10-selinux-fix.patch: From upstream, various fixes, including SElinux
authorJulien Lavergne <julien.lavergne@gmail.com>
Sun, 23 May 2010 09:55:25 +0000 (11:55 +0200)
committerJulien Lavergne <julien.lavergne@gmail.com>
Sun, 23 May 2010 09:55:25 +0000 (11:55 +0200)
support.

debian/changelog
debian/patches/10-selinux-fix.patch [new file with mode: 0644]
debian/patches/17-follow-symlink.patch
debian/patches/series

index 39f3f46..75df1a7 100644 (file)
@@ -16,6 +16,8 @@ lxdm (0.2.0-3) UNRELEASED; urgency=low
   * debian/rules:
    - Add LDFLAGS = -Wl,-z,defs -Wl,-O2 -Wl,--as-needed
   * debian/patches/
+   - 10-selinux-fix.patch: From upstream, various fixes, including SElinux
+     support.
    - 15-path-replace.patch : don't let lxdm replace PATH. (LP: #524761)
    - 17-follow-symlink.patch: Follow symlink instead of saving the
      configuration file on a symlink.
diff --git a/debian/patches/10-selinux-fix.patch b/debian/patches/10-selinux-fix.patch
new file mode 100644 (file)
index 0000000..0923a61
--- /dev/null
@@ -0,0 +1,302 @@
+From 00eb4d081b0f5638ffef41c379db104aa6f80915 Mon Sep 17 00:00:00 2001
+From: dgod <dgod.osa@gmail.com>
+Date: Sat, 8 May 2010 20:44:30 +0800
+Subject: [PATCH] I hate selinux
+
+---
+ src/greeter.c |   25 +++++++++++++++++++------
+ src/lxdm.c    |   51 ++++++++++++++++++++++++++++++++++++---------------
+ src/ui.c      |    3 ++-
+ 3 files changed, 57 insertions(+), 22 deletions(-)
+
+diff --git a/src/greeter.c b/src/greeter.c
+index 8321452..761082e 100644
+--- a/src/greeter.c
++++ b/src/greeter.c
+@@ -29,6 +29,8 @@
+ #include "lang.h"
+ #include <time.h>
++#include <stdlib.h>
++#include <sys/stat.h>
+ enum {
+     COL_SESSION_NAME,
+@@ -43,9 +45,8 @@ enum {
+     N_LANG_COLS
+ };
+-#ifndef VCONFIG_FILE
+-#define VCONFIG_FILE "/etc/lxdm/lxdm.conf"
+-#endif
++#define VCONFIG_PATH "/var/lib/lxdm"
++#define VCONFIG_FILE "/var/lib/lxdm/lxdm.conf"
+ static gboolean config_changed = FALSE;
+ static GKeyFile *config;
+@@ -58,7 +59,7 @@ static GtkWidget* prompt;
+ static GtkWidget* sessions;
+ static GtkWidget* lang;
+-static GtkWidget* exit;
++static GtkWidget* exit_btn;
+ static GtkWidget* exit_menu;
+ static GtkWidget *lang_menu;
+@@ -445,7 +446,7 @@ static void load_exit()
+     gtk_menu_shell_append(GTK_MENU_SHELL(exit_menu), item);
+     gtk_widget_show_all(exit_menu);
+-    g_signal_connect(exit, "clicked", G_CALLBACK(on_exit_clicked), NULL);
++    g_signal_connect(exit_btn, "clicked", G_CALLBACK(on_exit_clicked), NULL);
+ }
+ static gboolean on_expose(GtkWidget* widget, GdkEventExpose* evt, gpointer user_data)
+@@ -595,7 +596,7 @@ static void create_win()
+         on_timeout((GtkLabel*)w);
+     }
+-    exit = (GtkWidget*)gtk_builder_get_object(builder, "exit");
++    exit_btn = (GtkWidget*)gtk_builder_get_object(builder, "exit");
+     load_exit();
+     g_object_unref(builder);
+@@ -735,6 +736,7 @@ static void apply_theme(const char* theme_name)
+ int main(int arc, char *arg[])
+ {
+     char* theme_name;
++    GtkSettings*p;
