diff options
Diffstat (limited to 'community/lxdm/git-fixes.patch')
-rw-r--r-- | community/lxdm/git-fixes.patch | 1932 |
1 files changed, 1753 insertions, 179 deletions
diff --git a/community/lxdm/git-fixes.patch b/community/lxdm/git-fixes.patch index 0f724d0e2..0137378e0 100644 --- a/community/lxdm/git-fixes.patch +++ b/community/lxdm/git-fixes.patch @@ -20,7 +20,7 @@ index bfac56b..6f997b8 100644 rpmbuild -bb \ --define "_sourcedir `pwd`" \ diff --git a/configure.ac b/configure.ac -index e952473..c307de2 100644 +index e952473..8958c9c 100644 --- a/configure.ac +++ b/configure.ac @@ -2,8 +2,8 @@ @@ -29,7 +29,7 @@ index e952473..c307de2 100644 AC_PREREQ([2.63]) -AC_INIT([lxdm], [0.4.1], [http://lxde.org/]) -AM_INIT_AUTOMAKE([-Wall -Werror foreign]) -+AC_INIT([lxdm], [0.4.2], [http://lxde.org/]) ++AC_INIT([lxdm], [0.5.0], [http://lxde.org/]) +AM_INIT_AUTOMAKE([-Wall -Werror foreign subdir-objects]) AC_CONFIG_SRCDIR([src/lxdm.c]) @@ -80,6 +80,15 @@ index e952473..c307de2 100644 AC_ARG_ENABLE(password, AC_HELP_STRING([--enable-password],[enable to load autologin password store at config file]), +@@ -118,7 +136,7 @@ if test "x$enable_debug" = "x$yes" ; then + fi + + AC_ARG_WITH(xconn, +- [AC_HELP_STRING([-with-xconn=@<:@xlib/xcb@:>@],[use xlib or xcb to use])], ++ [AC_HELP_STRING([--with-xconn=@<:@xlib/xcb@:>@],[use xlib or xcb to use])], + [if test "x$with_xconn" = "xxlib"; then + PKG_CHECK_MODULES(XCONN,"x11") + AC_SUBST(XCONN_CFLAGS) @@ -138,6 +156,14 @@ AC_ARG_WITH(xconn, ] ) @@ -669,28 +678,43 @@ index ae5b345..3033d74 100644 %changelog diff --git a/pam/lxdm b/pam/lxdm -index 51ffda4..cffd07b 100644 +index 51ffda4..41c95f4 100644 --- a/pam/lxdm +++ b/pam/lxdm -@@ -7,3 +7,4 @@ session include system-auth - session required pam_loginuid.so +@@ -4,6 +4,6 @@ auth optional pam_gnome_keyring.so + account include system-auth + session optional pam_keyinit.so force revoke + session include system-auth +-session required pam_loginuid.so session optional pam_console.so session optional pam_gnome_keyring.so auto_start +session optional pam_selinux.so diff --git a/src/Makefile.am b/src/Makefile.am -index 7fdfd99..ebfa29c 100644 +index 7fdfd99..4f9a11c 100644 --- a/src/Makefile.am +++ b/src/Makefile.am -@@ -20,7 +20,7 @@ lxdm_binary_LDADD = \ +@@ -8,6 +8,7 @@ lxdm_binary_CFLAGS = \ + -DXSESSIONS_DIR=\"@datarootdir@/xsessions\" \ + -DLXDM_DATA_DIR=@datadir@/@PACKAGE@ \ + -DLXDM_NUMLOCK_PATH=\"@libexecdir@/lxdm-numlock\" \ ++ -DLXDM_SESSION_PATH=\"@libexecdir@/lxdm-session\" \ + $(CONSOLEKIT_CFLAGS) \ + -Werror-implicit-function-declaration \ + -Wall \ +@@ -20,10 +21,10 @@ lxdm_binary_LDADD = \ $(NULL) lxdm_binary_SOURCES = \ - lxdm.c lxdm.h ui.c lxcom.c lxcom.h xconn.c xconn.h \ -+ lxdm.c lxdm.h ui.c lxcom.c lxcom.h xconn.c xconn.h lxcommon.h \ ++ lxdm.c lxdm.h ui.c lxcom.c lxcom.h xconn.c xconn.h auth.c lxcommon.h \ $(NULL) - libexec_PROGRAMS = lxdm-greeter-gdk lxdm-numlock lxdm-greeter-gtk -@@ -49,6 +49,7 @@ lxdm_greeter_gtk_SOURCES = \ +-libexec_PROGRAMS = lxdm-greeter-gdk lxdm-numlock lxdm-greeter-gtk ++libexec_PROGRAMS = lxdm-greeter-gdk lxdm-numlock lxdm-greeter-gtk lxdm-session + + lxdm_greeter_gtk_CFLAGS = \ + $(GTK_CFLAGS) \ +@@ -49,6 +50,7 @@ lxdm_greeter_gtk_SOURCES = \ gdm/locarchive.h \ lxcom.c lxcom.h \ greeter-utils.c greeter-utils.h \ @@ -698,6 +722,718 @@ index 7fdfd99..ebfa29c 100644 $(NULL) lxdm_greeter_gdk_CFLAGS = \ +@@ -84,6 +86,18 @@ lxdm_numlock_LDADD = \ + $(XLIB_LIBS) \ + $(NULL) + ++lxdm_session_SOURCES = \ ++ pam.c \ ++ $(NULL) ++ ++lxdm_session_CFLAGS = \ ++ $(GLIB_CFLAGS) \ ++ $(NULL) ++ ++lxdm_session_LDFLAGS = \ ++ $(GLIB_LIBS) \ ++ $(NULL) ++ + bin_PROGRAMS = lxdm-config + + lxdm_config_CFLAGS = \ +@@ -100,3 +114,4 @@ lxdm_config_SOURCES = \ + config.c \ + $(NULL) + ++ +diff --git a/src/auth.c b/src/auth.c +new file mode 100644 +index 0000000..10c047c +--- /dev/null ++++ b/src/auth.c +@@ -0,0 +1,632 @@ ++/* ++ * lxdm.c - main entry of lxdm ++ * ++ * Copyright 2009 dgod <dgod.osa@gmail.com> ++ * ++ * This program is free software; you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * This program is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with this program; if not, write to the Free Software ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, ++ * MA 02110-1301, USA. ++ */ ++ ++#define _GNU_SOURCE ++ ++#ifdef HAVE_CONFIG_H ++#include <config.h> ++#endif ++#ifndef HAVE_LIBPAM ++#ifdef USE_PAM ++#define HAVE_LIBPAM 1 ++#else ++#define HAVE_LIBPAM 0 ++#endif ++#endif ++ ++#include <stdio.h> ++#include <stdlib.h> ++#include <string.h> ++#include <stdarg.h> ++ ++#include <pwd.h> ++#include <grp.h> ++#include <shadow.h> ++#include <unistd.h> ++#include <errno.h> ++ ++#include <glib.h> ++ ++#include "lxdm.h" ++#include "auth.h" ++ ++#if HAVE_LIBPAM ++ ++#define PAM_MP 1 ++ ++#endif ++ ++void switch_user(struct passwd *pw, const char *run, char **env); ++ ++static void passwd_clean(struct passwd *pw) ++{ ++ g_free(pw->pw_name); ++ g_free(pw->pw_gecos); ++ g_free(pw->pw_dir); ++ g_free(pw->pw_shell); ++ memset(pw,0,sizeof(*pw)); ++} ++ ++#if !PAM_MP ++static void passwd_copy(struct passwd *dst,struct passwd *src) ++{ ++ dst->pw_name=g_strdup(src->pw_name); ++ dst->pw_uid=src->pw_uid; ++ dst->pw_gid=src->pw_gid; ++ if(src->pw_gecos) ++ dst->pw_gecos=g_strdup(src->pw_gecos); ++ dst->pw_dir=g_strdup(src->pw_dir); ++ dst->pw_shell=g_strdup(src->pw_shell); ++} ++#endif ++ ++#if !HAVE_LIBPAM ++ ++ ++int lxdm_auth_init(LXDM_AUTH *a) ++{ ++ memset(a,0m,sizeof(*a)); ++ return 0; ++} ++ ++int lxdm_auth_cleanup(LXDM_AUTH *a) ++{ ++ passwd_clean(&a->pw); ++ return 0; ++} ++ ++int lxdm_auth_user_authenticate(LXDM_AUTH *a,const char *user,const char *pass,int type) ++{ ++ struct passwd *pw; ++ struct spwd *sp; ++ char *real; ++ char *enc; ++ if(!user || !user[0]) ++ { ++ g_debug("user==NULL\n"); ++ return AUTH_ERROR; ++ } ++ pw = getpwnam(user); ++ endpwent(); ++ if(!pw) ++ { ++ g_debug("user %s not found\n",user); ++ return AUTH_BAD_USER; ++ } ++ if(strstr(pw->pw_shell, "nologin")) ++ { ++ g_debug("user %s have nologin shell\n",user); ++ return AUTH_PRIV; ++ } ++ if(type==AUTH_TYPE_AUTO_LOGIN && !pass) ++ { ++ goto out; ++ } ++ sp = getspnam(user); ++ if( !sp ) ++ { ++ return AUTH_FAIL; ++ } ++ endspent(); ++ real = sp->sp_pwdp; ++ if( !real || !real[0] ) ++ { ++ if( !pass || !pass[0] ) ++ { ++ *ppw = pw; ++ g_debug("user %s auth with no password ok\n",user); ++ return AUTH_SUCCESS; ++ } ++ else ++ { ++ g_debug("user %s password not match\n",user); ++ return AUTH_FAIL; ++ } ++ } ++ enc = crypt(pass, real); ++ if( strcmp(real, enc) ) ++ { ++ g_debug("user %s password