[arch-commits] Commit in gdm/repos (6 files)

Jan Steffens heftig at archlinux.org
Sun Sep 27 00:37:45 UTC 2020


    Date: Sunday, September 27, 2020 @ 00:37:44
  Author: heftig
Revision: 396699

archrelease: copy trunk to gnome-unstable-x86_64

Added:
  gdm/repos/gnome-unstable-x86_64/
  gdm/repos/gnome-unstable-x86_64/0001-Xsession-Don-t-start-ssh-agent-by-default.patch
    (from rev 396698, gdm/trunk/0001-Xsession-Don-t-start-ssh-agent-by-default.patch)
  gdm/repos/gnome-unstable-x86_64/0002-pam-arch-Update-to-match-pambase-20200721.1-2.patch
    (from rev 396698, gdm/trunk/0002-pam-arch-Update-to-match-pambase-20200721.1-2.patch)
  gdm/repos/gnome-unstable-x86_64/PKGBUILD
    (from rev 396698, gdm/trunk/PKGBUILD)
  gdm/repos/gnome-unstable-x86_64/default.pa
    (from rev 396698, gdm/trunk/default.pa)
  gdm/repos/gnome-unstable-x86_64/gdm.install
    (from rev 396698, gdm/trunk/gdm.install)

----------------------------------------------------------+
 0001-Xsession-Don-t-start-ssh-agent-by-default.patch     |   28 +
 0002-pam-arch-Update-to-match-pambase-20200721.1-2.patch |  213 +++++++++++++
 PKGBUILD                                                 |   94 +++++
 default.pa                                               |   10 
 gdm.install                                              |    7 
 5 files changed, 352 insertions(+)

Copied: gdm/repos/gnome-unstable-x86_64/0001-Xsession-Don-t-start-ssh-agent-by-default.patch (from rev 396698, gdm/trunk/0001-Xsession-Don-t-start-ssh-agent-by-default.patch)
===================================================================
--- gnome-unstable-x86_64/0001-Xsession-Don-t-start-ssh-agent-by-default.patch	                        (rev 0)
+++ gnome-unstable-x86_64/0001-Xsession-Don-t-start-ssh-agent-by-default.patch	2020-09-27 00:37:44 UTC (rev 396699)
@@ -0,0 +1,28 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: "Jan Alexander Steffens (heftig)" <jan.steffens at gmail.com>
+Date: Sat, 20 Jun 2015 17:22:38 +0200
+Subject: [PATCH] Xsession: Don't start ssh-agent by default
+
+---
+ data/Xsession.in | 8 --------
+ 1 file changed, 8 deletions(-)
+
+diff --git a/data/Xsession.in b/data/Xsession.in
+index 9d79558c..ff6d9de0 100755
+--- a/data/Xsession.in
++++ b/data/Xsession.in
+@@ -175,14 +175,6 @@ if [ "x$command" = "xdefault" ] ; then
+   fi
+ fi
+ 
+-# add ssh-agent if found
+-sshagent="`gdmwhich ssh-agent`"
+-if [ -n "$sshagent" ] && [ -x "$sshagent" ] && [ -z "$SSH_AUTH_SOCK" ]; then
+-    command="$sshagent -- $command"
+-elif [ -z "$sshagent" ] ; then
+-    echo "$0: ssh-agent not found!"
+-fi
+-
+ echo "$0: Setup done, will execute: $command"
+ 
+ eval exec $command

