summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBrian Cameron <brian.cameron@sun.com>2008-01-29 00:33:55 +0000
committerBrian Cameron <bcameron@src.gnome.org>2008-01-29 00:33:55 +0000
commit64c1a2c28c5cff254737cad73e576f54649a602c (patch)
tree7084435daedb1eee02381a7acf3b425100b393aa
parente8c48d691567be8bbdf00bf3df9f51fc3b2b0f62 (diff)
downloadgdm-64c1a2c28c5cff254737cad73e576f54649a602c.tar.gz
Make polkit-gnome an optional dependency. Also support RBAC for
2008-01-28 Brian Cameron <brian.cameron@sun.com> * acconfig.h, configure.ac, gui/simple-greeter/Makefile.am, gui/simple-greeter/gdm-greeter-login-window.c: Make polkit-gnome an optional dependency. Also support RBAC for shutdown/reboot if the --enable-rbac-shutdown configure option is provided. * configure.ac: Remove old RBAC configuration options that were used in the GDM 2.20 branch. * gui/simple-greeter/gdm-chooser-widget.c: Fix a null string argument problem causing core dumping on Solaris. svn path=/trunk/; revision=5640
Diffstat
-rw-r--r--ChangeLog12
-rw-r--r--acconfig.h1
-rw-r--r--configure.ac54
-rw-r--r--gui/simple-greeter/Makefile.am9
-rw-r--r--gui/simple-greeter/gdm-chooser-widget.c4
-rw-r--r--gui/simple-greeter/gdm-greeter-login-window.c57
6 files changed, 106 insertions, 31 deletions
diff --git a/ChangeLog b/ChangeLog
index 86f1e671..2e64c5cb 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,15 @@
+2008-01-28 Brian Cameron <brian.cameron@sun.com>
+
+ * acconfig.h, configure.ac, gui/simple-greeter/Makefile.am,
+ gui/simple-greeter/gdm-greeter-login-window.c: Make
+ polkit-gnome an optional dependency. Also support
+ RBAC for shutdown/reboot if the --enable-rbac-shutdown
+ configure option is provided.
+ * configure.ac: Remove old RBAC configuration options that
+ were used in the GDM 2.20 branch.
+ * gui/simple-greeter/gdm-chooser-widget.c: Fix a null string
+ argument problem causing core dumping on Solaris.
+
2008-01-28 William Jon McCann <mccann@jhu.edu>
* daemon/gdm-display.c: (gdm_display_get_seat_id),
diff --git a/acconfig.h b/acconfig.h
index 760653b7..09746df2 100644
--- a/acconfig.h
+++ b/acconfig.h
@@ -9,7 +9,6 @@
#undef ENABLE_NLS
#undef ALWAYS_RESTART_SERVER
#undef GDM_USER_PATH
-#undef GDM_RBAC_SYSCMD_KEYS
#undef HAVE_ADT
#undef HAVE_CATGETS
#undef HAVE_CHKAUTHATTR
diff --git a/configure.ac b/configure.ac
index b567b952..6f87058a 100644
--- a/configure.ac
+++ b/configure.ac
@@ -87,11 +87,20 @@ PKG_CHECK_MODULES(SIMPLE_GREETER,
gtk+-2.0 >= $GTK_REQUIRED_VERSION
libglade-2.0 >= $LIBGLADE_REQUIRED_VERSION
gnome-vfs-2.0 >= $GNOME_VFS_REQUIRED_VERSION
- polkit-gnome >= $POLICYKIT_REQUIRED_VERSION
)
AC_SUBST(SIMPLE_GREETER_CFLAGS)
AC_SUBST(SIMPLE_GREETER_LIBS)
+PKG_CHECK_MODULES(POLKIT_GNOME,
