| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We currently disable wayland for cirrus by calling printf
from a udev rule. This works, but it's a little too open
coded to easily write SELinux policy for.
This commit introduces a new program, gdm-disable-wayland,
that does the same thing, but in a dedicated binary.
A future commit will change the udev rule to use the binary.
https://bugzilla.gnome.org/show_bug.cgi?id=796315
(cherry picked from commit 2dc57da31781dedfe374ce353b0f5fd6aa9da56f)
|
|
|
|
| |
it doesn't in rhel.
|
|
|
|
|
|
|
|
|
|
|
|
| |
The current upstream pam configuration upstream doesn't really
make sense in RHEL.
systemd doesn't handle /etc/environment on its own in RHEL and it
doesn't populate the kernel keyring with disk encrypt passwords,
so pam_gdm is not useful.
This commit restores the pam configuration to something closer to
what was shipped in 7.3
|
|
|
|
|
| |
We default to gnome-classic in rhel, unless overridden
by /etc/sysconfig/desktop
|
|
|
|
| |
This way system settings can affect the login screen.
|
| |
|
|
|
|
| |
This helps with flicker when the X server shuts down.
|
| |
|
|
|
|
|
|
|
|
|
| |
GdmClient fails to free the hash table associated with user
verifier extensions when the client is done with the user verifier.
This commit ties the user verifier extensions to the user verifier
instance associated with it, instead of storing the extensions
directly in the client struct.
|
|
|
|
|
|
|
|
|
|
|
| |
There's a race condition in the client connection code at the moment,
where a user verifier could be waiting for its connection when the login
screen asks for a greeter synchronously. The greeter will then end up
with a different connection that the user verifier which breaks
expectations.
This commit just makes the connection fetching code synchronous for now
to side step the problem.
|
|
|
|
|
|
|
|
| |
There are are few places in the code where the client object is
retrieved via g_async_result_get_source_object. Those calls
return a fresh reference that is never unreferenced later.
This commit plugs those leaks by using g_autoptr's
|
|
|
|
|
| |
Using auto pointers allows to manage things in a cleaner way without having
to manually unref things before returning.
|
| |
|
|
|
|
|
| |
There's no need to keep the manager connection address around, and
use autofree to clean it up
|
|
|
|
|
|
|
|
|
| |
Instead of using the hard-to-maintain shared pointer to the dbus connection
to the manager and reset it when the proxies that use it are deleted, just
look which proxy is currently available and try to reuse the connection
from it.
Fixes #386
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
Both if we re-use the shared connection in `gdm_client_get_connection` and if
we create a new one in `on_connected`, we steal the pointer here by using
`g_task_propagate_pointer` and thus we don't have to add an additional
reference to this connection when returning, or it won't ever be consumed by
function customers.
|
|
|
|
|
|
|
|
|
| |
This instance has already been reffed when passed to the task, and since
we're stealing it with `g_task_propagate_pointer` it won't be unreffed.
We could also do this in the `on_reauthentication_channel_opened` callback
but since the new task will ref it anyway, we can just be clean and do it
here.
|
|
|
|
|
|
|
|
|
| |
The GDBusProxies hold a strong reference to the connection themselves,
so maintaining separate weak references is unnecessary.
This commit drops those extraneous weak references.
https://bugzilla.gnome.org/show_bug.cgi?id=795940
|
|
|
|
|
|
|
|
|
|
|
| |
At the moment we call gdm_client_open_connection and when it finishes,
assume client->priv->connection is implicitly initialized.
This commit makes the operation more explicit by changing
gdm_client_open_connection to gdm_client_get_connection and returning
the GDBusConnection object directly, instead of returning a boolean.
https://bugzilla.gnome.org/show_bug.cgi?id=795940
|
|
|
|
|
|
|
|
|
|
|
|
| |
Right now we keep the manager proxy alive long after we need it.
It doesn't get cleared until one of the other proxies go away.
That is not only unnecessary but illogical and confusing.
This commit changes the manager proxy to be transient—only alive
long enough to get what we need from it.
https://bugzilla.gnome.org/show_bug.cgi?id=795940
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Right now libgdm tries to handle multiple simultaneous
open calls at the same time by serializing the requests
and giving them all the same connection. It's broken,
though.
- The pending_opens list is never populated, so we
end up just doing multiple simultaneous open
operations at a time anyway.