Copied: gdm/repos/gnome-unstable-x86_64/0002-pam-arch-Update-to-match-pambase-20200721.1-2.patch (from rev 396698, gdm/trunk/0002-pam-arch-Update-to-match-pambase-20200721.1-2.patch)
===================================================================
--- gnome-unstable-x86_64/0002-pam-arch-Update-to-match-pambase-20200721.1-2.patch	                        (rev 0)
+++ gnome-unstable-x86_64/0002-pam-arch-Update-to-match-pambase-20200721.1-2.patch	2020-09-27 00:37:44 UTC (rev 396699)
@@ -0,0 +1,213 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: "Jan Alexander Steffens (heftig)" <heftig at archlinux.org>
+Date: Sun, 9 Aug 2020 00:34:37 +0000
+Subject: [PATCH] pam-arch: Update to match pambase 20200721.1-2
+
+https://bugs.archlinux.org/task/67485
+---
+ data/meson.build                         |  1 -
+ data/pam-arch/gdm-autologin.pam          | 22 +++++++++--------
+ data/pam-arch/gdm-fingerprint.pam        | 31 +++++++++++++++---------
+ data/pam-arch/gdm-launch-environment.pam | 24 ++++++++++--------
+ data/pam-arch/gdm-password.pam           | 17 +++++++------
+ data/pam-arch/gdm-pin.pam                | 13 ----------
+ data/pam-arch/gdm-smartcard.pam          | 31 +++++++++++++++---------
+ 7 files changed, 75 insertions(+), 64 deletions(-)
+ delete mode 100644 data/pam-arch/gdm-pin.pam
+
+diff --git a/data/meson.build b/data/meson.build
+index 05a20117..5d9e2847 100644
+--- a/data/meson.build
++++ b/data/meson.build
+@@ -135,7 +135,6 @@ pam_data_files_map = {
+     'gdm-fingerprint',
+     'gdm-smartcard',
+     'gdm-password',
+-    'gdm-pin',
+   ],
+   'none': [],
+   # We should no longer have 'autodetect' at this point
+diff --git a/data/pam-arch/gdm-autologin.pam b/data/pam-arch/gdm-autologin.pam
+index 99b14209..30bdf529 100644
+--- a/data/pam-arch/gdm-autologin.pam
++++ b/data/pam-arch/gdm-autologin.pam
+@@ -1,13 +1,15 @@
+-auth     requisite pam_nologin.so
+-auth     required  pam_env.so
+-auth     optional  pam_gdm.so
+-auth     optional  pam_gnome_keyring.so
+-auth     optional  pam_permit.so
++#%PAM-1.0
+ 
+-account  include   system-local-login
++auth       required                    pam_shells.so
++auth       requisite                   pam_nologin.so
++auth       optional                    pam_permit.so
++auth       required                    pam_env.so
++auth       [success=ok default=1]      pam_gdm.so
++auth       optional                    pam_gnome_keyring.so
+ 
+-password include   system-local-login
++account    include                     system-local-login
+ 
+-session  optional  pam_keyinit.so force revoke
+-session  include   system-local-login
+-session  optional  pam_gnome_keyring.so auto_start
++password   required                    pam_deny.so
++
++session    include                     system-local-login
++session    optional                    pam_gnome_keyring.so auto_start
+diff --git a/data/pam-arch/gdm-fingerprint.pam b/data/pam-arch/gdm-fingerprint.pam
+index a4808617..cc660d9a 100644
+--- a/data/pam-arch/gdm-fingerprint.pam
++++ b/data/pam-arch/gdm-fingerprint.pam
+@@ -1,14 +1,23 @@
+-auth     required  pam_tally.so onerr=succeed file=/var/log/faillog
+-auth     required  pam_shells.so
+-auth     requisite pam_nologin.so
+-auth     required  pam_env.so
+-auth     required  pam_fprintd.so
+-auth     optional  pam_permit.so
++#%PAM-1.0
+ 
+-account  include   system-local-login
++auth       required                    pam_shells.so
++auth       requisite                   pam_nologin.so
++auth       required                    pam_faillock.so      preauth
++# Optionally use requisite above if you do not want to prompt for the fingerprint
++# on locked accounts.
++auth       [success=1 default=ignore]  pam_fprintd.so
++auth       [default=die]               pam_faillock.so      authfail
++auth       optional                    pam_permit.so
++auth       required                    pam_env.so
++auth       required                    pam_faillock.so      authsucc
++# If you drop the above call to pam_faillock.so the lock will be done also
++# on non-consecutive authentication failures.
++auth       [success=ok default=1]      pam_gdm.so
++auth       optional                    pam_gnome_keyring.so
+ 
+-password required  pam_fprintd.so
+-password optional  pam_permit.so
++account    include                     system-local-login
+ 
+-session  optional  pam_keyinit.so force revoke
+-session  include   system-local-login
++password   required                    pam_deny.so
++
++session    include                     system-local-login
++session    optional                    pam_gnome_keyring.so auto_start
+diff --git a/data/pam-arch/gdm-launch-environment.pam b/data/pam-arch/gdm-launch-environment.pam
+index d59c9cb9..2ff5ae56 100644
+--- a/data/pam-arch/gdm-launch-environment.pam
