Commit 4d29395d authored by Brian Cameron's avatar Brian Cameron Committed by Brian Cameron

Redesign of daemon configuraton. Now all vicious-extensions logic is in

2005-11-03  Brian Cameron  <brian.cameron@sun.com>

        Redesign of daemon configuraton.  Now all vicious-extensions
        logic is in gdmconfig.[ch].  This greatly simplifies how the
        UPDATE_CONFIG, and GET_CONFIG commands work and makes it
        easier to update the way GDM handles configuration.  Changed
        ve_setenv/ve_unsetenv to g_setenv/g_unsetenv since GDM requires
        a newer version of GLIB than could possibly cause the old
        ve versions to get used.

        * daemon/gdmconfig.[ch]: New logic for interacting with
          vicious-extensions.
        * daemon/gdm.h: Updated comments and changed the #define
          for many configuration options so the naming is more
          consistant.  Now the #defines more closely match the
          keys in gdm.conf and more consistantly use the underscore.
        * daemon/auth.c, daemon/choose.c, daemon/cookie.c,
          daemon/display.c, daemon/errorgui.c, daemon/gdm-net.c,
          daemon/gdm.c, daemon/getvt.c, daemon/misc.c,
          daemon/server.c, daemon/slave.c, daemon/verify-crypt.c,
          daemon/verify-pam.c, daemon/verify-shadow.c,
          daemon/xdmcp.c: Reorganized configuration.
        * daemon/auth.h, daemon/cookie.h, daemon/display.h,
          daemon/errorgui.h, daemon/filecheck.h, daemon/gdm-net.h,
          daemon/getvt.h, daemon/misc.h, daemon/server.h,
          daemon/slave.h, daemon/verify.h, daemon/xdmcp.h:
          Now include gdmconfig.h instead of vicious.h and changed
          "Gnome" to "GNOME" in comment.
        * daemon/Makefile.am: Added new gdmconfig.[ch]
        * gui/gdmXnestChooser.c, gui/gdmchooser.c, gui/gdmcomm.c,
          gui/gdmdynamic.c, gui/gdmflexiserver.c, gui/gdmlogin.c,
          gui/gdmphotosetup.c, gui/gdmsetup.c, gui/greeter/greeter.c,
          gui/greeter/greeter_item_capslock.c,
          utils/gdm-dmx-reconnect-proxy.c: Updated to reflect the
          new configuration #defines.
parent c8f039f5
2005-11-03 Brian Cameron <brian.cameron@sun.com>
Redesign of daemon configuraton. Now all vicious-extensions
logic is in gdmconfig.[ch]. This greatly simplifies how the
UPDATE_CONFIG, and GET_CONFIG commands work and makes it
easier to update the way GDM handles configuration. Changed
ve_setenv/ve_unsetenv to g_setenv/g_unsetenv since GDM requires
a newer version of GLIB than could possibly cause the old
ve versions to get used.
* daemon/gdmconfig.[ch]: New logic for interacting with
vicious-extensions.
* daemon/gdm.h: Updated comments and changed the #define
for many configuration options so the naming is more
consistant. Now the #defines more closely match the
keys in gdm.conf and more consistantly use the underscore.
* daemon/auth.c, daemon/choose.c, daemon/cookie.c,
daemon/display.c, daemon/errorgui.c, daemon/gdm-net.c,
daemon/gdm.c, daemon/getvt.c, daemon/misc.c,
daemon/server.c, daemon/slave.c, daemon/verify-crypt.c,
daemon/verify-pam.c, daemon/verify-shadow.c,
daemon/xdmcp.c: Reorganized configuration.
* daemon/auth.h, daemon/cookie.h, daemon/display.h,
daemon/errorgui.h, daemon/filecheck.h, daemon/gdm-net.h,
daemon/getvt.h, daemon/misc.h, daemon/server.h,
daemon/slave.h, daemon/verify.h, daemon/xdmcp.h:
Now include gdmconfig.h instead of vicious.h and changed
"Gnome" to "GNOME" in comment.
* daemon/Makefile.am: Added new gdmconfig.[ch]
* gui/gdmXnestChooser.c, gui/gdmchooser.c, gui/gdmcomm.c,
gui/gdmdynamic.c, gui/gdmflexiserver.c, gui/gdmlogin.c,
gui/gdmphotosetup.c, gui/gdmsetup.c, gui/greeter/greeter.c,
gui/greeter/greeter_item_capslock.c,
utils/gdm-dmx-reconnect-proxy.c: Updated to reflect the
new configuration #defines.
2005-10-27 Dennis Cranston <dennis_cranston@yahoo.com>
Fix bug #314685, "Gdmsetup UI fixes". Based on redesign mockups
......
......@@ -27,6 +27,8 @@ sbin_PROGRAMS = gdm-binary
gdm_binary_SOURCES = \
gdm.c \
gdm.h \
gdmconfig.c \
gdmconfig.h \
display.c \
display.h \
fstype.c \
......
