11 files changed, 224 insertions, 46 deletions

diff --git a/ChangeLog b/ChangeLog
index 742f0195..9a0582c2 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,35 @@
+Thu Aug 15 12:04:24 2002  George Lebl <jirka@5z.com>
+
+	* daemon/gdm.c, daemon/slave.c: remove some dead code.  Ensure euid's
+	  in more places.  open .xsession-errors even on nfs dirs properly.
+	  For the Init/PreSession/PostSession scripts always setup the
+	  GDM_PARENT_* stuff for Xnest displays.  Don't use temp files, but
+	  name the temporary auth file by the display name and whack it
+	  on server stop.  The Init/PreSession/PostSession scripts now
+	  execute /<displayname>, if not found then /<hostname>, if not
+	  found and XDMCP then /XDMCP, if not found and flexi then /Flexi,
+	  and only if none of those are found then /Default.
+
+	* daemon/errorgui.c: show label and entry in the question dialog,
+	  fixes problems when asking for questions during autologin.  Also
+	  set cursor to pointer.
+
+	* daemon/slave.c: set cursor to pointer after forking slave.  This
+	  should fix possible busy cursor stuck after an autologin.
+
+	* config/PostSession: spelling fix
+
+	* daemon/verify-pam.c: add extra message for automatic login
+	  for standalone conversation thingie.  This uses already translated
+	  string.
+
+	* daemon/gdm.c: wait 2 seconds between killing local servers,
+	  otherwise things go very very bad on some machines (such as eating
+	  my keyboard on mine)
+
+	* configure.in, Makefile.am, gdm-stop.in: new script to just SIGTERM
+	  the gdm binary.  Useful for debugging
+
 2002-08-15  jacob berkman  <jacob@ximian.com>
 
 	* gui/greeter/Makefile.am (EXTRA_DIST): include gdmthemetester
diff --git a/Makefile.am b/Makefile.am
index 6765e57b..33cb5ad4 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -14,11 +14,12 @@ EXTRA_DIST = \
 	intltool-extract.in	\
 	intltool-merge.in	\
 	intltool-update.in	\
+	gdm-stop.in		\
 	gdm-restart.in		\
 	gdm-safe-restart.in	\
 	gdmconfig
 
-sbin_SCRIPTS = gdm-restart gdm-safe-restart gdmconfig
+sbin_SCRIPTS = gdm-stop gdm-restart gdm-safe-restart gdmconfig
 
 install-data-local: gdmsetup-security
 if CONSOLE_HELPER
diff --git a/config/PreSession b/config/PreSession
index e485dbac..971bd3f2 100755
--- a/config/PreSession
+++ b/config/PreSession
@@ -22,5 +22,5 @@ if command -v sessreg > /dev/null 2>&1; then
 fi
 
 # some output for easy debugging
-echo "$0: could not file the sessreg utility, cannot update wtmp and utmp"
+echo "$0: could not find the sessreg utility, cannot update wtmp and utmp"
 exit 0
diff --git a/configure.in b/configure.in
index 84c6c566..d184ea3e 100644
--- a/configure.in
+++ b/configure.in
@@ -458,6 +458,7 @@ config/Gnome
 config/Xsession
 config/gnomerc
 daemon/gdm
+gdm-stop
 gdm-restart
 gdm-safe-restart
 gdmsetup-security
diff --git a/daemon/errorgui.c b/daemon/errorgui.c
index b8da7616..a85cb066 100644
--- a/daemon/errorgui.c
+++ b/daemon/errorgui.c
@@ -45,6 +45,14 @@ static int screeny = 0;
 static int screenwidth = 0;
 static int screenheight = 0;
 
+static void
+setup_cursor (GdkCursorType type)
+{
+	GdkCursor *cursor = gdk_cursor_new (type);
+	gdk_window_set_cursor (gdk_get_default_root_window (), cursor);
+	gdk_cursor_unref (cursor);
+}
+
 static gboolean
 gdm_event (GSignalInvocationHint *ihint,
 	   guint		n_param_values,
@@ -244,6 +252,8 @@ gdm_error_box_full (GdmDisplay *d, GtkMessageType type, const char *error,
 			gdk_error_trap_pop ();
 		}
 
