diff options
author | George Lebl <jirka@5z.com> | 2002-08-13 23:06:18 +0000 |
---|---|---|
committer | George Lebl <jirka@src.gnome.org> | 2002-08-13 23:06:18 +0000 |
commit | d41c58b6c96b09c0a561ac058e5c6416036a8088 (patch) | |
tree | 9e4cab0e7070f1d279bdba88c3fd4e226f704bf4 | |
parent | c65d43733ced84e3b6275b44b0425e13e90229ec (diff) | |
download | gdm-d41c58b6c96b09c0a561ac058e5c6416036a8088.tar.gz |
The Shutdown/Halt/Suspend keys can now be a list of commands. If this is
Tue Aug 13 16:15:08 2002 George Lebl <jirka@5z.com>
* daemon/gdm.[ch], gui/gdmlogin.c, gui/greeter/greeter_system.c,
config/gdm.conf.in: The Shutdown/Halt/Suspend keys can now be
a list of commands. If this is the case, the first working one
will be used. This way we can find the most appropriate command
to use and distros will not have to redo the config as much.
* daemon/gdm.[ch], daemon/misc.[ch], daemon/verify-*.c,
config/gdm.conf.in: Add a long standing feature request of no
password logins for certain users on the local console. Just
set LocalNoPasswordUsers to a list of such users. Fixes #51908
* daemon/server.c: on reinit of server do a sleep(1) after the
kill (pid, SIGHUP) as an incredible hack to avoid a race. Fun
fun fun with the X server.
-rw-r--r-- | ChangeLog | 17 | ||||
-rw-r--r-- | config/gdm.conf.in | 22 | ||||
-rw-r--r-- | daemon/gdm.c | 42 | ||||
-rw-r--r-- | daemon/gdm.h | 5 | ||||
-rw-r--r-- | daemon/misc.c | 24 | ||||
-rw-r--r-- | daemon/misc.h | 2 | ||||
-rw-r--r-- | daemon/server.c | 8 | ||||
-rw-r--r-- | daemon/verify-crypt.c | 3 | ||||
-rw-r--r-- | daemon/verify-pam.c | 14 | ||||
-rw-r--r-- | daemon/verify-shadow.c | 3 | ||||
-rw-r--r-- | gui/gdmlogin.c | 17 | ||||
-rw-r--r-- | gui/greeter/greeter_system.c | 17 |
12 files changed, 130 insertions, 44 deletions
@@ -1,3 +1,20 @@ +Tue Aug 13 16:15:08 2002 George Lebl <jirka@5z.com> + + * daemon/gdm.[ch], gui/gdmlogin.c, gui/greeter/greeter_system.c, + config/gdm.conf.in: The Shutdown/Halt/Suspend keys can now be + a list of commands. If this is the case, the first working one + will be used. This way we can find the most appropriate command + to use and distros will not have to redo the config as much. + + * daemon/gdm.[ch], daemon/misc.[ch], daemon/verify-*.c, + config/gdm.conf.in: Add a long standing feature request of no + password logins for certain users on the local console. Just + set LocalNoPasswordUsers to a list of such users. Fixes #51908 + + * daemon/server.c: on reinit of server do a sleep(1) after the + kill (pid, SIGHUP) as an incredible hack to avoid a race. Fun + fun fun with the X server. + Tue Aug 13 12:49:18 2002 George Lebl <jirka@5z.com> * config/gdm.conf.in: update this, add MinimalUID, add a bunch of diff --git a/config/gdm.conf.in b/config/gdm.conf.in index ee4e8c21..4b246b5f 100644 --- a/config/gdm.conf.in +++ b/config/gdm.conf.in @@ -23,6 +23,10 @@ AutomaticLogin= TimedLoginEnable=false TimedLogin= TimedLoginDelay=30 +# A comma separated list of users that will be logged in without having +# to authenticate on local screens (not over xdmcp). Note that 'root' +# is ignored and will always have to authenticate. +LocalNoPasswordUsers= # If you are having trouble with using a single server for a long time and # want gdm to kill/restart the server, turn this on AlwaysRestartServer=false @@ -33,7 +37,10 @@ GnomeDefaultSession=@EXPANDED_DATADIR@/gnome/default.session # The chooser program. Must output the chosen host on stdout, probably you # should leave this alone Chooser=@EXPANDED_BINDIR@/gdmchooser +# Default path to set. The profile scripts