shaba/ostree
1
0
Fork 0
mirror of https://github.com/ostreedev/ostree.git synced 2025-01-11 09:18:20 +03:00
Code Issues Projects Releases Wiki Activity

3.4: Update GDM patches

Browse Source
This commit is contained in:
Colin Walters 2012-04-29 12:32:37 -04:00
parent d4321629f4
commit ce0b639d64
5 changed files with 350 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
gnomeos/3.4/gdm-debug-prints.patch Normal file
View File

@ -0,0 +1,58 @@
From f69ea96257d7ff6b1a90e63e6597f0c49e4b0288 Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Sun, 29 Apr 2012 09:04:02 -0400
Subject: [PATCH 2/3] daemon: Add some more PAM g_debug() prints
Hopefully helpful later for whoever has to debug PAM stuff.
https://bugzilla.gnome.org/show_bug.cgi?id=675086
---
daemon/gdm-session-worker.c | 11 ++++++++---
1 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/daemon/gdm-session-worker.c b/daemon/gdm-session-worker.c
index 57f1071..28f0cb0 100644
--- a/daemon/gdm-session-worker.c
+++ b/daemon/gdm-session-worker.c
@@ -1084,7 +1084,10 @@ gdm_session_worker_initialize_pam (GdmSessionWorker *worker,
g_assert (worker->priv->pam_handle == NULL);
- g_debug ("GdmSessionWorker: initializing PAM");
+ g_debug ("GdmSessionWorker: initializing PAM; service=%s username=%s seat=%s",
+ service ? service : "(null)",
+ username ? username : "(null)",
+ seat_id ? seat_id : "(null)");
pam_conversation.conv = (GdmSessionWorkerPamNewMessagesFunc) gdm_session_worker_pam_new_messages_handler;
pam_conversation.appdata_ptr = worker;
@@ -1273,7 +1276,8 @@ gdm_session_worker_authorize_user (GdmSessionWorker *worker,
int error_code;
int authentication_flags;
- g_debug ("GdmSessionWorker: determining if authenticated user is authorized to session");
+ g_debug ("GdmSessionWorker: determining if authenticated user (password required:%d) is authorized to session",
+ password_is_required);
authentication_flags = 0;
@@ -1288,6 +1292,7 @@ gdm_session_worker_authorize_user (GdmSessionWorker *worker,
/* it's possible that the user needs to change their password or pin code
*/
if (error_code == PAM_NEW_AUTHTOK_REQD && !worker->priv->is_program_session) {
+ g_debug ("GdmSessionWorker: authenticated user requires new auth token");
error_code = pam_chauthtok (worker->priv->pam_handle, PAM_CHANGE_EXPIRED_AUTHTOK);
gdm_session_worker_get_username (worker, NULL);
@@ -1664,7 +1669,7 @@ session_worker_child_watch (GPid pid,
static void
gdm_session_worker_watch_child (GdmSessionWorker *worker)
{
-
+ g_debug ("GdmSession worker: watching pid %d", worker->priv->child_pid);
worker->priv->child_watch_id = g_child_watch_add (worker->priv->child_pid,
(GChildWatchFunc)session_worker_child_watch,
worker);
--
1.7.7.6

10
gnomeos/3.4/gdm-disable-documentation.patch
View File

@ -1,11 +1,13 @@
From 06a5d03ae1abd70fd0f5c6eb37ce26dee1490f7d Mon Sep 17 00:00:00 2001
From ddd83d47165c73e4678f666986abdb6f3f0b8223 Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Sun, 15 Jan 2012 16:49:07 -0500
Subject: [PATCH] build: Add --disable-documentation
Subject: [PATCH 1/3] build: Add --disable-documentation
Documentation is the source of many cyclical build loops. Allow
operating system builders to manually cut these cycles initially
by disabling documentation for a first pass.
https://bugzilla.gnome.org/show_bug.cgi?id=675087
---
Makefile.am | 4 +++-
configure.ac | 4 ++++
@ -32,7 +34,7 @@ index f522f40..2d0443d 100644
# add these when help gets added back
# omf-install
diff --git a/configure.ac b/configure.ac
index 3c94f94..f3934a5 100644
index c35ad8c..35e6e04 100644
--- a/configure.ac
+++ b/configure.ac
@@ -44,6 +44,10 @@ AC_CONFIG_MACRO_DIR([m4])
@ -47,5 +49,5 @@ index 3c94f94..f3934a5 100644
GETTEXT_PACKAGE=gdm
AC_SUBST(GETTEXT_PACKAGE)
--
1.7.6.5
1.7.7.6