+		setup_cursor (GDK_LEFT_PTR);
+
 		gtk_dialog_run (GTK_DIALOG (dlg));
 
 		XSetInputFocus (GDK_DISPLAY (),
@@ -324,9 +334,11 @@ gdm_failsafe_question (GdmDisplay *d,
 				  G_CALLBACK (gtk_true), NULL);
 
 		label = gtk_label_new (loc);
+		gtk_widget_show_all (label);
 		gtk_box_pack_start (GTK_BOX (GTK_DIALOG (dlg)->vbox),
 				    label, FALSE, FALSE, 0);
 		entry = gtk_entry_new ();
+		gtk_widget_show_all (entry);
 		gtk_box_pack_start (GTK_BOX (GTK_DIALOG (dlg)->vbox),
 				    entry, FALSE, FALSE, 0);
 		if ( ! echo)
@@ -359,6 +371,8 @@ gdm_failsafe_question (GdmDisplay *d,
 
 		gtk_widget_grab_focus (entry);
 
+		setup_cursor (GDK_LEFT_PTR);
+
 		gtk_dialog_run (GTK_DIALOG (dlg));
 
 		loc = g_locale_from_utf8 (ve_sure_string (gtk_entry_get_text (GTK_ENTRY (entry))),
@@ -366,6 +380,11 @@ gdm_failsafe_question (GdmDisplay *d,
 
 		gdm_fdprintf (p[1], "%s", ve_sure_string (loc));
 
+		XSetInputFocus (GDK_DISPLAY (),
+				PointerRoot,
+				RevertToPointerRoot,
+				CurrentTime);
+
 		_exit (0);
 	} else if (pid > 0) {
 		char buf[BUFSIZ];
@@ -458,11 +477,18 @@ gdm_failsafe_yesno (GdmDisplay *d,
 			gdk_error_trap_pop ();
 		}
 
+		setup_cursor (GDK_LEFT_PTR);
+
 		if (gtk_dialog_run (GTK_DIALOG (dlg)) == GTK_RESPONSE_YES)
 			gdm_fdprintf (STDOUT_FILENO, "yes\n");
 		else
 			gdm_fdprintf (STDOUT_FILENO, "no\n");
 
+		XSetInputFocus (GDK_DISPLAY (),
+				PointerRoot,
+				RevertToPointerRoot,
+				CurrentTime);
+
 		_exit (0);
 	} else if (pid > 0) {
 		char buf[BUFSIZ];
diff --git a/daemon/gdm.c b/daemon/gdm.c
index 5ae860d4..006abe87 100644
--- a/daemon/gdm.c
+++ b/daemon/gdm.c
@@ -788,7 +788,7 @@ gdm_start_first_unborn_local (int delay)
 void
 gdm_final_cleanup (void)
 {
-	GSList *list;
+	GSList *list, *li;
 	sigset_t mask;
 
 	gdm_debug ("gdm_final_cleanup");
@@ -805,7 +805,30 @@ gdm_final_cleanup (void)
 	}
 
 	list = g_slist_copy (displays);
-	g_slist_foreach (list, (GFunc) gdm_display_unmanage, NULL);
+	for (li = list; li != NULL; li = li->next) {
+		GdmDisplay *d = li->data;
+		/* XDMCP and FLEXI_XNEST are safe to kill
+		 * immediately */
+		if (d->type == TYPE_XDMCP ||
+		    d->type == TYPE_FLEXI_XNEST)
+			gdm_display_unmanage (d);
+	}
+	g_slist_free (list);
+
+	list = g_slist_copy (displays);
+	/* somewhat of a hack to kill last server
+	 * started first.  This mostly makes things end up on
+	 * the right vt */
+	list = g_slist_reverse (list);
+	for (li = list; li != NULL; li = li->next) {
+		GdmDisplay *d = li->data;
+		/* HACK! Wait 2 seconds between killing of local servers
+		 * because X is stupid and full of races and will hang my
+		 * keyboard if I don't */
+		if (li != list)
+			sleep (2);
+		gdm_display_unmanage (d);
+	}
 	g_slist_free (list);
 