++++ b/data/pam-arch/gdm-launch-environment.pam
+@@ -1,13 +1,17 @@
+-auth     required  pam_env.so
+-auth     required  pam_succeed_if.so audit quiet_success user = gdm
+-auth     optional  pam_permit.so
++#%PAM-1.0
+ 
+-account  required  pam_succeed_if.so audit quiet_success user = gdm
+-account  optional  pam_permit.so
++auth       required                    pam_succeed_if.so    audit quiet_success user = gdm
++auth       optional                    pam_permit.so
++auth       required                    pam_env.so
+ 
+-password required  pam_deny.so
++account    required                    pam_succeed_if.so    audit quiet_success user = gdm
++account    optional                    pam_permit.so
+ 
+-session  optional  pam_keyinit.so force revoke
+-session  required  pam_succeed_if.so audit quiet_success user = gdm
+-session  required  pam_systemd.so
+-session  optional  pam_permit.so
++password   required                    pam_deny.so
++
++session    optional                    pam_loginuid.so
++session    optional                    pam_keyinit.so       force revoke
++session    required                    pam_succeed_if.so    audit quiet_success user = gdm
++session    optional                    pam_permit.so
++-session   optional                    pam_systemd.so
++session    required                    pam_env.so           user_readenv=1
+diff --git a/data/pam-arch/gdm-password.pam b/data/pam-arch/gdm-password.pam
+index 8d34794e..137242a6 100644
+--- a/data/pam-arch/gdm-password.pam
++++ b/data/pam-arch/gdm-password.pam
+@@ -1,11 +1,12 @@
+-auth     include   system-local-login
+-auth     optional  pam_gnome_keyring.so
++#%PAM-1.0
+ 
+-account  include   system-local-login
++auth       include                     system-local-login
++auth       optional                    pam_gnome_keyring.so
+ 
+-password include   system-local-login
+-password optional  pam_gnome_keyring.so use_authtok
++account    include                     system-local-login
+ 
+-session  optional  pam_keyinit.so force revoke
+-session  include   system-local-login
+-session  optional  pam_gnome_keyring.so auto_start
++password   include                     system-local-login
++password   optional                    pam_gnome_keyring.so use_authtok
++
++session    include                     system-local-login
++session    optional                    pam_gnome_keyring.so auto_start
+diff --git a/data/pam-arch/gdm-pin.pam b/data/pam-arch/gdm-pin.pam
+deleted file mode 100644
+index 135e205e..00000000
+--- a/data/pam-arch/gdm-pin.pam
++++ /dev/null
+@@ -1,13 +0,0 @@
+-auth     requisite pam_pin.so
+-auth     include   system-local-login
+-auth     optional  pam_gnome_keyring.so
+-
+-account  include   system-local-login
+-
+-password include   system-local-login
+-password optional  pam_pin.so
+-password optional  pam_gnome_keyring.so use_authtok
+-
+-session  optional  pam_keyinit.so force revoke
+-session  include   system-local-login
+-session  optional  pam_gnome_keyring.so auto_start
+diff --git a/data/pam-arch/gdm-smartcard.pam b/data/pam-arch/gdm-smartcard.pam
+index ec6f75d5..e6ec1299 100644
+--- a/data/pam-arch/gdm-smartcard.pam
++++ b/data/pam-arch/gdm-smartcard.pam
+@@ -1,14 +1,23 @@
+-auth     required  pam_tally.so onerr=succeed file=/var/log/faillog
+-auth     required  pam_shells.so
+-auth     requisite pam_nologin.so
+-auth     required  pam_env.so
+-auth     required  pam_pkcs11.so wait_for_card card_only
+-auth     optional  pam_permit.so
++#%PAM-1.0
+ 
+-account  include   system-local-login
++auth       required                    pam_shells.so
++auth       requisite                   pam_nologin.so
++auth       required                    pam_faillock.so      preauth
++# Optionally use requisite above if you do not want to prompt for the smartcard
++# on locked accounts.
++auth       [success=1 default=ignore]  pam_pkcs11.so        wait_for_card card_only
++auth       [default=die]               pam_faillock.so      authfail
++auth       optional                    pam_permit.so
++auth       required                    pam_env.so
++auth       required                    pam_faillock.so      authsucc
++# If you drop the above call to pam_faillock.so the lock will be done also
++# on non-consecutive authentication failures.
++auth       [success=ok default=1]      pam_gdm.so
++auth       optional                    pam_gnome_keyring.so
+ 
+-password required  pam_pkcs11.so
+-password optional  pam_permit.so
++account    include                     system-local-login
+ 
+-session  optional  pam_keyinit.so force revoke
+-session  include   system-local-login
++password   required                    pam_deny.so
++
++session    include                     system-local-login
++session    optional                    pam_gnome_keyring.so auto_start