......@@ -20,23 +20,23 @@
* support other XAuth types and possibly DECnet... */
#include <config.h>
#include <glib/gi18n.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <netdb.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/stat.h>
#include <netinet/in.h>
#include <X11/Xauth.h>
#include <vicious.h>
#include <glib/gi18n.h>
#include "gdm.h"
#include "cookie.h"
#include "misc.h"
#include "filecheck.h"
#include "auth.h"
#include "gdmconfig.h"
/* Ensure we know about FamilyInternetV6 even if what we're compiling
against doesn't */
......@@ -49,16 +49,6 @@
/* Local prototypes */
static FILE *gdm_auth_purge (GdmDisplay *d, FILE *af, gboolean remove_when_empty);
/* Configuration option variables */
extern gchar *GdmServAuthDir;
extern gchar *GdmUserAuthDir;
extern gchar *GdmUserAuthFile;
extern gchar *GdmUserAuthFB;
extern gint GdmUserMaxFile;
extern gint GdmRelaxPerms;
extern gboolean GdmDebug;
extern gboolean GdmNeverPlaceCookiesOnNFS;
static void
display_add_error (GdmDisplay *d)
{
......@@ -191,10 +181,10 @@ gdm_auth_secure_display (GdmDisplay *d)
if (d->server_uid != 0) {
int authfd;
/* Note, Xnest can't use the ServAuthDir unless running as
/* Note, Xnest can't use the GDM_KEY_SERV_AUTHDIR unless running as
* root, which is rare anyway, unless the user is a wanker */
d->authfile = g_build_filename (GdmUserAuthFB, ".gdmXXXXXX", NULL);
d->authfile = g_build_filename (gdm_get_value_string (GDM_KEY_USER_AUTHDIR_FALLBACK), ".gdmXXXXXX", NULL);
umask (077);
authfd = g_mkstemp (d->authfile);
......@@ -202,7 +192,7 @@ gdm_auth_secure_display (GdmDisplay *d)
if G_UNLIKELY (authfd == -1) {
gdm_error (_("%s: Could not make new cookie file in %s"),
"gdm_auth_secure_display", GdmUserAuthFB);
"gdm_auth_secure_display", gdm_get_value_string (GDM_KEY_USER_AUTHDIR_FALLBACK));
g_free (d->authfile);
d->authfile = NULL;
return FALSE;
......@@ -221,7 +211,7 @@ gdm_auth_secure_display (GdmDisplay *d)
/* Make another authfile since the greeter can't read the server/user
* readable file */
d->authfile_gdm = gdm_make_filename (GdmServAuthDir, d->name, ".Xauth");
d->authfile_gdm = gdm_make_filename (gdm_get_value_string (GDM_KEY_SERV_AUTHDIR), d->name, ".Xauth");
af_gdm = gdm_safe_fopen_w (d->authfile_gdm);
if G_UNLIKELY (af_gdm == NULL) {
......@@ -238,7 +228,7 @@ gdm_auth_secure_display (GdmDisplay *d)
}
} else {
/* gdm and xserver authfile can be the same, server will run as root */
d->authfile = gdm_make_filename (GdmServAuthDir, d->name, ".Xauth");
d->authfile = gdm_make_filename (gdm_get_value_string (GDM_KEY_SERV_AUTHDIR), d->name, ".Xauth");
af = gdm_safe_fopen_w (d->authfile);
if G_UNLIKELY (af == NULL) {
......@@ -298,9 +288,9 @@ gdm_auth_secure_display (GdmDisplay *d)
return FALSE;
}
}
ve_setenv ("XAUTHORITY", GDM_AUTHFILE (d), TRUE);
g_setenv ("XAUTHORITY", GDM_AUTHFILE (d), TRUE);
if G_UNLIKELY (GdmDebug)
if G_UNLIKELY (gdm_get_value_bool (GDM_KEY_DEBUG))
gdm_debug ("gdm_auth_secure_display: Setting up access for %s - %d entries",
d->name, g_slist_length (d->auths));
......@@ -506,7 +496,7 @@ get_local_auths (GdmDisplay *d)
}
if G_UNLIKELY (GdmDebug)
if G_UNLIKELY (gdm_get_value_bool (GDM_KEY_DEBUG))
gdm_debug ("get_local_auths: Setting up access for %s - %d entries",
d->name, g_slist_length (auths));
......@@ -571,6 +561,8 @@ gdm_auth_user_add (GdmDisplay *d, uid_t user, const char *homedir)
gint authfd;
FILE *af;
GSList *auths = NULL;
gchar *userauthdir;
gchar *userauthfile;
gboolean ret = TRUE;
gboolean automatic_tmp_dir = FALSE;
gboolean authdir_is_tmp_dir = FALSE;
......@@ -595,13 +587,16 @@ gdm_auth_user_add (GdmDisplay *d, uid_t user, const char *homedir)
gdm_debug ("gdm_auth_user_add: Adding cookie for %d", user);
userauthdir = gdm_get_value_string (GDM_KEY_USER_AUTHDIR);
userauthfile = gdm_get_value_string (GDM_KEY_USER_AUTHFILE);
/* Determine whether UserAuthDir is specified. Otherwise ~user is used */
if ( ! ve_string_empty (GdmUserAuthDir) &&
strcmp (GdmUserAuthDir, "~") != 0) {
if (strncmp (GdmUserAuthDir, "~/", 2) == 0) {
authdir = g_build_filename (homedir, &GdmUserAuthDir[2], NULL);
if ( ! ve_string_empty (userauthdir) &&