 	/* Close stuff */
@@ -1368,11 +1391,6 @@ ensure_desc_012 (void)
 	 * opens the lowest available descriptor */
 	for (;;) {
 		fd = gdm_open_dev_null (O_RDWR);
-		/* what to do on fail?  I dunno,
-		 * just keep on going is the safest
-		 * bet I suppose */
-		if (fd < 0)
-			break;
 		/* Once we are up to 3, we're beyond stdin,
 		 * stdout and stderr */
 		if (fd >= 3) {
diff --git a/daemon/server.c b/daemon/server.c
index 98ad8961..a325add5 100644
--- a/daemon/server.c
+++ b/daemon/server.c
@@ -170,6 +170,8 @@ gdm_server_stop (GdmDisplay *disp)
     }
 
     gdm_server_wipe_cookies (disp);
+
+    gdm_slave_whack_temp_auth_file ();
 }
 
 static gboolean
diff --git a/daemon/slave.c b/daemon/slave.c
index dcbd7ab2..6dab9310 100644
--- a/daemon/slave.c
+++ b/daemon/slave.c
@@ -155,7 +155,6 @@ static gint     gdm_slave_exec_script (GdmDisplay *d, const gchar *dir,
 				       gboolean set_parent);
 static gchar *  gdm_parse_enriched_login (const gchar *s, GdmDisplay *display);
 static void	gdm_slave_handle_notify (const char *msg);
-static void	whack_temp_auth_file (void);
 static void	create_temp_auth_file (void);
 static void	set_xnest_parent_stuff (void);
 
@@ -433,7 +432,7 @@ gdm_slave_whack_greeter (void)
 
 	gdm_slave_send_num (GDM_SOP_GREETPID, 0);
 
-	whack_temp_auth_file ();
+	gdm_slave_whack_temp_auth_file ();
 
 	gdm_sigchld_block_pop ();
 }
@@ -1340,7 +1339,6 @@ static char *
 copy_auth_file (uid_t fromuid, uid_t touid, const char *file)
 {
 	uid_t old = geteuid ();
-	mode_t oldmask;
 	char *name;
 	int authfd;
 	int fromfd;
@@ -1358,11 +1356,9 @@ copy_auth_file (uid_t fromuid, uid_t touid, const char *file)
 
 	seteuid (0);
 
-	name = g_strconcat (GdmServAuthDir, "/XnestAuth.XXXXXX", NULL);
+	name = g_strconcat (GdmServAuthDir, "/", d->name, ".XnestAuth", NULL);
 
-	oldmask = umask (077);
-	authfd = g_mkstemp (name);
-	umask (oldmask);
+	authfd = open (name, O_TRUNC|O_WRONLY|O_CREAT, 0600);
 
 	if (authfd < 0) {
 		seteuid (old);
@@ -1620,6 +1616,7 @@ gdm_slave_send (const char *str, gboolean wait_for_ack)
 	int fd;
 	char *fifopath;
 	int i;
+	uid_t old;
 
 	if (gdm_in_signal == 0)
 		gdm_debug ("Sending %s", str);
@@ -1628,7 +1625,12 @@ gdm_slave_send (const char *str, gboolean wait_for_ack)
 		gdm_got_ack = FALSE;
 
 	fifopath = g_strconcat (GdmServAuthDir, "/.gdmfifo", NULL);
+	old = geteuid ();
+	if (old != 0)
+		seteuid (0);
 	fd = open (fifopath, O_WRONLY);
+	if (old != 0)
+		seteuid (old);
 	g_free (fifopath);
 
 	/* eek */
@@ -1703,6 +1705,7 @@ send_chosen_host (GdmDisplay *disp, const char *hostname)
 	int fd;
 	char *fifopath;
 	struct hostent *host;
+	uid_t old;
 
 	host = gethostbyname (hostname);
 
@@ -1716,7 +1719,12 @@ send_chosen_host (GdmDisplay *disp, const char *hostname)
 
 	fifopath = g_strconcat (GdmServAuthDir, "/.gdmfifo", NULL);
 
+	old = geteuid ();
+	if (old != 0)
+		seteuid (0);
 	fd = open (fifopath, O_WRONLY);
+	if (old != 0)
+		seteuid (old);
 
 	g_free (fifopath);
 
