Date: Sat, 26 Jul 2008 17:09:55 +0200 From: Marcin Wisnicki <mwisnicki+freebsd@gmail.com> To: FreeBSD-gnats-submit@FreeBSD.org Cc: gnome@FreeBSD.org Subject: ports/125983: [PATCH] x11/gdm: GnomeKeyring integration Message-ID: <488b3e46.0407560a.3d5f.fffff426@mx.google.com> Resent-Message-ID: <200807261520.m6QFK0fX081552@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 125983
>Category: ports
>Synopsis: [PATCH] x11/gdm: GnomeKeyring integration
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Sat Jul 26 15:20:00 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator: Marcin Wisnicki
>Release: FreeBSD 7.0-STABLE i386
>Organization:
>Environment:
System: FreeBSD ghost.pnet.one.pl 7.0-STABLE FreeBSD 7.0-STABLE #15: Fri Jul 25 18:16:53 CEST 2008
>Description:
- Optional (enabled by default) GnomeKeyring integration via PAM.
- Remove some ancient pam checks
There is already pam configuration for gdm service in base system. Because PAM
first looks in /etc/pam.d, I need to remove /etc/pam.d/gdm, in order to provide
my own customized configuration with port.
To make it somewhat persistent (ie. survive base system update), I've decided to
remove it from gdm startup script.
This patch assumes that ports/125967 is commited.
I will also submit similar patch for x11/xscreensaver-gnome.
Added file(s):
- files/gdm.pam.in
Port maintainer (gnome@FreeBSD.org) is cc'd.
Generated with FreeBSD Port Tools 0.77
>How-To-Repeat:
>Fix:
--- gdm-2.20.7_1.patch begins here ---
diff -ruN --exclude=CVS /usr/ports/x11/gdm.orig/Makefile /usr/ports/x11/gdm/Makefile
--- /usr/ports/x11/gdm.orig/Makefile 2008-07-06 04:35:12.000000000 +0200
+++ /usr/ports/x11/gdm/Makefile 2008-07-26 00:40:19.000000000 +0200
@@ -8,6 +8,7 @@
PORTNAME= gdm
PORTVERSION= 2.20.7
+PORTREVISION= 1
CATEGORIES= x11 gnome
MASTER_SITES= GNOME
DIST_SUBDIR= gnome2
@@ -38,6 +39,8 @@
GTKDOC="false"
CONFIGURE_ARGS=--with-console-kit=yes
+SUB_FILES+= gdm.pam
+
GDMDIR?= ${PREFIX}/etc/gdm
PKGMESSAGE= ${WRKDIR}/pkg-message
@@ -46,14 +49,16 @@
MAN1= gdm.1
OPTIONS= IPV6 "Enable IPv6 support" on \
+ KEYRING "Enable GnomeKeyring/PAM integration" on \
LOG_LIMIT "Limit ~/.xsession-errors size" on
.include <bsd.port.pre.mk>
-.if exists(/usr/include/security/pam_misc.h)
-PLIST_SUB+= PAM_MISC=""
+.if defined(WITHOUT_KEYRING)
+SUB_LIST+= PAM_KEYRING=\#
.else
-PLIST_SUB+= PAM_MISC="@comment "
+RUN_DEPENDS+= ${LOCALBASE}/lib/pam_gnome_keyring.so:${PORTSDIR}/security/gnome-keyring
+SUB_LIST+= PAM_KEYRING=
.endif
.if !defined(WITHOUT_IPV6)
@@ -87,6 +92,7 @@
.endif
${INSTALL_DATA} ${WRKSRC}/config/gdm.conf-custom \
${PREFIX}/etc/gdm/custom.conf.default
+ ${INSTALL_DATA} ${WRKDIR}/gdm.pam ${PREFIX}/etc/pam.d/gdm
@${MKDIR} ${PREFIX}/etc/gdm/Sessions
@${SED} -e 's|%%PREFIX%%|${PREFIX}|g' < ${PKGDIR}/pkg-message \
| /usr/bin/fmt 75 79 > ${PKGMESSAGE}
diff -ruN --exclude=CVS /usr/ports/x11/gdm.orig/files/gdm.in /usr/ports/x11/gdm/files/gdm.in
--- /usr/ports/x11/gdm.orig/files/gdm.in 2008-04-03 00:03:15.000000000 +0200
+++ /usr/ports/x11/gdm/files/gdm.in 2008-07-26 01:03:01.000000000 +0200
@@ -14,6 +14,7 @@
. %%GNOME_SUBR%%
gdm_enable=${gdm_enable-${gnome_enable}}
+gdm_preserve_base_pam_conf=${gdm_preserve_base_pam_conf-NO}
export PATH=/bin:/sbin:/usr/bin:/usr/sbin:%%LOCALBASE%%/bin:%%LOCALBASE%%/sbin
@@ -31,6 +32,11 @@
fi
echo "Starting ${name}."