strcmp (userauthdir, "~") != 0) {
if (strncmp (userauthdir, "~/", 2) == 0) {
authdir = g_build_filename (homedir, &userauthdir[2], NULL);
} else {
authdir = g_strdup (GdmUserAuthDir);
authdir = g_strdup (userauthdir);
automatic_tmp_dir = TRUE;
authdir_is_tmp_dir = TRUE;
}
......@@ -618,7 +613,7 @@ try_user_add_again:
if (authdir == NULL)
d->userauth = NULL;
else
d->userauth = g_build_filename (authdir, GdmUserAuthFile, NULL);
d->userauth = g_build_filename (authdir, userauthfile, NULL);
user_auth_exists = (d->userauth != NULL &&
access (d->userauth, F_OK) == 0);
......@@ -631,8 +626,9 @@ try_user_add_again:
/* first the standard paranoia check (this checks the home dir
* too which is useful here) */
! gdm_file_check ("gdm_auth_user_add", user, authdir, GdmUserAuthFile,
TRUE, FALSE, GdmUserMaxFile, GdmRelaxPerms) ||
! gdm_file_check ("gdm_auth_user_add", user, authdir, userauthfile,
TRUE, FALSE, gdm_get_value_int (GDM_KEY_USER_MAX_FILE),
gdm_get_value_int (GDM_KEY_RELAX_PERM)) ||
/* now the auth file checking routine */
! gdm_auth_file_check ("gdm_auth_user_add", user, d->userauth, TRUE /* absentok */, NULL) ||
......@@ -643,7 +639,8 @@ try_user_add_again:
/* try opening as root, if we can't open as root,
then this is a NFS mounted directory with root squashing,
and we don't want to write cookies over NFS */
(GdmNeverPlaceCookiesOnNFS && ! try_open_read_as_root (d->userauth))) {
(gdm_get_value_bool (GDM_KEY_NEVER_PLACE_COOKIES_ON_NFS) &&
! try_open_read_as_root (d->userauth))) {
/* if the userauth file didn't exist and we were looking at it,
it likely exists now but empty, so just whack it
......@@ -653,14 +650,14 @@ try_user_add_again:
if ( ! user_auth_exists && d->userauth != NULL)
unlink (d->userauth);
/* No go. Let's create a fallback file in GdmUserAuthFB (/tmp)
* or perhaps GdmUserAuth directory (usually would be /tmp) */
/* No go. Let's create a fallback file in GDM_KEY_USER_AUTHDIR_FALLBACK (/tmp)
* or perhaps userauthfile directory (usually would be /tmp) */
d->authfb = TRUE;
g_free (d->userauth);
if (authdir_is_tmp_dir && authdir != NULL)
d->userauth = g_build_filename (authdir, ".gdmXXXXXX", NULL);
else
d->userauth = g_build_filename (GdmUserAuthFB, ".gdmXXXXXX", NULL);
d->userauth = g_build_filename (gdm_get_value_string (GDM_KEY_USER_AUTHDIR_FALLBACK), ".gdmXXXXXX", NULL);
authfd = g_mkstemp (d->userauth);
if G_UNLIKELY (authfd < 0 && authdir_is_tmp_dir) {
......@@ -845,7 +842,8 @@ gdm_auth_user_remove (GdmDisplay *d, uid_t user)
* to it. So we better play it safe... */
if G_UNLIKELY ( ! gdm_file_check ("gdm_auth_user_remove", user, authdir, authfile,
TRUE, FALSE, GdmUserMaxFile, GdmRelaxPerms) ||
TRUE, FALSE, gdm_get_value_int (GDM_KEY_USER_MAX_FILE),
gdm_get_value_int (GDM_KEY_RELAX_PERM)) ||
/* be even paranoider with permissions */
! gdm_auth_file_check ("gdm_auth_user_remove", user, d->userauth, FALSE /* absentok */, NULL)) {
g_free (authdir);
......
/* GDM - The Gnome Display Manager
/* GDM - The GNOME Display Manager
* Copyright (C) 1998, 1999, 2000 Martin K. Petersen <mkp@mkp.net>
*
* This program is free software; you can redistribute it and/or modify
......
......@@ -45,10 +45,6 @@
static gint ipending = 0;
static GSList *indirect = NULL;
/* Tunables */
extern gint GdmMaxIndirect; /* Maximum pending indirects, i.e. simultaneous choosing sessions */
extern gint GdmMaxIndirectWait; /* Maximum age before a pending session is removed from the list */
static guint indirect_id = 1;
static gboolean
......@@ -150,7 +146,7 @@ gdm_choose_data (const char *data)
GdmIndirectDisplay *idisp = li->data;
if (idisp->id == id) {
/* whack the oldest if more then allowed */
while (ipending >= GdmMaxIndirect &&
while (ipending >= gdm_get_value_int (GDM_KEY_MAX_INDIRECT) &&
remove_oldest_pending ())
;
......@@ -335,7 +331,7 @@ gdm_choose_indirect_lookup (struct sockaddr_in *clnt_sa)
continue;
if (id->acctime > 0 &&
curtime > id->acctime + GdmMaxIndirectWait) {
curtime > id->acctime + gdm_get_value_int (GDM_KEY_MAX_WAIT_INDIRECT)) {
#ifdef ENABLE_IPV6
if (clnt_sa->ss_family == AF_INET6) {
char buffer6[INET6_ADDRSTRLEN];
......