@@ -2180,8 +2188,19 @@ session_child_run (struct passwd *pwent,
 
 	disp = XOpenDisplay (d->name);
 	if (disp != NULL) {
+		Cursor xcursor;
+			
 		XSetInputFocus (disp, PointerRoot,
 				RevertToPointerRoot, CurrentTime);
+
+		/* return left pointer */
+		xcursor = XCreateFontCursor (disp, GDK_LEFT_PTR);
+		XDefineCursor (disp,
+			       DefaultRootWindow (disp),
+			       xcursor);
+		XFreeCursor (disp, xcursor);
+		XSync (disp, False);
+
 		XCloseDisplay (disp);
 	}
 
@@ -2199,8 +2218,14 @@ session_child_run (struct passwd *pwent,
 	 * unless in failsafe mode which needs to work when there is
 	 * no diskspace as well */
 	if ( ! failsafe && home_dir_ok) {
+		uid_t old = geteuid ();
+		uid_t oldg = getegid ();
+		setegid (pwent->pw_gid);
+		seteuid (pwent->pw_uid);
 		logfd = open (g_strconcat (home_dir, "/.xsession-errors", NULL),
 			      O_CREAT|O_TRUNC|O_WRONLY, 0644);
+		seteuid (old);
+		setegid (oldg);
 		if (logfd != -1) {
 			dup2 (logfd, 1);
 			dup2 (logfd, 2);
@@ -2227,7 +2252,7 @@ session_child_run (struct passwd *pwent,
 	if (gdm_slave_exec_script (d, GdmPreSession,
 				   login, pwent,
 				   TRUE /* pass_stdout */,
-				   FALSE /* set_parent */) != EXIT_SUCCESS &&
+				   TRUE /* set_parent */) != EXIT_SUCCESS &&
 	    /* ignore errors in failsafe modes */
 	    ! failsafe) 
 		/* If script fails reset X server and restart greeter */
@@ -2906,7 +2931,7 @@ gdm_slave_session_stop (pid_t sesspid)
 	    gdm_debug ("gdm_slave_session_cleanup: Running post session script");
 	    gdm_slave_exec_script (d, GdmPostSession, local_login, pwent,
 				   FALSE /* pass_stdout */,
-				   FALSE /* set_parent */);
+				   TRUE /* set_parent */);
 
 	    gnome_unsetenv ("X_SERVERS");
 	    if (d->type == TYPE_XDMCP)
@@ -3001,9 +3026,6 @@ gdm_slave_term_handler (int sig)
 	gdm_server_stop (d);
 	gdm_verify_cleanup (d);
 
-	if (d->xnest_temp_auth_file != NULL)
-		unlink (d->xnest_temp_auth_file);
-
 	_exit (DISPLAY_ABORT);
 }
 
@@ -3425,13 +3447,20 @@ gdm_child_exit (gint status, const gchar *format, ...)
     _exit (status);
 }
 
-static void
-whack_temp_auth_file (void)
+void
+gdm_slave_whack_temp_auth_file (void)
 {
+	uid_t old;
+
+	old = geteuid ();
+	if (old != 0)
+		seteuid (0);
 	if (d->xnest_temp_auth_file != NULL)
 		unlink (d->xnest_temp_auth_file);
 	g_free (d->xnest_temp_auth_file);
 	d->xnest_temp_auth_file = NULL;
+	if (old != 0)
+		seteuid (old);
 }
 
 static void
@@ -3469,25 +3498,52 @@ gdm_slave_exec_script (GdmDisplay *d, const gchar *dir, const char *login,
 		       gboolean set_parent)
 {
     pid_t pid;
-    gchar *script, *defscript;
-    const char *scr;
+    char *script;
     gchar **argv;
     gint status;
     char *x_servers_file;
 