+ polkit >= $POLICYKIT_REQUIRED_VERSION,
+ have_polkit=yes,
+ have_polkit=no)
+if test "x$have_polkit" = "xyes" ; then
+ AC_DEFINE(HAVE_POLKIT_GNOME, [], [Define if we have polkit])
+fi
+AM_CONDITIONAL(HAVE_POLKIT_GNOME, test x$have_polkit = xyes)
+AC_SUBST(HAVE_POLKIT_GNOME)
+
PKG_CHECK_MODULES(SIMPLE_CHOOSER,
dbus-glib-1 >= $DBUS_GLIB_REQUIRED_VERSION
gtk+-2.0 >= $GTK_REQUIRED_VERSION
@@ -862,6 +871,24 @@ ISO_CODES=iso-codes
dnl ---------------------------------------------------------------------------
+dnl check for RBAC
+dnl ---------------------------------------------------------------------------
+
+msg_rbac_shutdown=no
+AC_ARG_ENABLE(rbac-shutdown,
+ [AC_HELP_STRING([--enable-rbac-shutdown=<key>],
+ [Build with RBAC support specifying shutdown/reboot RBAC authentication key])],
+ enable_rbac_shutdown=$enableval,enable_rbac_shutdown=no)
+if test "x$enable_rbac_shutdown" != "xno"; then
+ RBAC_LIBS="-lsecdb -lsocket -lnsl"
+ AC_DEFINE(ENABLE_RBAC_SHUTDOWN, [], [Set if we build with RBAC support])
+ AC_DEFINE_UNQUOTED(RBAC_SHUTDOWN_KEY, "$enable_rbac_shutdown", [Set if we build with RBAC support])
+ msg_rbac_shutdown="yes, using key $enable_rbac_shutdown"
+fi
+AC_SUBST(RBAC_LIBS)
+
+
+dnl ---------------------------------------------------------------------------
dnl - Define some variables to represent the directories we use.
dnl ---------------------------------------------------------------------------
@@ -977,15 +1004,6 @@ AC_CHECK_LIB(devinfo, di_devperm_login, [
AC_DEFINE(HAVE_LOGINDEVPERM)
EXTRA_DAEMON_LIBS="$EXTRA_DAEMON_LIBS -ldevinfo" ])
-# Check for RBAC support (chkauthattr
-#
-AC_MSG_CHECKING(for RBAC support - chkauthattr)
-AC_CHECK_LIB(secdb, chkauthattr, [
- AC_DEFINE(HAVE_CHKAUTHATTR)
- EXTRA_DAEMON_LIBS="$EXTRA_DAEMON_LIBS -lsecdb"
- EXTRA_GREETER_LIBS="$EXTRA_GREETER_LIBS -lsecdb"])
-
-
dnl ---------------------------------------------------------------------------
dnl - Check for Halt, and Reboot commands
dnl ---------------------------------------------------------------------------
@@ -995,7 +1013,6 @@ dnl ---------------------------------------------------------------------------
# On Solaris/bin is a symlink to /usr/bin, so don't include it in
# GDM_USER_PATH.
GDM_USER_PATH=""
-GDM_RBAC_SYSCMD_KEYS=""
case "$host" in
*solaris*)
@@ -1006,7 +1023,6 @@ case "$host" in
SUSPEND_COMMAND="/usr/openwin/bin/sys-suspend -n"
XSESSION_SHELL=/bin/ksh
SOUND_PROGRAM=/usr/bin/audioplay
- GDM_RBAC_SYSCMD_KEYS="HALT:solaris.system.shutdown;REBOOT:solaris.system.shutdown"
;;
*freebsd*)
GDM_USER_PATH="/bin:/usr/bin"
@@ -1201,16 +1217,6 @@ fi
AC_SUBST(GDM_WORKING_DIR)
dnl ---------------------------------------------------------------------------
-dnl - Allow configure to specify RBAC keys.