not match\n",user); ++ return AUTH_FAIL; ++ } ++out: ++ g_debug("user %s auth ok\n",pw->pw_name); ++ passwd_copy(&a->pw,pw); ++ return AUTH_SUCCESS; ++} ++ ++int lxdm_auth_session_begin(LXDM_AUTH *a,int tty,int display,char mcookie[16]) ++{ ++ return 0; ++} ++ ++int lxdm_auth_session_end(LXDM_AUTH *a) ++{ ++ return 0; ++} ++ ++int lxdm_auth_clean_for_child(LXDM_AUTH *a) ++{ ++ return 0; ++} ++ ++char **lxdm_auth_append_env(LXDM_AUTH *a,char **env) ++{ ++ return env; ++} ++ ++int lxdm_auth_session_run(LXDM_AUTH *a,const char *session_exec,char **env) ++{ ++ int pid; ++ pid = fork(); ++ if(pid==0) ++ { ++ env=lxdm_auth_append_env(a,env); ++ lxdm_auth_clean_for_child(a); ++ switch_user(&a->pw, session_exec, env); ++ lxdm_quit_self(4); ++ } ++ return pid; ++} ++ ++#elif !PAM_MP ++ ++#include <security/pam_appl.h> ++ ++static char *user_pass[2]; ++ ++static int do_conv(int num, const struct pam_message **msg,struct pam_response **resp, void *arg) ++{ ++ int result = PAM_SUCCESS; ++ int i; ++ *resp = (struct pam_response *) calloc(num, sizeof(struct pam_response)); ++ for(i=0;i<num;i++) ++ { ++ //printf("MSG: %d %s\n",msg[i]->msg_style,msg[i]->msg); ++ switch(msg[i]->msg_style){ ++ case PAM_PROMPT_ECHO_ON: ++ resp[i]->resp=strdup(user_pass[0]?user_pass[0]:""); ++ break; ++ case PAM_PROMPT_ECHO_OFF: ++ //resp[i]->resp=strdup(user_pass[1]?user_pass[1]:""); ++ resp[i]->resp=user_pass[1]?strdup(user_pass[1]):NULL; ++ break; ++ case PAM_ERROR_MSG: ++ case PAM_TEXT_INFO: ++ //printf("PAM: %s\n",msg[i]->msg); ++ break; ++ default: ++ break; ++ } ++ } ++ return result; ++} ++ ++static struct pam_conv conv={.conv=do_conv,.appdata_ptr=user_pass}; ++ ++int lxdm_auth_init(LXDM_AUTH *a) ++{ ++ memset(a,0,sizeof(*a)); ++ return 0; ++} ++ ++int lxdm_auth_cleanup(LXDM_AUTH *a) ++{ ++ passwd_clean(&a->pw); ++ return 0; ++} ++ ++int lxdm_auth_user_authenticate(LXDM_AUTH *a,const char *user,const char *pass,int type) ++{ ++ struct passwd *pw; ++ if(!user || !user[0]) ++ { ++ g_debug("user==NULL\n"); ++ return AUTH_ERROR; ++ } ++ pw = getpwnam(user); ++ endpwent(); ++ if(!pw) ++ { ++ g_debug("user %s not found\n",user); ++ return AUTH_BAD_USER; ++ } ++ if(strstr(pw->pw_shell, "nologin")) ++ { ++ g_debug("user %s have nologin shell\n",user); ++ return AUTH_PRIV; ++ } ++ if(a->handle) pam_end(a->handle,0); ++ if(PAM_SUCCESS != pam_start("lxdm", pw->pw_name, &conv, (pam_handle_t**)&a->handle)) ++ { ++ a->handle=NULL; ++ g_debug("user %s start pam fail\n",user); ++ return AUTH_FAIL; ++ } ++ else ++ { ++ int ret; ++ if(type==AUTH_TYPE_AUTO_LOGIN && !pass) ++ goto out; ++ user_pass[0]=(char*)user;user_pass[1]=(char*)pass; ++ ret=pam_authenticate(a->handle,PAM_SILENT); ++ user_pass[0]=0;user_pass[1]=0; ++ if(ret!=PAM_SUCCESS) ++ { ++ g_debug("user %s auth fail with %d\n",user,ret); ++ return AUTH_FAIL; ++ } ++ ret=pam_acct_mgmt(a->handle,PAM_SILENT); ++ if(ret!=PAM_SUCCESS) ++ { ++ g_debug("user %s acct mgmt fail with %d\n",user,ret); ++ return AUTH_FAIL; ++ } ++ } ++out: ++ passwd_copy(&a->pw,pw); ++ return AUTH_SUCCESS; ++} ++ ++int lxdm_auth_session_begin(LXDM_AUTH *a,const char *name,int tty,int display,char mcookie[16]) ++{ ++ int err; ++ char x[256]; ++ ++ if(!a->handle) ++ { ++ g_message("begin session without auth\n"); ++ return -1; ++ } ++ sprintf(x, "tty%d", tty); ++ pam_set_item(a->handle, PAM_TTY, x); ++#ifdef PAM_XDISPLAY ++ sprintf(x,":%d",display); ++ pam_set_item(a->handle, PAM_XDISPLAY, x); ++#endif ++#if !defined(DISABLE_XAUTH) && defined(PAM_XAUTHDATA) ++ struct pam_xauth_data value; ++ value.name="MIT-MAGIC-COOKIE-1"; ++ value.namelen=18; ++ value.data=mcookie; ++ value.datalen=16; ++ pam_set_item (a->handle, PAM_XAUTHDATA, &value); ++#endif ++ if(name && name[0]) ++ { ++ char *env; ++ env = g_strdup_printf ("DESKTOP_SESSION=%s", name); ++ pam_putenv (a->handle, env); ++ g_free (env); ++ } ++ err = pam_open_session(a->handle, 0); /* FIXME pam session failed */ ++ if( err != PAM_SUCCESS ) ++ g_warning( "pam open session error \"%s\"\n", pam_strerror(a->handle, err)); ++ return 0; ++} ++ ++int lxdm_auth_session_end(LXDM_AUTH *a) ++{ ++ int err; ++ if(!a->handle) ++ return 0; ++ err = pam_close_session(a->handle, 0); ++ pam_end(a->handle, err); ++ a->handle = NULL; ++ passwd_clean(&a->pw); ++ return 0; ++} ++ ++int lxdm_auth_clean_for_child(LXDM_AUTH *a) ++{ ++ pam_end(a->handle,0); ++ return 0; ++} ++ ++char **lxdm_auth_append_env(LXDM_AUTH *a,char **env) ++{ ++ int i,j,n,pa; ++ char **penv; ++ if(!a->handle) return env; ++ penv=pam_getenvlist(a->handle); ++ if(!penv) return env; ++ pa=g_strv_length(penv); ++ if(pa==0) ++ { ++ free(penv); ++ return env; ++ } ++ env=g_renew(char *,env,g_strv_length(env)+1+pa+10); ++ for(i=0;penv[i]!=NULL;i++) ++ { ++ fprintf(stderr,"PAM %s\n",penv[i]); ++ n=strcspn(penv[i],"=")+1; ++ for(j=0;env[j]!=NULL;j++) ++ { ++ if(!strncmp(penv[i],env[j],n)) ++ break; ++ if(env[j+1]==NULL) ++ { ++ env[j+1]=g_strdup(penv[i]); ++ env[j+2]=NULL; ++ break; ++ } ++ } ++ free(penv[i]); ++ } ++ free(penv); ++ return env; ++} ++ ++int lxdm_auth_session_run(LXDM_AUTH *a,const char *session_exec,char **env) ++{ ++ int pid; ++ pid = fork(); ++ if(pid==0) ++ { ++ env=lxdm_auth_append_env(a,env); ++ lxdm_auth_clean_for_child(a); ++ switch_user(&a->pw, session_exec, env); ++ lxdm_quit_self(4); ++ } ++ return pid; ++} ++ ++#else ++ ++static void xwrite(int fd,const void *buf,size_t size) ++{ ++ int ret; ++ do{ ++ ret=write(fd,buf,size); ++ }while(ret==-1 && errno==EINTR); ++} ++ ++static int xreadline(int fd,char *buf,size_t size) ++{ ++ int i; ++ for(i=0;i<size-1;i++) ++ { ++ int ret; ++ do{ ++ ret=read(fd,buf+i,1); ++ }while(ret==-1 && errno==EINTR); ++ if(buf[i]==-1 || buf[i]=='\n') ++ break; ++ } ++ buf[i]=0; ++ return i; ++} ++ ++int lxdm_auth_init(LXDM_AUTH *a) ++{ ++ memset(a,0,sizeof(*a)); ++ a->pipe[0]=a->pipe[1]=-1; ++ return 0; ++} ++ ++int lxdm_auth_cleanup(LXDM_AUTH *a) ++{ ++ passwd_clean(&a->pw); ++ if(a->pipe[0]!=-1) ++ { ++ close(a->pipe[0]); ++ a->pipe[0]=-1; ++ } ++ if(a->pipe[1]!=-1) ++ { ++ close(a->pipe[1]); ++ a->pipe[1]=-1; ++ } ++ return 0; ++} ++ ++//#undef LXDM_SESSION_PATH ++//#define LXDM_SESSION_PATH "./lxdm-session" ++static int check_child(LXDM_AUTH *a) ++{ ++ if(a->pipe[0]!=-1) ++ return 0; ++ char *argv[3]={LXDM_SESSION_PATH,NULL,NULL}; ++ GPid pid; ++ gboolean ret; ++ ret = g_spawn_async_with_pipes(NULL, argv, NULL, ++ G_SPAWN_DO_NOT_REAP_CHILD, NULL,NULL, ++ &pid, a->pipe + 0, a->pipe + 1, NULL, NULL); ++ if(ret==FALSE) ++ { ++ g_message("spawn lxdm-auth fail\n"); ++ return -1; ++ } ++ a->child=(int)pid; ++ return 0; ++} ++ ++int lxdm_auth_user_authenticate(LXDM_AUTH *a,const char *user,const char *pass,int type) ++{ ++ char temp[128]; ++ char res[8]; ++ int ret; ++ if(check_child(a)!