/* GDM - The Gnome Display Manager
/* GDM - The GNOME Display Manager
* Copyright (C) 1998, 1999, 2000 Martin K. Petersen <mkp@mkp.net>
*
* This program is free software; you can redistribute it and/or modify
......
......@@ -35,11 +35,12 @@
#include <fcntl.h>
#include <sys/time.h>
#include <unistd.h>
#include <vicious.h>
#include <errno.h>
#include "gdm.h"
#include "md5.h"
#include "cookie.h"
#include "gdmconfig.h"
#define MAXBUFFERSIZE 1024
......
/* GDM - The Gnome Display Manager
/* GDM - The GNOME Display Manager
* Copyright (C) 1998, 1999, 2000 Martin K. Petersen <mkp@mkp.net>
*
* This program is free software; you can redistribute it and/or modify
......
......@@ -24,8 +24,7 @@
#include <sys/types.h>
#include <unistd.h>
#include <fcntl.h>
#include <vicious.h>
#include <errno.h>
#include "gdm.h"
#include "gdm-net.h"
......@@ -37,9 +36,9 @@
#include "choose.h"
#include "auth.h"
#include "gdm-net.h"
#include "gdmconfig.h"
/* External vars */
extern gboolean GdmXdmcp;
extern gint xdmcp_sessions;
extern gint flexi_servers;
extern gint xdmcp_pending;
......@@ -201,10 +200,8 @@ wait_again:
/* rekill the slave to tell it to
hurry up and die if we're getting
killed ourselves */
if (ve_signal_was_notified (SIGTERM) ||
ve_signal_was_notified (SIGINT) ||
ve_signal_was_notified (SIGHUP) ||
t + 10 <= time (NULL)) {
if ((gdm_signal_terminthup_was_notified()) ||
(t + 10 <= time (NULL))) {
gdm_debug ("whack_old_slave: GOT ANOTHER SIGTERM (or it was 10 secs already), killing slave again with SIGKILL");
t = time (NULL);
kill (d->slavepid, SIGKILL);
......@@ -294,7 +291,7 @@ gdm_display_manage (GdmDisplay *d)
d->slavepid = getpid ();
/* Close XDMCP fd in slave process */
if (GdmXdmcp)
if (gdm_get_value_bool (GDM_KEY_XDMCP))
gdm_xdmcp_close ();
gdm_connection_close (fifoconn);
......
/* GDM - The Gnome Display Manager
/* GDM - The GNOME Display Manager
* Copyright (C) 1998, 1999, 2000 Martin K. Petersen <mkp@mkp.net>
*
* This program is free software; you can redistribute it and/or modify
......
......@@ -20,9 +20,6 @@
* and the user's session scripts. */
#include <config.h>
#include <glib/gi18n.h>
#include <gtk/gtk.h>
#include <gdk/gdkx.h>
#include <unistd.h>
#include <syslog.h>
#include <grp.h>
......@@ -34,12 +31,14 @@
#include <sys/types.h>
#include <signal.h>
#include <glib/gi18n.h>
#include <gtk/gtk.h>
#include <gdk/gdkx.h>
#include "gdm.h"
#include "misc.h"
#include "auth.h"
#include <vicious.h>
#include "gdmconfig.h"
#include "errorgui.h"
/* set in the main function */
......@@ -47,16 +46,6 @@ extern char **stored_argv;
extern int stored_argc;
extern char *stored_path;
/* Configuration option variables */
extern gchar *GdmUser;
extern gchar *GdmServAuthDir;
extern gchar *GdmGtkRC;
extern gchar *GdmGtkTheme;
extern uid_t GdmUserId;
extern gid_t GdmGroupId;
extern gboolean GdmAddGtkModules;
extern gchar *GdmGtkModulesList;
static int screenx = 0;
static int screeny = 0;
static int screenwidth = 0;
......@@ -213,9 +202,9 @@ setup_dialog (GdmDisplay *d, const char *name, int closefdexcept, gboolean set_g
gdm_open_dev_null (O_RDWR); /* open stderr - fd 2 */
if (set_gdm_ids) {
setgid (GdmGroupId);
initgroups (GdmUser, GdmGroupId);
setuid (GdmUserId);
setgid (gdm_get_gdmgid());
initgroups (gdm_get_value_string (GDM_KEY_USER), gdm_get_gdmgid());
