[gdm/wip/just-in-time-reauth] manager: explicitly disallow login screen from opening reauth channel
- From: Ray Strode <halfline src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gdm/wip/just-in-time-reauth] manager: explicitly disallow login screen from opening reauth channel
- Date: Tue, 18 Feb 2014 16:07:52 +0000 (UTC)
commit 0c6174a35b7eb5f78bb3687400f7630f57e36185
Author: Ray Strode <rstrode redhat com>
Date: Wed Feb 12 14:22:31 2014 -0500
manager: explicitly disallow login screen from opening reauth channel
It doesn't make sense for it to do, and right now the shell does it
up front, waits for the failure, and then does the "right" thing
(opens a new auth session) after.
This commit makes the failure explicit, so we can subsequently make
other cases where a reauth channel is requested work even if there is
no session to channel to by implicitly creating a transient one just
in time. That will come later.
daemon/gdm-manager.c | 104 ++++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 104 insertions(+), 0 deletions(-)
---
diff --git a/daemon/gdm-manager.c b/daemon/gdm-manager.c
index 5108c37..b3b6370 100644
--- a/daemon/gdm-manager.c
+++ b/daemon/gdm-manager.c
@@ -272,6 +272,95 @@ lookup_by_session_id (const char *id,
return res;
}
+#ifdef WITH_CONSOLE_KIT
+static gboolean
+is_consolekit_login_session (GdmManager *self,
+ GDBusConnection *connection,
+ const char *session_id,
+ GError **error)
+{
+ GVariant *reply;
+ char *session_type = NULL;
+
+ reply = g_dbus_connection_call_sync (connection,
+ "org.freedesktop.ConsoleKit",
+ session_id,
+ "org.freedesktop.ConsoleKit.Session",
+ "GetSessionType",
+ NULL,
+ G_VARIANT_TYPE ("(s)"),
+ G_DBUS_CALL_FLAGS_NONE,
+ -1,
+ NULL,
+ error);
+ if (reply == NULL) {
+ return FALSE;
+ }
+
+ g_variant_get (reply, "(s)", &session_type);
+ g_variant_unref (reply);
+
+ if (g_strcmp0 (session_type, "LoginWindow") != 0) {
+ g_free (session_type);
+
+ return FALSE;
+ }
+
+ g_free (session_type);
+ return TRUE;
+}
+#endif
+
+#ifdef WITH_SYSTEMD
+static gboolean
+is_systemd_login_session (GdmManager *self,
+ const char *session_id,
+ GError **error)
+{
+ char *session_class = NULL;
+ int ret;
+
+ ret = sd_session_get_class (session_id, &session_class);
+
+ if (ret < 0) {
+ g_set_error (error,
+ GDM_DISPLAY_ERROR,
+ GDM_DISPLAY_ERROR_GETTING_SESSION_INFO,
+ "Error getting class for session id %s from systemd: %s",
+ session_id,
+ g_strerror (-ret));
+ return FALSE;
+ }
+
+ if (g_strcmp0 (session_class, "greeter") != 0) {
+ g_free (session_class);
+ return FALSE;
+ }
+
+ g_free (session_class);
+ return TRUE;
+}
+#endif
+
+static gboolean
+is_login_session (GdmManager *self,
+ GDBusConnection *connection,
+ const char *session_id,
+ GError **error)
+{
+#ifdef WITH_SYSTEMD
+ if (LOGIND_RUNNING()) {
+ return is_systemd_login_session (self, session_id, error);
+ }
+#endif
+
+#ifdef WITH_CONSOLE_KIT
+ return is_consolekit_login_session (self, connection, session_id, error);
+#endif
+
+ return FALSE;
+}
+
static GdmDisplay *
get_display_and_details_for_bus_sender (GdmManager *self,
GDBusConnection *connection,
@@ -285,6 +374,7 @@ get_display_and_details_for_bus_sender (GdmManager *self,
int ret;
GPid pid;
uid_t caller_uid, session_uid;
+ gboolean is_login_screen;
ret = gdm_dbus_get_pid_for_name (sender, &pid, &error);
@@ -313,6 +403,20 @@ get_display_and_details_for_bus_sender (GdmManager *self,
goto out;
}
+ is_login_screen = is_login_session (self, connection, session_id, &error);
+
+ if (error != NULL) {
+ g_debug ("GdmManager: Error while checking if sender is login screen: %s",
+ error->message);
+ g_error_free (error);
+ goto out;
+ }
+
+ if (is_login_screen) {
+ g_debug ("GdmManager: caller is login screen");
+ goto out;
+ }
+
if (!get_uid_for_session_id (connection, session_id, &session_uid, &error)) {
g_debug ("GdmManager: Error while retrieving uid for session: %s",
error->message);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