=0) ++ { ++ printf("check child fail\n"); ++ return -1; ++ } ++ if(type==AUTH_TYPE_AUTO_LOGIN && pass) ++ type=AUTH_TYPE_NORMAL; ++ else if(type==AUTH_TYPE_NORMAL && !pass) ++ type=AUTH_TYPE_NULL_PASS; ++ xwrite(a->pipe[0],"auth\n",5); ++ ret=sprintf(temp,"%d\n",type); ++ xwrite(a->pipe[0],temp,ret); ++ ret=sprintf(temp,"%s\n",user); ++ xwrite(a->pipe[0],temp,ret); ++ if(pass!=NULL) ++ ret=sprintf(temp,"%s\n",pass); ++ xwrite(a->pipe[0],temp,ret); ++ ret=xreadline(a->pipe[1],res,sizeof(res)); ++ if(ret<=0) ++ { ++ g_message("read user auth result fail\n"); ++ return -1; ++ } ++ ret=atoi(res); ++ if(ret==AUTH_SUCCESS) ++ { ++ passwd_clean(&a->pw); ++ a->pw.pw_name=g_strdup(user); ++ ret=xreadline(a->pipe[1],temp,sizeof(temp)); ++ if(ret==-1) return -1; ++ a->pw.pw_uid=atoi(temp); ++ ret=xreadline(a->pipe[1],temp,sizeof(temp)); ++ if(ret==-1) return -1; ++ a->pw.pw_gid=atoi(temp); ++ ret=xreadline(a->pipe[1],temp,sizeof(temp)); ++ if(ret==-1) return -1; ++ a->pw.pw_gecos=g_strdup(temp); ++ ret=xreadline(a->pipe[1],temp,sizeof(temp)); ++ if(ret==-1) return -1; ++ a->pw.pw_dir=g_strdup(temp); ++ ret=xreadline(a->pipe[1],temp,sizeof(temp)); ++ if(ret==-1) return -1; ++ a->pw.pw_shell=g_strdup(temp); ++ } ++ return atoi(res); ++} ++#include <assert.h> ++int lxdm_auth_session_begin(LXDM_AUTH *a,const char *name,int tty,int display,char mcookie[16]) ++{ ++ char temp[32]; ++ char res[8]; ++ gchar *b64; ++ int ret; ++ ++ if(check_child(a)!=0) ++ return -1; ++ xwrite(a->pipe[0],"begin\n",6); ++ ret=sprintf(temp,"%s\n",name?:""); ++ xwrite(a->pipe[0],temp,ret); ++ ret=sprintf(temp,"%d\n",tty); ++ xwrite(a->pipe[0],temp,ret); ++ ret=sprintf(temp,"%d\n",display); ++ xwrite(a->pipe[0],temp,ret); ++ b64=g_base64_encode((const guchar*)mcookie,16); ++ assert(b64!=NULL); ++ ret=sprintf(temp,"%s\n",b64); ++ g_free(b64); ++ xwrite(a->pipe[0],temp,ret); ++ ret=xreadline(a->pipe[1],res,sizeof(res)); ++ if(ret<=0) ++ { ++ g_message("pam session begin fail\n"); ++ return -1; ++ } ++ ret=atoi(res); ++ return ret; ++} ++ ++int lxdm_auth_session_end(LXDM_AUTH *a) ++{ ++ passwd_clean(&a->pw); ++ if(a->pipe[0]!=-1) ++ { ++ xwrite(a->pipe[0],"exit\n",5); ++ close(a->pipe[0]); ++ a->pipe[0]=-1; ++ } ++ if(a->pipe[1]!=-1) ++ { ++ close(a->pipe[1]); ++ a->pipe[1]=-1; ++ } ++ return 0; ++} ++ ++int lxdm_auth_clean_for_child(LXDM_AUTH *a) ++{ ++ return 0; ++} ++ ++char **lxdm_auth_append_env(LXDM_AUTH *a,char **env) ++{ ++ int i,j,n,pa; ++ char temp[1024]; ++ int ret; ++ char **penv; ++ ++ if(check_child(a)!=0) ++ return env; ++ xwrite(a->pipe[0],"env\n",4); ++ ret=xreadline(a->pipe[1],temp,sizeof(temp)); ++ if(ret<=0) return env; ++ penv=g_strsplit(temp," ",-1); ++ pa=g_strv_length(penv); ++ if(pa==0) ++ { ++ g_strfreev(penv); ++ return env; ++ } ++ env=g_renew(char *,env,g_strv_length(env)+1+pa+10); ++ for(i=0;penv[i]!=NULL;i++) ++ { ++ g_debug("PAM %s\n",penv[i]); ++ n=strcspn(penv[i],"=")+1; ++ for(j=0;env[j]!=NULL;j++) ++ { ++ if(!strncmp(penv[i],env[j],n)) ++ break; ++ if(env[j+1]==NULL) ++ { ++ env[j+1]=g_strdup(penv[i]); ++ env[j+2]=NULL; ++ break; ++ } ++ } ++ } ++ g_strfreev(penv); ++ return env; ++} ++ ++int lxdm_auth_session_run(LXDM_AUTH *a,const char *session_exec,char **env) ++{ ++ int fd; ++ if(check_child(a)!=0) ++ return -1; ++ fd=a->pipe[0]; ++ if(env!=NULL) ++ { ++ int i; ++ xwrite(fd,"putenv\n",7); ++ for(i=0;env[i]!=NULL;i++) ++ { ++ xwrite(fd,env[i],strlen(env[i])); ++ xwrite(fd,"\n",1); ++ } ++ xwrite(a->pipe[0],"\n",1); ++ } ++ xwrite(fd,"exec\n",5); ++ xwrite(fd,session_exec,strlen(session_exec)); ++ xwrite(fd,"\n",1); ++ return a->child; ++} ++ ++#endif ++ +diff --git a/src/auth.h b/src/auth.h +new file mode 100644 +index 0000000..84d2267 +--- /dev/null ++++ b/src/auth.h +@@ -0,0 +1,44 @@ ++/* ++ * lxdm.c - main entry of lxdm ++ * ++ * Copyright 2009 dgod <dgod.osa@gmail.com> ++ * ++ * This program is free software; you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * This program is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with this program; if not, write to the Free Software ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, ++ * MA 02110-1301, USA. ++ */ ++ ++#pragma once ++ ++typedef struct{ ++ void *handle; ++ struct passwd pw; ++ int pipe[2]; ++ int child; ++}LXDM_AUTH; ++ ++enum{ ++ AUTH_TYPE_NORMAL=0, ++ AUTH_TYPE_AUTO_LOGIN, ++ AUTH_TYPE_NULL_PASS ++}; ++ ++int lxdm_auth_init(LXDM_AUTH *a); ++int lxdm_auth_cleanup(LXDM_AUTH *a); ++int lxdm_auth_user_authenticate(LXDM_AUTH *a,const char *user,const char *pass,int type); ++int lxdm_auth_session_begin(LXDM_AUTH *a,const char *name,int tty,int display,char mcookie[16]); ++int lxdm_auth_session_end(LXDM_AUTH *a); ++int lxdm_auth_clean_for_child(LXDM_AUTH *a); ++char **lxdm_auth_append_env(LXDM_AUTH *a,char **env); ++int lxdm_auth_session_run(LXDM_AUTH *a,const char *session_exec,char **env); diff --git a/src/config.c b/src/config.c index 3f92f7b..bee826d 100644 --- a/src/config.c @@ -1456,30 +2192,62 @@ index 0000000..24a6c38 +#endif /*_LXCOMMON_H_*/ + diff --git a/src/lxdm.c b/src/lxdm.c -index 5c279af..ff06389 100644 +index 5c279af..85ef3be 100644 --- a/src/lxdm.c +++ b/src/lxdm.c -@@ -25,8 +25,12 @@ +@@ -24,9 +24,6 @@ + #ifdef HAVE_CONFIG_H #include <config.h> #endif - #ifndef HAVE_LIBPAM +-#ifndef HAVE_LIBPAM +-#define HAVE_LIBPAM 0 +-#endif + + #include <stdio.h> + #include <stdlib.h> +@@ -58,17 +55,27 @@ + #include <utmpx.h> + #endif + +-#if HAVE_LIBPAM +-#include <security/pam_appl.h> +-#endif +- + #if HAVE_LIBCK_CONNECTOR + #include <ck-connector.h> + #endif + ++#ifndef HAVE_LIBPAM +#ifdef USE_PAM +#define HAVE_LIBPAM 1 +#else - #define HAVE_LIBPAM 0 - #endif ++#define HAVE_LIBPAM 0 +#endif - - #include <stdio.h> - #include <stdlib.h> -@@ -69,6 +73,7 @@ ++#endif ++ ++#if HAVE_LIBPAM ++#include <security/pam_appl.h> ++#endif ++ #include "lxdm.h" #include "lxcom.h" #include "xconn.h" +#include "lxcommon.h" ++#include "auth.h" #define LOGFILE "/var/log/lxdm.log" +@@ -82,9 +89,7 @@ typedef struct{ + int display; + char *option; /* hold option in config file */ + xconn_t dpy; /* hold this, or X crack */ +-#if HAVE_LIBPAM +- pam_handle_t *pamh; +-#endif ++ LXDM_AUTH auth; + #if HAVE_LIBCK_CONNECTOR + CkConnector *ckc; + #endif @@ -96,6 +101,7 @@ typedef struct{ GKeyFile *config; @@ -1488,38 +2256,26 @@ index 5c279af..ff06389 100644 static GSList *session_list; static void lxdm_startx(LXSession *s); -@@ -154,6 +160,30 @@ void stop_pid(int pid) +@@ -153,18 +159,6 @@ void stop_pid(int