setuid (gdm_get_gdmuid());
pw = NULL;
} else {
pw = getpwuid (uid);
......@@ -228,51 +217,52 @@ setup_dialog (GdmDisplay *d, const char *name, int closefdexcept, gboolean set_g
openlog ("gdm", LOG_PID, LOG_DAEMON);
ve_setenv ("LOGNAME", GdmUser, TRUE);
ve_setenv ("USER", GdmUser, TRUE);
ve_setenv ("USERNAME", GdmUser, TRUE);
g_setenv ("LOGNAME", gdm_get_value_string (GDM_KEY_USER), TRUE);
g_setenv ("USER", gdm_get_value_string (GDM_KEY_USER), TRUE);
g_setenv ("USERNAME", gdm_get_value_string (GDM_KEY_USER), TRUE);
ve_setenv ("DISPLAY", d->name, TRUE);
ve_unsetenv ("XAUTHORITY");
g_setenv ("DISPLAY", d->name, TRUE);
g_unsetenv ("XAUTHORITY");
gdm_auth_set_local_auth (d);
/* sanity env stuff */
ve_setenv ("SHELL", "/bin/sh", TRUE);
g_setenv ("SHELL", "/bin/sh", TRUE);
/* set HOME to /, we don't need no stinking HOME anyway */
if (pw == NULL ||
ve_string_empty (pw->pw_dir))
ve_setenv ("HOME", ve_sure_string (GdmServAuthDir), TRUE);
g_setenv ("HOME", ve_sure_string (gdm_get_value_string (GDM_KEY_SERV_AUTHDIR)), TRUE);
else
ve_setenv ("HOME", pw->pw_dir, TRUE);
g_setenv ("HOME", pw->pw_dir, TRUE);
argv = g_new0 (char *, 3);
argv[0] = (char *)name;
argc = 1;
if ( ! inhibit_gtk_modules &&
GdmAddGtkModules &&
! ve_string_empty (GdmGtkModulesList)) {
argv[1] = g_strdup_printf ("--gtk-module=%s", GdmGtkModulesList);
gdm_get_value_bool (GDM_KEY_ADD_GTK_MODULES) &&
! ve_string_empty (gdm_get_value_string (GDM_KEY_GTK_MODULES_LIST))) {
argv[1] = g_strdup_printf ("--gtk-module=%s", gdm_get_value_string (GDM_KEY_GTK_MODULES_LIST));
argc = 2;
}
if (inhibit_gtk_modules) {
ve_unsetenv ("GTK_MODULES");
g_unsetenv ("GTK_MODULES");
}
gtk_init (&argc, &argv);
if ( ! inhibit_gtk_themes) {
const char *theme_name;
gchar *gtkrc = gdm_get_value_string (GDM_KEY_GTKRC);
if ( ! ve_string_empty (GdmGtkRC) &&
access (GdmGtkRC, R_OK) == 0)
gtk_rc_parse (GdmGtkRC);
if ( ! ve_string_empty (gtkrc) &&
access (gtkrc, R_OK) == 0)
gtk_rc_parse (gtkrc);
theme_name = d->theme_name;
if (ve_string_empty (theme_name))
theme_name = GdmGtkTheme;
theme_name = gdm_get_value_string (GDM_KEY_GTK_THEME);
if ( ! ve_string_empty (theme_name)) {
gchar *theme_dir = gtk_rc_get_theme_dir ();
char *theme = g_strdup_printf ("%s/%s/gtk-2.0/gtkrc", theme_dir, theme_name);
......@@ -396,7 +386,7 @@ gdm_error_box_full (GdmDisplay *d, GtkMessageType type, const char *error,
}
setup_dialog (d, "gtk-error-box", -1,
(uid == 0 || uid == GdmUserId) /* set_gdm_ids */,
(uid == 0 || uid == gdm_get_gdmuid()) /* set_gdm_ids */,
uid);
loc = gdm_locale_to_utf8 (error);
......
/* GDM - The Gnome Display Manager
/* GDM - The GNOME Display Manager
* Copyright (C) 1998, 1999, 2000 Martin K. Petersen <mkp@mkp.net>
*
* This program is free software; you can redistribute it and/or modify
......
......@@ -21,13 +21,9 @@
#include <syslog.h>
#include <sys/stat.h>
#include <vicious.h>
#include "gdm.h"
#include "filecheck.h"
extern int GdmUserMaxFile;
extern gboolean GdmCheckDirOwner;
#include "gdmconfig.h"
/**
* gdm_file_check:
......@@ -67,12 +63,12 @@ gdm_file_check (const gchar *caller, uid_t user, const gchar *dir,
}
/* Check if dir is owned by the user ...
Only, if GdmCheckDirOwner is true (default)
Only, if GDM_KEY_CHECK_DIR_OWNER is true (default)
This is a "hack" for directories not owned by
the user.
