From fd890516aacba5ee2d8902fb31cc27964c4632c1 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sun, 5 Jul 2020 13:55:24 +0100 Subject: x11-misc/sddm : version bump (bugfix: https://bugs.redcorelinux.org/show_bug.cgi?id=117) --- x11-misc/sddm/files/pam-1.4-substack.patch | 31 ++++ x11-misc/sddm/files/sddm-0.13.0-pam_kwallet.patch | 10 -- x11-misc/sddm/files/sddm-0.14.0-avatars.patch | 33 ---- x11-misc/sddm/files/sddm-0.14.0-consolekit.patch | 2 +- x11-misc/sddm/files/sddm-0.16.0-ck2-revert.patch | 20 +++ x11-misc/sddm/files/sddm-0.18.0-Xsession.patch | 24 +++ x11-misc/sddm/files/sddm-0.18.0-sddmconfdir.patch | 32 ++++ ...m-0.18.1-honor-PAM-supplemental-groups-v2.patch | 182 +++++++++++++++++++++ .../sddm-0.18.1-only-reuse-online-sessions.patch | 27 +++ ...18.1-revert-honor-PAM-supplemental-groups.patch | 87 ++++++++++ .../files/sddm-dont-source-files-in-home.patch | 87 ---------- x11-misc/sddm/files/sddm-enable-elogind.patch | 56 ------- x11-misc/sddm/files/sddm-redcore-consolekit.conf | 114 ------------- x11-misc/sddm/files/sddm-redcore-elogind.conf | 114 ------------- x11-misc/sddm/files/sddm.conf | 132 +++++++++++++++ 15 files changed, 536 insertions(+), 415 deletions(-) create mode 100644 x11-misc/sddm/files/pam-1.4-substack.patch delete mode 100644 x11-misc/sddm/files/sddm-0.13.0-pam_kwallet.patch delete mode 100644 x11-misc/sddm/files/sddm-0.14.0-avatars.patch create mode 100644 x11-misc/sddm/files/sddm-0.16.0-ck2-revert.patch create mode 100644 x11-misc/sddm/files/sddm-0.18.0-Xsession.patch create mode 100644 x11-misc/sddm/files/sddm-0.18.0-sddmconfdir.patch create mode 100644 x11-misc/sddm/files/sddm-0.18.1-honor-PAM-supplemental-groups-v2.patch create mode 100644 x11-misc/sddm/files/sddm-0.18.1-only-reuse-online-sessions.patch create mode 100644 x11-misc/sddm/files/sddm-0.18.1-revert-honor-PAM-supplemental-groups.patch delete mode 100644 x11-misc/sddm/files/sddm-dont-source-files-in-home.patch delete mode 100644 x11-misc/sddm/files/sddm-enable-elogind.patch delete mode 100644 x11-misc/sddm/files/sddm-redcore-consolekit.conf delete mode 100644 x11-misc/sddm/files/sddm-redcore-elogind.conf create mode 100644 x11-misc/sddm/files/sddm.conf (limited to 'x11-misc/sddm/files') diff --git a/x11-misc/sddm/files/pam-1.4-substack.patch b/x11-misc/sddm/files/pam-1.4-substack.patch new file mode 100644 index 00000000..b0467b26 --- /dev/null +++ b/x11-misc/sddm/files/pam-1.4-substack.patch @@ -0,0 +1,31 @@ +--- sddm-0.18.1/services/sddm-autologin.pam.bak 2020-06-19 22:27:57.305580696 +0200 ++++ sddm-0.18.1/services/sddm-autologin.pam 2020-06-19 22:30:50.513583973 +0200 +@@ -1,6 +1,5 @@ + #%PAM-1.0 + auth required pam_env.so +-auth required pam_tally.so file=/var/log/faillog onerr=succeed + auth required pam_shells.so + auth required pam_nologin.so + auth required pam_permit.so +--- sddm-0.18.1/services/sddm.pam.bak 2020-06-19 22:27:26.721580117 +0200 ++++ sddm-0.18.1/services/sddm.pam 2020-06-19 22:27:48.729580533 +0200 +@@ -1,15 +1,15 @@ + #%PAM-1.0 + +-auth include system-login ++auth substack system-login + -auth optional pam_gnome_keyring.so + -auth optional pam_kwallet5.so + +-account include system-login ++account substack system-login + +-password include system-login ++password substack system-login + -password optional pam_gnome_keyring.so use_authtok + + session optional pam_keyinit.so force revoke +-session include system-login ++session substack system-login + -session optional pam_gnome_keyring.so auto_start + -session optional pam_kwallet5.so auto_start \ No newline at end of file diff --git a/x11-misc/sddm/files/sddm-0.13.0-pam_kwallet.patch b/x11-misc/sddm/files/sddm-0.13.0-pam_kwallet.patch deleted file mode 100644 index ff1c4d2d..00000000 --- a/x11-misc/sddm/files/sddm-0.13.0-pam_kwallet.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- a/services/sddm.pam 2015-08-17 18:06:19.000000000 +0200 -+++ b/services/sddm.pam 2016-02-21 19:54:08.654091951 +0100 -@@ -4,3 +4,7 @@ - account include system-login - password include system-login - session include system-login -+-auth optional pam_kwallet.so kdehome=.kde4 -+-auth optional pam_kwallet5.so -+-session optional pam_kwallet.so -+-session optional pam_kwallet5.so auto_start diff --git a/x11-misc/sddm/files/sddm-0.14.0-avatars.patch b/x11-misc/sddm/files/sddm-0.14.0-avatars.patch deleted file mode 100644 index d40f68c1..00000000 --- a/x11-misc/sddm/files/sddm-0.14.0-avatars.patch +++ /dev/null @@ -1,33 +0,0 @@ -From