On events where we fail due to bad configuration, run the text message

Tue Dec 04 20:46:57 2001  George Lebl <jirka@5z.com>

	* daemon/gdm.c, daemon/misc.[ch], daemon/display.c:  On events where
	  we fail due to bad configuration, run the text message dialog.
	  Also if we hit the loop of death outside of XFAILED on a local
	  display, run a text message telling the user so instead of just
	  putting this into the syslog.  We need more interaction here I
	  think.  But this is better then nothing.

5 files changed, 140 insertions, 38 deletions

diff --git a/ChangeLog b/ChangeLog
index 22ce1c4e..70a83f3d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,12 @@
+Tue Dec 04 20:46:57 2001  George Lebl <jirka@5z.com>
+
+	* daemon/gdm.c, daemon/misc.[ch], daemon/display.c:  On events where
+	  we fail due to bad configuration, run the text message dialog.
+	  Also if we hit the loop of death outside of XFAILED on a local
+	  display, run a text message telling the user so instead of just
+	  putting this into the syslog.  We need more interaction here I
+	  think.  But this is better then nothing.
+
 Tue Dec 04 18:44:10 2001  George Lebl <jirka@5z.com>
 
 	* daemon/Makefile.am, daemon/verify-pam.c, daemon/verify-crypt.c, 
diff --git a/daemon/display.c b/daemon/display.c
index 451542d1..020b5914 100644
--- a/daemon/display.c
+++ b/daemon/display.c
@@ -87,15 +87,27 @@ gdm_display_check_loop (GdmDisplay *disp)
   /* If we've tried too many times we bail out. i.e. this means we
    * tried too many times in the 90-second period.
    */
-  if (disp->retry_count > 4)
-    {
-      gdm_error (_("Failed to start the display server several times in a short time period; disabling display %s"), disp->name);
-      disp->disabled = TRUE;
-
-      gdm_debug ("Failed to start X server after several retries; aborting.");
-      
-      return FALSE;
-    }
+  if (disp->retry_count > 4) {
+	  /* This means we have no clue what's happening,
+	   * it's not X server crashing as we would have
+	   * cought that elsewhere.  Things are just
+	   * not working out, so tell the user */
+	  char *s = g_strdup_printf (_("Failed to start the display server "
+				       "several times in a short time period; "
+				       "disabling display %s"), disp->name);
+	  /* only display a dialog box if this is a local display */
+	  if (disp->type == TYPE_LOCAL ||
+	      disp->type == TYPE_FLEXI)
+		  gdm_text_message_dialog (s);
+	  gdm_error ("%s", s);
+	  g_free (s);
+
+	  disp->disabled = TRUE;
+
+	  gdm_debug ("Failed to start X server after several retries; aborting.");
+
+	  return FALSE;
+  }
   
   /* At least 8 seconds between start attempts,
    * so you can try to kill gdm from the console
diff --git a/daemon/gdm.c b/daemon/gdm.c
index 856698fa..38ee040d 100644
--- a/daemon/gdm.c
+++ b/daemon/gdm.c
@@ -330,8 +330,10 @@ gdm_config_parse (void)
 	    gdm_error (_("gdm_config_parse: No greeter specified."));
     }
 
-    if (ve_string_empty (GdmServAuthDir))
-	gdm_fail (_("gdm_config_parse: No authdir specified."));
+    if (ve_string_empty (GdmServAuthDir)) {
+	    gdm_text_message_dialog (_("No daemon/ServAuthDir specified in the configuration file"));
+	    gdm_fail (_("gdm_config_parse: No authdir specified."));
+    }
 
     if (ve_string_empty (GdmLogDir))
 	GdmLogDir = GdmServAuthDir;
@@ -456,6 +458,13 @@ gdm_config_parse (void)
 		    g_free (GdmTimedLogin);
 		    GdmTimedLogin = NULL;
 	    } else {
+		    char *s = g_strdup_printf (_("Xdmcp is disabled and gdm "
+						 "cannot find any local server "
+						 "to start.  Aborting!  Please "
+						 "correct the configuration %s"
+						 "and restart gdm."),
+					       GDM_CONFIG_FILE);
+		    gdm_text_message_dialog (s);
 		    gdm_fail (_("gdm_config_parse: Xdmcp disabled and no local servers defined. Aborting!"));
 	    }
     }
@@ -470,13 +479,26 @@ gdm_config_parse (void)
 	    pwent = getpwnam (GdmUser);
     }
 
-    if (pwent == NULL)
+    if (pwent == NULL) {
+	    char *s = g_strdup_printf (_("The gdm user does not exist.  "
+					 "Please correct gdm configuration %s "
+					 "and restart gdm."),
+				       GDM_CONFIG_FILE);
+	    gdm_text_message_dialog (s);
 	    gdm_fail (_("gdm_config_parse: Can't find the gdm user (%s). Aborting!"), GdmUser);
-    else 
+    } else {
 	    GdmUserId = pwent->pw_uid;
+    }
 
