| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
Currently, the GDM meson build has a hard dependency on systemd.
However, GDM can function just fine if one is using elogind. This allows
a user to build GDM against libelogind and also disable the systemd
system and user units.
|
|
|
|
|
|
|
|
|
| |
Over the many changes to the udev rules, the comments at the top
have become a little disheveled.
This commit fixes that up.
Spotted by Adam Williamson
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
According to [PAM-PKCS11 User Manual][1], user can provide a empty
username and it will set username by mapped smartcard. However, this
currently does not work for gdm-smartcard, because pam_shells will fail
first on empty username.
Because [pam_shells do not check empty username before checking whether
username exists][2], we can do nothing to workaround it for empty
username, so just move it under pam_pkcs11 so it will check the
auto-detected username.
[1]: http://opensc.github.io/pam_pkcs11/doc/pam_pkcs11.html#autologin
[2]: https://github.com/linux-pam/linux-pam/commit/b52bd25910c9a8a32a49be7627a709a081a3768c
|
|
|
|
|
|
|
|
| |
commit 72bde3b3f474135e792c6c4e40932d7c82f87985 accidentally added
two checks for virtio pci devices. The latter check is too broad
and could potentially match non-graphics cards.
This commit drops it.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With EFI and simpledrm we may end up booting without a card0 but
with a card1 drm device. This defeats GDM's simplistic hybrid
graphics check.
Also, our detection for virtio graphics wasn't working so well, because
it wrote the results into an environment variable of a non-parent
device.
This commit gets the detection logic working better for virt/efi setups.
Closes: https://gitlab.gnome.org/GNOME/gdm/-/issues/832
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
pam_console is being removed as it was replaced by ConsoleKit. The
changes in this commit just remove pam_console from the service files.
If you are curious about the removal check the Fedora System-Wide Change
proposal linked below.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1822228
Relates: https://fedoraproject.org/wiki/Changes/RemovePamConsole
Relates: https://bugzilla.redhat.com/show_bug.cgi?id=2166692
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
|
|
|
|
|
| |
The insecure `user_readenv` setting has been deprecated with pam 1.5.0
and will be removed in a future release.
|
|
|
|
|
| |
Mutter doesn't seem to work with multiple guest gpus right now,
so disable that.
|
|
|
|
|
| |
If a VM has both virtualized graphics and is passing through host
hardware graphics, then we should disable wayland
|
|
|
|
|
|
|
| |
mutter isn't great running in native mode on chips that don't have
fast blending.
This commit disables wayland on aspeed and matrox server cards.
|
|
|
|
|
|
|
|
| |
The vendor nvidia driver scrambles texture memory during suspend, and
only restores it under certain situations.
This commit tries to detect those situations and only use wayland
in those cases.
|
|
|
|
|
|
|
| |
We really don't want wayland on hybrid graphics laptops, because
certain connectors won't work right now.
This commit tries to detect the case and disable it.
|
|
|
|
|
|
|
|
|
|
| |
udev sends a variety of events about devices during boot. Right
now we may be disabling wayland multiple times on Hi1710 ARM
machines, because we just match the device by id, and fail
to look at the event itself.
This commit just adds subsystem and action guards to specify
when the wayland disabling code should run a little more specifically.
|
|
|
|
|
|
|
|
| |
GDM now blocks itself at runtime until udev is ready, so there's
no point in delaying GDM startup, too.
This commit reverts udev and systemd logic put in place to stall
GDM start up until udev finished.
|
|
|
|
|
|
|
|
|
|
| |
At the moment we neglect to clean up the sync file GDM uses
to know when it's okay to start in the case there's only
a single card.
This commit fixes that.
https://gitlab.gnome.org/GNOME/gdm/-/issues/763
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The vendor nvidia driver has two modules loaded
at startup.
It's not uncommon for the second module to still
be loading when GDM starts.
Our udev rule relies on the second module to set
up GDM's boot configuration.
This commit adds some synchronization to stall
GDM a bit if the vendor driver is still coming
up.
https://gitlab.gnome.org/GNOME/gdm/-/issues/763
|
|
|
|
| |
Signed-off-by: Marc-Antoine Perennou <Marc-Antoine@Perennou.com>
|
|
|
|
| |
Signed-off-by: Marc-Antoine Perennou <Marc-Antoine@Perennou.com>
|
|
|
|
|
|
|
| |
NVIDIA driver version 510 and above have support for GBM, use Wayland by
default with NVIDIA proprietary driver version 510 and above.
