| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The chooser is the UI showns to XDMCP clients connecting
via indirect queries. It shows a list of login screens
on the network and lets the user pick that login screen
to jump to.
Right now it uses its own hardcoded D-Bus calls
to interact with the GDM daemon.
The D-Bus APIs have changed, though, and so now it
no longer works.
This commit changes simple-chooser to use libgdm
instead.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The simple-greeter is the fallback greeter shown if
gnome-shell is unavailable.
Right now it uses its own hardcoded D-Bus calls
to interact with the GDM daemon.
The D-Bus APIs have changed, though, and so now it
no longer works.
This commit changes simple-greeter to use libgdm
instead.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
libgdmgreeter is useful for clients that aren't greeters.
This will be even more true in the future as it gets updated
to be useful for screensavers.
Given it offers APIs that apply to non-greeter applications,
it's silly to have greeter in the library name.
This commit renames libgdmgreeter to libgdm.
https://bugzilla.gnome.org/show_bug.cgi?id=676381
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GdmGreeterClient is the interface greeters use to communicate
with their respective slaves. It will eventually also be
useful as an interface for screensavers to do authentication.
The actual GdmGreeterClient code is a just a thin wrapper around
some libdbus calls. Something very similar can be automatically
generated using gdbus-codegen.
This commit:
- updates the library to use the most up to date dbus
interfaces provided by the daemon
- replaces the hand rolled dbus code with generated code,
but leaving the client interface to get at the generated
objects.
Based on work by Giovanni Campagna <gcampagna@src.gnome.org>
https://bugzilla.gnome.org/show_bug.cgi?id=676381
|
| |
|
|
|
|
|
|
|
| |
Now that the GDM daemon code is using GDBus,
we don't need to pull in dbus-glib anymore.
This commit removes the pkgconfig check for dbus-glib.
Note, the fallback greeter and chooser still use dbus-glib.
|
| |
|
|
|
| |
This commit adds a small test program that excerises
the new interface for connecting to GDM.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This commit adds reauthentication support for
screensavers and user switching to use.
1) It adds a "verification mode" argument to the GdmSession constructor
that tweaks the behavior of how the session worker acts to fit login or
unlock scenarios better.
2) It adds a way for programs to open a communication channel for user
verification to already runnings sessions (so reauthentication happens
in the context of the session).
|
| |
|
|
|
| |
It's needed by ConsoleKit and it will be needed for
starting reauthentication sessions.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
One goal for GNOME 3.6, is to replace the screen locking functionality
provided by gnome-screensaver with redesigned functionality provided
by gnome-shell.
At the same time, it makes sense to consolidate the yucky PAM
authentication code to one place (GDM).
Right now only greeters can talk to GDM. At the time the greeter is
started, the slave sets up a private communication channel which the
greeter then connects to for initiating communication.
This commit adds a new method to the org.gnome.DisplayManager.Manager
interface that allows opening a private connection to the slave that
is associated with the currently running session. That slave exports
the session object over the bus that greeters can interact with the
session as appropriate. This interface replaces the
GDM_GREETER_DBUS_ADDRESS environment variable that used to to be used
for connecting the greeter to the slave.
This commit also drops gdm-greeter-server and gdm-chooser-server which
don't fit the new model, and are really just thin middle men that don't do
anything important.
Furthermore, this commit splits GdmSession interfaces 3 orthogonal parts
up into 3 separate interfaces on the session object.
A future commit will make this interface work for screensavers/reauthentication.
Based on work by Giovanni Campagna <gcampagna@src.gnome.org>
https://bugzilla.gnome.org/show_bug.cgi?id=676381
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The gdm-session-worker is a process used for managing interaction
with PAM. PAM modules can do weird things to the process they run
in, so GDM segregrates all PAM conversations in their own independent
"worker" subprocesses.
This commit moves gdm-session-worker away from using dbus-glib
to using gdbus instead.
https://bugzilla.gnome.org/show_bug.cgi?id=622888
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GdmSession is an object in the slave that manages
the various session worker processes. Each session
worker process talks to PAM to perform authentication
for the user. For instance, if the user has a fingerprint
reader, then there will normally be two worker processes,
one for handling fingerprint auth, and one for handling
password auth. GdmSession is the interface layer in the
slave to talking to those running worker processes.
This commit ports GdmSession over to GDBus from dbus-glib.
https://bugzilla.gnome.org/show_bug.cgi?id=622888
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GdmChooserServer is the slave-side object that handles communication
with choosers. The chooser talks over a private peer-to-peer dbus
connection to its slave via GdmChooserServer.
A chooser is like a greeter, but instead of presenting a login screen
it presents a list of hosts on the network that will offer login screens
if asked. The user picks one of these hosts and their display is
redirected to it.