ecb903e48822bd90650bdd64fe80754e3e9664cb Mon Sep 17 00:00:00 2001 -From: Bastian Beischer -Date: Fri, 2 Sep 2016 13:05:18 +0200 -Subject: [PATCH] Fix display of user avatars. (#684) - -QFile::exists("...") does not understand file:// URLs, at least in Qt -5.7.0 and Qt 4.8.7. ---- - src/greeter/UserModel.cpp | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/src/greeter/UserModel.cpp b/src/greeter/UserModel.cpp -index 41a9f10..94c492d 100644 ---- a/src/greeter/UserModel.cpp -+++ b/src/greeter/UserModel.cpp -@@ -107,13 +107,13 @@ namespace SDDM { - d->lastIndex = i; - - if (avatarsEnabled) { -- const QString userFace = QStringLiteral("file://%1/.face.icon").arg(user->homeDir); -- const QString systemFace = QStringLiteral("file://%1/%2.face.icon").arg(facesDir).arg(user->name); -+ const QString userFace = QStringLiteral("%1/.face.icon").arg(user->homeDir); -+ const QString systemFace = QStringLiteral("%1/%2.face.icon").arg(facesDir).arg(user->name); - - if (QFile::exists(userFace)) -- user->icon = userFace; -+ user->icon = QStringLiteral("file://%1").arg(userFace); - else if (QFile::exists(systemFace)) -- user->icon = systemFace; -+ user->icon = QStringLiteral("file://%1").arg(systemFace); - } - } - } diff --git a/x11-misc/sddm/files/sddm-0.14.0-consolekit.patch b/x11-misc/sddm/files/sddm-0.14.0-consolekit.patch index 6a792b66..64ea0648 100644 --- a/x11-misc/sddm/files/sddm-0.14.0-consolekit.patch +++ b/x11-misc/sddm/files/sddm-0.14.0-consolekit.patch @@ -5,5 +5,5 @@ exec xmessage -center -buttons OK:0 -default OK "Sorry, $DESKTOP_SESSION is no valid session." else - exec $@ -+ exec ck-launch-session dbus-launch --sh-syntax --exit-with-session $@ ++ exec ck-launch-session $@ fi diff --git a/x11-misc/sddm/files/sddm-0.16.0-ck2-revert.patch b/x11-misc/sddm/files/sddm-0.16.0-ck2-revert.patch new file mode 100644 index 00000000..bbe2a272 --- /dev/null +++ b/x11-misc/sddm/files/sddm-0.16.0-ck2-revert.patch @@ -0,0 +1,20 @@ +SDDM 0.16.0 fails to start with consolekit2 because it assumes consolekit2 +has the same interface names as logind. + +This patch forces sddm to use legacy behaviour when consolekit2 is detected. + +Bug: https://bugs.gentoo.org/633920 +Bug: https://github.com/sddm/sddm/issues/903 +Bug: https://github.com/ConsoleKit2/ConsoleKit2/issues/99 + +--- a/src/daemon/LogindDBusTypes.cpp ++++ b/src/daemon/LogindDBusTypes.cpp +@@ -60,7 +60,7 @@ + + if (QDBusConnection::systemBus().interface()->isServiceRegistered(QStringLiteral("org.freedesktop.ConsoleKit"))) { + qDebug() << "Console kit interface found"; +- available = true; ++ available = false; + serviceName = QStringLiteral("org.freedesktop.ConsoleKit"); + managerPath = QStringLiteral("/org/freedesktop/ConsoleKit/Manager"); + managerIfaceName = QStringLiteral("/org.freedesktop.ConsoleKit.Manager"); //note this doesn't match logind diff --git a/x11-misc/sddm/files/sddm-0.18.0-Xsession.patch b/x11-misc/sddm/files/sddm-0.18.0-Xsession.patch new file mode 100644 index 00000000..41c813a0 --- /dev/null +++ b/x11-misc/sddm/files/sddm-0.18.0-Xsession.patch @@ -0,0 +1,24 @@ +--- a/data/scripts/Xsession 2016-08-28 14:52:04.910181422 +0200 ++++ b/data/scripts/Xsession 2017-10-21 15:25:47.668886596 +0200 +@@ -50,6 +50,10 @@ + ;; + esac + ++# Make D-Bus and ConsoleKit start properly, see: ++# /etc/X11/xinit/xinitrc.d/{80-dbus,90-consolekit} ++command="$@" ++ + [ -f /etc/xprofile ] && . /etc/xprofile + [ -f $HOME/.xprofile ] && . $HOME/.xprofile + +@@ -94,8 +98,8 @@ + . "$USERXSESSION" + fi + +-if [ -z "$*" ]; then ++if [ -z "$command" ]; then + exec xmessage -center -buttons OK:0 -default OK "Sorry, $DESKTOP_SESSION is no valid session." + else +- exec $@ ++ exec $command + fi diff --git a/x11-misc/sddm/files/sddm-0.18.0-sddmconfdir.patch b/x11-misc/sddm/files/sddm-0.18.0-sddmconfdir.patch new file mode 100644 index 00000000..9d8f2b54 --- /dev/null +++ b/x11-misc/sddm/files/sddm-0.18.0-sddmconfdir.patch @@ -0,0 +1,32 @@ +From 300078995ae82495cf09a0646a07e0214f0ae030 Mon Sep 17 00:00:00 2001 +From: Andreas Sturmlechner +Date: Sat, 21 Jul 2018 22:41:29 +0200 +Subject: [PATCH] Change location of sddm.conf.d to DATAROOTDIR + +/usr/lib is not a location that should be hardcoded - depending on +distribution and architecture this can be different. So far, SDDM +does not use this path unless the above conditions happen to make +it coincide with the install location of its Qml modules. + +DATAROOTDIR is defined as: Read-only architecture-independent data. +This