GNOME.org
 

[gnome-system-tools] Add an option to skip password check on login

commit f2755126f69b4ede558ec16d00e19a8c80414bf7
Author: Milan Bouchet-Valat <nalimilan club fr>
Date:   Sat Jun 27 20:59:46 2009 +0200

    Add an option to skip password check on login
    
    This adds a checkbox that allows adding the user to the 'nopasswdcheck' group. Distributions and admins should enable it by creating that group if they have configured PAM to make it work with GDM.
    
    http://bugzilla.gnome.org/show_bug.cgi?id=414862

 ChangeLog                 |    8 +++
 interfaces/users.ui       |   27 +++++++++-
 src/users/user-settings.c |  122 +++++++++++++++++++++++++++++++++++++++------
 src/users/user-settings.h |    2 +
 4 files changed, 141 insertions(+), 18 deletions(-)
---
diff --git a/ChangeLog b/ChangeLog
index d9eff07..24c50a0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+2009-06-29  Milan Bouchet-Valat  <nalimilan club fr>
+	* interfaces/users.ui
+	* src/users/privileges-table.c
+	* src/users/user-settings.c
+	* src/users/user-settings.h
+        Add an option to allow password-less logins. Bug #414862.
+
+
 2009-04-28  Thomas H.P. Andersen  <phomes gmail com>
 
 	* src/time/e-map/e-map.c:
diff --git a/interfaces/users.ui b/interfaces/users.ui
index 6fddaaa..b827b9f 100644
--- a/interfaces/users.ui
+++ b/interfaces/users.ui
@@ -1266,7 +1266,7 @@
                 <child>
                   <object class="GtkTable" id="table50">
                     <property name="visible">True</property>
-                    <property name="n_rows">7</property>
+                    <property name="n_rows">8</property>
                     <property name="n_columns">4</property>
                     <property name="homogeneous">False</property>
                     <property name="row_spacing">6</property>
@@ -1516,7 +1516,7 @@
                         <property name="left_attach">0</property>
                         <property name="right_attach">1</property>
                         <property name="top_attach">1</property>
-                        <property name="bottom_attach">7</property>
+                        <property name="bottom_attach">8</property>
                         <property name="x_options">fill</property>
                         <property name="y_options"/>
                       </packing>
@@ -1548,6 +1548,29 @@
                       </packing>
                     </child>
                     <child>
+                      <object class="GtkCheckButton" id="user_passwd_no_check">
+                        <property name="visible">True</property>
+                        <property name="can_focus">True</property>
+                        <property name="label" translatable="yes">Don't ask for password on _login</property>
+                        <property name="tooltip_text" translatable="yes">Allow this user to open a local session without entering his password. The password will still be required to perform administrative tasks.</property>
+                        <property name="use_underline">True</property>
+                        <property name="relief">GTK_RELIEF_NORMAL</property>
+                        <property name="focus_on_click">True</property>
+                        <property name="active">False</property>
+                        <property name="sensitive">False</property>
+                        <property name="inconsistent">False</property>
+                        <property name="draw_indicator">True</property>
+                      </object>
+                      <packing>
+                        <property name="left_attach">1</property>
+                        <property name="right_attach">4</property>
+                        <property name="top_attach">7</property>
+                        <property name="bottom_attach">8</property>
+                        <property name="x_options">fill</property>
+                        <property name="y_options"></property>
+                      </packing>
+                    </child>
+                    <child>
                       <object class="GtkRadioButton" id="user_passwd_manual">
                         <property name="visible">True</property>
                         <property name="can_focus">True</property>
diff --git a/src/users/user-settings.c b/src/users/user-settings.c
index 62e9192..5b787e6 100644
--- a/src/users/user-settings.c
+++ b/src/users/user-settings.c
@@ -38,6 +38,7 @@
 #include "user-settings.h"
 #include "privileges-table.h"
 #include "groups-table.h"
+#include "group-settings.h"
 #include "test-battery.h"
 #include "user-profiles.h"
 