2004-06-22, Andreas Schubert, MATHEMA Software GmbH */
if G_UNLIKELY (GdmCheckDirOwner && (statbuf.st_uid != user)) {
if G_UNLIKELY (gdm_get_value_bool (GDM_KEY_CHECK_DIR_OWNER) && (statbuf.st_uid != user)) {
syslog (LOG_WARNING, _("%s: %s is not owned by uid %d."), caller, dir, user);
return FALSE;
}
......@@ -153,6 +149,7 @@ gboolean
gdm_auth_file_check (const gchar *caller, uid_t user, const gchar *authfile, gboolean absentok, struct stat *s)
{
struct stat statbuf;
gint usermaxfile;
int r;
if (ve_string_empty (authfile))
......@@ -187,8 +184,9 @@ gdm_auth_file_check (const gchar *caller, uid_t user, const gchar *authfile, gbo
return FALSE;
}
usermaxfile = gdm_get_value_int (GDM_KEY_USER_MAX_FILE);
/* ... and smaller than sysadmin specified limit. */
if G_UNLIKELY (GdmUserMaxFile && statbuf.st_size > GdmUserMaxFile) {
if G_UNLIKELY (usermaxfile && statbuf.st_size > usermaxfile) {
syslog (LOG_WARNING, _("%s: %s is bigger than sysadmin specified maximum file size."),
caller, authfile);
return FALSE;
......
/* GDM - The Gnome Display Manager
/* GDM - The GNOME Display Manager
* Copyright (C) 1998, 1999, 2000 Martin K. Petersen <mkp@mkp.net>
*
* This program is free software; you can redistribute it and/or modify
......
......@@ -32,11 +32,10 @@
#include <errno.h>
#include <syslog.h>
#include <vicious.h>
#include "gdm.h"
#include "misc.h"
#include "gdm-net.h"
#include "gdmconfig.h"
/* Kind of a weird setup, new connections whack old connections */
#define MAX_CONNECTIONS 10
......
/* GDM - The Gnome Display Manager
/* GDM - The GNOME Display Manager
* Copyright (C) 1998, 1999, 2000 Martin K. Petersen <mkp@mkp.net>
*
* This program is free software; you can redistribute it and/or modify
......
This diff is collapsed.
/* GDM - The Gnome Display Manager
/* GDM - The GNOME Display Manager
* Copyright (C) 1998, 1999, 2000 Martin K. Petersen <mkp@mkp.net>
*
* This program is free software; you can redistribute it and/or modify
......@@ -136,34 +136,45 @@ enum {
#define FIELD_SIZE 256
#define PIPE_SIZE 4096
/*
* The following section contains keys used by the gdm.conf configuration file.
* Options exposed in this file are Stable, and should not change in ways that
* are not backwards incompatible. Note the GDM_KEY_DEFAULTWELCOME_BACKTEST
* to see how backwards compatibility can be handled.
* are not backwards incompatible. Note how GDM_KEY_DEFAULTWELCOME_BACKTEST
* works to see how backwards compatibility can be handled.
*
* Developers who add new configuration options should ensure that they do the
* following:
*
* + Specify the same default in this file as in the config/gdm.conf.in file.
* + Update the GET_CONFIG logic in the gdm_handle_user_message() function in
* daemon/gdm.c to handle the new option.
* + Update the SET_CONFIG logic in the gdm_handle_user_message() function in
* daemon/gdm.c to handle the new option if appropriate.
* + The gui/gdmsetup.c program should be updated to support the new option.
* If the option affects the greeter program, make sure update_greeters() is
* called. For this to work, the update_config() logic in daemon/gdm.c
* should be updated to call notify_displays_*() upon noticing the
* configuration change. The gdm_reread_config() in gui/gdmlogin.c and
* gui/greeter/greeter.c will also need to be updated to notice the new
* configuration option.
*
* + Update the val_hash and type_hash settings in gdm_config_init function
* in daemon/gdmconfig.c to add the new options.
*
* + Add any validation to the _gdm_set_value_string, _gdm_set_value_int,
* and/or _gdm_set_value_bool functions in gdmconfig.c, if needed.
*
* + The gui/gdmsetup.c program should be updated to support the new option
* unless there's a good reason not to.
*
* + If GDM_UPDATE_CONFIG should not respond to this configuration setting,
* update the update_config function in gdmconfig.c to return FALSE for
* this key. Examples include changing the PidFile, ServAuthDir, or
* other values that GDM shouldn't change until it is restarted. If
* this is true, the next bullet can be ignored.
*
* + If the option should cause the greeter (gdmlogin/gdmgreeter) program to
* be updated immediately, make sure to update the appropriate
* _gdm_set_value_* function in gdmconfig.c to cause a call to
* notify_displays_*() when this value is changed. Supporting logic will
* also be needed in the gdm_slave_handle_notify function in slave.c.
* It should be simple to see how to do this from the other examples.
*
* + Update the docs/C/gdm.xml file to include information about the new
* option. Include information about any other interfaces (such as
* ENVIRONMENT variables) that may affect the configuration option.
*
* Please do this work *before* submitting an enhancement request via
* bugzilla.
* Please do this work *before* submitting an patch. Patches that are not
* complete will not likely be accepted.