This commit makes GdmChooserServer use GDBus.
This gets us one step closer to GDM running without dbus-glib.
https://bugzilla.gnome.org/show_bug.cgi?id=6228
|
| |
|
|
|
|
|
|
| |
If a slave goes away for whatever reason, we need to
make sure we clean up the display associated with it.
This commit changes the display code to watch its associated
slave on the bus and automatically finish if the slave goes away.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When a display finishes (because it failed to start, or the users
session ended) the GDM display handling code needs to remove the
display from its display store.
For static (logind or the first automatic) displays this happens in the
on_static_display_status_changed
function. For transient (user-switch initiated) displays, though,
it never happens.
This commit reworks on_static_display_status_changed into a more
generally applicable on_display_status_changed function, so the proper
bookkeeping can happen for transient displays, too.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The display store is a small container object meant to track
currently known about displays.
It has two signals, "display-added" and "display-removed" that
are supposed to get emitted any time a display gets added or
removed from the store.
Likewise, the GdmManager object has two similar signals that
are supposed to be emitted under similar circumstances.
These signals in GdmDisplayStore and GdmManager were never
actually hooked up to fire at the appropriate times.
This commit changes GdmDisplayStore and GdmManager to properly
fire these signals.
|
| |
|
|
|
|
|
|
| |
This is one big commit because it uses generated code both
in the daemon and in the slaves, so we need to port both at the
same time.
https://bugzilla.gnome.org/show_bug.cgi?id=622888
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The X11 cookie is used as a shared secret between X clients
and the X server. This cookie is written into an Xauthority
file pointed to by the XAUTHORITY environment variable. In the
event standard peer-credential based access isn't available, clients
read this file and gain authorization to use the X server by
presenting the cookie to the X server.
This cookie is passed from the gdm daemon to the slave over the bus
as an array of bytes. GDBus expects bytes strings to be NUL terminated.
This commit NUL terminates the cookie, so that it will be compatible
with GDBus's generated code.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
GdmGreeterServer is the slave-side object that handles communication
with greeters. The greeter talks over a private peer-to-peer dbus
connection to its slave via GdmGreeterServer.
This commit makes GdmGreeterServer use GDBus.
This gets us one step closer to GDM running without dbus-glib.
https://bugzilla.gnome.org/show_bug.cgi?id=622888
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GDM creates private off-the-bus dbus servers for facilitating
communication between its various processes.
This commit adds a new function:
gdm_dbus_setup_private_server
that performs the work necessary to create a private server,
including code for generating the socket address, and code for
handling new connections.
The ultimate goal is to drop our dependency on dbus-glib, and
instead use GDBus. gdm_dbus_setup_private_server uses GDBus, so
this is one step toward that goal.
https://bugzilla.gnome.org/show_bug.cgi?id=622888
|
| |
|
|
|
|
|
| |
While the daemon still uses dbus-glib, none of the bits
that rely on the common libs exclusively do anymore.
This commit drops the requirement from configure.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
gdmflexiserver is the program that handles initiating
user switch requests.
Ultimately, we don't want any part of GDM using dbus-glib,
including gdmflexiserver.
This commit moves gdmflexiserver over to GDBus.
https://bugzilla.gnome.org/show_bug.cgi?id=622888
|
| |
|
|
|
|
|
|
|
|
|
| |
GdmSettings is a system bus service provided by
GDM so that greeters can read custom.conf without
parsing the file themselves.
This commit changes GdmSettings to use gdbus instead
of dbus-glib.
https://bugzilla.gnome.org/show_bug.cgi?id=622888
|
| |
|
|
|
|
|
|
| |
In the event GDM fails to be parse its settings
schema file, settings clients will leak the proxy
connection.
This commit fixes that.
|
| |
|
|
|
|
|
|
|
|
|
| |
Normally if "Other" is the only thing we'll show, we forgo it
and jump straight to the password prompt.
There is a bug, though, if multiple authentication methods are
enabled. In that case, we hide the user chooser, but don't jump
to the Password prompt.
This commit makes sure we show the user chooser / Other in that case.
|
| |
|
|
| |
They're dead code.
|
| |
|
|
|
|
|
|
|
|
|
| |
GdmManager watches the system bus to see whenever a service
leaves. The intent of the code is to stop managing displays
associated with slaves that have disappeared.
The code wasn't ever finished, though, so drop it for now.