-    if (!d || !dir)
+    if (!d || ve_string_empty (dir))
 	return EXIT_SUCCESS;
 
     script = g_strconcat (dir, "/", d->name, NULL);
-    defscript = g_strconcat (dir, "/Default", NULL);
-
-    if (access (script, R_OK|X_OK) == 0) {
-	    scr = script;
-    } else if (access (defscript, R_OK|X_OK) == 0)  {
-	    scr = defscript;
-    } else {
+    if (access (script, R_OK|X_OK) != 0) {
 	    g_free (script);
-	    g_free (defscript);
+	    script = NULL;
+    }
+    if (script == NULL &&
+	! ve_string_empty (d->hostname)) {
+	    script = g_strconcat (dir, "/", d->hostname, NULL);
+	    if (access (script, R_OK|X_OK) != 0) {
+		    g_free (script);
+		    script = NULL;
+	    }
+    }
+    if (script == NULL &&
+	d->type == TYPE_XDMCP) {
+	    script = g_strconcat (dir, "/XDMCP", NULL);
+	    if (access (script, R_OK|X_OK) != 0) {
+		    g_free (script);
+		    script = NULL;
+	    }
+    }
+    if (script == NULL &&
+	SERVER_IS_FLEXI (d)) {
+	    script = g_strconcat (dir, "/Flexi", NULL);
+	    if (access (script, R_OK|X_OK) != 0) {
+		    g_free (script);
+		    script = NULL;
+	    }
+    }
+    if (script == NULL) {
+	    script = g_strconcat (dir, "/Default", NULL);
+	    if (access (script, R_OK|X_OK) != 0) {
+		    g_free (script);
+		    script = NULL;
+	    }
+    }
+    
+    if (script == NULL) {
 	    return EXIT_SUCCESS;
     }
 
@@ -3554,16 +3610,16 @@ gdm_slave_exec_script (GdmDisplay *d, const gchar *dir, const char *login,
 	gnome_setenv ("PATH", GdmRootPath, TRUE);
 	gnome_setenv ("RUNNING_UNDER_GDM", "true", TRUE);
 	gnome_unsetenv ("MAIL");
-	argv = ve_split (scr);
+	argv = ve_split (script);
 	execv (argv[0], argv);
-	syslog (LOG_ERR, _("gdm_slave_exec_script: Failed starting: %s"), scr);
+	syslog (LOG_ERR, _("gdm_slave_exec_script: Failed starting: %s"),
+		script);
 	_exit (EXIT_SUCCESS);
 	    
     case -1:
 	if (set_parent)
-		whack_temp_auth_file ();
+		gdm_slave_whack_temp_auth_file ();
 	g_free (script);
-	g_free (defscript);
 	syslog (LOG_ERR, _("gdm_slave_exec_script: Can't fork script process!"));
 	return EXIT_SUCCESS;
 	
@@ -3571,10 +3627,9 @@ gdm_slave_exec_script (GdmDisplay *d, const gchar *dir, const char *login,
 	gdm_wait_for_extra (&status);
 
 	if (set_parent)
-		whack_temp_auth_file ();
+		gdm_slave_whack_temp_auth_file ();
 
 	g_free (script);
-	g_free (defscript);
 
 	if (WIFEXITED (status))
 	    return WEXITSTATUS (status);
diff --git a/daemon/slave.h b/daemon/slave.h
index 7274d0a1..dcd53de4 100644
--- a/daemon/slave.h
+++ b/daemon/slave.h
@@ -34,6 +34,8 @@ void	 gdm_slave_send_num	(const char *opcode, long num);
 void     gdm_slave_send_string	(const char *opcode, const char *str);
 gboolean gdm_slave_final_cleanup (void);
 
+void     gdm_slave_whack_temp_auth_file (void);
+
 #endif /* GDM_SLAVE_H */
 
 /* EOF */
diff --git a/daemon/verify-pam.c b/daemon/verify-pam.c
index 2b48893a..b19157c2 100644
--- a/daemon/verify-pam.c
+++ b/daemon/verify-pam.c
@@ -48,7 +48,6 @@ static pam_handle_t *pamh = NULL;
 
 static GdmDisplay *cur_gdm_disp = NULL;
 
-
 /* Internal PAM conversation function. Interfaces between the PAM
  * authentication system and the actual greeter program */
 
@@ -131,13 +130,16 @@ static struct pam_conv pamc = {
     NULL
 };
 