+     gtk_set_locale();
+     bindtextdomain("lxdm", "/usr/share/locale");
+@@ -749,6 +751,14 @@ int main(int arc, char *arg[])
+     gtk_init(&arc, &arg);
++    p=gtk_settings_get_default();
++    if(p)
++    {
++        putenv("GTK_IM_MODULE=gtk-im-context-simple");
++        gtk_settings_set_string_property(p,"gtk-im-module","gtk-im-context-simple",0);
++        gtk_settings_set_long_property(p,"gtk-show-input-method-menu",0,0);
++    }
++
+     set_background();
+     set_root_background();
+@@ -782,6 +792,9 @@ int main(int arc, char *arg[])
+     {
+         gsize len;
+         char* data = g_key_file_to_data(var_config, &len, NULL);
++#ifdef VCONFIG_PATH
++      mkdir(VCONFIG_PATH,0700);
++#endif
+         g_file_set_contents(VCONFIG_FILE, data, len, NULL);
+         g_free(data);
+     }
+diff --git a/src/lxdm.c b/src/lxdm.c
+index ff4d362..6065e95 100644
+--- a/src/lxdm.c
++++ b/src/lxdm.c
+@@ -84,6 +84,7 @@ static Window *my_xid;
+ static unsigned int my_xid_n;
+ static char *self;
+ static pid_t child;
++static guint child_watch;
+ static int reason;
+ static int old_tty=1,tty = 7;
+@@ -311,7 +312,6 @@ void create_server_auth(void)
+     GRand *h;
+     int i;
+     char *authfile;
+-    char *tmp;
+     h = g_rand_new();
+ #if HAVE_LIBXAU
+@@ -342,9 +342,7 @@ void create_server_auth(void)
+         mkdir("/var/run/lxdm",0700);
+         authfile = g_strdup("/var/run/lxdm/lxdm.auth");
+     }
+-    tmp = g_strdup_printf("XAUTHORITY=%s", authfile);
+-    putenv(tmp);
+-    g_free(tmp);
++    setenv("XAUTHORITY",authfile,0);
+     remove(authfile);
+ #if HAVE_LIBXAU
+     FILE *fp=fopen(authfile,"wb");
+@@ -370,7 +368,7 @@ void create_server_auth(void)
+         fclose(fp);
+     }
+ #else
+-    tmp = g_strdup_printf("xauth -q -f %s add %s . %s",
++    char *tmp = g_strdup_printf("xauth -q -f %s add %s . %s",
+                           authfile, getenv("DISPLAY"), mcookie);
+     system(tmp);
+     g_free(tmp);
+@@ -415,12 +413,17 @@ static int do_conv(int num, const struct pam_message **msg,struct pam_response *
+       *resp = (struct pam_response *) calloc(num, sizeof(struct pam_response));
+       for(i=0;i<num;i++)
+       {
++              //printf("MSG: %d %s\n",msg[i]->msg_style,msg[i]->msg);
+               switch(msg[i]->msg_style){
+               case PAM_PROMPT_ECHO_ON:
+-                      resp[i]->resp=strdup(user_pass[0]);
++                      resp[i]->resp=strdup(user_pass[0]?user_pass[0]:"");
+                       break;
+               case PAM_PROMPT_ECHO_OFF:
+-                      resp[i]->resp=strdup(user_pass[1]);
++                      resp[i]->resp=strdup(user_pass[1]?user_pass[1]:"");
++                      break;
++              case PAM_ERROR_MSG:
++              case PAM_TEXT_INFO:
++                      //printf("PAM: %s\n",msg[i]->msg);
+                       break;
+               default:
+                       break;
+@@ -436,9 +439,11 @@ static struct pam_conv conv={.conv=do_conv,.appdata_ptr=user_pass};