-    if (GdmUserId == 0)
-	gdm_fail (_("gdm_config_parse: The gdm user should not be root. Aborting!"));
+    if (GdmUserId == 0) {
+	    char *s = g_strdup_printf (_("The gdm user is set to be root, but "
+					 "this is not allowed since it can "
+					 "pose a security risk.  Please "
+					 "correct gdm configuration %s and "
+					 "restart gdm."), GDM_CONFIG_FILE);
+	    gdm_text_message_dialog (s);
+	    gdm_fail (_("gdm_config_parse: The gdm user should not be root. Aborting!"));
+    }
 
     grent = getgrnam (GdmGroup);
 
@@ -487,18 +509,30 @@ gdm_config_parse (void)
 	    pwent = getpwnam (GdmUser);
     }
 
-    if (grent == NULL)
-	gdm_fail (_("gdm_config_parse: Can't find the gdm group (%s). Aborting!"), GdmGroup);
-    else 
-	GdmGroupId = grent->gr_gid;   
+    if (grent == NULL) {
+	    char *s = g_strdup_printf (_("The gdm group does not exist.  "
+					 "Please correct gdm configuration %s "
+					 "and restart gdm."),
+				       GDM_CONFIG_FILE);
+	    gdm_text_message_dialog (s);
+	    gdm_fail (_("gdm_config_parse: Can't find the gdm group (%s). Aborting!"), GdmGroup);
+    } else  {
+	    GdmGroupId = grent->gr_gid;   
+    }
 
-    if (GdmGroupId == 0)
-	gdm_fail (_("gdm_config_parse: The gdm group should not be root. Aborting!"));
+    if (GdmGroupId == 0) {
+	    char *s = g_strdup_printf (_("The gdm group is set to be root, but "
+					 "this is not allowed since it can "
+					 "pose a security risk.  Please "
+					 "correct gdm configuration %s and "
+					 "restart gdm."), GDM_CONFIG_FILE);
+	    gdm_text_message_dialog (s);
+	    gdm_fail (_("gdm_config_parse: The gdm group should not be root. Aborting!"));
+    }
 
     setegid (GdmGroupId);	/* gid remains `gdm' */
     seteuid (GdmUserId);
 
-
     /* Check that the greeter can be executed */
     bin = ve_first_word (GdmGreeter);
 
@@ -523,19 +557,55 @@ gdm_config_parse (void)
 
 
     /* Enter paranoia mode */
-    if (stat (GdmServAuthDir, &statbuf) == -1) 
-	gdm_fail (_("gdm_config_parse: Authdir %s does not exist. Aborting."), GdmServAuthDir);
+    if (stat (GdmServAuthDir, &statbuf) == -1)  {
+	    char *s = g_strdup_printf (_("Server Authorization directory "
+					 "(daemon/ServAuthDir) is set to %s "
+					 "but this does not exist.  Please "
+					 "correct gdm configuration %s and "
+					 "restart gdm."), GdmServAuthDir,
+				       GDM_CONFIG_FILE);
+	    gdm_text_message_dialog (s);
+	    gdm_fail (_("gdm_config_parse: Authdir %s does not exist. Aborting."), GdmServAuthDir);
+    }
 
-    if (! S_ISDIR (statbuf.st_mode))
-	gdm_fail (_("gdm_config_parse: Authdir %s is not a directory. Aborting."), GdmServAuthDir);
+    if (! S_ISDIR (statbuf.st_mode)) {
+	    char *s = g_strdup_printf (_("Server Authorization directory "
+					 "(daemon/ServAuthDir) is set to %s "
+					 "but this is not a directory.  Please "
+					 "correct gdm configuration %s and "
+					 "restart gdm."), GdmServAuthDir,
+				       GDM_CONFIG_FILE);
+	    gdm_text_message_dialog (s);
+	    gdm_fail (_("gdm_config_parse: Authdir %s is not a directory. Aborting."), GdmServAuthDir);
+    }
 
-    if (statbuf.st_uid != GdmUserId || statbuf.st_gid != GdmGroupId) 
-	gdm_fail (_("gdm_config_parse: Authdir %s is not owned by user %s, group %s. Aborting."), 
-		  GdmServAuthDir, GdmUser, GdmGroup);
+    if (statbuf.st_uid != GdmUserId || statbuf.st_gid != GdmGroupId)  {
+	    char *s = g_strdup_printf (_("Server Authorization directory "
+					 "(daemon/ServAuthDir) is set to %s "
+					 "but is not owned by user %s and group "
+					 "%s.  Please correct the ownership or "
+					 "gdm configuration %s and restart "
+					 "gdm."),
+				       GdmServAuthDir, GdmUser, GdmGroup,
+				       GDM_CONFIG_FILE);
+	    gdm_text_message_dialog (s);
+	    gdm_fail (_("gdm_config_parse: Authdir %s is not owned by user %s, group %s. Aborting."), 
+		      GdmServAuthDir, GdmUser, GdmGroup);
+    }
 
