diff options
author | Robert Ancell <robert.ancell@canonical.com> | 2013-10-31 11:59:58 -0700 |
---|---|---|
committer | Robert Ancell <robert.ancell@canonical.com> | 2013-10-31 11:59:58 -0700 |
commit | 0388fb651fdf30b4555543c334ea1d63246547b1 (patch) | |
tree | 6e013011cad9b722ba6563bbb3736a34015434f3 | |
parent | dd728b9638e71d1b31a606b39c445f16ffe8146c (diff) | |
download | lightdm-git-0388fb651fdf30b4555543c334ea1d63246547b1.tar.gz |
Implement missing guest-wrapper functionality and enable it for Ubuntu. Update AppArmor scripts to work.
-rw-r--r-- | data/apparmor/abstractions/lightdm | 6 | ||||
-rw-r--r-- | data/lightdm.conf | 4 | ||||
-rw-r--r-- | debian/50-guest-wrapper.conf | 2 | ||||
-rw-r--r-- | debian/changelog | 7 | ||||
-rw-r--r-- | debian/lightdm.install | 1 | ||||
-rw-r--r-- | src/seat.c | 137 | ||||
-rw-r--r-- | tests/Makefile.am | 2 | ||||
-rw-r--r-- | tests/scripts/autologin-guest-in-background.conf | 3 | ||||
-rw-r--r-- | tests/scripts/autologin-guest-logout.conf | 3 | ||||
-rw-r--r-- | tests/scripts/autologin-guest-timeout.conf | 3 | ||||
-rw-r--r-- | tests/scripts/autologin-guest.conf | 3 | ||||
-rw-r--r-- | tests/scripts/guest-wrapper.conf | 37 | ||||
-rw-r--r-- | tests/scripts/login-guest-logout.conf | 3 | ||||
-rw-r--r-- | tests/scripts/login-guest.conf | 3 | ||||
-rw-r--r-- | tests/scripts/switch-to-guest.conf | 3 | ||||
-rw-r--r-- | tests/src/Makefile.am | 10 | ||||
-rw-r--r-- | tests/src/test-guest-wrapper.c | 29 | ||||
-rwxr-xr-x | tests/test-guest-wrapper | 2 |
18 files changed, 173 insertions, 85 deletions
diff --git a/data/apparmor/abstractions/lightdm b/data/apparmor/abstractions/lightdm index bd60f90f..d94edc3e 100644 --- a/data/apparmor/abstractions/lightdm +++ b/data/apparmor/abstractions/lightdm @@ -8,6 +8,10 @@ # etc). Note that this profile intentionally omits chromium-browser. #include <abstractions/authentication> + #include <abstractions/cups-client> + #include <abstractions/dbus> + #include <abstractions/dbus-session> + #include <abstractions/dbus-accessibility> #include <abstractions/nameservice> #include <abstractions/wutmp> /etc/compizconfig/config rw, # bug in compiz https://launchpad.net/bugs/697678 @@ -47,6 +51,8 @@ /sbin/** rmixk, /sys/ r, /sys/** rm, + # needed for confined trusted helpers, such as dbus-daemon + /sys/kernel/security/apparmor/.access rw, /tmp/ rw, owner /tmp/** rwlkmix, /usr/ r, diff --git a/data/lightdm.conf b/data/lightdm.conf index 188bae8a..693f551e 100644 --- a/data/lightdm.conf +++ b/data/lightdm.conf @@ -14,7 +14,6 @@ # sessions-directory = Directory to find sessions # remote-sessions-directory = Directory to find remote sessions # greeters-directory = Directory to find greeters -# disable-guest-wrapper = Disable using guest session wrapper (temporary? required to make tests work without installing) # [LightDM] #start-default-seat=true @@ -30,7 +29,6 @@ #sessions-directory=/usr/share/lightdm/sessions:/usr/share/xsessions #remote-sessions-directory=/usr/share/lightdm/remote-sessions #greeters-directory=/usr/share/lightdm/greeters:/usr/share/xgreeters -#disable-guest-wrapper=false # # Seat defaults @@ -59,6 +57,7 @@ # guest-session = Session to load for guests (overrides user-session) # session-wrapper = Wrapper script to run session with # greeter-wrapper = Wrapper script to run greeter with +# guest-wrapper = Wrapper script to run guest sessions with # display-setup-script = Script to run when starting a greeter session (runs as root) # greeter-setup-script = Script to run when starting a greeter (runs as root) # session-setup-script = Script to run when starting a user session (runs as root) @@ -95,6 +94,7 @@ #guest-session=UNIMPLEMENTED #session-wrapper=lightdm-session #greeter-wrapper= +#guest-wrapper= #display-setup-script= #greeter-setup-script= #session-setup-script= diff --git a/debian/50-guest-wrapper.conf b/debian/50-guest-wrapper.conf new file mode 100644 index 00000000..a566e7d8 --- /dev/null +++ b/debian/50-guest-wrapper.conf @@ -0,0 +1,2 @@ +[SeatDefaults] +guest-wrapper=/usr/lib/lightdm/lightdm/lightdm-guest-session-wrapper diff --git a/debian/changelog b/debian/changelog index d0a60925..747627e2 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +lightdm (1.8.4-0ubuntu1) UNRELEASED; urgency=low + + * debian/50-guest-wrapper.conf: + - Configure guest session wrapper to use + + -- Robert Ancell <robert.ancell@canonical.com> Sun, 27 Oct 2013 17:34:20 +1300 + lightdm (1.8.3-0ubuntu1) saucy; urgency=low * New upstream release: diff --git a/debian/lightdm.install b/debian/lightdm.install index 4924bd48..03a6e453 100644 --- a/debian/lightdm.install +++ b/debian/lightdm.install @@ -14,3 +14,4 @@ debian/lightdm-greeter-session usr/lib/lightdm debian/source_lightdm.py usr/share/apport/package-hooks debian/50-xserver-command.conf etc/lightdm/lightdm.conf.d debian/50-greeter-wrapper.conf etc/lightdm/lightdm.conf.d +debian/50-guest-wrapper.conf etc/lightdm/lightdm.conf.d @@ -874,10 +874,27 @@ create_user_session (Seat *seat, const gchar *username, gboolean autostart) return session; } +static void +prepend_argv (gchar ***argv, const gchar *value) +{ + gchar **old_argv, **new_argv; + gint i; + + old_argv = *argv; + new_argv = g_malloc (sizeof (gchar *) * (g_strv_length (*argv) + 2)); + new_argv[0] = g_strdup (value); + for (i = 0; old_argv[i]; i++) + new_argv[i + 1] = old_argv[i]; + new_argv[i + 1] = NULL; + + g_free (*argv); + *argv = new_argv; +} + static Session * create_guest_session (Seat *seat) { - const gchar *session_name; + const gchar *session_name, *guest_wrapper; gchar *sessions_dir, **argv; SessionConfig *session_config; Session *session; @@ -897,6 +914,15 @@ create_guest_session (Seat *seat) session_set_do_authenticate (session, TRUE); session_set_is_guest (session, TRUE); argv = get_session_argv (seat, session_config, seat_get_string_property (seat, "session-wrapper")); + guest_wrapper = seat_get_string_property (seat, "guest-wrapper"); + if (guest_wrapper) + { + gchar *path; + path = g_find_program_in_path (guest_wrapper); + prepend_argv (&argv, path ? path : guest_wrapper); + g_free (path); + } + session_set_argv (session, argv); g_strfreev (argv); g_object_unref (session_config); @@ -916,32 +942,11 @@ greeter_create_session_cb (Greeter *greeter, Seat *seat) return g_object_ref (session); } -static void -prepend_argv (gchar ***argv, const gchar *value) -{ - gchar **old_argv, **new_argv; - gint i; - - old_argv = *argv; - new_argv = g_malloc (sizeof (gchar *) * (g_strv_length (*argv) + 2)); - new_argv[0] = g_strdup (value); - for (i = 0; old_argv[i]; i++) - new_argv[i + 1] = old_argv[i]; - new_argv[i + 1] = NULL; - - g_free (*argv); - *argv = new_argv; -} - static gboolean greeter_start_session_cb (Greeter *greeter, SessionType type, const gchar *session_name, Seat *seat) { Session *session, *existing_session; - const gchar *username, *language = NULL; - SessionConfig *session_config; - User *user; - gchar *sessions_dir = NULL; - gchar **argv; + const gchar *username; DisplayServer *display_server; /* Get the session to use */ @@ -953,7 +958,54 @@ greeter_start_session_cb (Greeter *greeter, SessionType type, const gchar *sessi session_set_pam_service (session, AUTOLOGIN_SERVICE); } else + { + const gchar *language = NULL; + SessionConfig *session_config; + User *user; + gchar *sessions_dir = NULL; + gchar **argv; + session = greeter_get_authentication_session (greeter); + + /* Get session command to run */ + switch (type) + { + case SESSION_TYPE_LOCAL: + sessions_dir = config_get_string (config_get_instance (), "LightDM", "sessions-directory"); + break; + case SESSION_TYPE_REMOTE: + sessions_dir = config_get_string (config_get_instance (), "LightDM", "remote-sessions-directory"); + break; + } + + /* Load user preferences */ + user = session_get_user (session); + if (user) + { + if (!session_name) + session_name = user_get_xsession (user); + language = user_get_language (user); + } + + if (!session_name) + session_name = seat_get_string_property (seat, "user-session"); + if (user) + user_set_xsession (session_get_user (session), session_name); + + session_config = find_session_config (seat, sessions_dir, session_name); + g_free (sessions_dir); + if (!session_config) + { + l_debug (seat, "Can't find session '%s'", seat_get_string_property (seat, "user-session")); + return FALSE; + } + + configure_session (session, session_config, session_name, language); + argv = get_session_argv (seat, session_config, seat_get_string_property (seat, "session-wrapper")); + session_set_argv (session, argv); + g_strfreev (argv); + g_object_unref (session_config); + } /* Switch to this session when it is ready */ if (seat->priv->session_to_activate) @@ -972,45 +1024,6 @@ greeter_start_session_cb (Greeter *greeter, SessionType type, const gchar *sessi return TRUE; } - /* Get session command to run */ - switch (type) - { - case SESSION_TYPE_LOCAL: - sessions_dir = config_get_string (config_get_instance (), "LightDM", "sessions-directory"); - break; - case SESSION_TYPE_REMOTE: - sessions_dir = config_get_string (config_get_instance (), "LightDM", "remote-sessions-directory"); - break; - } - - /* Load user preferences */ - user = session_get_user (session); - if (user) - { - if (!session_name) - session_name = user_get_xsession (user); - language = user_get_language (user); - } - - if (!session_name) - session_name = seat_get_string_property (seat, "user-session"); - if (user) - user_set_xsession (session_get_user (session), session_name); - - session_config = find_session_config (seat, sessions_dir, session_name); - g_free (sessions_dir); - if (!session_config) - { - l_debug (seat, "Can't find session '%s'", seat_get_string_property (seat, "user-session")); - return FALSE; - } - - configure_session (session, session_config, session_name, language); - argv = get_session_argv (seat, session_config, seat_get_string_property (seat, "session-wrapper")); - session_set_argv (session, argv); - g_strfreev (argv); - g_object_unref (session_config); - /* If can re-use the display server, stop the greeter first */ display_server = session_get_display_server (SESSION (greeter)); if (can_share_display_server (seat, display_server) && diff --git a/tests/Makefile.am b/tests/Makefile.am index 03c0a54f..887851ab 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -46,6 +46,7 @@ TESTS = \ test-autologin-guest \ test-autologin-guest-fail-setup-script \ test-autologin-guest-logout \ + test-guest-wrapper \ test-group-membership \ test-xdg-current-desktop \ test-xdg-seat \ @@ -330,6 +331,7 @@ EXTRA_DIST = \ scripts/greeter-wrapper.conf \ scripts/greeter-xserver-crash.conf \ scripts/group-membership.conf \ + scripts/guest-wrapper.conf \ scripts/headless.conf \ scripts/home-dir-on-authenticate.conf \ scripts/home-dir-on-session.conf \ diff --git a/tests/scripts/autologin-guest-in-background.conf b/tests/scripts/autologin-guest-in-background.conf index 2f8ed888..2cf304a6 100644 --- a/tests/scripts/autologin-guest-in-background.conf +++ b/tests/scripts/autologin-guest-in-background.conf @@ -2,9 +2,6 @@ # Check automatically logs in guest while keeping a greeter up # -[LightDM] -disable-guest-wrapper=true - [SeatDefaults] autologin-guest=true autologin-in-background=true diff --git a/tests/scripts/autologin-guest-logout.conf b/tests/scripts/autologin-guest-logout.conf index 4cb045c4..97db0a99 100644 --- a/tests/scripts/autologin-guest-logout.conf +++ b/tests/scripts/autologin-guest-logout.conf @@ -2,9 +2,6 @@ # Check automatically logs in default user # -[LightDM] -disable-guest-wrapper=true - [SeatDefaults] autologin-guest=true user-session=default diff --git a/tests/scripts/autologin-guest-timeout.conf b/tests/scripts/autologin-guest-timeout.conf index 63c359e1..debb176e 100644 --- a/tests/scripts/autologin-guest-timeout.conf +++ b/tests/scripts/autologin-guest-timeout.conf @@ -2,9 +2,6 @@ # Check automatically logs in default user # -[LightDM] -disable-guest-wrapper=true - [SeatDefaults] autologin-guest=true autologin-user-timeout=1 diff --git a/tests/scripts/autologin-guest.conf b/tests/scripts/autologin-guest.conf index b57325e2..77e3bce5 100644 --- a/tests/scripts/autologin-guest.conf +++ b/tests/scripts/autologin-guest.conf @@ -2,9 +2,6 @@ # Check automatically logs in default user # -[LightDM] -disable-guest-wrapper=true - [SeatDefaults] autologin-guest=true user-session=default diff --git a/tests/scripts/guest-wrapper.conf b/tests/scripts/guest-wrapper.conf new file mode 100644 index 00000000..193f6b44 --- /dev/null +++ b/tests/scripts/guest-wrapper.conf @@ -0,0 +1,37 @@ +# +# Check guest wrapper works +# + +[SeatDefaults] +autologin-guest=true +user-session=default +guest-wrapper=test-guest-wrapper + +#?RUNNER DAEMON-START + +# X server starts +#?XSERVER-0 START VT=7 + +# Daemon connects when X server is ready +#?*XSERVER-0 INDICATE-READY +#?XSERVER-0 INDICATE-READY +#?XSERVER-0 ACCEPT-CONNECT + +# Guest account created +#?GUEST-ACCOUNT ADD USERNAME=guest-.