pid) + while( waitpid(-1, 0, WNOHANG) > 0 ) ; } - #if HAVE_LIBPAM -+ -+// just hack to work with some bad pam module -+static guint first_pam_source=2; -+static gboolean clean_pam_func(void) -+{ -+ return FALSE; -+} -+static void clean_pam_glib_source_prepare(pam_handle_t *pamh) -+{ -+ if(pamh) return; -+ first_pam_source=g_idle_add((GSourceFunc)clean_pam_func,NULL); -+} -+static void clean_pam_glib_source_run(void) -+{ -+ int i,end=first_pam_source+256; -+ for(i=first_pam_source;i<end;i++) -+ { -+ if(g_source_remove(i)==TRUE) -+ { -+ first_pam_source=i+1; -+ } -+ } -+} -+ - static void close_pam_session(pam_handle_t *pamh) +-#if HAVE_LIBPAM +-static void close_pam_session(pam_handle_t *pamh) +-{ +- int err; +- if( !pamh ) return; +- err = pam_close_session(pamh, 0); +- //err=pam_setcred(pamh, PAM_DELETE_CRED); +- pam_end(pamh, err); +- pamh = NULL; +-} +-#endif +- + static LXSession *lxsession_find_greeter(void) { - int err; -@@ -271,7 +301,7 @@ static int lxsession_alloc_tty(void) + GSList *p; +@@ -271,7 +265,7 @@ static int lxsession_alloc_tty(void) static int lxsession_alloc_display(void) { int i; @@ -1528,7 +2284,27 @@ index 5c279af..ff06389 100644 { if(!display_is_used(i)) return i; -@@ -467,7 +497,7 @@ static char *lxsession_xserver_command(LXSession *s) +@@ -299,6 +293,7 @@ static LXSession *lxsession_add(void) + return NULL; + } + s->env=NULL; ++ lxdm_auth_init(&s->auth); + session_list=g_slist_prepend(session_list,s); + lxdm_startx(s); + return s; +@@ -354,10 +349,7 @@ static void lxsession_stop(LXSession *s) + { + xconn_clean(s->dpy); + } +-#if HAVE_LIBPAM +- close_pam_session(s->pamh); +- s->pamh=NULL; +-#endif ++ lxdm_auth_session_end(&s->auth); + #if HAVE_LIBCK_CONNECTOR + if( s->ckc != NULL ) + { +@@ -467,7 +459,7 @@ static char *lxsession_xserver_command(LXSession *s) i++; } } @@ -1537,7 +2313,7 @@ index 5c279af..ff06389 100644 arg = g_renew(char *, arg, arc + 10); if(nr_tty) { -@@ -477,8 +507,11 @@ printf("arc %d\n",arc); +@@ -477,8 +469,11 @@ printf("arc %d\n",arc); arg[arc++] = g_strdup_printf(":%d",s->display); if(s->tty>0) arg[arc++] = g_strdup_printf("vt%02d", s->tty); @@ -1551,7 +2327,7 @@ index 5c279af..ff06389 100644 arg[arc] = NULL; p=g_strjoinv(" ", arg); g_strfreev(arg); -@@ -518,15 +551,17 @@ void lxdm_get_tty(void) +@@ -518,15 +513,17 @@ void lxdm_get_tty(void) { nr_tty=1; } @@ -1572,7 +2348,14 @@ index 5c279af..ff06389 100644 if(plymouth) { nr_tty=1; -@@ -557,6 +592,7 @@ static void log_init(void) +@@ -550,13 +547,13 @@ void lxdm_quit_self(int code) + static void log_init(void) + { + int fd_log; +- + g_unlink(LOGFILE ".old"); + g_rename(LOGFILE, LOGFILE ".old"); + fd_log = open(LOGFILE, O_CREAT|O_APPEND|O_TRUNC|O_WRONLY|O_EXCL, 0640); if(fd_log == -1) return; dup2(fd_log, 1); dup2(fd_log, 2); @@ -1580,7 +2363,7 @@ index 5c279af..ff06389 100644 } static void log_ignore(const gchar *log_domain, GLogLevelFlags log_level, -@@ -647,6 +683,19 @@ static void replace_env(char** env, const char* name, const char* new_val) +@@ -647,6 +644,19 @@ static void replace_env(char** env, const char* name, const char* new_val) *(penv + 1) = NULL; } @@ -1600,7 +2383,7 @@ index 5c279af..ff06389 100644 #ifndef DISABLE_XAUTH static inline void xauth_write_uint16(int fd,uint16_t data) -@@ -665,15 +714,20 @@ static inline void xauth_write_string(int fd,const char *s) +@@ -665,15 +675,20 @@ static inline void xauth_write_string(int fd,const char *s) write(fd,s,len); } @@ -1625,7 +2408,7 @@ index 5c279af..ff06389 100644 xauth_write_string(fd,"MIT-MAGIC-COOKIE-1"); xauth_write_uint16(fd,16); write(fd,data,16); -@@ -695,9 +749,9 @@ static void create_server_auth(LXSession *s) +@@ -695,139 +710,55 @@ static void create_server_auth(LXSession *s) authfile = g_strdup_printf("/var/run/lxdm/lxdm-:%d.auth",s->display); @@ -1637,17 +2420,20 @@ index 5c279af..ff06389 100644 g_free(authfile); } -@@ -706,27 +760,35 @@ static void create_client_auth(char *home,char **env) +-static void create_client_auth(char *home,char **env) ++static void create_client_auth(struct passwd *pw,char **env) + { LXSession *s; char *authfile; - uid_t user; +- uid_t user; - char *path; - if((user=getuid())== 0 ) /* root don't need it */ -+ if((user=getuid())==0) /* root don't need it */ ++ if(pw->pw_uid==0) /* root don't need it */ return; - s=lxsession_find_user(user); +- s=lxsession_find_user(user); ++ s=lxsession_find_user(pw->pw_uid); if(!s) return; - @@ -1668,130 +2454,227 @@ index 5c279af..ff06389 100644 + path=g_key_file_get_string(config,"base","xauth_path",NULL); + if(path) + { -+ authfile = g_strdup_printf("%s/.Xauth%d", path,user); ++ authfile = g_strdup_printf("%s/.Xauth%d", path,pw->pw_uid); + g_free(path); + } + else + { -+ authfile = g_strdup_printf("%s/.Xauthority", home); ++ authfile = g_strdup_printf("%s/.Xauthority", pw->pw_dir); + } } remove(authfile); - xauth_write_file(authfile,s->mcookie); + xauth_write_file(authfile,s->display,s->mcookie); replace_env(env,"XAUTHORITY=",authfile); ++ chown(authfile,pw->pw_uid,pw->pw_gid); g_free(authfile); } -@@ -748,7 +810,8 @@ static int do_conv(int num, const struct pam_message **msg,struct pam_response * - resp[i]->resp=strdup(user_pass[0]?user_pass[0]:""); - break; - case PAM_PROMPT_ECHO_OFF: -- resp[i]->resp=strdup(user_pass[1]?user_pass[1]:""); -+ //resp[i]->resp=strdup(user_pass[1]?user_pass[1]:""); -+ resp[i]->resp=user_pass[1]?strdup(user_pass[1]):NULL; - break; - case PAM_ERROR_MSG: - case PAM_TEXT_INFO: -@@ -762,6 +825,7 @@ static int do_conv(int num, const struct pam_message **msg,struct pam_response * - } - - static struct pam_conv conv={.conv=do_conv,.appdata_ptr=user_pass}; -+ #endif - int lxdm_auth_user(char *user, char *pass, struct passwd **ppw) -@@ -789,7 +853,7 @@ int lxdm_auth_user(char *user, char *pass, struct passwd **ppw) - g_debug("user %s not found\n",user); - return AUTH_BAD_USER; - } +-#if HAVE_LIBPAM +-static char *user_pass[2]; +- +-static int do_conv(int num, const struct pam_message **msg,struct pam_response **resp, void *arg) +-{ +- int result = PAM_SUCCESS; +- int i; +- *resp = (struct pam_response *) calloc(num, sizeof(struct pam_response)); +- for(i=0;i<num;i++) +- { +- //printf("MSG: %d %s\n",msg[i]->msg_style,msg[i]->msg); +- switch(msg[i]->msg_style){ +- case PAM_PROMPT_ECHO_ON: +- resp[i]->resp=strdup(user_pass[0]?user_pass[0]:""); +- break; +- case PAM_PROMPT_ECHO_OFF: +- resp[i]->resp=strdup(user_pass[1]?user_pass[1]:""); +- break; +- case PAM_ERROR_MSG: +- case PAM_TEXT_INFO: +- //printf("PAM: %s\n",msg[i]->msg); +- break; +- default: +- break; +- } +- } +- return result; +-} +- +-static struct pam_conv