@@ -242,6 +243,74 @@ get_main_group (const gchar *name)
 	return group;
 }
 
+/* Retrieve the NO_PASSWD_LOGIN_GROUP.
+ * Don't forget to unref the returned group when done. */
+static OobsGroup *
+get_no_passwd_login_group ()
+{
+	OobsGroupsConfig *config;
+	OobsList *groups_list;
+	OobsListIter iter;
+	OobsGroup *group;
+	gboolean valid;
+	const gchar *group_name;
+	gid_t gid;
+
+	config = OOBS_GROUPS_CONFIG (GST_USERS_TOOL (tool)->groups_config);
+	groups_list = oobs_groups_config_get_groups (config);
+	valid = oobs_list_get_iter_first (groups_list, &iter);
+
+	while (valid) {
+		group = OOBS_GROUP (oobs_list_get (groups_list, &iter));
+		group_name = oobs_group_get_name (group);
+
+		if (group_name && strcmp (NO_PASSWD_LOGIN_GROUP, group_name) == 0)
+			return group;
+
+		valid = oobs_list_iter_next (groups_list, &iter);
+	}
+
+	return NULL;
+}
+
+static gboolean
+is_user_in_group (OobsUser  *user,
+		  OobsGroup *group)
+{
+	OobsUser *tmp_user;
+	GList *users = NULL;
+	GList *l;
+
+	if (!user || !group)
+		return FALSE;
+
+	users = oobs_group_get_users (group);
+	for (l = users; l; l = l->next) {
+		tmp_user = l->data;
+		if (tmp_user == user)
+			break;
+	}
+	g_list_free (users);
+
+	return l != NULL;
+}
+
+static gboolean
+is_user_root (OobsUser *user)
+{
+	const gchar *login;
+
+	if (!user)
+		return FALSE;
+
+	login = oobs_user_get_login_name (user);
+
+	if (!login)
+		return FALSE;
+
+	return (strcmp (login, "root") == 0);
+}
+
 static uid_t
 find_new_uid (gint uid_min,
 	      gint uid_max)
@@ -312,6 +381,7 @@ GtkWidget *
 user_settings_dialog_new (OobsUser *user)
 {
 	OobsUsersConfig *config;
+	OobsGroup *no_passwd_login_group;
 	GtkWidget *dialog, *widget;
 	const gchar *login = NULL;
 	gchar *title;
@@ -389,6 +459,25 @@ user_settings_dialog_new (OobsUser *user)
 	widget = gst_dialog_get_widget (tool->main_dialog, "user_passwd_manual");
 	gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (widget), TRUE);
 
+	/* set option to skip password check at login */
+	widget = gst_dialog_get_widget (tool->main_dialog, "user_passwd_no_check");
+	no_passwd_login_group = get_no_passwd_login_group ();
+	/* root should not be allowed to login without password,
+	 * and we disable the feature if the group does not exist */
+	if (is_user_root (user) || no_passwd_login_group == NULL) {
+		gtk_widget_set_sensitive (widget, FALSE);
+		gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (widget), FALSE);
+	}
+	else {
+		gtk_widget_set_sensitive (widget, TRUE);
+		if (is_user_in_group (user, no_passwd_login_group))
+			gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (widget), TRUE);
+		else
+			gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (widget), FALSE);
+	}
+	if (no_passwd_login_group)
+		g_object_unref (no_passwd_login_group);
+
 	if (!login)
 		table_set_default_profile (GST_USERS_TOOL (tool));
 
@@ -396,22 +485,6 @@ user_settings_dialog_new (OobsUser *user)
 }
 
 static gboolean
-is_user_root (OobsUser *user)
-{
-	const gchar *login;
-
-	if (!user)
-		return FALSE;
-
-	login = oobs_user_get_login_name (user);
-
-	if (!login)
-		return FALSE;
-
-	return (strcmp (login, "root") == 0);
-}
-
-static gboolean
 login_exists (const gchar *login)
 {
 	OobsUsersConfig *config;
@@ -638,6 +711,10 @@ user_settings_dialog_get_data (GtkWidget *dialog)
 {
 	GtkWidget *widget;
 	OobsGroup *group;
+	OobsGroup *no_passwd_login_group;
+	OobsGroupsConfig *groups_config;
+	OobsList *groups_list;
+	OobsListIter list_iter;
 	OobsUser *user;
 	const gchar *str;
 	gboolean password_changed;
@@ -690,6 +767,19 @@ user_settings_dialog_get_data (GtkWidget *dialog)
 		oobs_user_set_password (user, gtk_entry_get_text (GTK_ENTRY (widget)));
 	}
 
+	/* allowed to login without password? */
+	widget = gst_dialog_get_widget (tool->main_dialog, "user_passwd_no_check");
+	no_passwd_login_group = get_no_passwd_login_group ();
+	if (!is_user_root (user) && no_passwd_login_group != NULL) {
+		if (gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget)))
+			oobs_group_add_user (no_passwd_login_group, user);
+		else
+			oobs_group_remove_user (no_passwd_login_group, user);
+	}
+	if (no_passwd_login_group)
+		g_object_unref (no_passwd_login_group);
+
+	/* set main group */
 	group = get_main_group (oobs_user_get_login_name (user));
 	oobs_user_set_main_group (user, group);
 	g_object_unref (group);
diff --git a/src/users/user-settings.h b/src/users/user-settings.h
index 2aecaf0..5a23d50 100644
--- a/src/users/user-settings.h
+++ b/src/users/user-settings.h
@@ -24,6 +24,8 @@
 #ifndef __USER_SETTINGS_H
 #define __USER_SETTINGS_H
 
+#define NO_PASSWD_LOGIN_GROUP "nopasswdlogin"
+
 gboolean        user_delete                      (GtkTreeModel *model,
 						  GtkTreePath *path);
 GtkWidget *     user_settings_dialog_new         (OobsUser *user);
[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]