*/
/* Configuration constants */
......@@ -171,40 +182,48 @@ enum {
/* This defaults to true for backward compatibility,
* it will not actually do automatic login since the AutomaticLogin defaults
* to nothing */
#define GDM_KEY_AUTOMATICLOGIN_ENABLE "daemon/AutomaticLoginEnable=true"
#define GDM_KEY_AUTOMATICLOGIN "daemon/AutomaticLogin="
#define GDM_KEY_ALWAYSRESTARTSERVER "daemon/AlwaysRestartServer=false"
#define GDM_KEY_AUTOMATIC_LOGIN_ENABLE "daemon/AutomaticLoginEnable=true"
#define GDM_KEY_AUTOMATIC_LOGIN "daemon/AutomaticLogin="
/* The SDTLOGIN feature is Solaris specific, and causes the Xserver to be
* run with user permissionsinstead of as root, which adds security but
* disables the AlwaysRestartServer option as highlighted in the gdm
* documentation */
#ifdef sun
#define GDM_KEY_ALWAYS_RESTART_SERVER "daemon/AlwaysRestartServer=true"
#else
#define GDM_KEY_ALWAYS_RESTART_SERVER "daemon/AlwaysRestartServer=false"
#endif
#define GDM_KEY_GREETER "daemon/Greeter=" EXPANDED_LIBEXECDIR "/gdmlogin"
#define GDM_KEY_REMOTEGREETER "daemon/RemoteGreeter=" EXPANDED_LIBEXECDIR "/gdmlogin"
#define GDM_KEY_REMOTE_GREETER "daemon/RemoteGreeter=" EXPANDED_LIBEXECDIR "/gdmlogin"
#define GDM_KEY_ADD_GTK_MODULES "daemon/AddGtkModules=false"
#define GDM_KEY_GTK_MODULES_LIST "daemon/GtkModulesList="
#define GDM_KEY_GROUP "daemon/Group=gdm"
#define GDM_KEY_HALT "daemon/HaltCommand=" HALT_COMMAND
#define GDM_KEY_INITDIR "daemon/DisplayInitDir=" EXPANDED_SYSCONFDIR "/gdm/Init"
#define GDM_KEY_KILLIC "daemon/KillInitClients=true"
#define GDM_KEY_LOGDIR "daemon/LogDir=" EXPANDED_LOGDIR
#define GDM_KEY_DISPLAY_INIT_DIR "daemon/DisplayInitDir=" EXPANDED_SYSCONFDIR "/gdm/Init"
#define GDM_KEY_KILL_INIT_CLIENTS "daemon/KillInitClients=true"
#define GDM_KEY_LOG_DIR "daemon/LogDir=" EXPANDED_LOGDIR
#define GDM_KEY_PATH "daemon/DefaultPath=" GDM_USER_PATH
#define GDM_KEY_PIDFILE "daemon/PidFile=/var/run/gdm.pid"
#define GDM_KEY_POSTSESS "daemon/PostSessionScriptDir=" EXPANDED_SYSCONFDIR "/gdm/PostSession/"
#define GDM_KEY_PRESESS "daemon/PreSessionScriptDir=" EXPANDED_SYSCONFDIR "/gdm/PreSession/"
#define GDM_KEY_PID_FILE "daemon/PidFile=/var/run/gdm.pid"
#define GDM_KEY_POSTSESSION "daemon/PostSessionScriptDir=" EXPANDED_SYSCONFDIR "/gdm/PostSession/"
#define GDM_KEY_PRESESSION "daemon/PreSessionScriptDir=" EXPANDED_SYSCONFDIR "/gdm/PreSession/"
#define GDM_KEY_POSTLOGIN "daemon/PostLoginScriptDir=" EXPANDED_SYSCONFDIR "/gdm/PreSession/"
#define GDM_KEY_FAILSAFE_XSERVER "daemon/FailsafeXServer="
#define GDM_KEY_XKEEPSCRASHING "daemon/XKeepsCrashing=" EXPANDED_SYSCONFDIR "/gdm/XKeepsCrashing"
#define GDM_KEY_X_KEEPS_CRASHING "daemon/XKeepsCrashing=" EXPANDED_SYSCONFDIR "/gdm/XKeepsCrashing"
#define GDM_KEY_REBOOT "daemon/RebootCommand=" REBOOT_COMMAND
#define GDM_KEY_ROOTPATH "daemon/RootPath=/sbin:/usr/sbin:" GDM_USER_PATH
#define GDM_KEY_SERVAUTH "daemon/ServAuthDir=" EXPANDED_AUTHDIR
#define GDM_KEY_SESSDIR "daemon/SessionDesktopDir=/etc/X11/sessions/:" EXPANDED_SYSCONFDIR "/dm/Sessions/:" EXPANDED_DATADIR "/gdm/BuiltInSessions/:" EXPANDED_DATADIR "/xsessions/"
#define GDM_KEY_BASEXSESSION "daemon/BaseXsession=" EXPANDED_SYSCONFDIR "/gdm/Xsession"
#define GDM_KEY_DEFAULTSESSION "daemon/DefaultSession=gnome.desktop"
#define GDM_KEY_ROOT_PATH "daemon/RootPath=/sbin:/usr/sbin:" GDM_USER_PATH