-dnl ---------------------------------------------------------------------------
-
-AC_ARG_WITH(rbac-system-command-keys, [ --with-rbac-system-command-keys=<keys> RBAC system command keys])
-
-if ! test -z "$with_system_command_keys"; then
- GDM_RBAC_SYSCMD_KEYS=$with_system_command_keys
-fi
-
-dnl ---------------------------------------------------------------------------
dnl - Finish
dnl ---------------------------------------------------------------------------
@@ -1288,8 +1294,6 @@ AC_SUBST(GDM_USER_PATH)
AC_DEFINE_UNQUOTED(GDM_USER_PATH,"$GDM_USER_PATH")
AC_SUBST(SOUND_PROGRAM)
AC_DEFINE_UNQUOTED(SOUND_PROGRAM,"$SOUND_PROGRAM")
-AC_SUBST(GDM_RBAC_SYSCMD_KEYS)
-AC_DEFINE_UNQUOTED(GDM_RBAC_SYSCMD_KEYS,"$GDM_RBAC_SYSCMD_KEYS")
AC_SUBST(X_PATH)
AC_SUBST(X_SERVER)
@@ -1371,6 +1375,7 @@ if test x"$LIBWRAP_PATH" = x ; then
echo \
" TCP Wrappers support: no"
else
+ echo \
" TCP Wrappers support: yes"
fi
@@ -1379,4 +1384,5 @@ echo \
XDMCP support: ${XDMCP_SUPPORT}
SELinux support: ${with_selinux}
ConsoleKit support: ${use_console_kit}
+ Build with RBAC: ${msg_rbac_shutdown}
"
diff --git a/gui/simple-greeter/Makefile.am b/gui/simple-greeter/Makefile.am
index 1106650e..37aceca2 100644
--- a/gui/simple-greeter/Makefile.am
+++ b/gui/simple-greeter/Makefile.am
@@ -19,6 +19,7 @@ INCLUDES = \
-DAT_SPI_REGISTRYD_DIR="\"$(AT_SPI_REGISTRYD_DIR)\"" \
$(GTK_CFLAGS) \
$(SIMPLE_GREETER_CFLAGS) \
+ $(POLKIT_GNOME_CFLAGS) \
$(NULL)
@INTLTOOL_SCHEMAS_RULE@
@@ -58,6 +59,9 @@ test_greeter_login_window_SOURCES = \
test_greeter_login_window_LDADD = \
$(SIMPLE_GREETER_LIBS) \
+ $(POLKIT_GNOME_LIBS) \
+ $(RBAC_LIBS) \
+ $(top_builddir)/common/libgdmcommon.la \
$(NULL)
test_greeter_panel_SOURCES = \
@@ -125,6 +129,7 @@ test_user_chooser_SOURCES = \
test_user_chooser_LDADD = \
$(SIMPLE_GREETER_LIBS) \
+ $(POLKIT_GNOME_LIBS) \
$(NULL)
test_user_manager_SOURCES = \
@@ -138,6 +143,7 @@ test_user_manager_SOURCES = \
test_user_manager_LDADD = \
$(SIMPLE_GREETER_LIBS) \
+ $(POLKIT_GNOME_LIBS) \
$(NULL)
libexec_PROGRAMS = \
@@ -177,6 +183,9 @@ gdm_simple_greeter_LDADD = \
$(top_builddir)/common/libgdmcommon.la \
$(top_builddir)/gui/simple-greeter/libnotificationarea/libnotificationarea.la \
$(SIMPLE_GREETER_LIBS) \
+ $(POLKIT_GNOME_LIBS) \
+ $(RBAC_LIBS) \
+ $(top_builddir)/common/libgdmcommon.la \
$(NULL)
gladedir = $(pkgdatadir)
diff --git a/gui/simple-greeter/gdm-chooser-widget.c b/gui/simple-greeter/gdm-chooser-widget.c
index 2ce363c8..d7135f7c 100644
--- a/gui/simple-greeter/gdm-chooser-widget.c
+++ b/gui/simple-greeter/gdm-chooser-widget.c
@@ -1321,9 +1321,9 @@ name_cell_data_func (GtkTreeViewColumn *tree_column,
if (is_in_use) {
markup = g_strdup_printf ("<b>%s</b>\n"
"<i><span size=\"x-small\">%s</span></i>",
- name, widget->priv->in_use_message);
+ name ? name : "(null)", widget->priv->in_use_message);
} else {
- markup = g_strdup_printf ("<b>%s</b>", name);
+ markup = g_strdup_printf ("<b>%s</b>", name ? name : "(null)");
}
g_free (name);
diff --git a/gui/simple-greeter/gdm-greeter-login-window.c b/gui/simple-greeter/gdm-greeter-login-window.c
index 5320b413..95ec45e1 100644
--- a/gui/simple-greeter/gdm-greeter-login-window.c
+++ b/gui/simple-greeter/gdm-greeter-login-window.c
@@ -33,6 +33,11 @@
#include <errno.h>
#include <pwd.h>
+#ifdef ENABLE_RBAC_SHUTDOWN