seems to be a better fit for a system SDDM default config dir. +--- + CMakeLists.txt | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/CMakeLists.txt b/CMakeLists.txt +index 8500c65..5150b7d 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -184,7 +184,7 @@ set(WAYLAND_SESSION_COMMAND "${DATA_INSTALL_DIR}/scripts/wayland-session" + + set(CONFIG_FILE "${CMAKE_INSTALL_FULL_SYSCONFDIR}/sddm.conf" CACHE PATH "Path of the sddm config file") + set(CONFIG_DIR "${CMAKE_INSTALL_FULL_SYSCONFDIR}/sddm.conf.d" CACHE PATH "Path of the sddm config directory") +-set(SYSTEM_CONFIG_DIR "${CMAKE_INSTALL_PREFIX}/lib/sddm/sddm.conf.d" CACHE PATH "Path of the system sddm config directory") ++set(SYSTEM_CONFIG_DIR "${CMAKE_INSTALL_FULL_DATAROOTDIR}/sddm/sddm.conf.d" CACHE PATH "Path of the system sddm config directory") + set(LOG_FILE "${CMAKE_INSTALL_FULL_LOCALSTATEDIR}/log/sddm.log" CACHE PATH "Path of the sddm log file") + set(DBUS_CONFIG_FILENAME "org.freedesktop.DisplayManager.conf" CACHE STRING "Name of the sddm config file") + set(COMPONENTS_TRANSLATION_DIR "${DATA_INSTALL_DIR}/translations" CACHE PATH "Components translations directory") +-- +2.18.0 + diff --git a/x11-misc/sddm/files/sddm-0.18.1-honor-PAM-supplemental-groups-v2.patch b/x11-misc/sddm/files/sddm-0.18.1-honor-PAM-supplemental-groups-v2.patch new file mode 100644 index 00000000..f4ce7ae7 --- /dev/null +++ b/x11-misc/sddm/files/sddm-0.18.1-honor-PAM-supplemental-groups-v2.patch @@ -0,0 +1,182 @@ +From 75e6e00d9e1ecf25e3a9c8332530a1e40d737cdb Mon Sep 17 00:00:00 2001 +From: "J. Konrad Tegtmeier-Rottach" +Date: Thu, 9 May 2019 03:06:48 +0200 +Subject: [PATCH] Honor PAM's supplemental groups (v2) (#834, #1159) + +This moves the supplemental group initialization step from +UserSession.cpp to the Backend system, so that the Pam Backend can +inject additional supplemental groups via modules like pam_group.so. + +pam_setcred(3) assumes that it operates on an already initialized +supplemental group list. However, PamBackend calls +pam_setcred(PAM_ESTABLISH_CRED) earlier, at the start +PamBackend::openSession, so a pam_setcred(PAM_REINITIALIZE_CRED) call +must be issued to repeat the injection of PAM's supplemental groups. +--- + src/helper/Backend.cpp | 5 +++++ + src/helper/Backend.h | 3 +++ + src/helper/HelperApp.cpp | 4 ++++ + src/helper/HelperApp.h | 1 + + src/helper/UserSession.cpp | 13 ++++++++----- + src/helper/backend/PamBackend.cpp | 18 ++++++++++++++++++ + src/helper/backend/PamBackend.h | 2 ++ + 7 files changed, 41 insertions(+), 5 deletions(-) + +diff --git a/src/helper/Backend.cpp b/src/helper/Backend.cpp +index d6bb4d0a..35ae2bdf 100644 +--- a/src/helper/Backend.cpp ++++ b/src/helper/Backend.cpp +@@ -29,6 +29,7 @@ + #include + + #include ++#include + + namespace SDDM { + Backend::Backend(HelperApp* parent) +@@ -79,4 +80,8 @@ namespace SDDM { + bool Backend::closeSession() { + return true; + } ++ ++ bool Backend::setupSupplementalGroups(struct passwd *pw) { ++ return !initgroups(pw->pw_name, pw->pw_gid); ++ } + } +diff --git a/src/helper/Backend.h b/src/helper/Backend.h +index b790e001..3caf1592 100644 +--- a/src/helper/Backend.h ++++ b/src/helper/Backend.h +@@ -22,6 +22,7 @@ + #define BACKEND_H + + #include ++#include + + namespace SDDM { + class HelperApp; +@@ -38,6 +39,8 @@ namespace SDDM { + void setAutologin(bool on = true); + void setGreeter(bool on = true); + ++ virtual bool setupSupplementalGroups(struct passwd *pw); ++ + public slots: + virtual bool start(const QString &user = QString()) = 0; + virtual bool authenticate() = 0; +diff --git a/src/helper/HelperApp.cpp b/src/helper/HelperApp.cpp +index cad93bd8..d0891d75 100644 +--- a/src/helper/HelperApp.cpp ++++ b/src/helper/HelperApp.cpp +@@ -253,6 +253,10 @@ namespace SDDM { + return m_session; + } + ++ Backend *HelperApp::backend() { ++ return m_backend; ++ } ++ + const QString& HelperApp::user() const { + return m_user; + } +diff --git a/src/helper/HelperApp.h b/src/helper/HelperApp.h +index 3742df12..cb5959a7 100644 +--- a/src/helper/HelperApp.h ++++ b/src/helper/HelperApp.h +@@ -39,6 +39,7 @@ namespace SDDM { + virtual ~HelperApp(); + + UserSession *session(); ++ Backend *backend(); + const QString &user() const; + const QString &cookie() const; + +diff --git a/src/helper/UserSession.cpp b/src/helper/UserSession.cpp +index f71fd358..62fd4d70 100644 +--- a/src/helper/UserSession.cpp ++++ b/src/helper/UserSession.cpp +@@ -19,6 +19,7 @@ + * + */ + ++#include "Backend.h" + #include "Configuration.h" + #include "UserSession.h" + #include "HelperApp.h" +@@ -129,7 +130,8 @@ namespace SDDM { + #endif + + // switch user +- const QByteArray username = qobject_cast(parent())->user().toLocal8Bit(); ++ HelperApp* app = qobject_cast(parent()); ++ const QByteArray username = app->user().toLocal8Bit(); + struct passwd pw; + struct passwd *rpw; + long bufsize = sysconf(_SC_GETPW_R_SIZE_MAX); +@@ -146,12 +148,13 @@ namespace SDDM { + qCritical() << "getpwnam_r(" << username << ") failed with error: " << strerror(err); + exit(Auth::HELPER_OTHER_ERROR); + } +- if (setgid(pw.pw_gid) != 0) { +- qCritical() << "setgid(" << pw.pw_gid << ") failed for user: " << username; ++ ++ if (!app->backend()->setupSupplementalGroups(&pw)) { ++ qCritical() << "failed to set up supplemental groups for user: " << username; + exit(Auth::HELPER_OTHER_ERROR); + } +- if (initgroups(pw.pw_name, pw.pw_gid) != 0) { +- qCritical() << "initgroups(" << pw.pw_name << ", " << pw.pw_gid << ") failed for user: " << username; ++ if (setgid(pw.pw_gid) != 0) { ++ qCritical() << "setgid(" << pw.pw_gid << ") failed for user: " << username; + exit(Auth::HELPER_OTHER_ERROR); + } + if (setuid(pw.pw_uid) != 0) { +diff --git a/src/helper/backend/PamBackend.cpp b/src/helper/backend/PamBackend.cpp +index f86d77d6..cccfa258 100644 +--- a/src/helper/backend/PamBackend.cpp ++++ b/src/helper/backend/PamBackend.cpp +@@ -289,6 +289,24 @@ namespace SDDM { + return QString::fromLocal8Bit((const char*) m_pam->getItem(PAM_USER)); + } + ++ bool PamBackend::setupSupplementalGroups(struct passwd *pw) { ++ if (!Backend::setupSupplementalGroups(pw)) ++ return false; ++ ++ // pam_setcred(3) may inject additional groups into the user's ++ // list of supplemental groups, and assumes that the user's ++ // supplemental groups have already been initialized before ++ // its invocation. Since pam_setcred was already called at the ++ // start of openSession, we need to repeat this step here as ++ // the user's groups have only just now been initialized. ++ ++ if (!m_pam->setCred(PAM_REINITIALIZE_CRED)) { ++ m_app->error(m_pam->errorString(), Auth::ERROR_AUTHENTICATION); ++ return false; ++ } ++ return true; ++ } ++ + int PamBackend::converse(int n, const struct pam_message **msg, struct pam_response **resp) { + qDebug() << "[PAM] Conversation with" << n << "messages"; + +diff --git a/src/helper/backend/PamBackend.h b/src/helper/backend/PamBackend.h +index 4c8b4b35..5b079099 100644 +--- a/src/helper/backend/PamBackend.h ++++ b/src/helper/backend/PamBackend.h +@@ -28,6 +28,7 @@ + #include + + #include ++#include + + namespace SDDM { + class PamHandle; +@@ -61,6 +62,7 @@ namespace SDDM { + explicit PamBackend(HelperApp *parent); + virtual ~PamBackend(); + int converse(int n, const struct pam_message **msg, struct pam_response **resp); ++ virtual bool setupSupplementalGroups(struct passwd *pw); + + public slots: + virtual bool start(const QString &user = QString()); diff --git a/x11-misc/sddm/files/sddm-0.18.1-only-reuse-online-sessions.patch b/x11-misc/sddm/files/sddm-0.18.1-only-reuse-online-sessions.patch new file mode 100644 index 00000000..b3ea90ff --- /dev/null +++ b/x11-misc/sddm/files/sddm-0.18.1-only-reuse-online-sessions.patch @@ -0,0 +1,27 @@ +From f131270ff3ae6e6b4e2dc965cd05b46e194b48c1 Mon Sep 17 00:00:00 2001 +From: Fabian Vogt +Date: Tue, 31 Jul 2018 16:51:13 +0200 +Subject: [PATCH] Session reuse: Only consider "online" sessions + +Otherwise it might switch to already dead sessions ("closing" or "lingering"). +--- + src/daemon/Display.cpp | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/daemon/Display.cpp b/src/daemon/Display.cpp +index 86e597e..ec442b0 100644 +--- a/src/daemon/Display.cpp ++++ b/src/daemon/Display.cpp +@@ -290,8 +290,8 @@ namespace SDDM { + foreach(const SessionInfo &s, reply.value()) { + if (s.userName == user) { + OrgFreedesktopLogin1SessionInterface session(Logind::serviceName(), s.sessionPath.path(), QDBusConnection::systemBus()); +- if (session.service() == QLatin1String("sddm")) { +- m_reuseSessionId = s.sessionId; ++ if (session.service() == QLatin1String("sddm") && session.state() == QLatin1String("online")) { ++ m_reuseSessionId = s.sessionId; + break; + } + } +-- +2.18.0 diff --git a/x11-misc/sddm/files/sddm-0.18.1-revert-honor-PAM-supplemental-groups.patch b/x11-misc/sddm/files/sddm-0.18.1-revert-honor-PAM-supplemental-groups.patch new file mode 100644 index 00000000..f14ff767 --- /dev/null +++ b/x11-misc/sddm/files/sddm-0.18.1-revert-honor-PAM-supplemental-groups.patch @@ -0,0 +1,87 @@ +From d3953e88a94ec25a87d3c5136517b3d1009cb1fd Mon Sep 17 00:00:00 2001 +From: "J. Konrad Tegtmeier-Rottach" +Date: Wed, 8 May 2019 18:58:53 +0200 +Subject: [PATCH] Revert "Honor PAM's ambient supplemental groups. (#834)" + +This reverts commit 1bc813d08b8130e458a6550ec47fb2bfbe6de080, which +misuses PAM and leads to pulling in all of root's supplemental groups +during session initialization instead of only adding PAM's extra +groups. The problem was masked due to the root user not having any +supplemental groups in some common contexts, like running sddm from a +systemd unit. +--- + src/helper/UserSession.cpp | 57 -------------------------------------- + 1 file changed, 57 deletions(-) + +diff --git a/src/helper/UserSession.cpp b/src/helper/UserSession.cpp +index b3aec356..f71fd358 100644 +--- a/src/helper/UserSession.cpp ++++ b/src/helper/UserSession.cpp +@@ -150,67 +150,10 @@ namespace SDDM { + qCritical() << "setgid(" << pw.pw_gid << ") failed for user: " << username; + exit(Auth::HELPER_OTHER_ERROR); + } +- +-#ifdef USE_PAM +- +- // fetch ambient groups from PAM's environment; +- // these are set by modules such as pam_groups.so +- int n_pam_groups = getgroups(0, NULL); +- gid_t *pam_groups = NULL; +- if (n_pam_groups > 0) { +- pam_groups = new gid_t[n_pam_groups]; +- if ((n_pam_groups = getgroups(n_pam_groups, pam_groups)) == -1) { +- qCritical() << "getgroups() failed to fetch supplemental" +- << "PAM groups for user:" << username; +- exit(Auth::HELPER_OTHER_ERROR); +- } +- } else { +- n_pam_groups = 0; +- } +- +- // fetch session's user's groups +- int n_user_groups = 0; +- gid_t *user_groups = NULL; +- if (-1 == getgrouplist(username.constData(), pw.pw_gid, +- NULL, &n_user_groups)) { +- user_groups = new gid_t[n_user_groups]; +- if ((n_user_groups = getgrouplist(username.constData(), +- pw.pw_gid, user_groups, +- &n_user_groups)) == -1 ) { +- qCritical() << "getgrouplist(" << username << ", " << pw.pw_gid +- << ") failed"; +- exit(Auth::HELPER_OTHER_ERROR); +- } +- } +- +- // set groups to concatenation of PAM's ambient +- // groups and the session's user's groups +- int n_groups = n_pam_groups + n_user_groups; +- if (n_groups > 0) { +- gid_t *groups = new gid_t[n_groups]; +- memcpy(groups, pam_groups, (n_pam_groups * sizeof(gid_t))); +- memcpy((groups + n_pam_groups), user_groups, +- (n_user_groups * sizeof(gid_t))); +- +- // setgroups(2) handles duplicate groups +- if (setgroups(n_groups, groups) != 0) { +- qCritical() << "setgroups() failed for user: " << username; +- exit (Auth::HELPER_OTHER_ERROR); +- } +- delete[] groups; +- } +- delete[] pam_groups; +- delete[] user_groups; +- +-#else +- + if (initgroups(pw.pw_name, pw.pw_gid) != 0) { + qCritical() << "initgroups(" << pw.pw_name << ", " << pw.pw_gid << ") failed for user: " << username; + exit(Auth::HELPER_OTHER_ERROR); + } +- +-#endif /* USE_PAM */ +- + if (setuid(pw.pw_uid) != 0) { + qCritical() << "setuid(" << pw.pw_uid << ") failed for user: " << username; + exit(Auth::HELPER_OTHER_ERROR); diff --git a/x11-misc/sddm/files/sddm-dont-source-files-in-home.patch b/x11-misc/sddm/files/sddm-dont-source-files-in-home.patch deleted file mode 100644 index 63b4f53a..00000000 --- a/x11-misc/sddm/files/sddm-dont-source-files-in-home.patch +++ /dev/null @@ -1,87 +0,0 @@ -diff -Nur a/data/scripts/wayland-session b/data/scripts/wayland-session ---- a/data/scripts/wayland-session 2016-08-22 18:51:12.000000000 +0100 -+++ b/data/scripts/wayland-session 2018-05-04 11:53:18.083001476 +0100 -@@ -11,13 +11,6 @@ - [ -z "$BASH" ] && exec $SHELL $0 "$@" - set +o posix - [ -f /etc/profile ] && . /etc/profile -- if [ -f $HOME/.bash_profile ]; then -- . $HOME/.bash_profile -- elif [ -f $HOME/.bash_login ]; then -- . $HOME/.bash_login -- elif [ -f $HOME/.profile ]; then -- . $HOME/.profile -- fi - ;; - */zsh) - [ -z "$ZSH_NAME" ] && exec $SHELL $0 "$@" -@@ -25,22 +18,19 @@ - zhome=${ZDOTDIR:-$HOME} - # zshenv is always sourced automatically. - [ -f $zdir/zprofile ] && . $zdir/zprofile -- [ -f $zhome/.zprofile ] && . $zhome/.zprofile - [ -f $zdir/zlogin ] && . $zdir/zlogin -- [ -f $zhome/.zlogin ] && . $zhome/.zlogin - emulate -R sh - ;; - */csh|*/tcsh) - # [t]cshrc is always sourced automatically. - # Note that sourcing csh.login after .cshrc is non-standard. - wlsess_tmp=`mktemp /tmp/wlsess-env-XXXXXX` -- $SHELL -c "if (-f /etc/csh.login) source /etc/csh.login; if (-f ~/.login) source ~/.login; /bin/sh -c 'export -p' >! $wlsess_tmp" -+ $SHELL -c "if (-f /etc/csh.login) source /etc/csh.login; /bin/sh -c 'export -p' >! $wlsess_tmp" - . $wlsess_tmp - rm -f $wlsess_tmp - ;; - *) # Plain sh, ksh, and anything we do not know. - [ -f /etc/profile ] && . /etc/profile -- [ -f $HOME/.profile ] && . $HOME/.profile - ;; - esac - -diff -Nur a/data/scripts/Xsession b/data/scripts/Xsession ---- a/data/scripts/Xsession 2016-08-22 18:51:12.000000000 +0100 -+++ b/data/scripts/Xsession 2018-05-04 11:53:38.548659869 +0100 -@@ -11,13 +11,6 @@ - [ -z "$BASH" ] && exec $SHELL $0 "$@" - set +o posix - [ -f /etc/profile ] && . /etc/profile -- if [ -f $HOME/.bash_profile ]; then -- . $HOME/.bash_profile -- elif [ -f $HOME/.bash_login ]; then -- . $HOME/.bash_login -- elif [ -f $HOME/.profile ]; then -- . $HOME/.profile -- fi - ;; - */zsh) - [ -z "$ZSH_NAME" ] && exec $SHELL $0 "$@" -@@ -25,27 +18,23 @@ - zhome=${ZDOTDIR:-$HOME} - # zshenv is always sourced automatically. - [ -f $zdir/zprofile ] && . $zdir/zprofile -- [ -f $zhome/.zprofile ] && . $zhome/.zprofile - [ -f $zdir/zlogin ] && . $zdir/zlogin -- [ -f $zhome/.zlogin ] && . $zhome/.zlogin - emulate -R sh - ;; - */csh|*/tcsh) - # [t]cshrc is always sourced automatically. - # Note that sourcing csh.login after .cshrc is non-standard. - xsess_tmp=`mktemp /tmp/xsess-env-XXXXXX` -- $SHELL -c "if (-f /etc/csh.login) source /etc/csh.login; if (-f ~/.login) source ~/.login; /bin/sh -c 'export -p' >! $xsess_tmp" -+ $SHELL -c "if (-f /etc/csh.login) source /etc/csh.login; /bin/sh -c 'export -p' >! $xsess_tmp" - . $xsess_tmp - rm -f $xsess_tmp - ;; - *) # Plain sh, ksh, and anything we do not know. - [ -f /etc/profile ] && . /etc/profile -- [ -f $HOME/.profile ] && . $HOME/.profile - ;; - esac - - [ -f /etc/xprofile ] && . /etc/xprofile --[ -f $HOME/.xprofile ] && . $HOME/.xprofile - - # run all system xinitrc shell scripts. - if [ -d /etc/X11/xinit/xinitrc.d ]; then diff --git a/x11-misc/sddm/files/sddm-enable-elogind.patch b/x11-misc/sddm/files/sddm-enable-elogind.patch deleted file mode 100644 index b427ddd9..00000000 --- a/x11-misc/sddm/files/sddm-enable-elogind.patch +++ /dev/null @@ -1,56 +0,0 @@ ---- a/CMakeLists.txt 2016-11-10 09:27:03.866358608 +0100 -+++ b/CMakeLists.txt 2016-11-10 10:28:25.384374766 +0100 -@@ -93,7 +93,7 @@ - endif() - - # systemd --if(NOT NO_SYSTEMD) -+if(NOT NO_SYSTEMD AND NOT USE_ELOGIND) - pkg_check_modules(SYSTEMD "systemd") - endif() - -@@ -127,12 +127,34 @@ - set(REBOOT_COMMAND "/usr/bin/systemctl reboot") - else() - set(SYSTEMD_FOUND 0) -+endif() -+add_feature_info("systemd" SYSTEMD_FOUND "systemd support") -+add_feature_info("journald" JOURNALD_FOUND "journald support") -+ -+# elogind -+if(NO_SYSTEMD AND USE_ELOGIND) -+ pkg_check_modules(ELOGIND "libelogind") -+endif() -+ -+if(ELOGIND_FOUND) -+ add_definitions(-DHAVE_ELOGIND) -+ set(CMAKE_AUTOMOC_MOC_OPTIONS -DHAVE_ELOGIND) -+ -+ set(MINIMUM_VT 7) -+ set(HALT_COMMAND "/bin/loginctl poweroff") -+ set(REBOOT_COMMAND "/bin/loginctl reboot") -+else() -+ set(ELOGIND_FOUND 0) -+endif() -+add_feature_info("elogind" ELOGIND_FOUND "elogind support") -+ -+# Default behaviour if neither systemd nor elogind is used -+if (NOT ELOGIND_FOUND AND NOT SYSTEMD_FOUND) - set(MINIMUM_VT 7) - set(HALT_COMMAND "/sbin/shutdown -h -P now") - set(REBOOT_COMMAND "/sbin/shutdown -r now") - endif() --add_feature_info("systemd" SYSTEMD_FOUND "systemd support") --add_feature_info("journald" JOURNALD_FOUND "journald support") -+ - - # Set constants - set(DATA_INSTALL_DIR "${CMAKE_INSTALL_FULL_DATADIR}/sddm" CACHE PATH "System application data install directory") ---- a/services/sddm-greeter.pam 2016-06-19 12:24:42.000000000 +0200 -+++ b/services/sddm-greeter.pam 2016-11-02 09:48:18.990032363 +0100 -@@ -14,4 +14,5 @@ - - # Setup session - session required pam_unix.so - session optional pam_systemd.so -+session optional pam_elogind.so diff --git a/x11-misc/sddm/files/sddm-redcore-consolekit.conf b/x11-misc/sddm/files/sddm-redcore-consolekit.conf deleted file mode 100644 index cb4bae90..00000000 --- a/x11-misc/sddm/files/sddm-redcore-consolekit.conf +++ /dev/null @@ -1,114 +0,0 @@ -[Autologin] -# Whether sddm should automatically log back into sessions when they exit -Relogin=false - -# Name of session file for autologin session -Session= - -# Username for autologin session -User= - -[General] -# Halt command -HaltCommand=/sbin/shutdown -h -P now - -# Input method