conv={.conv=do_conv,.appdata_ptr=user_pass}; +-#endif +- +-int lxdm_auth_user(char *user, char *pass, struct passwd **ppw) ++int lxdm_auth_user(int type,char *user, char *pass, struct passwd **ppw) + { +- struct passwd *pw; +-#if !HAVE_LIBPAM +- struct spwd *sp; +- char *real; +- char *enc; +-#endif +- if( !user ) +- { +- g_debug("user==NULL\n"); +- return AUTH_ERROR; +- } +- if( !user[0] ) +- { +- g_debug("user[0]==0\n"); +- return AUTH_BAD_USER; +- } +- pw = getpwnam(user); +- endpwent(); +- if( !pw ) +- { +- g_debug("user %s not found\n",user); +- return AUTH_BAD_USER; +- } - if( !pass ) -+ if( !pass && !g_key_file_get_integer(config,"base","skip_password",NULL)) - { - *ppw = pw; - g_debug("user %s auth ok\n",user); -@@ -808,7 +872,7 @@ int lxdm_auth_user(char *user, char *pass, struct passwd **ppw) - real = sp->sp_pwdp; - if( !real || !real[0] ) - { +- { +- *ppw = pw; +- g_debug("user %s auth ok\n",user); +- return AUTH_SUCCESS; +- } +- if(strstr(pw->pw_shell, "nologin")) +- { +- g_debug("user %s have nologin shell\n",user); +- return AUTH_PRIV; +- } +-#if !HAVE_LIBPAM +- sp = getspnam(user); +- if( !sp ) +- return AUTH_FAIL; +- endspent(); +- real = sp->sp_pwdp; +- if( !real || !real[0] ) +- { - if( !pass[0] ) -+ if( !pass || !pass[0] ) - { - *ppw = pw; - g_debug("user %s auth with no password ok\n",user); -@@ -837,6 +901,7 @@ int lxdm_auth_user(char *user, char *pass, struct passwd **ppw) +- { +- *ppw = pw; +- g_debug("user %s auth with no password ok\n",user); +- return AUTH_SUCCESS; +- } +- else +- { +- g_debug("user %s password not match\n",user); +- return AUTH_FAIL; +- } +- } +- enc = crypt(pass, real); +- if( strcmp(real, enc) ) +- { +- g_debug("user %s password not match\n",user); +- return AUTH_FAIL; +- } +-#else + LXSession *s; ++ int ret; + s=lxsession_find_greeter(); + if(!s) s=lxsession_find_idle(); + if(!s) s=lxsession_add(); +@@ -836,97 +767,12 @@ int lxdm_auth_user(char *user, char *pass, struct passwd **ppw) + g_critical("lxsession_add fail\n"); exit(0); } - if(s->pamh) pam_end(s->pamh,0); -+ clean_pam_glib_source_prepare(NULL); - if(PAM_SUCCESS != pam_start("lxdm", pw->pw_name, &conv, &s->pamh)) - { - s->pamh=NULL; -@@ -874,6 +939,7 @@ void setup_pam_session(LXSession *s,struct passwd *pw,char *session_name) - int err; - char x[256]; - -+ clean_pam_glib_source_prepare(s->pamh); - if(!s->pamh && PAM_SUCCESS != pam_start("lxdm", pw->pw_name, &conv, &s->pamh)) - { - s->pamh = NULL; -@@ -886,6 +952,15 @@ void setup_pam_session(LXSession *s,struct passwd *pw,char *session_name) - pam_set_item(s->pamh, PAM_XDISPLAY, getenv("DISPLAY") ); - #endif - -+#if !defined(DISABLE_XAUTH) && defined(PAM_XAUTHDATA) -+ struct pam_xauth_data value; -+ value.name="MIT-MAGIC-COOKIE-1"; -+ value.namelen=18; -+ value.data=s->mcookie; -+ value.datalen=sizeof(s->mcookie); -+ pam_set_item (s->pamh, PAM_XAUTHDATA, &value); -+#endif -+ - if(session_name && session_name[0]) - { - char *env; -@@ -896,18 +971,27 @@ void setup_pam_session(LXSession *s,struct passwd *pw,char *session_name) - err = pam_open_session(s->pamh, 0); /* FIXME pam session failed */ - if( err != PAM_SUCCESS ) - g_warning( "pam open session error \"%s\"\n", pam_strerror(s->pamh, err)); -+ -+ clean_pam_glib_source_run(); - } - +- if(s->pamh) pam_end(s->pamh,0); +- if(PAM_SUCCESS != pam_start("lxdm", pw->pw_name, &conv, &s->pamh)) +- { +- s->pamh=NULL; +- g_debug("user %s start pam fail\n",user); +- return AUTH_FAIL; +- } +- else +- { +- int ret; +- user_pass[0]=user;user_pass[1]=pass; +- ret=pam_authenticate(s->pamh,PAM_SILENT); +- user_pass[0]=0;user_pass[1]=0; +- if(ret!=PAM_SUCCESS) +- { +- g_debug("user %s auth fail with %d\n",user,ret); +- return AUTH_FAIL; +- } +- ret=pam_acct_mgmt(s->pamh,PAM_SILENT); +- if(ret!=PAM_SUCCESS) +- { +- g_debug("user %s acct mgmt fail with %d\n",user,ret); +- return AUTH_FAIL; +- } +- //ret=pam_setcred(s->pamh, PAM_ESTABLISH_CRED); +- } +-#endif +- *ppw = pw; +- g_debug("user %s auth ok\n",pw->pw_name); +- return AUTH_SUCCESS; +-} +- +-#if HAVE_LIBPAM +-void setup_pam_session(LXSession *s,struct passwd *pw,char *session_name) +-{ +- int err; +- char x[256]; +- +- if(!s->pamh && PAM_SUCCESS != pam_start("lxdm", pw->pw_name, &conv, &s->pamh)) +- { +- s->pamh = NULL; +- return; +- } +- if(!s->pamh) return; +- sprintf(x, "tty%d", s->tty); +- pam_set_item(s->pamh, PAM_TTY, x); +-#ifdef PAM_XDISPLAY +- pam_set_item(s->pamh, PAM_XDISPLAY, getenv("DISPLAY") ); +-#endif +- +- if(session_name && session_name[0]) +- { +- char *env; +- env = g_strdup_printf ("DESKTOP_SESSION=%s", session_name); +- pam_putenv (s->pamh, env); +- g_free (env); +- } +- err = pam_open_session(s->pamh, 0); /* FIXME pam session failed */ +- if( err != PAM_SUCCESS ) +- g_warning( "pam open session error \"%s\"\n", pam_strerror(s->pamh, err)); +-} +- -void append_pam_environ(pam_handle_t *pamh,char **env) -+static char **append_pam_environ(pam_handle_t *pamh,char **env) - { +-{ - int i,j,n; -+ int i,j,n,a; - char **penv; +- char **penv; - if(!pamh) return; -+ if(!pamh) return env; - penv=pam_getenvlist(pamh); +- penv=pam_getenvlist(pamh); - if(!penv) return; -+ if(!penv) return env; -+ a=g_strv_length(penv); -+ if(a==0) -+ { -+ free(penv); -+ return env; -+ } -+ env=g_renew(char *,env,g_strv_length(env)+1+a+10); - for(i=0;penv[i]!=NULL;i++) - { +- for(i=0;penv[i]!=NULL;i++) +- { - //printf("PAM %s\n",penv[i]); -+ fprintf(stderr,"PAM %s\n",penv[i]); - n=strcspn(penv[i],"=")+1; - for(j=0;env[j]!=NULL;j++) - { -@@ -923,6 +1007,7 @@ void append_pam_environ(pam_handle_t *pamh,char **env) - free(penv[i]); - } - free(penv); -+ return env; +- n=strcspn(penv[i],"=")+1; +- for(j=0;env[j]!