Copied: gdm/repos/gnome-unstable-x86_64/PKGBUILD (from rev 396698, gdm/trunk/PKGBUILD)
===================================================================
--- gnome-unstable-x86_64/PKGBUILD	                        (rev 0)
+++ gnome-unstable-x86_64/PKGBUILD	2020-09-27 00:37:44 UTC (rev 396699)
@@ -0,0 +1,94 @@
+# Maintainer: Jan Alexander Steffens (heftig) <heftig at archlinux.org>
+# Contributor: Jan de Groot <jgc at archlinux.org>
+
+pkgbase=gdm
+pkgname=(gdm libgdm)
+pkgver=3.38.0
+pkgrel=1
+pkgdesc="Display manager and login screen"
+url="https://wiki.gnome.org/Projects/GDM"
+arch=(x86_64)
+license=(GPL)
+depends=(gnome-shell gnome-session upower xorg-xrdb xorg-server xorg-xhost
+         libxdmcp systemd)
+makedepends=(yelp-tools gobject-introspection git docbook-xsl meson)
+checkdepends=(check)
+_commit=6fc40ac6aa37c8ad87c32f0b1a5d813d34bf7770  # tags/3.38.0^0
+source=("git+https://gitlab.gnome.org/GNOME/gdm.git#commit=$_commit"
+        0001-Xsession-Don-t-start-ssh-agent-by-default.patch
+        0002-pam-arch-Update-to-match-pambase-20200721.1-2.patch
+        default.pa)
+sha256sums=('SKIP'
+            'b9ead66d2b6207335f0bd982a835647536998e7c7c6b5248838e5d53132ca21a'
+            '723bf4462ea4eed4193a891e95137687abfeefe6a170ec5822921bffdfc1f412'
+            'a18ea3a17bf1c52011cb15f500973946625586786ad8f7c7eec1808f80ffd939')
+
+pkgver() {
+  cd gdm
+  git describe --tags | sed 's/-/+/g'
+}
+
+prepare() {
+  cd gdm
+  git apply -3 ../0001-Xsession-Don-t-start-ssh-agent-by-default.patch
+
+  # https://bugs.archlinux.org/task/67485
+  git apply -3 ../0002-pam-arch-Update-to-match-pambase-20200721.1-2.patch
+}
+
+build() {
+  arch-meson gdm build \
+    -D dbus-sys="/usr/share/dbus-1/system.d" \
+    -D default-pam-config=arch \
+    -D default-path="/usr/local/bin:/usr/local/sbin:/usr/bin" \
+    -D gdm-xsession=true \
+    -D ipv6=true \
+    -D plymouth=disabled \
+    -D run-dir=/run/gdm \
+    -D selinux=disabled
+  meson compile -C build
+}
+
+check() {
+  meson test -C build --print-errorlogs
+}
+
+package_gdm() {
+  depends+=(libgdm)
+  optdepends=('fprintd: fingerprint authentication')
+  backup=(etc/pam.d/gdm-autologin etc/pam.d/gdm-fingerprint etc/pam.d/gdm-launch-environment
+          etc/pam.d/gdm-password etc/pam.d/gdm-smartcard etc/gdm/custom.conf
+          etc/gdm/Xsession etc/gdm/PostSession/Default etc/gdm/PreSession/Default)
+  groups=(gnome)
+  install=gdm.install
+
+  DESTDIR="$pkgdir" meson install -C build
+
+  install -d "$pkgdir/var/lib"
+  install -d "$pkgdir/var/lib/gdm"                           -o120 -g120 -m1770
+  install -d "$pkgdir/var/lib/gdm/.config"                   -o120 -g120 -m700
+  install -d "$pkgdir/var/lib/gdm/.config/pulse"             -o120 -g120
+  install -d "$pkgdir/var/lib/gdm/.local"                    -o120 -g120 -m700
+  install -d "$pkgdir/var/lib/gdm/.local/share"              -o120 -g120
+  install -d "$pkgdir/var/lib/gdm/.local/share/applications" -o120 -g120
+
+  # https://src.fedoraproject.org/rpms/gdm/blob/master/f/default.pa-for-gdm
+  install -Dt "$pkgdir/var/lib/gdm/.config/pulse" -o120 -g120 -m644 default.pa
+
+  install -Dm644 /dev/stdin "$pkgdir/usr/lib/sysusers.d/gdm.conf" <<END
+g gdm 120 -
+u gdm 120 "Gnome Display Manager" /var/lib/gdm
+END
+
+### Split libgdm
+  mkdir -p libgdm/{lib,share}
+  mv -t libgdm       "$pkgdir"/usr/include
+  mv -t libgdm/lib   "$pkgdir"/usr/lib/{girepository-1.0,libgdm*,pkgconfig}
+  mv -t libgdm/share "$pkgdir"/usr/share/{gir-1.0,glib-2.0}
+}
+
+package_libgdm() {
+  pkgdesc="GDM support library"
+  depends=(systemd glib2 dconf)
+  mv libgdm "$pkgdir/usr"
+}

