[arch-commits] Commit in gdm/trunk (4 files)

Jan Steffens heftig at archlinux.org
Tue Sep 10 20:48:52 UTC 2019


    Date: Tuesday, September 10, 2019 @ 20:48:51
  Author: heftig
Revision: 362173

3.32.0+2+g820f90f5-2: FS#63706

Added:
  gdm/trunk/0002-pam-arch-Don-t-check-greeter-account-for-expiry.patch
  gdm/trunk/0003-pam-arch-Restrict-greeter-service-to-the-gdm-user.patch
Modified:
  gdm/trunk/0001-Xsession-Don-t-start-ssh-agent-by-default.patch
  gdm/trunk/PKGBUILD

--------------------------------------------------------------+
 0001-Xsession-Don-t-start-ssh-agent-by-default.patch         |    7 --
 0002-pam-arch-Don-t-check-greeter-account-for-expiry.patch   |   29 +++++++++
 0003-pam-arch-Restrict-greeter-service-to-the-gdm-user.patch |   31 ++++++++++
 PKGBUILD                                                     |   17 ++++-
 4 files changed, 76 insertions(+), 8 deletions(-)

Modified: 0001-Xsession-Don-t-start-ssh-agent-by-default.patch
===================================================================
--- 0001-Xsession-Don-t-start-ssh-agent-by-default.patch	2019-09-10 20:37:55 UTC (rev 362172)
+++ 0001-Xsession-Don-t-start-ssh-agent-by-default.patch	2019-09-10 20:48:51 UTC (rev 362173)
@@ -1,8 +1,7 @@
-From 328a315c21ec71e563d00699f0a79186b229270a Mon Sep 17 00:00:00 2001
-Message-Id: <328a315c21ec71e563d00699f0a79186b229270a.1541542184.git.jan.steffens at gmail.com>
+From 58cdf43d7b053a7370e6779d06835c239598f59a Mon Sep 17 00:00:00 2001
 From: "Jan Alexander Steffens (heftig)" <jan.steffens at gmail.com>
 Date: Sat, 20 Jun 2015 17:22:38 +0200
-Subject: [PATCH] Xsession: Don't start ssh-agent by default
+Subject: [PATCH 1/3] Xsession: Don't start ssh-agent by default
 
 ---
  data/Xsession.in | 8 --------
@@ -28,5 +27,5 @@
  
  eval exec $command
 -- 
-2.19.1
+2.23.0
 

Added: 0002-pam-arch-Don-t-check-greeter-account-for-expiry.patch
===================================================================
--- 0002-pam-arch-Don-t-check-greeter-account-for-expiry.patch	                        (rev 0)
+++ 0002-pam-arch-Don-t-check-greeter-account-for-expiry.patch	2019-09-10 20:48:51 UTC (rev 362173)
@@ -0,0 +1,29 @@
+From c4f5540306a4efb8baeba46f68d6566f95e56802 Mon Sep 17 00:00:00 2001
+From: "Jan Alexander Steffens (heftig)" <jan.steffens at gmail.com>
+Date: Tue, 10 Sep 2019 20:37:08 +0000
+Subject: [PATCH 2/3] pam-arch: Don't check greeter account for expiry
+
+systemd-sysusers now creates expired accounts, which broke the greeter
+on new installations.
+
+Fixes https://bugs.archlinux.org/task/63706
+---
+ data/pam-arch/gdm-launch-environment.pam | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/data/pam-arch/gdm-launch-environment.pam b/data/pam-arch/gdm-launch-environment.pam
+index 618a7d3a..89521472 100644
+--- a/data/pam-arch/gdm-launch-environment.pam
++++ b/data/pam-arch/gdm-launch-environment.pam
+@@ -1,7 +1,7 @@
+ auth     required  pam_env.so
+ auth     optional  pam_permit.so
+ 
+-account  include   system-local-login
++account  optional  pam_permit.so
+ 
+ password required  pam_deny.so
+ 
+-- 
+2.23.0
+