For versions between 470 and 510, prefer Xorg as before.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Not all DRM drivers are disabled when the nomodeset kernel cmdline option
is used. For example the simpledrm driver that use the system framebuffer
set-up by the bootloader, provides a modesetting interface.
Exclude the DRM drivers that match against the "simple-framebuffer" device
and only disable wayland for platform DRM drivers.
This allows to start a wayland session when nomodeset is used to disable a
platform DRM driver by using the simpledrm driver instead of legacy fbdev
drivers such as efifb, that does not support modsetting and could only be
used with an Xorg session.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As mentioned in an [fprintd issue comment][1], we need to make sure that
the stack's error status is taken from the main auth module, i.e.
pam_fprintd, otherwise GDM will not behave correctly.
Still use pam_faillock preauth so that we test whether the account is
locked, but don't use authfail/authsucc to log a failure/success so this
stack doesn't participate in triggering the lock.
Ideally we would check which return values we actually want to treat as
a reason to lock the account (e.g. fingerprint mismatch) and which are
neutral (e.g. no fingerprints enrolled), but that's much more effort.
Should fix [FS#71750][2].
[1]: https://gitlab.freedesktop.org/libfprint/fprintd/-/issues/112#note_1016191
[2]: https://bugs.archlinux.org/task/71750
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
gdm-pin was an experimental feature that was going to get added to
gnome-shell many years ago. It never happened and these days it
would probably be implemented a little different anyway.
(It would probably use a gdm pam extension)
There's no point keeping this service file around that we aren't
using, so this commit drops it.
Closes: https://gitlab.gnome.org/GNOME/gdm/-/issues/731
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Nvidia drivers since version 470 supports both native wayland and
accelerated Xwayland. The latter also works in hybrid configurations
using nvidia Optimus (the session will run using the main integrated
GPU, but it will be possible to use switcherooctl to run applications
using the discrete nvidia card).
However, the gdm rules were including a line that was supposed to
disable such scenario, but it didn't actually work as expected, so we
can safely remove it, without changing the behavior.
At the same time we can tune the rules so that, when the nvidia-drm
module is loaded, if the driver version is minor than 470, wayland is
disabled.
|
|
|
|
|
|
|
|
| |
NVidia's wayland story is in a lot better shape these days, so
disabling wayland entirely by default is a big too much.
This commit changes the udev rule to just default to Xorg on single
GPU nvidia vendor driver systems instead of disabling wayland
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There's currently a way to disable wayland, but no way to disable Xorg.
We currently prefer wayland if it's not disabled, but have no way to
prefer Xorg without disabling wayland entirely.
There's currently no way use legacy Xorg support at all if user display
server support is enabled at a build time.
This commit adds more flexibility to display server selection. It adds
two new keys: XorgEnable and and PreferredDisplayServer.
XorgEnable=false disables Xorg support entirely on seat 0.
PreferredDisplayServer can be set to "wayland", "xorg", "legacy-xorg" or
"none" to select which display server is used by default. If it's set to
"wayland", it will fall back to "xorg". If it's set to "xorg" it will
fall back to "wayland".
|
|
|
|
|
|
|
| |
Update the PAM files for Arch Linux. This has been applied downstream
since Aug 2020.
https://bugs.archlinux.org/task/67485
|
| |
|
|
|
|
|
|
|
|
|
| |
openSUSE is preparing the system to have /etc as 'administrator config files'
with system/package config templates shipped in /usr/etc (similar to the
overlay system used by systemd)
Have gdm follow this and try to load files from /etc, if not existing, fallback
to /usr/etc
|
|
|
|
|
| |
Not sure why this was missed in 22590328. /etc/X11/Xresources (at least
on Fedora) only sets the libXft hints and doesn't need cpp to do it.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We can disable Wayland in runtime by invoking gdm-disable-wayland.
However, we may also want to enable Wayland in runtime for some
reasons. This idea is extended to modify more options/configurations in
runtime.
This commit renames gdm-disable-wayland to gdm-runtime-config and
unlocks the feature to modify more gdm configurations in runtime.