module -InputMethod= - -# Initial NumLock state. Can be on, off or none. -# If property is set to none, numlock won't be changed -# NOTE: Currently ignored if autologin is enabled. -Numlock=off - -# Reboot command -RebootCommand=/sbin/shutdown -r now - -[Theme] -# Current theme name -Current=redcore - -# Cursor theme used in the greeter -CursorTheme=Hacked-Red - -# Number of users to use as threshold -# above which avatars are disabled -# unless explicitly enabled with EnableAvatars -DisableAvatarsThreshold=7 - -# Enable display of custom user avatars -EnableAvatars=true - -# Global directory for user avatars -# The files should be named .face.icon -FacesDir=/usr/share/sddm/faces - -# Theme directory path -ThemeDir=/usr/share/sddm/themes - -[Users] -# Default $PATH for logged in users -DefaultPath=/bin:/usr/bin:/usr/local/bin - -# Comma-separated list of shells. -# Users with these shells as their default won't be listed -HideShells= - -# Comma-separated list of users that should not be listed -HideUsers= - -# Maximum user id for displayed users -MaximumUid=60000 - -# Minimum user id for displayed users -MinimumUid=1000 - -# Remember the session of the last successfully logged in user -RememberLastSession=true - -# Remember the last successfully logged in user -RememberLastUser=true - -[Wayland] -# Path to a script to execute when starting the desktop session -SessionCommand=/usr/share/sddm/scripts/wayland-session - -# Directory containing available Wayland sessions -SessionDir=/usr/share/wayland-sessions - -# Path to the user session log file -SessionLogFile=.local/share/sddm/wayland-session.log - -[X11] -# Path to a script to execute when starting the display server -DisplayCommand=/usr/share/sddm/scripts/Xsetup - -# Path to a script to execute when stopping the display server -DisplayStopCommand=/usr/share/sddm/scripts/Xstop - -# The lowest virtual terminal number that will be used. -MinimumVT=7 - -# Arguments passed to the X server invocation -ServerArguments=-nolisten tcp - -# Path to X server binary -ServerPath=/usr/bin/X - -# Path to a script to execute when starting the desktop session -SessionCommand=/usr/share/sddm/scripts/Xsession - -# Directory containing available X sessions -SessionDir=/usr/share/xsessions - -# Path to the user session log file -SessionLogFile=.local/share/sddm/xorg-session.log - -# Path to the Xauthority file -UserAuthFile=.Xauthority - -# Path to xauth binary -XauthPath=/usr/bin/xauth - -# Path to Xephyr binary -XephyrPath=/usr/bin/Xephyr - diff --git a/x11-misc/sddm/files/sddm-redcore-elogind.conf b/x11-misc/sddm/files/sddm-redcore-elogind.conf deleted file mode 100644 index 15721d22..00000000 --- a/x11-misc/sddm/files/sddm-redcore-elogind.conf +++ /dev/null @@ -1,114 +0,0 @@ -[Autologin] -# Whether sddm should automatically log back into sessions when they exit -Relogin=false - -# Name of session file for autologin session -Session= - -# Username for autologin session -User= - -[General] -# Halt command -HaltCommand=/bin/loginctl poweroff - -# Input method module -InputMethod= - -# Initial NumLock state. Can be on, off or none. -# If property is set to none, numlock won't be changed -# NOTE: Currently ignored if autologin is enabled. -Numlock=off - -# Reboot command -RebootCommand=/bin/loginctl reboot - -[Theme] -# Current theme name -Current=redcore - -# Cursor theme used in the greeter -CursorTheme=Hacked-Red - -# Number of users to use as threshold -# above which avatars are disabled -# unless explicitly enabled with EnableAvatars -DisableAvatarsThreshold=7 - -# Enable display of custom user avatars -EnableAvatars=true - -# Global directory for user avatars -# The files should be named .face.icon -FacesDir=/usr/share/sddm/faces - -# Theme directory path -ThemeDir=/usr/share/sddm/themes - -[Users] -# Default $PATH for logged in users -DefaultPath=/bin:/usr/bin:/usr/local/bin - -# Comma-separated list of shells. -# Users with these shells as their default won't be listed -HideShells= - -# Comma-separated list of users that should not be listed -HideUsers= - -# Maximum user id for displayed users -MaximumUid=60000 - -# Minimum user id for displayed users -MinimumUid=1000 - -# Remember the session of the last successfully logged in user -RememberLastSession=true - -# Remember the last successfully logged in user -RememberLastUser=true - -[Wayland] -# Path to a script to execute when starting the desktop session -SessionCommand=/usr/share/sddm/scripts/wayland-session - -# Directory containing available Wayland sessions -SessionDir=/usr/share/wayland-sessions - -# Path to the user session log file -SessionLogFile=.local/share/sddm/wayland-session.log - -[X11] -# Path to a script to execute when starting the display server -DisplayCommand=/usr/share/sddm/scripts/Xsetup - -# Path to a script to execute when stopping the display server -DisplayStopCommand=/usr/share/sddm/scripts/Xstop - -# The lowest virtual terminal number that will be used. -MinimumVT=7 - -# Arguments passed to the X server invocation -ServerArguments=-nolisten tcp - -# Path to X server binary -ServerPath=/usr/bin/X - -# Path to a script to execute when starting the desktop session -SessionCommand=/usr/share/sddm/scripts/Xsession - -# Directory containing available X sessions -SessionDir=/usr/share/xsessions - -# Path to the user session log file -SessionLogFile=.local/share/sddm/xorg-session.log - -# Path to the Xauthority file -UserAuthFile=.Xauthority - -# Path to xauth binary -XauthPath=/usr/bin/xauth - -# Path to Xephyr binary -XephyrPath=/usr/bin/Xephyr - diff --git a/x11-misc/sddm/files/sddm.conf b/x11-misc/sddm/files/sddm.conf new file mode 100644 index 00000000..802ad10b --- /dev/null +++ b/x11-misc/sddm/files/sddm.conf @@ -0,0 +1,132 @@ +[Autologin] +# Whether sddm should automatically log back into sessions when they exit +Relogin=false + +# Name of session file for autologin session (if empty try last logged in) +Session= + +# Username for autologin session +User= + + +[General] +# Halt command +HaltCommand=/bin/loginctl poweroff + +# Input method module +InputMethod= + +# Comma-separated list of Linux namespaces for user session to enter +Namespaces= + +# Initial NumLock state. Can be on, off or none. +# If property is set to none, numlock won't be changed +# NOTE: Currently ignored if autologin is enabled. +Numlock=none + +# Reboot command +RebootCommand=/bin/loginctl reboot + + +[Theme] +# Current theme name +Current=redcore + +# Cursor theme used in the greeter +CursorTheme=Hacked-Red + +# Number of users to use as threshold +# above which avatars are disabled +# unless explicitly enabled with EnableAvatars +DisableAvatarsThreshold=7 + +# Enable display of custom user avatars +EnableAvatars=true + +# Global directory for user avatars +# The files should be named .face.icon +FacesDir=/usr/share/sddm/faces + +# Theme directory path +ThemeDir=/usr/share/sddm/themes + + +[Users] +# Default $PATH for logged in users +DefaultPath=/usr/local/bin:/usr/bin:/bin + +# Comma-separated list of shells. +# Users with these shells as their default won't be listed +HideShells= + +# Comma-separated list of users that should not be listed +HideUsers= + +# Maximum user id for displayed users +MaximumUid=60000 + +# Minimum user id for displayed users +MinimumUid=1000 + +# Remember the session of the last successfully logged in user +RememberLastSession=true + +# Remember the last successfully logged in user +RememberLastUser=true + +# When logging in as the same user twice, restore the original session, rather than create a new one +ReuseSession=true + + +[Wayland] +# Enable Qt's automatic high-DPI scaling +EnableHiDPI=true + +# Path to a script to execute when starting the desktop session +SessionCommand=/usr/share/sddm/scripts/wayland-session + +# Directory containing available Wayland sessions +SessionDir=/usr/share/wayland-sessions + +# Path to the user session log file +SessionLogFile=.local/share/sddm/wayland-session.log + + +[X11] +# Path to a script to execute when starting the display server +DisplayCommand=/usr/share/sddm/scripts/Xsetup + +# Path to a script to execute when stopping the display server +DisplayStopCommand=/usr/share/sddm/scripts/Xstop + +# Enable Qt's automatic high-DPI scaling +EnableHiDPI=true + +# The lowest virtual terminal number that will be used. +MinimumVT=7 + +# Arguments passed to the X server invocation +ServerArguments=-nolisten tcp + +# Path to X server binary +ServerPath=/usr/bin/X + +# Path to a script to execute when starting the desktop session +SessionCommand=/usr/share/sddm/scripts/Xsession + +# Directory containing available X sessions +SessionDir=/usr/share/xsessions + +# Path to the user session log file +SessionLogFile=.local/share/sddm/xorg-session.log + +# Path to the Xauthority file +UserAuthFile=.Xauthority + +# Path to xauth binary +XauthPath=/usr/bin/xauth + +# Path to Xephyr binary +XephyrPath=/usr/bin/Xephyr + + -- cgit v1.2.3