+#include <auth_attr.h>
+#include <secdb.h>
+#endif
+
#include <glib.h>
#include <glib/gi18n.h>
#include <glib/gstdio.h>
@@ -49,7 +54,9 @@
#include <dbus/dbus-glib.h>
#include <dbus/dbus-glib-lowlevel.h>
+#if HAVE_POLKIT_GNOME
#include <polkit-gnome/polkit-gnome.h>
+#endif
#include "gdm-greeter-login-window.h"
#include "gdm-user-chooser-widget.h"
@@ -196,6 +203,25 @@ show_widget (GdmGreeterLoginWindow *login_window,
}
}
+#ifdef ENABLE_RBAC_SHUTDOWN
+static char *
+get_user_name (uid_t uid)
+{
+ struct passwd *pwent;
+ char *name;
+
+ name = NULL;
+
+ pwent = getpwuid (uid);
+
+ if (pwent != NULL) {
+ name = g_strdup (pwent->pw_name);
+ }
+
+ return name;
+}
+#endif
+
static void
switch_mode (GdmGreeterLoginWindow *login_window,
int number)
@@ -203,16 +229,35 @@ switch_mode (GdmGreeterLoginWindow *login_window,
const char *default_name;
GtkWidget *user_chooser;
GtkWidget *box;
+ gchar *username;
+ gboolean show_restart_shutdown = TRUE;
+ uid_t uid;
/* FIXME: do animation */
default_name = NULL;
+#ifdef ENABLE_RBAC_SHUTDOWN
+ uid = getuid ();
+ username = get_user_name (uid);
+
+ if (username == NULL || !chkauthattr (RBAC_SHUTDOWN_KEY, username)) {
+ show_restart_shutdown = FALSE;
+ g_debug ("Not showing stop/restart buttons for user %s due to RBAC key %s",
+ username, RBAC_SHUTDOWN_KEY);
+ } else {
+ g_debug ("Showing stop/restart buttons for user %s due to RBAC key %s",
+ username, RBAC_SHUTDOWN_KEY);
+ }
+#endif
+
switch (number) {
case MODE_SELECTION:
show_widget (login_window, "log-in-button", FALSE);
show_widget (login_window, "cancel-button", FALSE);
- show_widget (login_window, "shutdown-button", login_window->priv->display_is_local);
- show_widget (login_window, "restart-button", login_window->priv->display_is_local);
+ show_widget (login_window, "shutdown-button",
+ login_window->priv->display_is_local && show_restart_shutdown);
+ show_widget (login_window, "restart-button",
+ login_window->priv->display_is_local && show_restart_shutdown);
show_widget (login_window, "suspend-button", login_window->priv->display_is_local);
show_widget (login_window, "disconnect-button", ! login_window->priv->display_is_local);
show_widget (login_window, "auth-input-box", FALSE);
@@ -525,6 +570,7 @@ try_system_restart (DBusGConnection *connection,
return res;
}
+#ifdef HAVE_POLKIT_GNOME
static void
system_restart_auth_cb (PolKitAction *action,
gboolean gained_privilege,
@@ -613,6 +659,7 @@ get_action_from_error (GError *error)
return action;
}
+#endif
static void
do_system_restart (GdmGreeterLoginWindow *login_window)
@@ -630,6 +677,7 @@ do_system_restart (GdmGreeterLoginWindow *login_window)
}
res = try_system_restart (connection, &error);
+#ifdef HAVE_POLKIT_GNOME
if (! res) {
g_debug ("GdmGreeterLoginWindow: unable to restart system: %s: %s",
dbus_g_error_get_name (error),
@@ -662,7 +710,7 @@ do_system_restart (GdmGreeterLoginWindow *login_window)
}
}
-
+#endif
}
static void
@@ -681,6 +729,7 @@ do_system_stop (GdmGreeterLoginWindow *login_window)
}
res = try_system_stop (connection, &error);
+#ifdef HAVE_POLKIT_GNOME
if (! res) {
g_debug ("GdmGreeterLoginWindow: unable to stop system: %s: %s",
dbus_g_error_get_name (error),
@@ -713,7 +762,7 @@ do_system_stop (GdmGreeterLoginWindow *login_window)
}
}
-
+#endif
}
static void
View Lorry Controller Status