will likely override this DefaultPath=/bin:/usr/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/local/bin:@EXPANDED_BINDIR@ +# Default path for root. The profile scripts will likely override this +RootPath=/sbin:/usr/sbin:/bin:/usr/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/local/bin:@EXPANDED_BINDIR@ DisplayInitDir=@EXPANDED_SYSCONFDIR@/gdm/Init # Greeter for local (non-xdmcp) logins. Change gdmlogin to gdmgreeter to # get the new graphical greeter. @@ -62,11 +69,11 @@ FailsafeXServer= # of cool stuff to figure out what to tell the user and such and can # run an X configuration program. XKeepsCrashing=@EXPANDED_SYSCONFDIR@/gdm/XKeepsCrashing -# Reboot, Halt and suspend commands -RebootCommand=/sbin/shutdown -r now -HaltCommand=/sbin/shutdown -h now +# Reboot, Halt and suspend commands, you can add different commands +# separated by a semicolon and gdm will use the first one it can find +RebootCommand=/sbin/shutdown -r now;/usr/sbin/shutdown -r now +HaltCommand=/usr/bin/poweroff;/sbin/poweroff;/sbin/shutdown -h now;/usr/sbin/shutdown -h now SuspendCommand= -RootPath=/sbin:/usr/sbin:/bin:/usr/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/local/bin:@EXPANDED_BINDIR@ ServAuthDir=@EXPANDED_AUTHDIR@ SessionDir=@EXPANDED_SYSCONFDIR@/gdm/Sessions/ UserAuthDir= @@ -176,6 +183,10 @@ Broadcast=true Enable=false [servers] +# These are the standard servers. You can add as many you want here +# and they will always be started. Each line must start with a unique +# number and that will be the display number of that server. Usually just +# the 0 server is used. 0=Standard #1=Standard #Note: If you want to make sure X runs on a specific virtual console on linux, @@ -183,7 +194,7 @@ Enable=false # problems for some users. Be careful about this, getting this wrong # can lead to an unusable console. Best solution is to make sure gdm # starts as the last thing, and that will make it not neccessary to -# do hacks like this. +# do hacks like this since X will itself find the first free console #0=Standard vt7 # #Note: If you want to run an X terminal you could add an X server such as this @@ -191,6 +202,7 @@ Enable=false # or for a chooser (optionally serverhostname could be localhost) #0=Terminal -indirect serverhostname +# Definition of the standard X server. [server-Standard] name=Standard server command=/usr/X11R6/bin/X diff --git a/daemon/gdm.c b/daemon/gdm.c index 945d8997..46c8b6e9 100644 --- a/daemon/gdm.c +++ b/daemon/gdm.c @@ -101,6 +101,7 @@ gchar *GdmLocaleFile = NULL; gchar *GdmGnomeDefaultSession = NULL; gchar *GdmAutomaticLogin = NULL; gboolean GdmAutomaticLoginEnable = FALSE; +gchar *GdmLocalNoPasswordUsers = NULL; gboolean GdmAlwaysRestartServer = FALSE; gchar *GdmConfigurator = NULL; gboolean GdmConfigAvailable = FALSE; @@ -119,8 +120,11 @@ gchar *GdmPostSession = NULL; gchar *GdmFailsafeXServer = NULL; gchar *GdmXKeepsCrashing = NULL; gchar *GdmHalt = NULL; +gchar *GdmHaltReal = NULL; gchar *GdmReboot = NULL; +gchar *GdmRebootReal = NULL; gchar *GdmSuspend = NULL; +gchar *GdmSuspendReal = NULL; gchar *GdmServAuthDir = NULL; gchar *GdmUserAuthDir = NULL; gchar *GdmUserAuthFile = NULL; @@ -227,6 +231,7 @@ gdm_config_parse (void) GdmDisplayInit = gnome_config_get_string (GDM_KEY_INITDIR); GdmAutomaticLoginEnable = gnome_config_get_bool (GDM_KEY_AUTOMATICLOGIN_ENABLE); GdmAutomaticLogin = gnome_config_get_string (GDM_KEY_AUTOMATICLOGIN); + GdmLocalNoPasswordUsers = gnome_config_get_string (GDM_KEY_LOCALNOPASSWORDUSERS); GdmAlwaysRestartServer = gnome_config_get_bool (GDM_KEY_ALWAYSRESTARTSERVER); GdmGreeter = gnome_config_get_string (GDM_KEY_GREETER); GdmRemoteGreeter = gnome_config_get_string (GDM_KEY_REMOTEGREETER); @@ -579,6 +584,11 @@ gdm_config_parse (void) gdm_fail (_("%s: The gdm group should not be root. Aborting!"), "gdm_config_parse"); } + /* get the actual commands to use */ + GdmHaltReal = ve_get_first_working_command (GdmHalt, FALSE); + GdmRebootReal = ve_get_first_working_command (GdmReboot, FALSE); + GdmSuspendReal = ve_get_first_working_command (GdmSuspend, FALSE); + setegid (GdmGroupId); /* gid remains `gdm' */ seteuid (GdmUserId); @@ -939,26 +949,6 @@ deal_with_x_crashes (GdmDisplay *d) return FALSE; } -static gboolean -bin_executable (const char *command) -{ - char **argv; - - if (ve_string_empty (command)) - return FALSE; - - argv = ve_split (command); - if (argv != NULL && - argv[0] != NULL && - access (argv[0], X_OK) == 0) { - g_strfreev (argv); - return TRUE; - } else { - g_strfreev (argv); - return FALSE; - } -} - static gboolean gdm_cleanup_children (void) { @@ -1063,15 +1053,15 @@ gdm_cleanup_children (void) /* checkout if we can actually do stuff */ switch (status) { case DISPLAY_REBOOT: - if ( ! bin_executable (GdmReboot)) + if (GdmRebootReal == NULL) status = DISPLAY_REMANAGE; break; case DISPLAY_HALT: - if ( ! bin_executable (GdmHalt)) + if (GdmHaltReal == NULL) status = DISPLAY_REMANAGE; break; case DISPLAY_SUSPEND: - if ( ! bin_executable (GdmSuspend)) + if (GdmSuspendReal == NULL) status = DISPLAY_REMANAGE; break; default: @@ -1101,7 +1091,7 @@ start_autopsy: final_cleanup (); chdir ("/"); - argv = ve_split (GdmReboot); + argv = ve_split (GdmRebootReal); execv (argv[0], argv); gdm_error (_("gdm_child_action: Reboot failed: %s"), strerror (errno)); @@ -1116,7 +1106,7 @@ start_autopsy: final_cleanup (); chdir ("/"); - argv = ve_split (GdmHalt); + argv = ve_split (GdmHaltReal); execv (argv[0], argv); gdm_error (_("gdm_child_action: Halt failed: %s"), strerror (errno)); @@ -1131,7 +1121,7 @@ start_autopsy: final_cleanup (); chdir ("/"); - argv = ve_split (GdmSuspend); + argv = ve_split (GdmSuspendReal); execv (argv[0], argv); gdm_error (_("gdm_child_action: Suspend failed: %s"), strerror (errno)); diff --git a/daemon/gdm.h b/daemon/gdm.h index 687237c3..bcc4b43d 100644 --- a/daemon/gdm.h +++ b/daemon/gdm.h @@ -124,11 +124,12 @@ enum { * to nothing */ #define GDM_KEY_AUTOMATICLOGIN_ENABLE "daemon/AutomaticLoginEnable=true" #define GDM_KEY_AUTOMATICLOGIN "daemon/AutomaticLogin=" +#define GDM_KEY_LOCALNOPASSWORDUSERS "daemon/LocalNoPasswordUsers=" #define GDM_KEY_ALWAYSRESTARTSERVER "daemon/AlwaysRestartServer=false" #define GDM_KEY_GREETER "daemon/Greeter=" EXPANDED_BINDIR "/gdmlogin" #define GDM_KEY_REMOTEGREETER "daemon/RemoteGreeter=" EXPANDED_BINDIR "/gdmlogin" #define GDM_KEY_GROUP "daemon/Group=gdm" -#define GDM_KEY_HALT "daemon/HaltCommand=/sbin/shutdown -h now" +#define GDM_KEY_HALT "daemon/HaltCommand=/usr/bin/poweroff;/sbin/poweroff;/sbin/shutdown -h now;/usr/sbin/shutdown -h now" #define GDM_KEY_INITDIR "daemon/DisplayInitDir=" EXPANDED_SYSCONFDIR "/gdm/Init" #define GDM_KEY_KILLIC "daemon/KillInitClients=true" #define GDM_KEY_LOGDIR "daemon/LogDir=" EXPANDED_AUTHDIR @@ -138,7 +139,7 @@ enum { #define GDM_KEY_PRESESS "daemon/PreSessionScriptDir=" EXPANDED_SYSCONFDIR "/gdm/PreSession/" #define GDM_KEY_FAILSAFE_XSERVER "daemon/FailsafeXServer=" #define GDM_KEY_XKEEPSCRASHING "daemon/XKeepsCrashing=" EXPANDED_SYSCONFDIR "/gdm/XKeepsCrashing" -#define GDM_KEY_REBOOT "daemon/RebootCommand=/sbin/shutdown -r now" +#define GDM_KEY_REBOOT "daemon/RebootCommand=/usr/bin/reboot;/sbin/reboot;/sbin/shutdown -r now;/usr/sbin/shutdown -r now" #define GDM_KEY_ROOTPATH "daemon/RootPath=/sbin:/usr/sbin:/bin:/usr/bin:/usr/bin/X11:/usr/local/bin:" EXPANDED_BINDIR #define GDM_KEY_GNOMEDEFAULTSESSION "daemon/GnomeDefaultSession=" EXPANDED_DATADIR "/gnome/default.session" #define GDM_KEY_SERVAUTH "daemon/ServAuthDir=" EXPANDED_AUTHDIR diff --git a/daemon/misc.c b/daemon/misc.c index 3c808304..5542f229 100644 --- a/daemon/misc.c +++ b/daemon/misc.c @@ -46,6 +46,7 @@ /* Configuration option variables */ extern gchar *GdmPidFile; +extern gchar *GdmLocalNoPasswordUsers; extern gboolean GdmDebug; extern GSList *displays; extern int gdm_xdmcpfd; @@ -978,4 +979,27 @@ gdm_close_all_descriptors (int from, int except) } } +gboolean +gdm_is_a_no_password_user (const char *user) +{ + char **vector = NULL; + int i; + + if (ve_string_empty (GdmLocalNoPasswordUsers) || + ve_string_empty (user) || + strcmp (user, "root") == 0) + return FALSE; + + vector = g_strsplit (GdmLocalNoPasswordUsers, ",", -1); + for (i = 0; vector[i] != NULL; i++) { + if (strcmp (vector[i], user) == 0) { + g_strfreev (vector); + return TRUE; + } + } + g_strfreev (vector); + return FALSE; +} + + /* EOF */ diff --git a/daemon/misc.h b/daemon/misc.h index 46622a69..dfddc7c1 100644 --- a/daemon/misc.h +++ b/daemon/misc.h @@ -75,6 +75,8 @@ gboolean gdm_test_opt (const char *cmd, const char *help, const char *option); void gdm_close_all_descriptors (int from, int except); +gboolean gdm_is_a_no_password_user (const char *user); + #endif /* GDM_MISC_H */ /* EOF */ diff --git a/daemon/server.c b/daemon/server.c index 649af9c4..e7e86b28 100644 --- a/daemon/server.c +++ b/daemon/server.c @@ -112,6 +112,14 @@ gdm_server_reinit (GdmDisplay *disp) gdm_debug ("gdm_server_reinit: Server for %s is about to be reinitialized!", disp->name); kill (disp->servpid, SIGHUP); + + /* HACK! the Xserver can't really tell us when it got the hup signal, + * so we are really stuck just going to sleep for a bit hoping that + * the kernel will tell the X server and that will run, else we will + * get whacked ourselves after we open the connection and we'll think + * it's an X screwup, which is really OK to happen and will just + * restart the Xserver, it's just more nasty. Oh how fun */ + sleep (1); } /** diff --git a/daemon/verify-crypt.c b/daemon/verify-crypt.c index 56e31a8b..51d7ed55 100644 --- a/daemon/verify-crypt.c +++ b/daemon/verify-crypt.c @@ -88,7 +88,8 @@ gdm_verify_user (GdmDisplay *d, /* Request the user's password */ if (pwent != NULL && - ve_string_empty (ppasswd)) { + (ve_string_empty (ppasswd) || + (local && gdm_is_a_no_password_user (login)))) { /* eeek a passwordless account */ passwd = g_strdup (""); } else { diff --git a/daemon/verify-pam.c b/daemon/verify-pam.c index 80ca5c96..2b48893a 100644 --- a/daemon/verify-pam.c +++ b/daemon/verify-pam.c @@ -282,12 +282,13 @@ gdm_verify_user (GdmDisplay *d, gboolean local) { gint pamerr = 0; - gchar *login; + char *login; + const char *service = "gdm"; struct passwd *pwent; gboolean error_msg_given = FALSE; gboolean credentials_set = FALSE; gboolean started_timer = FALSE; - gchar *auth_errmsg; + char *auth_errmsg; /* start the timer for timed logins */ if ( ! ve_string_empty (GdmTimedLogin) && @@ -312,10 +313,17 @@ gdm_verify_user (GdmDisplay *d, login = g_strdup (username); } + if (local && + gdm_is_a_no_password_user (login)) { + service = "gdm-autologin"; + } else { + service = "gdm"; + } + cur_gdm_disp = d; /* Initialize a PAM session for the user */ - if ( ! create_pamh (d, "gdm", login, &pamc, display, &pamerr)) { + if ( ! create_pamh (d, service, login, &pamc, display, &pamerr)) { if (started_timer) gdm_slave_greeter_ctl_no_ret (GDM_STOPTIMER, ""); goto pamerr; diff --git a/daemon/verify-shadow.c b/daemon/verify-shadow.c index a2587df3..e8541ca0 100644 --- a/daemon/verify-shadow.c +++ b/daemon/verify-shadow.c @@ -97,7 +97,8 @@ gdm_verify_user (GdmDisplay *d, const char *username, const gchar *display, gboo /* Request the user's password */ if (pwent != NULL && - ve_string_empty (ppasswd)) { + (ve_string_empty (ppasswd) || + (local && gdm_is_a_no_password_user (login)))) { /* eeek a passwordless account */ passwd = g_strdup (""); } else { diff --git a/gui/gdmlogin.c b/gui/gdmlogin.c index e2a68966..b99326f4 100644 --- a/gui/gdmlogin.c +++ b/gui/gdmlogin.c @@ -2874,6 +2874,17 @@ bin_exists (const char *command) } static gboolean +working_command_exists (const char *commands) +{ + char *command = ve_get_first_working_command + (commands, TRUE /* only_existance */); + if (command == NULL) + return FALSE; + g_free (command); + return TRUE; +} + +static gboolean window_browser_event (GtkWidget *window, GdkEvent *event, gpointer data) { switch (event->type) { @@ -3037,7 +3048,7 @@ gdm_login_gui_init (void) got_anything = TRUE; } - if (bin_exists (GdmReboot)) { + if (working_command_exists (GdmReboot)) { item = gtk_menu_item_new_with_mnemonic (_("_Reboot...")); gtk_menu_shell_append (GTK_MENU_SHELL (menu), item); g_signal_connect (G_OBJECT (item), "activate", @@ -3050,7 +3061,7 @@ gdm_login_gui_init (void) got_anything = TRUE; } - if (bin_exists (GdmHalt)) { + if (working_command_exists (GdmHalt)) { item = gtk_menu_item_new_with_mnemonic (_("Shut _down...")); gtk_menu_shell_append (GTK_MENU_SHELL (menu), item); g_signal_connect (G_OBJECT (item), "activate", @@ -3064,7 +3075,7 @@ gdm_login_gui_init (void) got_anything = TRUE; } - if (bin_exists (GdmSuspend)) { + if (working_command_exists (GdmSuspend)) { item = gtk_menu_item_new_with_mnemonic (_("_Suspend...")); gtk_menu_shell_append (GTK_MENU_SHELL (menu), item); g_signal_connect (G_OBJECT (item), "activate", diff --git a/gui/greeter/greeter_system.c b/gui/greeter/greeter_system.c index 803a5151..a72f1d71 100644 --- a/gui/greeter/greeter_system.c +++ b/gui/greeter/greeter_system.c @@ -35,6 +35,17 @@ bin_exists (const char *command) } } +static gboolean +working_command_exists (const char *commands) +{ + char *command = ve_get_first_working_command + (commands, TRUE /* only_existance */); + if (command == NULL) + return FALSE; + g_free (command); + return TRUE; +} + static void greeter_reboot_handler (void) { @@ -103,7 +114,7 @@ greeter_system_handler (GreeterItemInfo *info, dialog = gtk_dialog_new (); - if (bin_exists (GdmHalt)) { + if (working_command_exists (GdmHalt)) { halt_radio = gtk_radio_button_new_with_mnemonic (NULL, _("Shut down the computer")); group_radio = halt_radio; @@ -113,7 +124,7 @@ greeter_system_handler (GreeterItemInfo *info, gtk_widget_show (halt_radio); } - if (bin_exists (GdmSuspend)) { + if (working_command_exists (GdmSuspend)) { if (group_radio != NULL) radio_group = gtk_radio_button_get_group (GTK_RADIO_BUTTON (group_radio)); suspend_radio = gtk_radio_button_new_with_mnemonic (radio_group, @@ -125,7 +136,7 @@ greeter_system_handler (GreeterItemInfo *info, gtk_widget_show (suspend_radio); } - if (bin_exists (GdmReboot)) { + if (working_command_exists (GdmReboot)) { if (group_radio != NULL) radio_group = gtk_radio_button_get_group (GTK_RADIO_BUTTON (group_radio)); reboot_radio = gtk_radio_button_new_with_mnemonic (radio_group, |