[gnome-initial-setup/new-user-mode-fixes: 3/3] Bug 758592: Only run the keyring manually for new user mode.



commit a6ae059a7fab60cae534f78eb485960a7b406be5
Author: Tristan Van Berkom <tristan vanberkom codethink co uk>
Date:   Tue Nov 24 10:54:55 2015 +0000

    Bug 758592: Only run the keyring manually for new user mode.
    
    When creating the initial user using the gnome-initial-setup user
    itself, the session started by gdm is not a regular user session
    and so the keyring is not expected to run as usual via the gdm-password
    PAM service.
    
    To properly manage the login keyring for online accounts in order
    to hand it off successfully to the newly created user, we must both
    unlock the keyring initially with an actual password (as gnome-keyring
    will simply ignore a null or empty password) and also update that
    keyring's password once the user has chosen their password directly
    before automatically logging into the new user's session.
    
    In the case that we are not creating a new user via the gnome-initial-setup
    user session, there is no need for any of this because the keyring is
    already expected to be running as the new user has already logged into
    a regular user session.

 gnome-initial-setup/gnome-initial-setup.c          |   13 +++++++++++--
 .../pages/password/gis-password-page.c             |    8 +++++++-
 2 files changed, 18 insertions(+), 3 deletions(-)
---
diff --git a/gnome-initial-setup/gnome-initial-setup.c b/gnome-initial-setup/gnome-initial-setup.c
index ce9b679..57284ba 100644
--- a/gnome-initial-setup/gnome-initial-setup.c
+++ b/gnome-initial-setup/gnome-initial-setup.c
@@ -190,6 +190,7 @@ main (int argc, char *argv[])
   GisDriver *driver;
   int status;
   GOptionContext *context;
+  GisDriverMode mode;
 
   GOptionEntry entries[] = {
     { "existing-user", 0, 0, G_OPTION_ARG_NONE, &force_existing_user_mode,
@@ -221,9 +222,17 @@ main (int argc, char *argv[])
   }
 #endif
 
-  gis_ensure_login_keyring ();
+  mode = get_mode ();
 
-  driver = gis_driver_new (get_mode ());
+  /* When we are running as the gnome-initial-setup user we
+   * dont have a normal user session and need to initialize
+   * the keyring manually so that we can pass the credentials
+   * along to the new user in the handoff.
+   */
+  if (mode == GIS_DRIVER_MODE_NEW_USER)
+    gis_ensure_login_keyring ();
+
+  driver = gis_driver_new (mode);
   g_signal_connect (driver, "rebuild-pages", G_CALLBACK (rebuild_pages_cb), NULL);
   status = g_application_run (G_APPLICATION (driver), argc, argv);
 
diff --git a/gnome-initial-setup/pages/password/gis-password-page.c 
b/gnome-initial-setup/pages/password/gis-password-page.c
index 5acd5c8..e25bd0e 100644
--- a/gnome-initial-setup/pages/password/gis-password-page.c
+++ b/gnome-initial-setup/pages/password/gis-password-page.c
@@ -96,7 +96,13 @@ gis_password_page_save_data (GisPage *gis_page)
 
   gis_driver_set_user_permissions (gis_page->driver, act_user, password);
 
-  gis_update_login_keyring_password (password);
+  /* When creating a new user, after having setup the password in the
+   * users account we need to update the password for the gnome-initial-setup
+   * user as well so that the login keyring we intend to handoff to the
+   * new user has a matching authentication token.
+   */
+  if (gis_driver_get_mode (gis_page->driver) == GIS_DRIVER_MODE_NEW_USER)
+    gis_update_login_keyring_password (password);
 }
 
 static void


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]