gdm r6628 - in branches/gnome-2-20: . daemon
- From: bcameron svn gnome org
- To: svn-commits-list gnome org
- Subject: gdm r6628 - in branches/gnome-2-20: . daemon
- Date: Wed, 10 Dec 2008 07:41:34 +0000 (UTC)
Author: bcameron
Date: Wed Dec 10 07:41:34 2008
New Revision: 6628
URL: http://svn.gnome.org/viewvc/gdm?rev=6628&view=rev
Log:
2008-12-10 Brian Cameron <brian cameron sun com>
* daemon/verify-pam.c: Correct processing of CONSOLE and PASSREQ
/etc/default/login parameters so they are checked each time a
user logs in, and the latest value honored. The previous code
would not unset the setting even if you modified the
/etc/default/login file
Modified:
branches/gnome-2-20/ChangeLog
branches/gnome-2-20/daemon/verify-pam.c
Modified: branches/gnome-2-20/daemon/verify-pam.c
==============================================================================
--- branches/gnome-2-20/daemon/verify-pam.c (original)
+++ branches/gnome-2-20/daemon/verify-pam.c Wed Dec 10 07:41:34 2008
@@ -91,7 +91,7 @@
static char *selected_user = NULL;
static gboolean opened_session = FALSE;
-static gboolean did_setcred = FALSE;
+static gboolean did_setcred = FALSE;
extern char *gdm_ack_question_response;
@@ -900,6 +900,7 @@
gboolean credentials_set = FALSE;
gboolean error_msg_given = FALSE;
gboolean started_timer = FALSE;
+ gboolean allow_remote = TRUE;
#ifdef HAVE_ADT
int pw_change = PW_FALSE; /* if got to trying to change password */
@@ -980,11 +981,9 @@
#endif
passreq = gdm_read_default ("PASSREQ=");
- if ((passreq != NULL) &&
- g_ascii_strcasecmp (passreq, "YES") == 0)
- gdm_daemon_config_set_value_bool (GDM_KEY_PASSWORD_REQUIRED, TRUE);
- if (gdm_daemon_config_get_value_bool (GDM_KEY_PASSWORD_REQUIRED))
+ if (gdm_daemon_config_get_value_bool (GDM_KEY_PASSWORD_REQUIRED) ||
+ ((passreq != NULL) && g_ascii_strcasecmp (passreq, "YES") == 0))
null_tok |= PAM_DISALLOW_NULL_AUTHTOK;
gdm_verify_select_user (NULL);
@@ -1103,14 +1102,16 @@
/* Check if user is root and is allowed to log in */
consoleonly = gdm_read_default ("CONSOLE=");
- if ((consoleonly != NULL) &&
- g_ascii_strcasecmp (consoleonly, "/dev/console") == 0)
- gdm_daemon_config_set_value_bool (GDM_KEY_ALLOW_REMOTE_ROOT, FALSE);
+ if (( ! gdm_daemon_config_get_value_bool (GDM_KEY_ALLOW_REMOTE_ROOT)) ||
+ ((consoleonly != NULL) &&
+ (g_ascii_strcasecmp (consoleonly, "/dev/console") == 0))) {
+ allow_remote = FALSE;
+ }
pwent = getpwnam (login);
if (( ! gdm_daemon_config_get_value_bool (GDM_KEY_ALLOW_ROOT) ||
- ( ! gdm_daemon_config_get_value_bool (GDM_KEY_ALLOW_REMOTE_ROOT) &&
- ! d->attached)) && pwent != NULL && pwent->pw_uid == 0) {
+ ( ! d->attached && allow_remote == FALSE)) &&
+ (pwent != NULL && pwent->pw_uid == 0)) {
gdm_error (_("Root login disallowed on display '%s'"),
d->name);
gdm_slave_greeter_ctl_no_ret (GDM_ERRBOX,
@@ -1415,11 +1416,9 @@
g_free (pam_service_name);
passreq = gdm_read_default ("PASSREQ=");
- if ((passreq != NULL) &&
- g_ascii_strcasecmp (passreq, "YES") == 0)
- gdm_daemon_config_set_value_bool (GDM_KEY_PASSWORD_REQUIRED, TRUE);
- if (gdm_daemon_config_get_value_bool (GDM_KEY_PASSWORD_REQUIRED))
+ if (gdm_daemon_config_get_value_bool (GDM_KEY_PASSWORD_REQUIRED) ||
+ ((passreq != NULL) && g_ascii_strcasecmp (passreq, "YES") == 0))
null_tok |= PAM_DISALLOW_NULL_AUTHTOK;
/* Start authentication session */
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]