71
gnomeos/3.4/gdm-pam-auth.patch
View File

@ -1,71 +0,0 @@
From d774559ac7d40d2c1d57bcf7d3647a48b3a9c5ec Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Fri, 20 Jan 2012 17:23:05 -0500
Subject: [PATCH] gdm: Switch to use common- auth
---
data/gdm | 15 ++++-----------
data/gdm-autologin | 13 ++++---------
data/gdm-welcome | 10 +++-------
3 files changed, 11 insertions(+), 27 deletions(-)
diff --git a/data/gdm b/data/gdm
index 58c397d..44d509b 100644
--- a/data/gdm
+++ b/data/gdm
@@ -1,12 +1,5 @@
#%PAM-1.0
-auth required pam_env.so
-auth required pam_succeed_if.so user != root quiet
-auth sufficient pam_succeed_if.so user ingroup nopasswdlogin
-auth include system-auth
-account required pam_nologin.so
-account include system-auth
-password include system-auth
-session optional pam_keyinit.so force revoke
-session include system-auth
-session required pam_loginuid.so
-session optional pam_console.so
+auth include common-auth
+account include common-auth
+password include common-auth
+session include common-auth
diff --git a/data/gdm-autologin b/data/gdm-autologin
index c4e598a..44d509b 100644
--- a/data/gdm-autologin
+++ b/data/gdm-autologin
@@ -1,10 +1,5 @@
#%PAM-1.0
-auth required pam_env.so
-auth required pam_permit.so
-account required pam_nologin.so
-account include system-auth
-password include system-auth
-session optional pam_keyinit.so force revoke
-session include system-auth
-session required pam_loginuid.so
-session optional pam_console.so
+auth include common-auth
+account include common-auth
+password include common-auth
+session include common-auth
diff --git a/data/gdm-welcome b/data/gdm-welcome
index b301f4f..29a6746 100644
--- a/data/gdm-welcome
+++ b/data/gdm-welcome
@@ -1,9 +1,5 @@
#%PAM-1.0
-auth required pam_env.so
auth required pam_permit.so
-account required pam_nologin.so
-account include system-auth
-password include system-auth
-session required pam_loginuid.so
-session optional pam_keyinit.so force revoke
-session include system-auth
+account include common-auth
+password include common-auth
+session include common-auth
--
1.7.6.5