+ # make sure there is no pam configuration for gdm service in base system
+ if ! checkyesno gdm_preserve_base_pam_conf && [ -f /etc/pam.d/gdm ]; then
+ rm -f /etc/pam.d/gdm
+ fi
+
( iter=0
while ! ps -axoargs | grep "^/usr/libexec/getty " | grep -qv grep >/dev/null 2>&1; do
if [ ${iter} -eq 60 ]; then
diff -ruN --exclude=CVS /usr/ports/x11/gdm.orig/files/gdm.pam.in /usr/ports/x11/gdm/files/gdm.pam.in
--- /usr/ports/x11/gdm.orig/files/gdm.pam.in 1970-01-01 01:00:00.000000000 +0100
+++ /usr/ports/x11/gdm/files/gdm.pam.in 2008-07-26 01:11:55.000000000 +0200
@@ -0,0 +1,21 @@
+#
+# $FreeBSD: src/etc/pam.d/gdm,v 1.8 2007/06/10 18:57:20 yar Exp $
+#
+# PAM configuration for the "gdm" service
+#
+
+# auth
+#auth sufficient pam_krb5.so no_warn try_first_pass
+#auth sufficient pam_ssh.so no_warn try_first_pass
+auth required pam_unix.so no_warn try_first_pass
+%%PAM_KEYRING%%auth optional %%LOCALBASE%%/lib/pam_gnome_keyring.so
+
+# account
+account required pam_nologin.so
+#account required pam_krb5.so
+account required pam_unix.so
+
+# session
+#session optional pam_ssh.so
+session required pam_permit.so
+%%PAM_KEYRING%%session optional %%LOCALBASE%%/lib/pam_gnome_keyring.so auto_start
diff -ruN --exclude=CVS /usr/ports/x11/gdm.orig/pkg-plist /usr/ports/x11/gdm/pkg-plist
--- /usr/ports/x11/gdm.orig/pkg-plist 2008-07-06 04:35:12.000000000 +0200
+++ /usr/ports/x11/gdm/pkg-plist 2008-07-26 00:38:37.000000000 +0200
@@ -21,13 +21,13 @@
@unexec if cmp -s %D/etc/gdm/modules/AccessKeyMouseEvents %D/etc/gdm/modules/factory-AccessKeyMouseEvents; then rm -f %D/etc/gdm/modules/AccessKeyMouseEvents; fi
etc/gdm/modules/factory-AccessKeyMouseEvents
@exec [ -f %B/AccessKeyMouseEvents ] || cp %B/%f %B/AccessKeyMouseEvents
+etc/pam.d/gdm
lib/gtk-2.0/modules/libdwellmouselistener.a
lib/gtk-2.0/modules/libdwellmouselistener.la
lib/gtk-2.0/modules/libdwellmouselistener.so
lib/gtk-2.0/modules/libkeymouselistener.a
lib/gtk-2.0/modules/libkeymouselistener.la
lib/gtk-2.0/modules/libkeymouselistener.so
-%%PAM_MISC%%libexec/gdmaskpass
libexec/gdmchooser
libexec/gdmgreeter
libexec/gdmlogin
--- gdm-2.20.7_1.patch ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?488b3e46.0407560a.3d5f.fffff426>