Copied: gdm/repos/gnome-unstable-x86_64/default.pa (from rev 396698, gdm/trunk/default.pa)
===================================================================
--- gnome-unstable-x86_64/default.pa	                        (rev 0)
+++ gnome-unstable-x86_64/default.pa	2020-09-27 00:37:44 UTC (rev 396699)
@@ -0,0 +1,10 @@
+load-module module-device-restore
+load-module module-card-restore
+load-module module-udev-detect
+load-module module-native-protocol-unix
+load-module module-default-device-restore
+load-module module-rescue-streams
+load-module module-always-sink
+load-module module-intended-roles
+load-module module-suspend-on-idle
+load-module module-position-event-sounds

Copied: gdm/repos/gnome-unstable-x86_64/gdm.install (from rev 396698, gdm/trunk/gdm.install)
===================================================================
--- gnome-unstable-x86_64/gdm.install	                        (rev 0)
+++ gnome-unstable-x86_64/gdm.install	2020-09-27 00:37:44 UTC (rev 396699)
@@ -0,0 +1,7 @@
+post_upgrade() {
+  if (( $(vercmp $2 3.34.0-2) < 0 )); then
+    usermod --expiredate= gdm >/dev/null
+  fi
+}
+
+# vim:set ft=sh sw=2 et:



More information about the arch-commits mailing list