=NULL;j++) +- { +- if(!strncmp(penv[i],env[j],n)) +- break; +- if(env[j+1]==NULL) +- { +- env[j+1]=g_strdup(penv[i]); +- env[j+2]=NULL; +- break; +- } +- } +- free(penv[i]); +- } +- free(penv); ++ ret=lxdm_auth_user_authenticate(&s->auth,user,pass,type); ++ if(ret==AUTH_SUCCESS) ++ *ppw=&s->auth.pw; ++ return ret; } - #endif -@@ -945,6 +1030,12 @@ static void close_left_fds(void) +-#endif +- + static void close_left_fds(void) + { + struct dirent **list; +@@ -945,9 +791,15 @@ static void close_left_fds(void) close(fd); } free(list); @@ -1803,8 +2686,39 @@ index 5c279af..ff06389 100644 + close(fd); } - void switch_user(struct passwd *pw, char *run, char **env) -@@ -1200,6 +1291,11 @@ static void on_session_stop(void *data,int pid, int status) +-void switch_user(struct passwd *pw, char *run, char **env) ++void switch_user(struct passwd *pw, const char *run, char **env) + { + int fd; + +@@ -968,9 +820,6 @@ void switch_user(struct passwd *pw, char *run, char **env) + dup2(fd,STDERR_FILENO); + close(fd); + } +-#ifndef DISABLE_XAUTH +- create_client_auth(pw->pw_dir,env); +-#endif + + /* reset signal */ + signal(SIGCHLD, SIG_DFL); +@@ -1114,7 +963,7 @@ void lxdm_startx(LXSession *s) + g_strfreev(args); + lxcom_add_child_watch(s->server, on_xserver_stop, s); + +- g_message("add xserver watch\n"); ++ g_message("%ld: add xserver watch\n",time(NULL)); + for( i = 0; i < 100; i++ ) + { + if(lxcom_last_sig==SIGINT || lxcom_last_sig==SIGTERM) +@@ -1124,6 +973,7 @@ void lxdm_startx(LXSession *s) + g_usleep(50 * 1000); + //g_message("retry %d\n",i); + } ++ g_message("%ld: start xserver in %d retry",time(NULL),i); + if(s->dpy==NULL) + exit(EXIT_FAILURE); + +@@ -1200,6 +1050,11 @@ static void on_session_stop(void *data,int pid, int status) { lxsession_free(s); } @@ -1816,7 +2730,7 @@ index 5c279af..ff06389 100644 gchar *argv[] = { "/etc/lxdm/PostLogout", NULL }; g_spawn_async(NULL, argv, s->env, G_SPAWN_SEARCH_PATH, NULL, NULL, NULL, NULL); } -@@ -1212,7 +1308,7 @@ gboolean lxdm_get_session_info(char *session,char **pname,char **pexec) +@@ -1212,7 +1067,7 @@ gboolean lxdm_get_session_info(char *session,char **pname,char **pexec) name=g_key_file_get_string(config, "base", "session", 0); if(!name && getenv("PREFERRED")) name = g_strdup(getenv("PREFERRED")); @@ -1825,7 +2739,7 @@ index 5c279af..ff06389 100644 name = g_strdup(getenv("DESKTOP")); if(!name) name=g_strdup("LXDE"); } -@@ -1291,7 +1387,7 @@ static void lxdm_save_login(char *session,char *lang) +@@ -1291,7 +1146,7 @@ static void lxdm_save_login(char *session,char *lang) lang=""; var=g_key_file_new(); g_key_file_set_list_separator(var, ' '); @@ -1834,7 +2748,7 @@ index 5c279af..ff06389 100644 old=g_key_file_get_string(var,"base","last_session",0); if(0!=g_strcmp0(old,session)) { -@@ -1343,7 +1439,7 @@ static void lxdm_save_login(char *session,char *lang) +@@ -1343,7 +1198,7 @@ static void lxdm_save_login(char *session,char *lang) char* data = g_key_file_to_data(var, &len, NULL); mkdir("/var/lib/lxdm",0755); chmod("/var/lib/lxdm",0755); @@ -1843,7 +2757,22 @@ index 5c279af..ff06389 100644 g_free(data); } g_key_file_free(var); -@@ -1451,9 +1547,20 @@ void lxdm_do_login(struct passwd *pw, char *session, char *lang, char *option) +@@ -1423,12 +1278,10 @@ void lxdm_do_login(struct passwd *pw, char *session, char *lang, char *option) + s->ckc=NULL; + } + #endif +-#if HAVE_LIBPAM +- setup_pam_session(s,pw,session_name); +-#endif ++ lxdm_auth_session_begin(&s->auth,session_name,s->tty,s->display,s->mcookie); + #if HAVE_LIBCK_CONNECTOR + #if HAVE_LIBPAM +- if(!s->ckc && (!s->pamh || !pam_getenv(s->pamh,"XDG_SESSION_COOKIE"))) ++ if(!s->ckc && (!s->auth.handle || !pam_getenv(s->auth.handle,"XDG_SESSION_COOKIE"))) + #else + if(!s->ckc) + #endif +@@ -1451,9 +1304,20 @@ void lxdm_do_login(struct passwd *pw, char *session, char *lang, char *option) "x11-display", &n, "is-local",&is_local, NULL)) @@ -1865,16 +2794,36 @@ index 5c279af..ff06389 100644 char** env, *path; int n_env,i; n_env = g_strv_length(environ); -@@ -1488,7 +1595,7 @@ void lxdm_do_login(struct passwd *pw, char *session, char *lang, char *option) +@@ -1483,17 +1347,22 @@ void lxdm_do_login(struct passwd *pw, char *session, char *lang, char *option) + replace_env(env, "LANGUAGE=", lang); + } + s->env = env; ++ ++#ifndef DISABLE_XAUTH ++ create_client_auth(pw,env); ++#endif + +- s->child = pid = fork(); ++ /*s->child = pid = fork(); if(s->child==0) { - #if HAVE_LIBPAM +-#if HAVE_LIBPAM - append_pam_environ(s->pamh,env); -+ env=append_pam_environ(s->pamh,env); - pam_end(s->pamh,0); - #endif +- pam_end(s->pamh,0); +-#endif ++ env=lxdm_auth_append_env(&s->auth,env); ++ lxdm_auth_clean_for_child(&s->auth); switch_user(pw, session_exec, env); -@@ -1519,7 +1626,7 @@ void lxdm_do_shutdown(void) + lxdm_quit_self(4); +- } ++ }*/ ++ ++ s->child = pid = lxdm_auth_session_run(&s->auth,session_exec,env); ++ + g_free(session_name); + g_free(session_exec); + if(alloc_session) +@@ -1519,7 +1388,7 @@ void lxdm_do_shutdown(void) char *cmd; cmd = g_key_file_get_string(config, "cmd", "shutdown", 0); if( !cmd ) cmd = g_strdup("shutdown -h now"); @@ -1883,7 +2832,7 @@ index 5c279af..ff06389 100644 g_spawn_command_line_async(cmd,0); g_free(cmd); lxdm_quit_self(0); -@@ -1548,10 +1655,30 @@ int lxdm_do_auto_login(void) +@@ -1548,10 +1417,30 @@ int lxdm_do_auto_login(void) if(count==1) pass = g_key_file_get_string(config, "base", "password", 0); #endif @@ -1914,7 +2863,7 @@ index 5c279af..ff06389 100644 if(p[0]=='@') { option=p+1; -@@ -1559,9 +1686,14 @@ int lxdm_do_auto_login(void) +@@ -1559,11 +1448,16 @@ int lxdm_do_auto_login(void) session=g_key_file_get_string(config,option,"session",0); lang=g_key_file_get_string(config,option,"lang",0); } @@ -1927,9 +2876,12 @@ index 5c279af..ff06389 100644 + session=g_strdup(last_session); + lang=g_strdup(last_lang); } - ret=lxdm_auth_user(user, pass, &pw); +- ret=lxdm_auth_user(user, pass, &pw); ++ ret=lxdm_auth_user(AUTH_TYPE_AUTO_LOGIN, user, pass, &pw); if(ret==AUTH_SUCCESS) -@@ -1571,9 +1703,11 @@ int lxdm_do_auto_login(void) + { + lxdm_do_login(pw,session,lang,option); +@@ -1571,9 +1465,11 @@ int lxdm_do_auto_login(void) } g_free(user);g_free(session);g_free(lang); } @@ -1942,7 +2894,7 @@ index 5c279af..ff06389 100644 } static void log_sigsegv(void) -@@ -1677,8 +1811,23 @@ GKeyFile *lxdm_user_list(void) +@@ -1677,8 +1573,23 @@ GKeyFile *lxdm_user_list(void) g_key_file_set_comment(kf,NULL,NULL,"lxdm user list",NULL); while((pw=getpwent())!=NULL) { @@ -1966,8 +2918,610 @@ index 5c279af..ff06389 100644 if(strncmp(pw->pw_dir,"/home/",6)) { if(!strv_find(white,pw->pw_name)) +diff --git a/src/lxdm.h b/src/lxdm.h +index 4c79ca3..568573f 100644 +--- a/src/lxdm.h ++++ b/src/lxdm.h +@@ -29,11 +29,12 @@ G_BEGIN_DECLS + + extern GKeyFile *config; + +-int lxdm_auth_user(char *user,char *pass,struct passwd **ppw); ++int lxdm_auth_user(int type,char *user,char *pass,struct passwd **ppw); + void lxdm_do_login(struct passwd *pw,char *session,char *lang,char *option); + void lxdm_do_reboot(void); + void lxdm_do_shutdown(void); + int lxdm_do_auto_login(void); ++void lxdm_quit_self(int code); + + enum AuthResult + { +diff --git a/src/pam.c b/src/pam.c +new file mode 100644 +index 0000000..810e44f +--- /dev/null ++++ b/src/pam.c +@@ -0,0 +1,578 @@ ++/* ++ * lxdm.c - main entry of lxdm ++ * ++ * Copyright 2009 dgod <dgod.osa@gmail.com> ++ * ++ * This program is free software; you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * This program is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with this program; if not, write to the Free Software ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, ++ * MA 02110-1301, USA. ++ */ ++ ++#define _GNU_SOURCE ++ ++#ifdef HAVE_CONFIG_H ++#include <config.h> ++#endif ++#ifndef HAVE_LIBPAM ++#ifdef USE_PAM ++#define HAVE_LIBPAM 1 ++#else ++#define HAVE_LIBPAM 0 ++#endif ++#endif ++ ++#include <stdio.h> ++#include <stdlib.h> ++#include <string.h> ++#include <stdarg.h> ++#include <unistd.h> ++#include <fcntl.h> ++#include <dirent.h> ++#include <errno.h> ++#include <poll.h> ++ ++#include <pwd.h> ++#include <grp.h> ++#include <shadow.h> ++ ++#include <glib.h> ++ ++#include "lxdm.h" ++#include "auth.h" ++ ++static void passwd_copy(struct passwd *dst,struct passwd *src) ++{ ++ dst->pw_name=g_strdup(src->pw_name); ++ dst->pw_uid=src->pw_uid; ++ dst->pw_gid=src->pw_gid; ++ if(src->pw_gecos) ++ dst->pw_gecos=g_strdup(src->pw_gecos); ++ dst->pw_dir=g_strdup(src->pw_dir); ++ dst->pw_shell=g_strdup(src->pw_shell); ++} ++ ++static void passwd_clean(struct passwd *pw) ++{ ++ g_free(pw->pw_name); ++ g_free(pw->pw_gecos); ++ g_free(pw->pw_dir); ++ g_free(pw->pw_shell); ++ memset(pw,0,sizeof(*pw)); ++} ++ ++#if !HAVE_LIBPAM ++ ++int lxdm_auth_init(LXDM_AUTH *a) ++{ ++ memset(a,0m,sizeof(*a)); ++ return 0; ++} ++ ++int lxdm_auth_cleanup(LXDM_AUTH *a) ++{ ++ passwd_clean(&a->pw); ++ return 0; ++} ++ ++int lxdm_auth_user_authenticate(LXDM_AUTH *a,const char *user,const char *pass,int type) ++{ ++ struct passwd *pw; ++ struct spwd *sp; ++ char *real; ++ char *enc; ++ if(!user || !user[0]) ++ { ++ g_debug("user==NULL\n"); ++ return AUTH_ERROR; ++ } ++ pw = getpwnam(user); ++ endpwent(); ++ if(!pw) ++ { ++ g_debug("user %s not found\n",user); ++ return AUTH_BAD_USER; ++ } ++ if(strstr(pw->pw_shell, "nologin")) ++ { ++ g_debug("user %s have nologin shell\n",user); ++ return AUTH_PRIV; ++ } ++ if(type==AUTH_TYPE_AUTO_LOGIN && !pass) ++ { ++ goto out; ++ } ++ sp = getspnam(user); ++ if( !sp ) ++ { ++ return AUTH_FAIL; ++ } ++ endspent(); ++ real = sp->sp_pwdp; ++ if( !real || !real[0] ) ++ { ++ if( !pass || !pass[0] ) ++ { ++ *ppw = pw; ++ g_debug("user %s auth with no password ok\n",user); ++ return AUTH_SUCCESS; ++ } ++ else ++ { ++ g_debug("user %s password not match\n",user); ++ return AUTH_FAIL; ++ } ++ } ++ enc = crypt(pass, real); ++ if( strcmp(real, enc) ) ++ { ++ g_debug("user %s password not match\n",user); ++ return AUTH_FAIL; ++ } ++ g_debug("user %s auth ok\n",pw->pw_name); ++ passwd_copy(&a->pw,pw); ++ return AUTH_SUCCESS; ++} ++ ++int lxdm_auth_session_begin(LXDM_AUTH *a,int tty,int display,char mcookie[16]) ++{ ++ return 0; ++} ++ ++int lxdm_auth_session_end(LXDM_AUTH *a) ++{ ++ return 0; ++} ++ ++int lxdm_auth_clean_for_child(LXDM_AUTH *a) ++{ ++ return 0; ++} ++ ++void lxdm_auth_print_env(LXDM_AUTH *a) ++{ ++} ++ ++#else ++ ++#include <security/pam_appl.h> ++ ++static char *user_pass[2]; ++ ++static int do_conv(int num, const struct pam_message **msg,struct pam_response **resp, void *arg) ++{ ++ int result = PAM_SUCCESS; ++ int i; ++ *resp = (struct pam_response *) calloc(num, sizeof(struct pam_response)); ++ for(i=0;i<num;i++) ++ { ++ //printf("MSG: %d %s\n",msg[i]->msg_style,msg[i]->msg); ++ switch(msg[i]->msg_style){ ++ case PAM_PROMPT_ECHO_ON: ++ resp[i]->resp=strdup(user_pass[0]?user_pass[0]:""); ++ break; ++ case PAM_PROMPT_ECHO_OFF: ++ //resp[i]->resp=strdup(user_pass[1]?user_pass[1]:""); ++ resp[i]->resp=user_pass[1]?strdup(user_pass[1]):NULL; ++ break; ++ case PAM_ERROR_MSG: ++ case PAM_TEXT_INFO: ++ //printf("PAM: %s\n",msg[i]->msg); ++ break; ++ default: ++ break; ++ } ++ } ++ return result; ++} ++ ++static struct pam_conv conv={.conv=do_conv,.appdata_ptr=user_pass}; ++ ++int lxdm_auth_init(LXDM_AUTH *a) ++{ ++ memset(a,0,sizeof(*a)); ++ return 0; ++} ++ ++int lxdm_auth_cleanup(LXDM_AUTH *a) ++{ ++ passwd_clean(&a->pw); ++ return 0; ++} ++ ++int lxdm_auth_user_authenticate(LXDM_AUTH *a,const char *user,const char *pass,int type) ++{ ++ struct passwd *pw; ++ if(!user || !user[0]) ++ { ++ g_debug("user==NULL\n"); ++ return AUTH_ERROR; ++ } ++ pw = getpwnam(user); ++ endpwent(); ++ if(!pw) ++ { ++ g_debug("user %s not found\n",user); ++ return AUTH_BAD_USER; ++ } ++ if(strstr(pw->pw_shell, "nologin")) ++ { ++ g_debug("user %s have nologin shell\n",user); ++ return AUTH_PRIV; ++ } ++ if(a->handle) pam_end(a->handle,0); ++ if(PAM_SUCCESS != pam_start("lxdm", pw->pw_name, &conv, (pam_handle_t**)&a->handle)) ++ { ++ a->handle=NULL; ++ g_debug("user %s start pam fail\n",user); ++ return AUTH_FAIL; ++ } ++ else ++ { ++ int ret; ++ if(type==AUTH_TYPE_AUTO_LOGIN && !pass) ++ goto out; ++ user_pass[0]=(char*)user;user_pass[1]=(char*)pass; ++ ret=pam_authenticate(a->handle,PAM_SILENT); ++ user_pass[0]=0;user_pass[1]=0; ++ if(ret!=PAM_SUCCESS) ++ { ++ g_debug("user %s auth fail with %d\n",user,ret); ++ return AUTH_FAIL; ++ } ++ ret=pam_acct_mgmt(a->handle,PAM_SILENT); ++ if(ret!=PAM_SUCCESS) ++ { ++ g_debug("user %s acct mgmt fail with %d\n",user,ret); ++ return AUTH_FAIL; ++ } ++ } ++out: ++ passwd_copy(&a->pw,pw); ++ return AUTH_SUCCESS; ++} ++ ++int lxdm_auth_session_begin(LXDM_AUTH *a,const char *name,int tty,int display,char mcookie[16]) ++{ ++ int err; ++ char x[256]; ++ ++ if(!a->handle) ++ { ++ return -1; ++ } ++ sprintf(x, "tty%d", tty); ++ pam_set_item(a->handle, PAM_TTY, x); ++#ifdef PAM_XDISPLAY ++ sprintf(x,":%d",display); ++ pam_set_item(a->handle, PAM_XDISPLAY, x); ++#endif ++#if !defined(DISABLE_XAUTH) && defined(PAM_XAUTHDATA) ++ struct pam_xauth_data value; ++ value.name="MIT-MAGIC-COOKIE-1"; ++ value.namelen=18; ++ value.data=mcookie; ++ value.datalen=16; ++ pam_set_item (a->handle, PAM_XAUTHDATA, &value); ++#endif ++ if(name && name[0]) ++ { ++ char *env; ++ env = g_strdup_printf ("DESKTOP_SESSION=%s", name); ++ pam_putenv (a->handle, env); ++ g_free (env); ++ } ++ err = pam_open_session(a->handle, 0); /* FIXME pam session failed */ ++ if( err != PAM_SUCCESS ) ++ g_warning( "pam open session error \"%s\"\n", pam_strerror(a->handle, err)); ++ return 0; ++} ++ ++int lxdm_auth_session_end(LXDM_AUTH *a) ++{ ++ int err; ++ if(!a->handle) ++ return 0; ++ err = pam_close_session(a->handle, 0); ++ pam_end(a->handle, err); ++ a->handle = NULL; ++ passwd_clean(&a->pw); ++ return 0; ++} ++ ++int lxdm_auth_clean_for_child(LXDM_AUTH *a) ++{ ++ pam_end(a->handle,0); ++ return 0; ++} ++ ++void lxdm_auth_print_env(LXDM_AUTH *a) ++{ ++ int i; ++ char **penv; ++ if(!a->handle) return; ++ penv=pam_getenvlist(a->handle); ++ if(!penv) return; ++ for(i=0;penv[i]!=NULL;i++) ++ { ++ if(i!