Re: Patch review request for gdm2

From: Niall Power - Sun Microsystems Ireland <Niall Power Sun COM>
To: pedro noticioso <cucnews yahoo com>
Cc: gdm sunsite dk, brian cameron Sun COM
Subject: Re: Patch review request for gdm2
Date: Thu, 17 Apr 2003 18:42:34 +0100
Thanks Pedro ;)

(this isn't the official company line :)
As far as I know the card reader hardware only works with 
solaris running on sparc hardware. The hardware support 
would have to be done at the linux kernel level to work on
PC's and I'm not sure what kind of smartcard hardware is
available for PC's. Pam isn't an issue that I'm aware of.
The smartcard authentication process is just another pam
module.

I hope I've answered your question.

Thanks,
Niall.


On Tue, 2003-04-15 at 22:48, pedro noticioso wrote:
> Nice patch Niall, since you are in SUN, Id like to ask
> you, is it possible to implement the smart card
> feature from sun hardware into GDM and pcs? I think it
> carrying (a loosable? hehe)  card looks fancyer than
> remembering a login and password, my first thoughts
> run into PAM, but I really have no clue on there to go
> with it 8)
> 
> thanks! 8)
> 
> --- Niall Power - Sun Microsystems Ireland
> <Niall Power Sun COM> wrote:
> > Hi,
> > 
> > I'm working on implementing an accessible login
> > solution using the gnome
> > accessibility framework and gdm2. One of the
> > requirements is that 
> > acccessibility features can be initialised at the
> > gdm login screen.
> > This can be acheived by using loading the greeter
> > program (gdmlogin or
> > gdmgreeter) with additional gtk modules. Loading of
> > additional modules
> > can be a configurable option by adding options to
> > the configuration
> > file: gdm.conf
> > I am attaching a patch that implements this. I would
> > like to get this
> > integrated into gdm cvs HEAD asap if you are happy
> > with the patch.
> > Please provide your valued feedback and comments.
> > 
> > Thanks,
> > Niall.
> > -- 
> > Niall Power - Sun Microsystems Ireland
> > <niall power sun com>
> > > ? gdm2/autom4te.cache
> > Index: gdm2/config/gdm.conf.in
> >
> ===================================================================
> > RCS file: /cvs/gnome/gdm2/config/gdm.conf.in,v
> > retrieving revision 1.74
> > diff -u -p -r1.74 gdm.conf.in
> > --- gdm2/config/gdm.conf.in	9 Apr 2003 12:41:36
> > -0000	1.74
> > +++ gdm2/config/gdm.conf.in	9 Apr 2003 18:13:08
> > -0000
> > @@ -52,6 +52,12 @@
> > Greeter= EXPANDED_BINDIR@/gdmlogin
> >  # Greeter for xdmcp logins, usually you want a less
> > graphically intensive
> >  # greeter here so it's better to leave this with
> > gdmlogin
> >  RemoteGreeter= EXPANDED_BINDIR@/gdmlogin
> > +# Launch the greeter with an additional list of
> > colon seperated gtk 
> > +# modules. This is useful for enabling additional
> > feature support 
> > +# e.g. gnome accessibility framework. Only
> > "trusted" modules should
> > +# be allowed to minimise security holes
> > +AddGtkModules=false
> > +GtkModulesList=gail:atk-bridge
> >  # User and group that gdm should run as.  Probably
> > should be gdm and gdm and
> >  # you should create these user and group.  Anyone
> > found running this as