It will be easy to add back in a different way after GdmManager
has been ported to GDBus.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
It's dead code at the moment, and when the worker
will ultimately support reauthentication, it's going
to need to do it in a fundamentally different way
(using a separate, transient worker process rather
than reusing the one sitting there from login time)
This commit removes the GDM_SESSION_WORKER_STATE_REAUTHENTICATED,
GDM_SESSION_WORKER_STATE_REAUTHORIZED, and
GDM_SESSION_WORKER_STATE_REACCREDITED states and associated
signal handlers.
|
| |
|
|
| |
It's not used anywhere, and so there's no reason to pass it along.
|
| |
|
|
| |
It doesn't do anything.
|
| |
|
|
|
| |
The exported functions and objects don't do anything, they're just
dead code.
|
| |
|
|
| |
It was only used by now-removed code.
|
| |
|
|
| |
we no longer have gdm-product-slave.xml
|
| |
|
|
| |
It's referencing api we don't have anymore.
|
| |
|
|
|
|
|
|
| |
The finalize handler for GdmManager wasn't properly unreffing its
DBus connection or local display factory.
This commit fixes that up, and changes the free call for the
xdmcp_factory call to match the style of the newly added free calls.
|
| |
|
|
|
| |
g_atexit is deprecated. For now replace the g_atexit call with
a normal atexit call.
|
| |
|
|
| |
fixes a compiler warning
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the XDMCP chooser exits enough times,
the whole daemon eventually tanks when
the child watch function tries to access
freed memory.
This commit takes the hammer approach of
adding a reference to the slave from
the child watch func.
It also makes sure that there isn't ever
two slaves running for one display at the
same time.
|
| | |
|
| |
|
|
|
| |
We now start it in the greeter session, but polkit doesn't
ship an agent desktop file, so ship our own.
|
| |
|
|
|
|
|
|
|
|
| |
ck-connector was recently dropped and replaced with raw gdbus
calls.
It had a small bug in it's OpenSessionWithParameters call that
meant it never got the right return value.
This commit fixes that.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The PAM files that ship with GDM are really specific to Red Hat's
historical fork of pam. For example, the "system-auth" file still
lives in the Fedora 17 "pam" git. A long while back, Debian hit the
same problem, and of course the difference is the naming;
common-auth/common-password etc.
OpenEmbedded then picked up Debian's PAM fork. Since for OSTree-GNOME
we're using Poky/OpenEmbedded, let's add an option to integrate with
their PAM.
We use code similar to what NetworkManager has, so we should keep
using the Red Hat files on systems with /etc/redhat-release or
/etc/fedora-release.
https://bugzilla.gnome.org/show_bug.cgi?id=675085
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The build system was inconsistent in its handling of pam files. The
multistack files had names ending in .pam, which we copied to an
unsuffixed file, and installed via pam_DATA. The non-multistack files
had unsuffixed filenames in the source, which we installed manually
via install-data-local.
Let's clean this up by naming every file with ".pam", and do the
rename when we put them in the install root. This is faster and
requires less makefile boilerplate to copy the files during the build
process.
Note: This also drops the previous crappy implementation of a
configuration management scheme where we only installed the files if
they didn't already exist. I'm not aware of anyone who actually uses
'make install' for gdm and cares about that semantic.
Finally, because all of these pam files are Red Hat specific, move
them to a separate pam-redhat directory, to ease the addition of a
future patch which adds PAM files for different systems.
https://bugzilla.gnome.org/show_bug.cgi?id=675085
|
| |
|
|
|
|
| |
The type string is allocated by sd_session_get_type, and is
documented as 'free with libc free', so don't call g_free
on it, which might theoretically be something else.
|
| |
|
|
|
|
|
|
| |
When a session process is slow to die at the session end, or when
a process is intentionally leaked (such as screen), a session can
linger for a while after the user logged out.
Avoid such 'zombie' sessions when looking for an existing session
to switch to.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
commit 675d9870a2b1e25190cae29c03bed1e3956f3084
move gdm-password.pam to data/
This commit takes it out the password plugins
Makefile.
|
| |
|
|
|
|
| |
This commit drops gdm-session-relay.c and cleans up .gitignore.
(two things missed in the last house cleaning commit)
|
| |
|
|
| |
That's where the other two are after all.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GDM has a currently unused feature called "factory mode", where
the login screen gets allocated its own VT and any subsequent logins
from that login screen go to their own VT. Any time there's a user
switch GDM just jumps back to initial VT where the login screen is
patiently waiting.
This feature has a lot of upsides, and we've had it as a TODO item to
start using it for while now.
It doesn't look it's going to happen in the near term, though, and
factory mode has downsides as well:
- a VT switch after the user hits enter at the login screen would be
jarring and would ruin the "flicker free" boot experience we've tried
to acheive at various points in the past. This could theoretically be
fixed by Wayland.
- it adds a bunch of untested, unused code to the codebase.
This latter reason makes me want to kill it for now. It shouldn't be
hard to resurrect later if we end up needing the feature.
This commit drops that code.
|
| | |
|