282
gnomeos/3.4/gdm-pam-config.patch Normal file
View File

@ -0,0 +1,282 @@
From 5239bd5782ba083f30d3667e038b7c44f2f579c9 Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Fri, 27 Apr 2012 18:34:39 -0400
Subject: [PATCH 3/3] Add --with-default-pam-config option
The PAM files that ship with GDM are really specific to Red Hat's
historical fork of pam. For example, the "system-auth" file still
lives in the Fedora 17 "pam" git.
Add new PAM files (which may still not work for everybody, but hey,
it's a starting point) that should be somewhat useful for people who
build with "Linux PAM" upstream, which uses "common-*" prefixes.
The default is still to use the Red Hat PAM files for backwards
compatibility.
https://bugzilla.gnome.org/show_bug.cgi?id=675085
---
configure.ac | 17 +++++++++++++++++
data/Makefile.am | 33 +++++++++++++++++++++------------
data/gdm | 12 ------------
data/gdm-autologin | 10 ----------
data/gdm-welcome | 9 ---------
data/pam-linux/gdm | 12 ++++++++++++
data/pam-linux/gdm-autologin | 10 ++++++++++
data/pam-linux/gdm-welcome | 9 +++++++++
data/pam-redhat/gdm | 12 ++++++++++++
data/pam-redhat/gdm-autologin | 10 ++++++++++
data/pam-redhat/gdm-welcome | 9 +++++++++
11 files changed, 100 insertions(+), 43 deletions(-)
delete mode 100644 data/gdm
delete mode 100644 data/gdm-autologin
delete mode 100644 data/gdm-welcome
create mode 100644 data/pam-linux/gdm
create mode 100644 data/pam-linux/gdm-autologin
create mode 100644 data/pam-linux/gdm-welcome
create mode 100644 data/pam-redhat/gdm
create mode 100644 data/pam-redhat/gdm-autologin
create mode 100644 data/pam-redhat/gdm-welcome
diff --git a/configure.ac b/configure.ac
index 35e6e04..21e44e0 100644
--- a/configure.ac
+++ b/configure.ac
@@ -226,6 +226,23 @@ if test x$enable_split_authentication = xyes; then
AC_DEFINE(ENABLE_SPLIT_AUTHENTICATION, 1, [Define if split authentication is enabled])
fi
+AC_ARG_WITH(default-pam-config,
+ AS_HELP_STRING([--with-default-pam-config: One of redhat, linux @<:@default=redhat@:>@]),
+ with_default_pam_config=${withval}, with_default_pam_config=redhat)
+case x$with_default_pam_config in
+ xredhat|xlinux) ;;
+ *)
+ AC_MSG_ERROR([Invalid --with-default-pam-config ${with_default_pam_config}])
+ exit 1
+ ;;
+esac
+AM_CONDITIONAL(ENABLE_REDHAT_PAM_CONFIG, test x$with_default_pam_config = xredhat)
+AM_CONDITIONAL(ENABLE_LINUX_PAM_CONFIG, test x$with_default_pam_config = xlinux)
+
+if test x$enable_split_authentication = xyes; then
+ AC_DEFINE(ENABLE_SPLIT_AUTHENTICATION, 1, [Define if split authentication is enabled])
+fi
+
AC_ARG_ENABLE(console-helper,
AS_HELP_STRING([--enable-console-helper],
[Enable PAM console helper @<:@default=auto@:>@]),,
diff --git a/data/Makefile.am b/data/Makefile.am
index f0d00bf..e940d71 100644
--- a/data/Makefile.am
+++ b/data/Makefile.am
@@ -1,5 +1,6 @@
NULL =
+EXTRA_DIST =
SUBDIRS = \
applications \
pixmaps \
@@ -97,7 +98,19 @@ gdm-smartcard: gdm-smartcard.pam
pamdir = $(PAM_PREFIX)/pam.d
pam_DATA = gdm-fingerprint gdm-smartcard
-EXTRA_DIST = \
+pam_redhat_files = pam-redhat/gdm pam-redhat/gdm-autologin pam-redhat/gdm-welcome
+EXTRA_DIST += $(pam_redhat_files)
+pam_linux_files = pam-linux/gdm pam-linux/gdm-autologin pam-linux/gdm-welcome
+EXTRA_DIST += $(pam_linux_files)
+
+if ENABLE_REDHAT_PAM_CONFIG
+pam_files = $(pam_redhat_files)
+endif
+if ENABLE_LINUX_PAM_CONFIG
+pam_files = $(pam_linux_files)
+endif
+
+EXTRA_DIST += \
$(schemas_in_files) \
$(schemas_DATA) \
$(dbusconf_in_files) \
@@ -105,9 +118,6 @@ EXTRA_DIST = \
gdm.schemas.in.in \
gdm.conf-custom.in \
Xsession.in \
- gdm \
- gdm-autologin \
- gdm-welcome \
gdm-fingerprint.pam \
gdm-smartcard.pam \
gdm-fallback.session \
@@ -233,14 +243,13 @@ install-data-hook: gdm.conf-custom Xsession Init PostSession PreSession 00-upstr
$(mkinstalldirs) $(DESTDIR)$(PAM_PREFIX)/pam.d; \
chmod 755 $(DESTDIR)$(PAM_PREFIX)/pam.d; \
fi; \
- if test $$system = Linux && test '!' -f $(DESTDIR)$(PAM_PREFIX)/pam.d/gdm; then \
- $(INSTALL_DATA) $(srcdir)/gdm $(DESTDIR)$(PAM_PREFIX)/pam.d/gdm; \
- fi; \
- if test $$system = Linux && test '!' -f $(DESTDIR)$(PAM_PREFIX)/pam.d/gdm-autologin; then \
- $(INSTALL_DATA) $(srcdir)/gdm-autologin $(DESTDIR)$(PAM_PREFIX)/pam.d/gdm-autologin; \
- fi; \
- if test $$system = Linux && test '!' -f $(DESTDIR)$(PAM_PREFIX)/pam.d/gdm-welcome; then \
- $(INSTALL_DATA) $(srcdir)/gdm-welcome $(DESTDIR)$(PAM_PREFIX)/pam.d/gdm-welcome; \
+ if test $$system = Linux; then \
+ for file in $(pam_files); do \
+ bn=$$(basename $$file); \
+ if test '!' -f $(DESTDIR)$(PAM_PREFIX)/pam.d/$$bn; then \
+ $(INSTALL_DATA) $(srcdir)/$$file $(DESTDIR)$(PAM_PREFIX)/pam.d/$$bn; \
+ fi; \
+ done; \
fi; \
if test $$system = SunOS; then \
echo "Please add PAM authentication for gdm, gdm-autologin and gdm-welcome in $(PAM_PREFIX)/pam.conf!"; \
diff --git a/data/gdm b/data/gdm