> >  # someone too privilaged will get a kick in the
> > ass.  This should have
> > Index: gdm2/daemon/gdm.c
> >
> ===================================================================
> > RCS file: /cvs/gnome/gdm2/daemon/gdm.c,v
> > retrieving revision 1.125
> > diff -u -p -r1.125 gdm.c
> > --- gdm2/daemon/gdm.c	11 Sep 2002 19:57:10 -0000
> > 1.125
> > +++ gdm2/daemon/gdm.c	9 Apr 2003 18:13:08 -0000
> > @@ -110,10 +110,12 @@ gchar *GdmConfigurator = NULL;
> >  gboolean GdmConfigAvailable = FALSE;
> >  gboolean GdmSystemMenu = FALSE;
> >  gboolean GdmBrowser = FALSE;
> > +gboolean GdmAddGtkModules = FALSE;
> >  gchar *GdmGlobalFaceDir = NULL;
> >  gint GdmXineramaScreen = 0;
> >  gchar *GdmGreeter = NULL;
> >  gchar *GdmRemoteGreeter = NULL;
> > +gchar *GdmGtkModulesList = NULL;
> >  gchar *GdmChooser = NULL;
> >  gchar *GdmLogDir = NULL;
> >  gchar *GdmDisplayInit = NULL;
> > @@ -240,6 +242,8 @@ gdm_config_parse (void)
> >      GdmAlwaysRestartServer = gnome_config_get_bool
> > (GDM_KEY_ALWAYSRESTARTSERVER);
> >      GdmGreeter = gnome_config_get_string
> > (GDM_KEY_GREETER);
> >      GdmRemoteGreeter = gnome_config_get_string
> > (GDM_KEY_REMOTEGREETER);
> > +    GdmAddGtkModules = gnome_config_get_bool
> > (GDM_KEY_ADD_GTK_MODULES);
> > +    GdmGtkModulesList = gnome_config_get_string
> > (GDM_KEY_GTK_MODULES_LIST);	
> >      GdmGroup = gnome_config_get_string
> > (GDM_KEY_GROUP);
> >      GdmHalt = gnome_config_get_string
> > (GDM_KEY_HALT);
> >      GdmKillInitClients = gnome_config_get_bool
> > (GDM_KEY_KILLIC);
> > Index: gdm2/daemon/gdm.h
> >
> ===================================================================
> > RCS file: /cvs/gnome/gdm2/daemon/gdm.h,v
> > retrieving revision 1.112
> > diff -u -p -r1.112 gdm.h
> > --- gdm2/daemon/gdm.h	28 Feb 2003 20:30:54 -0000
> > 1.112
> > +++ gdm2/daemon/gdm.h	9 Apr 2003 18:13:08 -0000
> > @@ -128,6 +128,8 @@ enum {
> >  #define GDM_KEY_ALWAYSRESTARTSERVER
> > "daemon/AlwaysRestartServer=true"
> >  #define GDM_KEY_GREETER "daemon/Greeter="
> > EXPANDED_BINDIR "/gdmlogin"
> >  #define GDM_KEY_REMOTEGREETER
> > "daemon/RemoteGreeter=" EXPANDED_BINDIR "/gdmlogin"
> > +#define GDM_KEY_ADD_GTK_MODULES
> > "daemon/AddGtkModules=false"
> > +#define GDM_KEY_GTK_MODULES_LIST
> > "daemon/GtkModulesList=" "gail:atk-bridge"
> >  #define GDM_KEY_GROUP "daemon/Group=gdm"
> >  #define GDM_KEY_HALT
> >
> "daemon/HaltCommand=/usr/bin/poweroff;/sbin/poweroff;/sbin/shutdown
> > -h now;/usr/sbin/shutdown -h now"
> >  #define GDM_KEY_INITDIR "daemon/DisplayInitDir="
> > EXPANDED_SYSCONFDIR "/gdm/Init"
> > Index: gdm2/daemon/slave.c
> >
> ===================================================================
> > RCS file: /cvs/gnome/gdm2/daemon/slave.c,v
> > retrieving revision 1.166
> > diff -u -p -r1.166 slave.c
> > --- gdm2/daemon/slave.c	9 Apr 2003 12:41:37 -0000
> > 1.166
> > +++ gdm2/daemon/slave.c	9 Apr 2003 18:13:09 -0000
> > @@ -108,12 +108,14 @@ extern gchar *GdmLocaleFile;
> >  extern gchar *GdmAutomaticLogin;
> >  extern gboolean GdmAllowRemoteAutoLogin;
> >  extern gboolean GdmAlwaysRestartServer;
> > +extern gboolean GdmAddGtkModules;
> >  extern gchar *GdmConfigurator;
> >  extern gboolean GdmConfigAvailable;