+ int lxdm_auth_user(char *user, char *pass, struct passwd **ppw)
+ {
+     struct passwd *pw;
++#if !HAVE_LIBPAM
+     struct spwd *sp;
+     char *real;
+     char *enc;
++#endif
+     if( !user )
+         return AUTH_ERROR;
+     if( !user[0] )
+@@ -452,6 +457,7 @@ int lxdm_auth_user(char *user, char *pass, struct passwd **ppw)
+         *ppw = pw;
+         return AUTH_SUCCESS;
+     }
++#if !HAVE_LIBPAM
+     sp = getspnam(user);
+     if( !sp )
+         return AUTH_FAIL;
+@@ -472,18 +478,25 @@ int lxdm_auth_user(char *user, char *pass, struct passwd **ppw)
+         return AUTH_FAIL;
+     if( strstr(pw->pw_shell, "nologin") )
+         return AUTH_PRIV;
+-    *ppw = pw;
+-#if HAVE_LIBPAM
++#else
+     if(pamh) pam_end(pamh,0);
+     if(PAM_SUCCESS != pam_start("lxdm", pw->pw_name, &conv, &pamh))
++    {
+         pamh=NULL;
++        return AUTH_FAIL;
++    }
+     else
+     {
++      int ret;
+         user_pass[0]=user;user_pass[1]=pass;
+-        pam_authenticate(pamh,PAM_SILENT);
+-        user_pass[0]=0;user_pass[1]=0;
++        ret=pam_authenticate(pamh,PAM_SILENT);
++      user_pass[0]=0;user_pass[1]=0;
++      if(ret!=PAM_SUCCESS)
++            return AUTH_FAIL;
++      //ret=pam_setcred(pamh, PAM_ESTABLISH_CRED);
+     }
+ #endif
++    *ppw = pw;
+     return AUTH_SUCCESS;
+ }
+@@ -502,7 +515,7 @@ void setup_pam_session(struct passwd *pw,char *session_name)
+     sprintf(x, "tty%d", tty);
+     pam_set_item(pamh, PAM_TTY, x);
+ #ifdef PAM_XDISPLAY
+-      pam_set_item( pamh, PAM_XDISPLAY, getenv("DISPLAY") );
++    pam_set_item( pamh, PAM_XDISPLAY, getenv("DISPLAY") );
+ #endif
+     if(session_name && session_name[0])
+@@ -514,7 +527,7 @@ void setup_pam_session(struct passwd *pw,char *session_name)
+     }
+     err = pam_open_session(pamh, 0); /* FIXME pam session failed */
+     if( err != PAM_SUCCESS )
+-        log_print( "pam open session error \"%s\"\n", pam_strerror(pamh, err) );
++        log_print( "pam open session error \"%s\"\n", pam_strerror(pamh, err));
+ }
+ void close_pam_session(void)
+@@ -522,6 +535,7 @@ void close_pam_session(void)
+     int err;
+     if( !pamh ) return;
+     err = pam_close_session(pamh, 0);
++    //err=pam_setcred(pamh, PAM_DELETE_CRED);
+     pam_end(pamh, err);
+     pamh = NULL;
+ }
+@@ -666,6 +680,7 @@ static void on_xserver_stop(GPid pid, gint status, gpointer data)
+     //log_print("xserver stop, restart. return status %x\n",status);
+     stop_pid(server);
+     server = -1;
++    server_watch=0;
+     lxdm_restart_self();
+ }
+@@ -705,7 +720,7 @@ void startx(void)
+     char *arg;
+     char **args;
+-    if( !getenv("DISPLAY") )
++    if(!getenv("DISPLAY"))
+         putenv("DISPLAY=:0");
+ #ifndef DISABLE_XAUTH
+@@ -753,6 +768,7 @@ void exit_cb(void)
+     if(server_watch>0)
+     {
+         g_source_remove(server_watch);
++        server_watch=0;
+     }
+     if( server > 0 )
+     {
+@@ -871,6 +887,8 @@ static void on_session_stop(GPid pid, gint status, gpointer data)