Added: 0003-pam-arch-Restrict-greeter-service-to-the-gdm-user.patch
===================================================================
--- 0003-pam-arch-Restrict-greeter-service-to-the-gdm-user.patch	                        (rev 0)
+++ 0003-pam-arch-Restrict-greeter-service-to-the-gdm-user.patch	2019-09-10 20:48:51 UTC (rev 362173)
@@ -0,0 +1,31 @@
+From d4d0a149153700b06215dbb5bb8d569080149c9f Mon Sep 17 00:00:00 2001
+From: "Jan Alexander Steffens (heftig)" <jan.steffens at gmail.com>
+Date: Tue, 10 Sep 2019 20:41:10 +0000
+Subject: [PATCH 3/3] pam-arch: Restrict greeter service to the gdm user
+
+Copied from pam-exherbo.
+---
+ data/pam-arch/gdm-launch-environment.pam | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/data/pam-arch/gdm-launch-environment.pam b/data/pam-arch/gdm-launch-environment.pam
+index 89521472..d59c9cb9 100644
+--- a/data/pam-arch/gdm-launch-environment.pam
++++ b/data/pam-arch/gdm-launch-environment.pam
+@@ -1,10 +1,13 @@
+ auth     required  pam_env.so
++auth     required  pam_succeed_if.so audit quiet_success user = gdm
+ auth     optional  pam_permit.so
+ 
++account  required  pam_succeed_if.so audit quiet_success user = gdm
+ account  optional  pam_permit.so
+ 
+ password required  pam_deny.so
+ 
+ session  optional  pam_keyinit.so force revoke
++session  required  pam_succeed_if.so audit quiet_success user = gdm
+ session  required  pam_systemd.so
+ session  optional  pam_permit.so
+-- 
+2.23.0
+

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2019-09-10 20:37:55 UTC (rev 362172)
+++ PKGBUILD	2019-09-10 20:48:51 UTC (rev 362173)
@@ -4,7 +4,7 @@
 pkgbase=gdm
 pkgname=(gdm libgdm)
 pkgver=3.32.0+2+g820f90f5
-pkgrel=1
+pkgrel=2
 pkgdesc="Display manager and login screen"
 url="https://wiki.gnome.org/Projects/GDM"
 arch=(x86_64)
@@ -12,11 +12,15 @@
 depends=(gnome-shell gnome-session upower xorg-xrdb xorg-server xorg-xhost)
 makedepends=(yelp-tools gobject-introspection git docbook-xsl)
 checkdepends=(check)
-_commit=820f90f5a78b81b2e4610da14627266c2135c8b0  # master
+_commit=820f90f5a78b81b2e4610da14627266c2135c8b0  # gnome-3-32
 source=("git+https://gitlab.gnome.org/GNOME/gdm.git#commit=$_commit"
-        0001-Xsession-Don-t-start-ssh-agent-by-default.patch)
+        0001-Xsession-Don-t-start-ssh-agent-by-default.patch
+        0002-pam-arch-Don-t-check-greeter-account-for-expiry.patch
+        0003-pam-arch-Restrict-greeter-service-to-the-gdm-user.patch)
 sha256sums=('SKIP'
-            '3412f7da0205409f08a126a1d166b644fe0f1d0444f7cdebdce8e59cea2d672c')
+            '098ffb1cdc0232f014e5fe5fb8d268b752afc54d6ee661664036879acd075b22'
+            '38c92ea27881112c601356e615b926fbef6e92737048406eead56a47e961ea56'
+            '6c20bf8929fdd996d89ad6aeeb53166252670961746e187f27598fd32921a6ce')
 
 pkgver() {
   cd gdm
@@ -27,6 +31,11 @@
   mkdir build
   cd gdm
   patch -Np1 -i ../0001-Xsession-Don-t-start-ssh-agent-by-default.patch
+
+  # https://bugs.archlinux.org/task/63706
+  patch -Np1 -i ../0002-pam-arch-Don-t-check-greeter-account-for-expiry.patch
+  patch -Np1 -i ../0003-pam-arch-Restrict-greeter-service-to-the-gdm-user.patch
+
   NOCONFIGURE=1 ./autogen.sh
 }
 


More information about the arch-commits mailing list