Date: Sat, 26 Jul 2008 17:09:55 +0200 From: Marcin Wisnicki <mwisnicki+freebsd@gmail.com> To: FreeBSD-gnats-submit@freebsd.org Cc: gnome@FreeBSD.org Subject: [PATCH] x11/gdm: GnomeKeyring integration Message-ID: <488b3e46.0407560a.3d5f.fffff426@mx.google.com>
next in thread | raw e-mail | index | archive | help
>Submitter-Id: current-users >Originator: Marcin Wisnicki >Organization: >Confidential: no >Synopsis: [PATCH] x11/gdm: GnomeKeyring integration >Severity: non-critical >Priority: low >Category: ports >Class: change-request >Release: FreeBSD 7.0-STABLE i386 >Environment: System: FreeBSD ghost.pnet.one.pl 7.0-STABLE FreeBSD 7.0-STABLE #15: Fri Jul 25 18:16:53 CEST 2008 >Description: - Optional (enabled by default) GnomeKeyring integration via PAM. - Remove some ancient pam checks There is already pam configuration for gdm service in base system. Because PAM first looks in /etc/pam.d, I need to remove /etc/pam.d/gdm, in order to provide my own customized configuration with port. To make it somewhat persistent (ie. survive base system update), I've decided to remove it from gdm startup script. This patch assumes that ports/125967 is commited. I will also submit similar patch for x11/xscreensaver-gnome. Added file(s): - files/gdm.pam.in Port maintainer (gnome@FreeBSD.org) is cc'd. Generated with FreeBSD Port Tools 0.77 >How-To-Repeat: >Fix: --- gdm-2.20.7_1.patch begins here --- diff -ruN --exclude=CVS /usr/ports/x11/gdm.orig/Makefile /usr/ports/x11/gdm/Makefile --- /usr/ports/x11/gdm.orig/Makefile 2008-07-06 04:35:12.000000000 +0200 +++ /usr/ports/x11/gdm/Makefile 2008-07-26 00:40:19.000000000 +0200 @@ -8,6 +8,7 @@ PORTNAME= gdm PORTVERSION= 2.20.7 +PORTREVISION= 1 CATEGORIES= x11 gnome MASTER_SITES= GNOME DIST_SUBDIR= gnome2 @@ -38,6 +39,8 @@ GTKDOC="false" CONFIGURE_ARGS=--with-console-kit=yes +SUB_FILES+= gdm.pam + GDMDIR?= ${PREFIX}/etc/gdm PKGMESSAGE= ${WRKDIR}/pkg-message @@ -46,14 +49,16 @@ MAN1= gdm.1 OPTIONS= IPV6 "Enable IPv6 support" on \ + KEYRING "Enable GnomeKeyring/PAM integration" on \ LOG_LIMIT "Limit ~/.xsession-errors size" on .include <bsd.port.pre.mk> -.if exists(/usr/include/security/pam_misc.h) -PLIST_SUB+= PAM_MISC="" +.if defined(WITHOUT_KEYRING) +SUB_LIST+= PAM_KEYRING=\# .else -PLIST_SUB+= PAM_MISC="@comment " +RUN_DEPENDS+= ${LOCALBASE}/lib/pam_gnome_keyring.so:${PORTSDIR}/security/gnome-keyring +SUB_LIST+= PAM_KEYRING= .endif .if !defined(WITHOUT_IPV6) @@ -87,6 +92,7 @@ .endif ${INSTALL_DATA} ${WRKSRC}/config/gdm.conf-custom \ ${PREFIX}/etc/gdm/custom.conf.default + ${INSTALL_DATA} ${WRKDIR}/gdm.pam ${PREFIX}/etc/pam.d/gdm @${MKDIR} ${PREFIX}/etc/gdm/Sessions @${SED} -e 's|%%PREFIX%%|${PREFIX}|g' < ${PKGDIR}/pkg-message \ | /usr/bin/fmt 75 79 > ${PKGMESSAGE} diff -ruN --exclude=CVS /usr/ports/x11/gdm.orig/files/gdm.in /usr/ports/x11/gdm/files/gdm.in --- /usr/ports/x11/gdm.orig/files/gdm.in 2008-04-03 00:03:15.000000000 +0200 +++ /usr/ports/x11/gdm/files/gdm.in 2008-07-26 01:03:01.000000000 +0200 @@ -14,6 +14,7 @@ . %%GNOME_SUBR%% gdm_enable=${gdm_enable-${gnome_enable}} +gdm_preserve_base_pam_conf=${gdm_preserve_base_pam_conf-NO} export PATH=/bin:/sbin:/usr/bin:/usr/sbin:%%LOCALBASE%%/bin:%%LOCALBASE%%/sbin @@ -31,6 +32,11 @@ fi echo "Starting ${name}." + # make sure there is no pam configuration for gdm service in base system + if ! checkyesno gdm_preserve_base_pam_conf && [ -f /etc/pam.d/gdm ]; then + rm -f /etc/pam.d/gdm + fi + ( iter=0 while ! ps -axoargs | grep "^/usr/libexec/getty " | grep -qv grep >/dev/null 2>&1; do if [ ${iter} -eq 60 ]; then diff -ruN --exclude=CVS /usr/ports/x11/gdm.orig/files/gdm.pam.in /usr/ports/x11/gdm/files/gdm.pam.in --- /usr/ports/x11/gdm.orig/files/gdm.pam.in 1970-01-01 01:00:00.000000000 +0100 +++ /usr/ports/x11/gdm/files/gdm.pam.in 2008-07-26 01:11:55.000000000 +0200 @@ -0,0 +1,21 @@ +# +# $FreeBSD: src/etc/pam.d/gdm,v 1.8 2007/06/10 18:57:20 yar Exp $ +# +# PAM configuration for the "gdm" service +# + +# auth +#auth sufficient pam_krb5.so no_warn try_first_pass +#auth sufficient pam_ssh.so no_warn try_first_pass +auth required pam_unix.so no_warn try_first_pass +%%PAM_KEYRING%%auth optional %%LOCALBASE%%/lib/pam_gnome_keyring.so + +# account +account required pam_nologin.so +#account required pam_krb5.so +account required pam_unix.so + +# session +#session optional pam_ssh.so +session required pam_permit.so +%%PAM_KEYRING%%session optional %%LOCALBASE%%/lib/pam_gnome_keyring.so auto_start diff -ruN --exclude=CVS /usr/ports/x11/gdm.orig/pkg-plist /usr/ports/x11/gdm/pkg-plist --- /usr/ports/x11/gdm.orig/pkg-plist 2008-07-06 04:35:12.000000000 +0200 +++ /usr/ports/x11/gdm/pkg-plist 2008-07-26 00:38:37.000000000 +0200 @@ -21,13 +21,13 @@ @unexec if cmp -s %D/etc/gdm/modules/AccessKeyMouseEvents %D/etc/gdm/modules/factory-AccessKeyMouseEvents; then rm -f %D/etc/gdm/modules/AccessKeyMouseEvents; fi etc/gdm/modules/factory-AccessKeyMouseEvents @exec [ -f %B/AccessKeyMouseEvents ] || cp %B/%f %B/AccessKeyMouseEvents +etc/pam.d/gdm lib/gtk-2.0/modules/libdwellmouselistener.a lib/gtk-2.0/modules/libdwellmouselistener.la lib/gtk-2.0/modules/libdwellmouselistener.so lib/gtk-2.0/modules/libkeymouselistener.a lib/gtk-2.0/modules/libkeymouselistener.la lib/gtk-2.0/modules/libkeymouselistener.so -%%PAM_MISC%%libexec/gdmaskpass libexec/gdmchooser libexec/gdmgreeter libexec/gdmlogin --- gdm-2.20.7_1.patch ends here ---
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?488b3e46.0407560a.3d5f.fffff426>