- The finish code ends up calling
g_task_return_error (task, NULL) instead of
g_task_return_pointer in the non-error case.
Since the feature doesn't work, drop it for now.
https://bugzilla.gnome.org/show_bug.cgi?id=795940
|
|
|
|
|
|
|
|
|
|
| |
The XDMCP disply factory examines the sessions of its displays'
launch environments when the displays change status.
Unfortunately it leaks a reference to the launch environment when
doing that.
This commit fixes the reference leak which leads to an fd leak.
|
|
|
|
|
|
|
|
|
|
|
|
| |
XDMCP login screens get a "Remote Geeter Interface" exported over
the bus connection (so the login window can provide a Disconnect
button).
This interface is getting leaked when the session object is disposed,
leaving the bus connection itself undisposed, which causes an fd
leak.
This commit plugs the interface leak, and thus the fd leak.
|
|
|
|
|
|
|
|
|
|
|
| |
The first is from create_user_session_for display. Most callers don't
check the return value, so it should just be void.
The user data associated with the session also isn't unlinked from the
display when the display is finishing up, preventing the display and
session object from getting freed.
This commit makes both changes.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
After a user logs out, the session worker baby sitting
the session, may optionally run admin provided PostSession
scripts.
Those scripts aren't getting reliably run on reboots, because
systemd kills the worker prematurely.
There's no easy way to prevent this... the worker is part of
the user session and user sessions are terminated immediately
at shutdown time.
This commit moves PostSession handling to the daemon process,
where it can happen unimpeded by session bring down.
This also makes the scripts more reliable in other potential
cases where the worker is killed explicitly.
|
|
|
|
|
|
|
|
|
|
|
| |
GDM doesn't currently stop it's display handling logic when it's
asked to shutdown.
That can lead to X servers attempting to start themsevles as GDM
is tearing itself down.
This commit addresses the problem adding some stop calls to the
code.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When a session ends, its "session worker" is closed. Since
3e8220921bb608afd06ed677104fd2244b901a28 (3.33.4), we uninitialise PAM
when this happens. As part of this procedure, we jump back to the login
screen, if the screen being killed is not itself the login screen.
This has broken fast user switching. It goes like this - this
explanation is a bit complicated, bear with us:
We want to jump back to the login screen when a normal user session
ends, so that people can log in again. We do not want to do this when a
login screen itself ends. When session workers start up, they query for
the *currently active VT* and save this in `login_vt`. Then later on, we
check if our session ID is the same as `login_vt`, and jump to
`login_vt` if they are different - this means that it was a user session
not a login session. Querying the currently active VT is fine for the
first greeter, but when initiating a user switch it's wrong as this
gives the user VT.
GDM greeters are killed once they have spawned a session. They are
associated with a logind session, and therefore a PAM session. There are
some actions performed when unregistering PAM sessions, including the
previously mentioned VT jump. Before
3e8220921bb608afd06ed677104fd2244b901a28 we only uninitialised PAM when
the session itself exited so the bug was masked, but now (since this
commit), if the login screen's *worker* exits first - as happens in the
normal case when GDM kills it - we also do this uninitialisation. Since
we falsely recorded the login screen as the first user's VT, this means
that checking `login_vt != session_vt` returns `TRUE` and we jump back
to the previous user's session immediately after logging into the new
session: fast user switching is broken.
Since the work on shutting down the GDM session has been finished, we
can assume that the login_vt is always on GDM_INITIAL_VT (see
example c71bc5d6c3bc2ec448b5c72ce9a811d9c0c7905e
"local-display-factory: Remove initial VT is in use check" and
39fb4ff64e6a0653e70a3bfab31da47b49227d59 "manager: don't run autologin
display on tty1"). So simply replace all usages of login_vt with
GDM_INITIAL_VT to solve the above problem.
Note that in the case where ENABLE_USER_DISPLAY_SERVER is not enabled,
the login_vt is always the same as the session_vt. We can simply remove
the VT switching magic there and everything should be working as
expected.
This is a simpler version of the patch by Iain Lane <iainl@gnome.org>,
taking into account that we can make the assumption about the login_vt.
Closes #515
|
|
|
|
|
|
|
| |
Right nowe don't uninitialize pam or switch back to the
starting VT if the worker is killed before the session.
This commit fixes that.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
At the moment the session worker exits as soon as it gets SIGTERM.
That means it may fail to stop the user session (which only happens
in the orderly shutdown path).
