Re: [gdm-list] GObject branch

["William Jon McCann" <mccann jhu edu>]

On 6/4/07, Ray Strode <halfline gmail com> wrote:
...
> I think the gdm integration should basically be:
>
> 1) Listen for Inserted or Removed dbus signal and reset pam conversation.
>
> That's it.  the pam stack should do the rest.

Sounds good.

> Now, having said that...  PAM modules can get pretty dirty.  They do
> bad things to the running process, crash, block indefinitely, mess
> with the environment, etc, so I think every pam conversation should
> always be run in its own process, independent of anything else.  There
> is just too much that can go wrong otherwise.
>
> One complication is that the login session must be run from the
> process that pam ran in, because it sets up the environment for the
> session.  So we need to fork() early before starting the pam
> conversation, die in the child if the conversation fails, or exec the
> session if the conversation succeeds.  Anything unrelated to starting
> a login session should happen inside the parent process.
>
> I tried to make some progress on that front some time ago here:
>
> http://people.redhat.com/rstrode/session.h
> http://people.redhat.com/rstrode/session.c

Agree.  And this looks great already!  Made a few minor changes
(mostly for style consistency) and committed to the branch.  Separated
out the test program.  Thanks Ray - this saves a lot of time and
effort.

> But I never finished, and since d-bus is a requirement of gdm now, it
> makes a lot of sense to use dbus instead of the ugly, socket protocol
> I came up with at the time.

Yeah, perhaps.  Not too worried about that yet since it is an internal
detail.  Also, last I tried D-Bus didn't like having connections open
in both parent and child of a fork without exec.  Next thing to do is
just make the greeter talk to this object over D-Bus...

Thanks,
Jon