-    if (statbuf.st_mode != (S_IFDIR|S_IRWXU|S_IRGRP|S_IXGRP)) 
-	gdm_fail (_("gdm_config_parse: Authdir %s has wrong permissions %o. Should be 750. Aborting."), 
-		  GdmServAuthDir, statbuf.st_mode);
+    if (statbuf.st_mode != (S_IFDIR|S_IRWXU|S_IRGRP|S_IXGRP))  {
+	    char *s = g_strdup_printf (_("Server Authorization directory "
+					 "(daemon/ServAuthDir) is set to %s "
+					 "but has the wrong permissions, it "
+					 "should have permissions of 0750."
+					 "Please correct the permissions or "
+					 "the gdm configuration %s and "
+					 "restart gdm."),
+				       GdmServAuthDir, GDM_CONFIG_FILE);
+	    gdm_text_message_dialog (s);
+	    gdm_fail (_("gdm_config_parse: Authdir %s has wrong permissions %o. Should be 0750. Aborting."), 
+		      GdmServAuthDir, statbuf.st_mode);
+    }
 
     seteuid (0);
     setegid (0);
diff --git a/daemon/misc.c b/daemon/misc.c
index 21a8e9fa..9e2d6249 100644
--- a/daemon/misc.c
+++ b/daemon/misc.c
@@ -282,7 +282,8 @@ gdm_text_message_dialog (const char *msg)
 		argv[6] = NULL;
 
 		/* make sure gdialog wouldn't get confused */
-		if (gdm_exec_wait (argv, TRUE /* no display */) < 0) {
+		if (gdm_exec_wait (argv, TRUE /* no display */,
+				   TRUE /* de_setuid */) < 0) {
 			g_free (dialog);
 			return FALSE;
 		}
@@ -300,7 +301,8 @@ gdm_text_message_dialog (const char *msg)
 			 msg);
 		argv[4] = NULL;
 
-		if (gdm_exec_wait (argv, TRUE /* no display */) < 0) {
+		if (gdm_exec_wait (argv, TRUE /* no display */,
+				   TRUE /* de_setuid */) < 0) {
 			g_free (argv[3]);
 			return FALSE;
 		}
@@ -339,7 +341,8 @@ gdm_text_yesno_dialog (const char *msg, gboolean *ret)
 
 		/* will unset DISPLAY and XAUTHORITY if they exist
 		 * so that gdialog (if used) doesn't get confused */
-		retint = gdm_exec_wait (argv, TRUE /* no display */);
+		retint = gdm_exec_wait (argv, TRUE /* no display */,
+					TRUE /* de_setuid */);
 		if (retint < 0) {
 			g_free (dialog);
 			return FALSE;
@@ -377,7 +380,8 @@ gdm_text_yesno_dialog (const char *msg, gboolean *ret)
 			 tempname);
 		argv[4] = NULL;
 
-		if (gdm_exec_wait (argv, TRUE /* no display */) < 0) {
+		if (gdm_exec_wait (argv, TRUE /* no display */,
+				   TRUE /* de_setuid */) < 0) {
 			g_free (argv[3]);
 			return FALSE;
 		}
@@ -402,7 +406,8 @@ gdm_text_yesno_dialog (const char *msg, gboolean *ret)
 }
 
 int
-gdm_exec_wait (char * const *argv, gboolean no_display)
+gdm_exec_wait (char * const *argv, gboolean no_display,
+	       gboolean de_setuid)
 {
 	int status;
 	pid_t pid;
@@ -425,6 +430,11 @@ gdm_exec_wait (char * const *argv, gboolean no_display)
 		open ("/dev/null", O_RDWR); /* open stdout - fd 1 */
 		open ("/dev/null", O_RDWR); /* open stderr - fd 2 */
 
+		if (de_setuid) {
+			seteuid (getuid ());
+			setegid (getgid ());
+		}
+
 		if (no_display) {
 			ve_unsetenv ("DISPLAY");
 			ve_unsetenv ("XAUTHORITY");
diff --git a/daemon/misc.h b/daemon/misc.h
index 6b1a7732..57b99643 100644
--- a/daemon/misc.h
+++ b/daemon/misc.h
@@ -37,7 +37,8 @@ int gdm_get_free_display (int start, uid_t server_uid);
 
 gboolean gdm_text_message_dialog (const char *msg);
 gboolean gdm_text_yesno_dialog (const char *msg, gboolean *ret);
-int	gdm_exec_wait (char * const *argv, gboolean no_display);
+int	gdm_exec_wait (char * const *argv, gboolean no_display,
+		       gboolean de_setuid);
 
 /* done before each login.  This can do so sanity ensuring,
  * one of the things it does now is make sure /tmp/.ICE-unix