+/* Extra message to give on queries */
+static char *extra_standalone_message = NULL;
+
 static gint 
 gdm_verify_standalone_pam_conv (int num_msg, const struct pam_message **msg,
 				struct pam_response **resp,
 				void *appdata_ptr)
 {
 	int replies = 0;
-	char *s;
+	char *s, *text;
 	struct pam_response *reply = NULL;
 
 	reply = malloc (sizeof (struct pam_response) * num_msg);
@@ -151,10 +153,17 @@ gdm_verify_standalone_pam_conv (int num_msg, const struct pam_message **msg,
 		switch (msg[replies]->msg_style) {
 
 		case PAM_PROMPT_ECHO_ON:
+			if (extra_standalone_message != NULL)
+				text = g_strdup_printf
+					("%s\n%s", extra_standalone_message,
+					 _(msg[replies]->msg));
+			else
+				text = g_strdup (_(msg[replies]->msg));
+
 			/* PAM requested textual input with echo on */
-			s = gdm_failsafe_question (cur_gdm_disp,
-						   _(msg[replies]->msg),
+			s = gdm_failsafe_question (cur_gdm_disp, text,
 						   TRUE /* echo */);
+			g_free (text);
 
 			reply[replies].resp_retcode = PAM_SUCCESS;
 			reply[replies].resp = strdup (ve_sure_string (s));
@@ -162,11 +171,19 @@ gdm_verify_standalone_pam_conv (int num_msg, const struct pam_message **msg,
 			break;
 
 		case PAM_PROMPT_ECHO_OFF:
+			if (extra_standalone_message != NULL)
+				text = g_strdup_printf
+					("%s\n%s", extra_standalone_message,
+					 _(msg[replies]->msg));
+			else
+				text = g_strdup (_(msg[replies]->msg));
+
 			/* PAM requested textual input with echo off */
-			s = gdm_failsafe_question (cur_gdm_disp,
-						   _(msg[replies]->msg),
+			s = gdm_failsafe_question (cur_gdm_disp, text,
 						   FALSE /* echo */);
 
+			g_free (text);
+
 			reply[replies].resp_retcode = PAM_SUCCESS;
 			reply[replies].resp = strdup (ve_sure_string (s));
 			g_free (s);
@@ -498,6 +515,11 @@ gdm_verify_setup_user (GdmDisplay *d, const gchar *login, const gchar *display)
 
     cur_gdm_disp = d;
 
+    g_free (extra_standalone_message);
+    extra_standalone_message = g_strdup_printf ("%s (%s)",
+						_("Automatic login"),
+						login);
+
     /* Initialize a PAM session for the user */
     if ( ! create_pamh (d, "gdm-autologin", login, &standalone_pamc,
 			display, &pamerr)) {
@@ -590,6 +612,9 @@ gdm_verify_setup_user (GdmDisplay *d, const gchar *login, const gchar *display)
     openlog ("gdm", LOG_PID, LOG_DAEMON);
 
     cur_gdm_disp = NULL;
+
+    g_free (extra_standalone_message);
+    extra_standalone_message = NULL;
     
     return TRUE;
     
@@ -605,6 +630,9 @@ gdm_verify_setup_user (GdmDisplay *d, const gchar *login, const gchar *display)
 
     cur_gdm_disp = NULL;
 
+    g_free (extra_standalone_message);
+    extra_standalone_message = NULL;
+
     return FALSE;
 }
 
diff --git a/gdm-stop.in b/gdm-stop.in
new file mode 100755
index 00000000..0474c0ff
--- /dev/null
+++ b/gdm-stop.in
@@ -0,0 +1,13 @@
+#!/bin/sh
+PIDFILE=`grep '^PidFile=' @sysconfdir@/gdm/gdm.conf | sed -e 's/^PidFile=//'`
+if test x$PIDFILE = x ; then
+	echo "Can't find the PID file in the configuration file, going to try:"
+	echo "/var/run/gdm.pid"
+	PIDFILE=/var/run/gdm.pid
+fi
+if test '!' -f $PIDFILE ; then
+	echo "$PIDFILE doesn't exist, perhaps GDM isn't running"
+	exit 1
+fi
+# exec the kill to get the correct return code
+exec kill -TERM `cat $PIDFILE`