deleted file mode 100644
index 58c397d..0000000
--- a/data/gdm
+++ /dev/null
@@ -1,12 +0,0 @@
-#%PAM-1.0
-auth required pam_env.so
-auth required pam_succeed_if.so user != root quiet
-auth sufficient pam_succeed_if.so user ingroup nopasswdlogin
-auth include system-auth
-account required pam_nologin.so
-account include system-auth
-password include system-auth
-session optional pam_keyinit.so force revoke
-session include system-auth
-session required pam_loginuid.so
-session optional pam_console.so
diff --git a/data/gdm-autologin b/data/gdm-autologin
deleted file mode 100644
index c4e598a..0000000
--- a/data/gdm-autologin
+++ /dev/null
@@ -1,10 +0,0 @@
-#%PAM-1.0
-auth required pam_env.so
-auth required pam_permit.so
-account required pam_nologin.so
-account include system-auth
-password include system-auth
-session optional pam_keyinit.so force revoke
-session include system-auth
-session required pam_loginuid.so
-session optional pam_console.so
diff --git a/data/gdm-welcome b/data/gdm-welcome
deleted file mode 100644
index b301f4f..0000000
--- a/data/gdm-welcome
+++ /dev/null
@@ -1,9 +0,0 @@
-#%PAM-1.0
-auth required pam_env.so
-auth required pam_permit.so
-account required pam_nologin.so
-account include system-auth
-password include system-auth
-session required pam_loginuid.so
-session optional pam_keyinit.so force revoke
-session include system-auth
diff --git a/data/pam-linux/gdm b/data/pam-linux/gdm
new file mode 100644
index 0000000..de223de
--- /dev/null
+++ b/data/pam-linux/gdm
@@ -0,0 +1,12 @@
+#%PAM-1.0
+auth required pam_env.so
+auth required pam_succeed_if.so user != root quiet
+auth sufficient pam_succeed_if.so user ingroup nopasswdlogin
+auth include common-auth
+account required pam_nologin.so
+account include common-account
+password include common-password
+session optional pam_keyinit.so force revoke
+session include common-session
+session required pam_loginuid.so
+session optional pam_console.so
diff --git a/data/pam-linux/gdm-autologin b/data/pam-linux/gdm-autologin
new file mode 100644
index 0000000..32d5248
--- /dev/null
+++ b/data/pam-linux/gdm-autologin
@@ -0,0 +1,10 @@
+#%PAM-1.0
+auth required pam_env.so
+auth required pam_permit.so
+account required pam_nologin.so
+account include common-auth
+password include common-auth
+session optional pam_keyinit.so force revoke
+session include common-session
+session required pam_loginuid.so
+session optional pam_console.so
diff --git a/data/pam-linux/gdm-welcome b/data/pam-linux/gdm-welcome
new file mode 100644
index 0000000..602217b
--- /dev/null
+++ b/data/pam-linux/gdm-welcome
@@ -0,0 +1,9 @@
+#%PAM-1.0
+auth required pam_env.so
+auth required pam_permit.so
+account required pam_nologin.so
+account include common-account
+password include common-auth
+session required pam_loginuid.so
+session optional pam_keyinit.so force revoke
+session include common-session
diff --git a/data/pam-redhat/gdm b/data/pam-redhat/gdm
new file mode 100644
index 0000000..58c397d
--- /dev/null
+++ b/data/pam-redhat/gdm
@@ -0,0 +1,12 @@
+#%PAM-1.0
+auth required pam_env.so
+auth required pam_succeed_if.so user != root quiet
+auth sufficient pam_succeed_if.so user ingroup nopasswdlogin
+auth include system-auth
+account required pam_nologin.so
+account include system-auth
+password include system-auth
+session optional pam_keyinit.so force revoke
+session include system-auth
+session required pam_loginuid.so
+session optional pam_console.so
diff --git a/data/pam-redhat/gdm-autologin b/data/pam-redhat/gdm-autologin
new file mode 100644
index 0000000..c4e598a
--- /dev/null
+++ b/data/pam-redhat/gdm-autologin
@@ -0,0 +1,10 @@
+#%PAM-1.0
+auth required pam_env.so
+auth required pam_permit.so
+account required pam_nologin.so
+account include system-auth
+password include system-auth
+session optional pam_keyinit.so force revoke
+session include system-auth
+session required pam_loginuid.so
+session optional pam_console.so
diff --git a/data/pam-redhat/gdm-welcome b/data/pam-redhat/gdm-welcome
new file mode 100644
index 0000000..b301f4f
--- /dev/null
+++ b/data/pam-redhat/gdm-welcome
@@ -0,0 +1,9 @@
+#%PAM-1.0
+auth required pam_env.so
+auth required pam_permit.so
+account required pam_nologin.so
+account include system-auth
+password include system-auth
+session required pam_loginuid.so
+session optional pam_keyinit.so force revoke
+session include system-auth
--
1.7.7.6

5
gnomeos/3.4/gnomeos-3.4-src.json
View File

@ -676,9 +676,12 @@
{"src": "gnome:gdm",
"config-opts": ["--disable-documentation",
"--disable-split-authentication",
"--with-default-pam-config=linux",
"--with-consolekit"],
"patches": ["gdm-disable-documentation.patch",
"gdm-pam-auth.patch"]},
"gdm-debug-prints.patch",
"gdm-pam-config.patch"]},
{"src": "fd-telepathy:telepathy-logger",
"branch": "telepathy-logger-0.2.12",