This commit sets up a SIGTERM handler that integrates with and
quits the main loop after the session is started.
It still retains the _exit-on-SIGTERM behavior before the session
is started, to ensure a stuck pam module doesn't prevent the
process from dying.
Some small changes to commit by Ray Strode.
Closes #400
|
|
|
|
|
|
|
|
| |
We're going to need to access the worker state as a property on
the worker object.
This commit hooks it up to glib-mkenums so the requisite goo can
get generated
|
|
|
|
|
|
|
|
|
|
|
|
| |
At the moment gdm conjures up a login screen any time a user session
exits.
This is the right behavior if the user explicitly logs out, but if an
admin is killing a session on a background VT, then going to the login
screen is wrong.
This commit changes the code to detect when the killed session is in
the foreground, and only then bring up a login screen.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
pututxline() was used without first opening the utxmp database and
without closing it, preventing the logout entry from being fully
committed.
This caused the number of logged-in users to increment after each login,
as logging out did not correctly remove the user login record from utmp.
This commit wraps pututxline() between setutxent() and endutxent(),
making sure that the login/logout operation are fully flushed.
Fixes #381
|
|
|
|
|
|
|
|
|
|
|
|
| |
At the moment we sometimes fail to create a login screen when
logout results in the user ending up on an empty VT.
That is because we're accidentally running into the non-seat0
code path for seat0.
This commit addresses the problem by specifically checking for
if the seat is multi-session capable rather than checking if
the seat has an active session.
|
|
|
|
|
|
|
|
|
| |
At the moment, when a user logs out we call sync_seats to restart the
login screen. sync_seats doesn't know whether or not vt1 is occupied.
This commit changes the code to call the more targeted `create_display`
function, which we can inform of vt1's availability by the is_initial
flag.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
commit 22c332ba and some follow up commits try to ensure the
user never stays on a blank VT by jumping to a login screen in
the event they'd end up on one.
Unfortunately, that part of the code can't start a login screen
if there's not one running at all.
This commit moves the code to GdmLocalDisplyFactor where the
login screens are created, so users won't end up on a blank
VT even if no login screen is yet running.
|
|
|
|
|
|
|
| |
Right now we oddly succeed from get_login_window_session_id
if we can't find a login window.
None of the caller expect that, so fail instead.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It's entirely possible for a session returned by
sd_seat_get_sessions to disappear immediately after the
sd_seat_get_sessions call returns. This is especially
likely at logout time where the session will briefly be
in the "closing" state before getting reaped.
If that happens when we're looking for a greeter session, we
stop looking for a greeter session and bail out all confused.
This commit fixes the confusion by gracefully handling the
session disappearing by just proceeding to the next session
in the list.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since commit 22c332ba we try to start a login screen if we end up
on an empty VT and there isn't one running.
Unfortunately the check for "is on an empty VT" is a little busted.
It counts the VT has non-empty if there's a display associated with
it, even if that display is in the FINISHED state about to be
reaped.
That means, in some cases, we'll still leave the user on an empty
VT with no login screen.
This commit addresses the problem by explicitly checking for
FINISHED displays, and proceeding even in their presense.
|
|
|
|
|
|
|
| |
The function asks logind what the currently active session is on the
given seat. It then leaks the response.
This commit plugs the leak.
|
|
|
|
|
|
|
|
|
|
|
|
| |
Now that we have a gdm-disable-wayland binary for disabling
wayland at boot, we should use it.
This commit changes the cirrus udev rule to use gdm-disable-wayland,
rather than running sh and printf.
https://bugzilla.gnome.org/show_bug.cgi?id=796315
(cherry picked from commit a913eea70342411247e770a91b75dd800941bb6e)
|
|
|
|
| |
This reverts commit 2b52d8933c8ab38e7ee83318da2363d00d8c5581.
|
|
|
|
| |
This reverts commit 1073f0e792d9d5bf9d53bddb6e51177c8024c2b3.
|
|
|
|
|
|
|
|
|
| |
The manager fetching code in GdmClient treats its task
return value as boolean, but it's actually a pointer (the manager)
This commit corrects the confusion.
https://bugzilla.gnome.org/show_bug.cgi?id=795940
|
| |
|
|
|
|
|
|
| |
This reverts commit 7a4e34049c79e907d1a027390c5d3a8dcdc11977.
It breaks login screen until reboot on 7.3→7.4 upgrade.
|