=0) printf(" "); ++ printf("%s",penv[i]); ++ } ++ free(penv); ++} ++ ++void lxdm_auth_put_env(LXDM_AUTH *a) ++{ ++ int i; ++ char **penv; ++ ++ if(!a->handle) return; ++ penv=pam_getenvlist(a->handle); ++ if(!penv) return; ++ for(i=0;penv[i]!=NULL;i++) ++ { ++ if(i!=0) printf(" "); ++ if(0!=putenv(penv[i])) ++ perror("putenv"); ++ } ++ free(penv); ++} ++ ++#endif ++ ++static void close_left_fds(void) ++{ ++ struct dirent **list; ++ char path[256]; ++ int n; ++ ++ snprintf(path,sizeof(path),"/proc/%d/fd",getpid()); ++ n=scandir(path,&list,0,0); ++ if(n<0) return; ++ while(n--) ++ { ++ int fd=atoi(list[n]->d_name); ++ free(list[n]); ++ if(fd<=STDERR_FILENO) ++ continue; ++ close(fd); ++ } ++ free(list); ++ ++ int fd = open("/dev/null", O_WRONLY); ++ if(fd == -1) return; ++ dup2(fd, 1); ++ dup2(fd, 2); ++ close(fd); ++} ++ ++void switch_user(struct passwd *pw, const char *run, char **env) ++{ ++ int fd; ++ ++ setenv("USER",pw->pw_name,1); ++ setenv("LOGNAME",pw->pw_name,1); ++ setenv("SHELL",pw->pw_shell,1); ++ setenv("HOME",pw->pw_dir,1); ++ ++ g_spawn_command_line_sync ("/etc/lxdm/PreLogin",NULL,NULL,NULL,NULL); ++ ++ if( !pw || initgroups(pw->pw_name, pw->pw_gid) || ++ setgid(pw->pw_gid) || setuid(pw->pw_uid)/* || setsid() == -1 */) ++ exit(EXIT_FAILURE); ++ chdir(pw->pw_dir); ++ fd=open(".xsession-errors",O_WRONLY|O_CREAT|O_TRUNC,S_IRUSR|S_IWUSR); ++ if(fd!=-1) ++ { ++ dup2(fd,STDERR_FILENO); ++ close(fd); ++ } ++ ++ /* reset signal */ ++ signal(SIGCHLD, SIG_DFL); ++ signal(SIGTERM, SIG_DFL); ++ signal(SIGPIPE, SIG_DFL); ++ signal(SIGALRM, SIG_DFL); ++ signal(SIGHUP, SIG_DFL); ++ close_left_fds(); ++ ++ g_spawn_command_line_async ("/etc/lxdm/PostLogin",NULL); ++ execle("/etc/lxdm/Xsession", "/etc/lxdm/Xsession", run, NULL, environ); ++ perror("execle"); ++ exit(EXIT_FAILURE); ++} ++ ++void run_session(LXDM_AUTH *a,const char *run) ++{ ++ setsid(); ++ a->child=fork(); ++ if(a->child==0) ++ { ++ lxdm_auth_put_env(a); ++ lxdm_auth_clean_for_child(a); ++ switch_user(&a->pw,run,NULL); ++ _exit(EXIT_FAILURE); ++ } ++} ++ ++LXDM_AUTH a; ++static int session_exit=0; ++ ++static int xreadline(int fd,char *buf,size_t size) ++{ ++ int i; ++ for(i=0;i<size-1;i++) ++ { ++ int ret; ++ do{ ++ ret=read(fd,buf+i,1); ++ }while(ret==-1 && errno==EINTR); ++ if(buf[i]==-1 || buf[i]=='\n') ++ break; ++ } ++ buf[i]=0; ++ return i; ++} ++ ++int file_get_line(char *line, size_t n, FILE *fp) ++{ ++ int len; ++ ++ if(session_exit) ++ return -1; ++/* ++ if(!fgets(line,n,fp)) ++ return -1; ++ len=strcspn(line,"\r\n"); ++ line[len]=0; ++*/ ++ ++ struct pollfd fds; ++ fds.fd=fileno(fp); ++ fds.events=POLLIN; ++ poll(&fds,1,-1); ++ if(session_exit) ++ return -1; ++ ++ len=xreadline(fileno(fp),line,n); ++ return len; ++} ++ ++void sig_handler(int sig) ++{ ++ if(sig==SIGCHLD) ++ { ++ int wpid, status; ++ while(1) ++ { ++ wpid = waitpid(-1,&status,0); ++ if(wpid==a.child) ++ { ++ session_exit=1; ++ } ++ if(wpid<0) break; ++ } ++ } ++} ++ ++int main(int arc,char *arg[]) ++{ ++ char cmd[128]; ++ int ret; ++ ++ setvbuf(stdout, NULL, _IOLBF, 0 ); ++ signal(SIGCHLD,sig_handler); ++ ++ lxdm_auth_init(&a); ++ while(file_get_line(cmd,sizeof(cmd),stdin)>=0) ++ { ++ //fprintf(stderr,"begin %s\n",cmd); ++ if(!strcmp(cmd,"auth")) ++ { ++ char temp[8],user[64],pass[64]; ++ int type; ++ ret=file_get_line(temp,sizeof(temp),stdin); ++ if(ret<0) break; ++ type=atoi(temp); ++ ret=file_get_line(user,sizeof(user),stdin); ++ if(ret<0) break; ++ if(type==AUTH_TYPE_NORMAL) ++ { ++ ret=file_get_line(pass,sizeof(pass),stdin); ++ if(ret<0) break; ++ ret=lxdm_auth_user_authenticate(&a,user,pass,type); ++ } ++ else ++ { ++ ret=lxdm_auth_user_authenticate(&a,user,NULL,type); ++ } ++ printf("%d\n",ret); ++ if(ret==AUTH_SUCCESS) ++ { ++ printf("%d\n",a.pw.pw_uid); ++ printf("%d\n",a.pw.pw_gid); ++ printf("%s\n",a.pw.pw_gecos?:""); ++ printf("%s\n",a.pw.pw_dir); ++ printf("%s\n",a.pw.pw_shell); ++ } ++ } ++ else if(!strcmp(cmd,"begin")) ++ { ++ char name[128],tty[8],display[8],mcookie[32]; ++ gsize out_len; ++ ret=file_get_line(name,sizeof(name),stdin); ++ if(ret<0) break; ++ ret=file_get_line(tty,sizeof(tty),stdin); ++ if(ret<0) break; ++ ret=file_get_line(display,sizeof(display),stdin); ++ if(ret<0) break; ++ ret=file_get_line(mcookie,sizeof(mcookie),stdin); ++ if(ret<0) break; ++ g_base64_decode_inplace(mcookie,&out_len); ++ ret=lxdm_auth_session_begin(&a,name,atoi(tty),atoi(display),mcookie); ++ printf("%d\n",ret); ++ } ++ else if(!strcmp(cmd,"end")) ++ { ++ ret=lxdm_auth_session_end(&a); ++ printf("%d\n",ret); ++ } ++ else if(!strcmp(cmd,"env")) ++ { ++ lxdm_auth_print_env(&a); ++ printf("\n"); ++ } ++ else if(!strcmp(cmd,"putenv")) ++ { ++ char env[1024]; ++ while(file_get_line(env,sizeof(env),stdin)>0) ++ { ++ putenv(env); ++ } ++ } ++ else if(!strcmp(cmd,"exec")) ++ { ++ char run[256]; ++ if(file_get_line(run,sizeof(run),stdin)>0) ++ run_session(&a,run); ++ } ++ else if(!strcmp(cmd,"exit")) ++ { ++ break; ++ } ++ //fprintf(stderr,"end\n"); ++ } ++ lxdm_auth_cleanup(&a); ++ return 0; ++} ++ diff --git a/src/ui.c b/src/ui.c -index 2691a03..cd6d7de 100644 +index 2691a03..f233589 100644 --- a/src/ui.c +++ b/src/ui.c @@ -20,8 +20,6 @@ @@ -1979,7 +3533,15 @@ index 2691a03..cd6d7de 100644 #include <string.h> #include <poll.h> #include <grp.h> -@@ -153,7 +151,7 @@ static gboolean on_greeter_input(GIOChannel *source, GIOCondition condition, gpo +@@ -34,6 +32,7 @@ + + #include "lxdm.h" + #include "lxcom.h" ++#include "auth.h" + + static pid_t greeter = -1; + static int greeter_pipe[2]; +@@ -153,17 +152,22 @@ static gboolean on_greeter_input(GIOChannel *source, GIOCondition condition, gpo char *pass = greeter_param(str, "pass"); char *session = greeter_param(str, "session"); char *lang = greeter_param(str, "lang"); @@ -1987,8 +3549,11 @@ index 2691a03..cd6d7de 100644 + if( user/* && pass */) { struct passwd *pw; - int ret = lxdm_auth_user(user, pass, &pw); -@@ -163,7 +161,12 @@ static gboolean on_greeter_input(GIOChannel *source, GIOCondition condition, gpo +- int ret = lxdm_auth_user(user, pass, &pw); ++ int ret = lxdm_auth_user(AUTH_TYPE_NORMAL, user, pass, &pw); + if( AUTH_SUCCESS == ret && pw != NULL ) + { + ui_drop(); lxdm_do_login(pw, session, lang,NULL); } else @@ -2002,6 +3567,15 @@ index 2691a03..cd6d7de 100644 } g_free(user); g_free(pass); +@@ -180,7 +184,7 @@ static gboolean on_greeter_input(GIOChannel *source, GIOCondition condition, gpo + if(user) + { + struct passwd *pw; +- int ret = lxdm_auth_user(user, pass, &pw); ++ int ret = lxdm_auth_user(AUTH_TYPE_AUTO_LOGIN, user, pass, &pw); + if( AUTH_SUCCESS == ret && pw != NULL ) + { + ui_drop(); diff --git a/systemd/Makefile.am b/systemd/Makefile.am new file mode 100644 index 0000000..b568c5a |