+     }
+     ui_prepare();
+     g_spawn_command_line_async("/etc/lxdm/PostLogout",NULL);
++    
++    child_watch=0;
+ }
+ static void replace_env(char** env, const char* name, const char* new_val)
+@@ -1051,7 +1069,10 @@ void lxdm_do_login(struct passwd *pw, char *session, char *lang)
+         g_free(session);
+     if(alloc_lang)
+         g_free(lang);
+-    g_child_watch_add(pid, on_session_stop, 0);
++    child_watch=g_child_watch_add(pid, on_session_stop, 0);
++
++    printf("xserver %d\n",server_watch);
++    printf("session %d\n",child_watch);
+ }
+ void lxdm_do_reboot(void)
+diff --git a/src/ui.c b/src/ui.c
+index 1eb11f5..1ca7b50 100644
+--- a/src/ui.c
++++ b/src/ui.c
+@@ -274,6 +274,7 @@ void ui_drop(void)
+         close(greeter_pipe[0]);
+         g_source_remove(greeter_watch);
++        greeter_watch=0;
+         waitpid(greeter, 0, 0) ;
+         greeter=-1;
+     }
+@@ -455,7 +456,7 @@ static void on_greeter_exit(GPid pid, gint status, gpointer data)
+     if( pid != greeter )
+         return;
+     greeter = -1;
+-    g_source_remove(greeter_watch);
++    greeter_watch=0;
+ }
+ void ui_prepare(void)
+-- 
+1.6.3
+
index 2c9dc4c..08c131e 100644 (file)
@@ -1,27 +1,29 @@
 Index: lxdm/src/greeter.c
 ===================================================================
---- lxdm.orig/src/greeter.c    2010-04-13 00:37:34.000000000 +0200
-+++ lxdm/src/greeter.c 2010-04-13 00:48:35.000000000 +0200
-@@ -781,8 +781,21 @@
+--- lxdm.orig/src/greeter.c    2010-05-23 11:38:46.000000000 +0200
++++ lxdm/src/greeter.c 2010-05-23 11:43:01.000000000 +0200
+@@ -791,11 +791,22 @@
      if( config_changed )
      {
          gsize len;
-+      gchar* config_file;
-+      GError **error;
-+
++        gchar* config_file;
++        GError **error;
          char* data = g_key_file_to_data(var_config, &len, NULL);
+ #ifdef VCONFIG_PATH
+-      mkdir(VCONFIG_PATH,0700);
++          mkdir(VCONFIG_PATH,0700);
+ #endif
 -        g_file_set_contents(VCONFIG_FILE, data, len, NULL);
-+      if( g_file_test(VCONFIG_FILE, G_FILE_TEST_IS_SYMLINK) )
-+      {
-+              config_file = g_file_read_link(VCONFIG_FILE, error);
-+              g_file_set_contents(config_file, data, len, NULL);
-+              g_free(config_file);
-+
++        if( g_file_test(VCONFIG_FILE, G_FILE_TEST_IS_SYMLINK) )
++        {
++            config_file = g_file_read_link(VCONFIG_FILE, error);
++                  g_file_set_contents(config_file, data, len, NULL);
++                  g_free(config_file);
 +      }
-+      else
-+      {
-+              g_file_set_contents(VCONFIG_FILE, data, len, NULL);
-+      }
++          else
++          {
++                  g_file_set_contents(VCONFIG_FILE, data, len, NULL);
++          }
          g_free(data);
      }
      g_key_file_free(config);
index bbcedeb..8e616b2 100644 (file)
@@ -1,4 +1,5 @@
 #stderr_stdout_to_log.patch 
 lxdm.conf_greeter_path_fix.patch
+10-selinux-fix.patch
 15-path-replace.patch
 17-follow-symlink.patch