The new command format will be:
gdm-runtime-config set <group> <key> <value>
The configurable items refer to gdm.schemas. "<group>/<key>" combination
is the key in gdm.schemas.
For example, the original "gdm-disable-wayland" is replaced by
"gdm-runtime-config set daemon WaylandEnable false".
Link: https://gitlab.gnome.org/GNOME/gdm/-/merge_requests/115#note_944907
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is now equivalent to StandardOutput=journal, and recent versions
of systemd log a warning for it. Instead of updating it to journal,
remove it: the default if not specified is to respect the
DefaultStandardOutput setting from /etc/systemd/system.conf, which
in turn defaults to journal. Removing the explicit setting here means
gdm is included if a sysadmin edits system.conf to change the logging
destination for (almost) all system services at the same time, which
seems desirable.
Similarly, StandardError defaults to DefaultStandardError, which
in turn defaults to inherit, so we don't need to override it here.
Resolves: https://gitlab.gnome.org/GNOME/gdm/-/issues/623
Signed-off-by: Simon McVittie <smcv@debian.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Don't leave to humans what machines can do, the gnome-login.session list
is filled with an hard-to-maintain single-line semicolon separated list of
components, that then are repeated in the gnome systemd session.conf.
And these are meant to be kept in sync.
Meson can help us in this, so let's just keep a single list in meson and
use it to generate the various formats we need.
|
|
|
|
|
|
|
|
|
|
|
| |
No matter what parameter was passed to gdm, the custom.conf was always
installed in $gdmcomnfdir/custom.conf, even if the config.h was using the
configured path.
Ensure that we use the passed argument, setting its name as configure_file
output and its path as the install_dir.
Unfortunately we've to be hackish here, using coreutils tools until we
require meson 0.53 (and can use its FS module).
|
|
|
|
|
| |
GDM needs to ship the systemd definition for the custom GNOME session it
starts.
|
|
|
|
| |
Copied from pam-exherbo.
|
|
|
|
|
|
|
|
| |
systemd-sysusers now creates expired accounts, which broke the greeter
on new installations.
Doesn't actually fully fix the problem as the user@.service still fails
to launch.
|
|
|
|
|
|
|
|
| |
wayland requires working modesetting, so don't even
bother trying it if modesetting is disabled.
This is more efficient and side-steps a bug in the fallback
logic if start up is unreasonably slow.
|
|
|
|
|
|
| |
Our turkey has freezer burn, so I'm dropping it.
https://gitlab.gnome.org/GNOME/gdm/-/merge_requests/96
|
|
|
|
|
|
|
|
|
|
| |
We're going to be switching to meson, and meson doesn't
deal too well with an @ in the configuration file that's not
part of a substitution variable.
This commit switches the gdm service over to use a cmake style
of substitution variables, so we can later tell meson to use
configure in cmake mode and workaround the @ confusion.
|
|
|
|
|
|
|
|
| |
We disable Wayland on Cirrus since f15e6451, but the cirrus driver was
reimplemented in kernel v5.2 or later. This commit will enable Wayland
on Cirrus chipset.
Closes #586
|
| |
|
|
|
|
|
|
| |
In theory, XSettings is irrelevant to the services that are spawned
in the gdm session. In practice, this would allow us to use a pure
Wayland compositor (i.e. no Xwayland) in the gdm session.
|
|
|
|
|
|
| |
Both gsd-mouse and gsd-clipboard are dropped from gnome-settings-daemon,
and their functionality implemented in mutter. GDM shouldn't require them
either.
|
|
|
|
|
|
| |
Various generated files are ending up being disted, which is wrong
becuase they leak the maintainer's prefix into the tarball and are
generated anyway during build.
|
|
|
|
|
|
| |
kill-session-processes=1 is long gone
Signed-off-by: Marc-Antoine Perennou <Marc-Antoine@Perennou.com>
|
| |
|
|
|
|
|
|
|
| |
This allows gdm to pass the LUKS password through to PAM.
The login keyring will now be unlocked automatically if autologin is
enabled!
|
|
|
| |
This reverts commit 762b312bb98d31bd036fbcc8d61e53d5b1298d65
|
|
|
|
|
| |
This allows gdm to pass the LUKS password through to PAM.
The login keyring will now be unlocked automatically if autologin is enabled!
|