> >  extern gboolean GdmSystemMenu;
> >  extern gint GdmXineramaScreen;
> >  extern gchar *GdmGreeter;
> >  extern gchar *GdmRemoteGreeter;
> > +extern gchar *GdmGtkModulesList;
> >  extern gchar *GdmChooser;
> >  extern gchar *GdmDisplayInit;
> >  extern gchar *GdmPreSession;
> > @@ -1638,6 +1640,14 @@ gdm_slave_greeter (void)
> >  		argv = ve_split (GdmGreeter);
> >  	else
> >  		argv = ve_split (GdmRemoteGreeter);
> > +	if (GdmAddGtkModules &&
> > !(ve_string_empty(GdmGtkModulesList))) {
> > +		gchar *modules = 
> > g_strdup_printf("--gtk-module=%s",
> > GdmGtkModulesList);
> > +		execl (argv[0], argv[0], modules, NULL);
> > +		/* Something went wrong */
> > +		gdm_error (_("gdm_slave_greeter: Cannot start
> > greeter with gtk modules: %s. Trying without
> > modules"),
> > +		   GdmGtkModulesList);
> > +		g_free(modules);
> > +	}
> >  	execv (argv[0], argv);
> >  
> >  	gdm_error (_("gdm_slave_greeter: Cannot start
> > greeter trying default: %s"),
> > Index: gdm2/docs/C/gdm.xml
> >
> ===================================================================
> > RCS file: /cvs/gnome/gdm2/docs/C/gdm.xml,v
> > retrieving revision 1.3
> > diff -u -p -r1.3 gdm.xml
> > --- gdm2/docs/C/gdm.xml	10 Dec 2001 13:27:09 -0000
> > 1.3
> > +++ gdm2/docs/C/gdm.xml	9 Apr 2003 18:13:09 -0000
> > @@ -501,6 +501,19 @@
> >  	  <title>[daemon]</title>
> >  
> >  	  <varlistentry>
> > +	    <term>AddGtkModules</term>
> > +		<listitem>
> > +	      <synopsis>AddGtkModules=false</synopsis>
> > +	      <para>
> > +	    If true, then enables gdmgreeter/gdmlogin to
> > be launched with
> > +	    additional Gtk+ modules. This is useful when
> > extra feaures are
> > +	    required such as accessibile login. Note that
> > only "trusted"
> > +	    modules should be used to minimise security
> > issues.
> > +	      </para>
> > +	    </listitem>
> > +	  </varlistentry>
> > +
> > +	  <varlistentry>
> >  	    <term>AlwaysRestartServer</term>
> >  	    <listitem>
> >  	     
> > <synopsis>AlwaysRestartServer=false</synopsis>
> > @@ -647,6 +660,18 @@
> >  	    </listitem>
> >  	  </varlistentry>
> >  	  
> > +	  <varlistentry>
> > +	    <term>GtkModulesList</term>
> > +	    <listitem>
> > +	     
> >
> <synopsis>GtkModuleList=module-1:module-2:...</synopsis>
> > +	      <para>
> > +	    A colon seperated list of Gtk+ modules that
> > gdmgreeter/gdmlogin
> > +	    will be invoked with if AddGtkModules is true.
> > The format is the 
> > +	    same as the standard Gtk+ module interface.
> > +	      </para>
> > +	    </listitem>
> > +	  </varlistentry>
> > +
> >  	  <varlistentry>
> >  	    <term>HaltCommand</term>
> >  	    <listitem>
> > 
> > >
> ---------------------------------------------------------------------
> > To unsubscribe, e-mail: gdm-unsubscribe sunsite dk
> > For additional commands, e-mail: gdm-help sunsite dk
> 
> 
> __________________________________________________
> Do you Yahoo!?
> The New Yahoo! Search - Faster. Easier. Bingo
> http://search.yahoo.com
-- 
Niall Power - Sun Microsystems Ireland <niall power sun com>
References:
- Re: Patch review request for gdm2
  - From: pedro noticioso
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]