#define GDM_KEY_SERV_AUTHDIR "daemon/ServAuthDir=" EXPANDED_AUTHDIR
#define GDM_KEY_SESSION_DESKTOP_DIR "daemon/SessionDesktopDir=/etc/X11/sessions/:" EXPANDED_SYSCONFDIR "/dm/Sessions/:" EXPANDED_DATADIR "/gdm/BuiltInSessions/:" EXPANDED_DATADIR "/xsessions/"
#define GDM_KEY_BASE_XSESSION "daemon/BaseXsession=" EXPANDED_SYSCONFDIR "/gdm/Xsession"
#define GDM_KEY_DEFAULT_SESSION "daemon/DefaultSession=gnome.desktop"
#define GDM_KEY_SUSPEND "daemon/SuspendCommand=" SUSPEND_COMMAND
#define GDM_KEY_UAUTHDIR "daemon/UserAuthDir="
#define GDM_KEY_UAUTHFB "daemon/UserAuthFBDir=/tmp"
#define GDM_KEY_UAUTHFILE "daemon/UserAuthFile=.Xauthority"
#define GDM_KEY_USER_AUTHDIR "daemon/UserAuthDir="
#define GDM_KEY_USER_AUTHDIR_FALLBACK "daemon/UserAuthFBDir=/tmp"
#define GDM_KEY_USER_AUTHFILE "daemon/UserAuthFile=.Xauthority"
#define GDM_KEY_USER "daemon/User=gdm"
#define GDM_KEY_CONSOLE_NOTIFY "daemon/ConsoleNotify=true"
#define GDM_KEY_DOUBLELOGINWARNING "daemon/DoubleLoginWarning=true"
#define GDM_KEY_DOUBLE_LOGIN_WARNING "daemon/DoubleLoginWarning=true"
#define GDM_KEY_ALWAYS_LOGIN_CURRENT_SESSION "daemon/AlwaysLoginCurrentSession=false"
#define GDM_KEY_DISPLAY_LAST_LOGIN "daemon/DisplayLastLogin=false"
......@@ -224,8 +243,8 @@ enum {
#define GDM_KEY_XNEST "daemon/Xnest=" X_SERVER_PATH "/Xnest -name Xnest"
/* Keys for automatic VT allocation rather then letting it up to the
* X server */
#define GDM_KEY_FIRSTVT "daemon/FirstVT=7"
#define GDM_KEY_VTALLOCATION "daemon/VTAllocation=true"
#define GDM_KEY_FIRST_VT "daemon/FirstVT=7"
#define GDM_KEY_VT_ALLOCATION "daemon/VTAllocation=true"
#define GDM_KEY_CONSOLE_CANNOT_HANDLE "daemon/ConsoleCannotHandle=am,ar,az,bn,el,fa,gu,hi,ja,ko,ml,mr,pa,ta,zh"
......@@ -242,28 +261,28 @@ enum {
/* Instead of the greeter run the chooser */
#define GDM_KEY_SERVER_CHOOSER "chooser=false"
#define GDM_KEY_ALLOWROOT "security/AllowRoot=true"
#define GDM_KEY_ALLOWREMOTEROOT "security/AllowRemoteRoot=true"
#define GDM_KEY_ALLOWREMOTEAUTOLOGIN "security/AllowRemoteAutoLogin=false"
#define GDM_KEY_MAXFILE "security/UserMaxFile=65536"
#define GDM_KEY_RELAXPERM "security/RelaxPermissions=0"
#define GDM_KEY_CHECKDIROWNER "security/CheckDirOwner=true"
#define GDM_KEY_RETRYDELAY "security/RetryDelay=1"
#define GDM_KEY_DISALLOWTCP "security/DisallowTCP=true"
#define GDM_KEY_ALLOW_ROOT "security/AllowRoot=true"
#define GDM_KEY_ALLOW_REMOTE_ROOT "security/AllowRemoteRoot=true"
#define GDM_KEY_ALLOW_REMOTE_AUTOLOGIN "security/AllowRemoteAutoLogin=false"
#define GDM_KEY_USER_MAX_FILE "security/UserMaxFile=65536"
#define GDM_KEY_RELAX_PERM "security/RelaxPermissions=0"
#define GDM_KEY_CHECK_DIR_OWNER "security/CheckDirOwner=true"
#define GDM_KEY_RETRY_DELAY "security/RetryDelay=1"
#define GDM_KEY_DISALLOW_TCP "security/DisallowTCP=true"
#define GDM_KEY_NEVERPLACECOOKIESONNFS "security/NeverPlaceCookiesOnNFS=true"
#define GDM_KEY_PASSWORDREQUIRED "security/PasswordRequired=false"
#define GDM_KEY_NEVER_PLACE_COOKIES_ON_NFS "security/NeverPlaceCookiesOnNFS=true"
#define GDM_KEY_PASSWORD_REQUIRED "security/PasswordRequired=false"
#define GDM_KEY_XDMCP "xdmcp/Enable=false"
#define GDM_KEY_MAXPEND "xdmcp/MaxPending=4"
#define GDM_KEY_MAXSESS "xdmcp/MaxSessions=16"
#define GDM_KEY_MAXWAIT "xdmcp/MaxWait=15"
#define GDM_KEY_DISP