgdir}/usr/share/gconf/schemas"
gconf-merge-schema "${pkgdir}/usr/share/gconf/schemas/${pkgname}.schemas" --domain gdm ${pkgdir}/etc/gconf/schemas/*.schemas
- rm -r "${pkgdir}/etc/gconf/"
- install -m644 "${srcdir}/gdm.pam" "${pkgdir}/etc/pam.d/gdm"
- install -m644 "${srcdir}/gdm-autologin.pam" "${pkgdir}/etc/pam.d/gdm-autologin"
- sed -e 's/include\s*system-auth/required\tpam_unix.so/' -i "${pkgdir}/etc/pam.d/gdm-welcome"
+ for i in gdm-autologin.pam gdm-fingerprint.pam gdm.pam gdm-password.pam gdm-smartcard.pam gdm-welcome.pam;do
+ install -m644 "${srcdir}/${i}" "${pkgdir}/etc/pam.d/${i%.pam}"
+ done
- install -m755 -d "${pkgdir}/etc/rc.d"
- install -m755 "${srcdir}/gdm" "${pkgdir}/etc/rc.d/"
+ install -Dm755 "${srcdir}/gdm" "${pkgdir}/etc/rc.d/gdm"
- rmdir "${pkgdir}/var/gdm"
chmod 1770 "${pkgdir}/var/log/gdm"
- rm -rf "${pkgdir}/var/run"
+ rm -rf "${pkgdir}/var/run" "${pkgdir}/var/gdm" "${pkgdir}/etc/gconf"
}
Modified: gdm-autologin.pam
===================================================================
--- gdm-autologin.pam 2011-09-03 17:04:39 UTC (rev 136951)
+++ gdm-autologin.pam 2011-09-03 19:58:51 UTC (rev 136952)
@@ -1,8 +1,18 @@
#%PAM-1.0
-auth requisite pam_nologin.so
-auth required pam_env.so
-auth required pam_permit.so
-account required pam_unix.so
-password required pam_unix.so
-session required pam_limits.so
-session required pam_unix.so
+auth requisite pam_nologin.so
+auth required pam_env.so
+
+auth requisite pam_permit.so
+
+auth sufficient pam_succeed_if.so uid >= 1000 quiet
+auth required pam_deny.so
+
+account required pam_unix.so
+
+password required pam_deny.so
+
+session required pam_loginuid.so
+-session optional pam_systemd.so
+session optional pam_keyinit.so revoke
+session required pam_limits.so
+session required pam_unix.so
Added: gdm-fingerprint.pam
===================================================================
--- gdm-fingerprint.pam (rev 0)
+++ gdm-fingerprint.pam 2011-09-03 19:58:51 UTC (rev 136952)
@@ -0,0 +1,18 @@
+#%PAM-1.0
+auth requisite pam_nologin.so
+auth required pam_env.so
+
+auth requisite pam_fprintd.so
+
+auth sufficient pam_succeed_if.so uid >= 1000 quiet
+auth required pam_deny.so
+
+account required pam_unix.so
+
+password required pam_deny.so
+
+session required pam_loginuid.so
+-session optional pam_systemd.so
+session optional pam_keyinit.so revoke
+session required pam_limits.so
+session required pam_unix.so
Added: gdm-password.pam
===================================================================
--- gdm-password.pam (rev 0)
+++ gdm-password.pam 2011-09-03 19:58:51 UTC (rev 136952)
@@ -0,0 +1,20 @@
+#%PAM-1.0
+auth requisite pam_nologin.so
+auth required pam_env.so
+
+auth requisite pam_unix.so nullok
+auth optional pam_gnome_keyring.so
+
+auth sufficient pam_succeed_if.so uid >= 1000 quiet
+auth required pam_deny.so
+
+account required pam_unix.so
+
+password required pam_unix.so
+
+session required pam_loginuid.so
+-session optional pam_systemd.so
+session optional pam_keyinit.so revoke
+session required pam_limits.so
+session required pam_unix.so
+session optional pam_gnome_keyring.so auto_start
Added: gdm-smartcard.pam
===================================================================
--- gdm-smartcard.pam (rev 0)
+++ gdm-smartcard.pam 2011-09-03 19:58:51 UTC (rev 136952)
@@ -0,0 +1,18 @@
+#%PAM-1.0
+auth requisite pam_nologin.so
+auth required pam_env.so
+
+auth requisite pam_pkcs11.so wait_for_card card_only