* + +# Greeter wrapper starts +#?GUEST-WRAPPER-X-0 START + +# Guest session starts +#?SESSION-X-0 START XDG_SEAT=seat0 XDG_VTNR=7 DESKTOP_SESSION=default USER=guest-.* +#?XSERVER-0 ACCEPT-CONNECT +#?SESSION-X-0 CONNECT-XSERVER + +# Cleanup +#?*STOP-DAEMON +#?SESSION-X-0 TERMINATE SIGNAL=15 +#?XSERVER-0 TERMINATE SIGNAL=15 +#?GUEST-ACCOUNT REMOVE USERNAME=guest.* +#?RUNNER DAEMON-EXIT STATUS=0 + diff --git a/tests/scripts/login-guest-logout.conf b/tests/scripts/login-guest-logout.conf index 949d6c9c..7ac3c99a 100644 --- a/tests/scripts/login-guest-logout.conf +++ b/tests/scripts/login-guest-logout.conf @@ -2,9 +2,6 @@ # Check automatically logs in default user # -[LightDM] -disable-guest-wrapper=true - [SeatDefaults] user-session=default diff --git a/tests/scripts/login-guest.conf b/tests/scripts/login-guest.conf index 1b1c09a0..d7a0929d 100644 --- a/tests/scripts/login-guest.conf +++ b/tests/scripts/login-guest.conf @@ -2,9 +2,6 @@ # Check can login as guest (not prompted for password) # -[LightDM] -disable-guest-wrapper=true - [SeatDefaults] user-session=default diff --git a/tests/scripts/switch-to-guest.conf b/tests/scripts/switch-to-guest.conf index 79902b88..20856c48 100644 --- a/tests/scripts/switch-to-guest.conf +++ b/tests/scripts/switch-to-guest.conf @@ -2,9 +2,6 @@ # Check D-Bus interface can trigger/switch to guest session # -[LightDM] -disable-guest-wrapper=true - [SeatDefaults] autologin-user=have-password1 user-session=default diff --git a/tests/src/Makefile.am b/tests/src/Makefile.am index ccfb0e4a..0f507399 100644 --- a/tests/src/Makefile.am +++ b/tests/src/Makefile.am @@ -3,6 +3,7 @@ noinst_PROGRAMS = dbus-env \ plymouth \ test-gobject-greeter \ test-greeter-wrapper \ + test-guest-wrapper \ test-mir-greeter \ test-runner \ test-script-hook \ @@ -96,6 +97,15 @@ test_greeter_wrapper_LDADD = \ $(GLIB_LIBS) \ $(GIO_UNIX_LIBS) +test_guest_wrapper_SOURCES = test-guest-wrapper.c status.c status.h +test_guest_wrapper_CFLAGS = \ + $(WARN_CFLAGS) \ + $(GLIB_CFLAGS) \ + $(GIO_UNIX_CFLAGS) +test_guest_wrapper_LDADD = \ + $(GLIB_LIBS) \ + $(GIO_UNIX_LIBS) + test_gobject_greeter_SOURCES = test-gobject-greeter.c status.c status.h test_gobject_greeter_CFLAGS = \ -I$(top_srcdir)/liblightdm-gobject \ diff --git a/tests/src/test-guest-wrapper.c b/tests/src/test-guest-wrapper.c new file mode 100644 index 00000000..0c883cf9 --- /dev/null +++ b/tests/src/test-guest-wrapper.c @@ -0,0 +1,29 @@ +#include <stdlib.h> +#include <unistd.h> + +#include "status.h" + +static void +request_cb (const gchar *request) +{ +} + +int +main (int argc, char **argv) +{ + gchar *display; + + status_connect (request_cb); + + display = getenv ("DISPLAY"); + if (display == NULL) + status_notify ("GUEST-WRAPPER-? START"); + else if (display[0] == ':') + status_notify ("GUEST-WRAPPER-X-%s START", display + 1); + else + status_notify ("GUEST-WRAPPER-X-%s START", display); + + execv (argv[1], argv + 1); + + return EXIT_FAILURE; +} diff --git a/tests/test-guest-wrapper b/tests/test-guest-wrapper new file mode 100755 index 00000000..7593c8fb --- /dev/null +++ b/tests/test-guest-wrapper @@ -0,0 +1,2 @@ +#!/bin/sh +./src/dbus-env ./src/test-runner guest-wrapper test-gobject-greeter |