+
+auth sufficient pam_succeed_if.so uid >= 1000 quiet
+auth required pam_deny.so
+
+account required pam_unix.so
+
+password required pam_pkcs11.so
+
+session required pam_loginuid.so
+-session optional pam_systemd.so
+session optional pam_keyinit.so revoke
+session required pam_limits.so
+session required pam_unix.so
Deleted: gdm-vt-allocation-hack.patch
===================================================================
--- gdm-vt-allocation-hack.patch 2011-09-03 17:04:39 UTC (rev 136951)
+++ gdm-vt-allocation-hack.patch 2011-09-03 19:58:51 UTC (rev 136952)
@@ -1,118 +0,0 @@
-diff --git a/daemon/gdm-server.c b/daemon/gdm-server.c
-index 39def47..03488fd 100644
---- a/daemon/gdm-server.c
-+++ b/daemon/gdm-server.c
-@@ -33,6 +33,8 @@
- #include <grp.h>
- #include <signal.h>
- #include <sys/resource.h>
-+#include <sys/ioctl.h>
-+#include <sys/vt.h>
-
- #include <glib.h>
- #include <glib/gi18n.h>
-@@ -150,6 +152,92 @@ _gdm_server_query_ck_for_display_device (GdmServer *server)
- return out;
- }
-
-+#ifndef O_NOCTTY
-+# define O_NOCTTY 0
-+#endif
-+
-+static int
-+open_vt (int vtno)
-+{
-+ char *vtname;
-+ int fd;
-+
-+ vtname = g_strdup_printf ("/dev/tty%d", vtno);
-+
-+ do {
-+ errno = 0;
-+ fd = open (vtname, O_RDWR | O_NOCTTY, 0);
-+ } while (errno == EINTR);
-+
-+ g_free (vtname);
-+ return fd;
-+}
-+
-+static gint
-+find_first_probably_free_vt (void)
-+{
-+ int fd, fdv;
-+ int vtno;
-+ unsigned short vtmask;
-+ struct vt_stat vtstat;
-+ guint v_state;
-+
-+ fdv = -1;
-+
-+ do {
-+ errno = 0;
-+ fd = open ("/dev/console", O_WRONLY | O_NOCTTY, 0);
-+ } while (errno == EINTR);
-+
-+ if (fd >= 0) {
-+ if (ioctl (fd, VT_GETSTATE, &vtstat) >= 0) {
-+ v_state = vtstat.v_state;
-+ } else {
-+ close (fd);
-+ v_state = 0;
-+ fd = -1;
-+ }
-+ } else {
-+ v_state = 0;
-+ }
-+
-+ if (fd < 0) {
-+ do {
-+ errno = 0;
-+ fd = open ("/dev/console", O_RDONLY | O_NOCTTY, 0);
-+ } while (errno == EINTR);
-+
-+ if (fd >= 0) {
-+ if (ioctl (fd, VT_GETSTATE, &vtstat) >= 0)
-+ v_state = vtstat.v_state;
-+ }
-+ }
-+
-+ for (vtno = 7, vtmask = 1 << vtno; vtmask; vtno++, vtmask <<= 1) {
-+ /* Is this console in use? */
-+ if (v_state & vtmask)
-+ continue;
-+
-+ /* No, try to open it */
-+ fdv = open_vt (vtno);
-+ if (fdv >= 0)
-+ break;
-+
-+ /* If we're here, kernel indicated that the console was free,
-+ * but we failed to open it. Just go on to higher VTs. */
-+ }
-+
-+ if (fdv >= 0)
-+ close (fdv);
-+ else
-+ vtno = -1;
-+
-+ if (fd >= 0)
-+ close (fd);
-+
-+ return vtno;
-+}
-+
- char *
- gdm_server_get_display_device (GdmServer *server)
- {
-@@ -310,6 +398,11 @@ gdm_server_resolve_command_line (GdmServer *server,
-
- if (vtarg != NULL && ! gotvtarg) {
- argv[len++] = g_strdup (vtarg);
-+ } else if (!query_in_arglist && !gotvtarg) {
-+ gint vtnum = find_first_probably_free_vt ();
-+
-+ if (vtnum > 0)
-+ argv [len++] = g_strdup_printf ("vt%d", vtnum);
- }
-
- argv[len++] = NULL;
Added: gdm-welcome.pam
===================================================================
--- gdm-welcome.pam (rev 0)
+++ gdm-welcome.pam 2011-09-03 19:58:51 UTC (rev 136952)
@@ -0,0 +1,12 @@
+#%PAM-1.0
+auth required pam_env.so
+auth required pam_permit.so
+
+account required pam_nologin.so
+account required pam_unix.so
+
+password required pam_deny.so
+
+session required pam_loginuid.so
+-session optional pam_systemd.so
+session optional pam_keyinit.so force revoke
More information about the arch-commits
mailing list