Re: [gdm-list] how to "talk" with gdm
- From: Anderson Goulart <global codekab com>
- To: Brian Cameron <brian cameron oracle com>
- Cc: gdm-list gnome org
- Subject: Re: [gdm-list] how to "talk" with gdm
- Date: Thu, 8 Apr 2010 18:43:35 -0300
Hello Brian,
I am still confused about what you've said, because pam_pkcs11 module is enabled and is the first module on the stack. But it is only used (PIN prompt appears) after the user press ENTER (I want to remove this "enter" part - the prompt should appears when the smartcard is inserted). So from the beginning of gdm start, simple-greeter presents the user/password prompt before talk to PAM. At least (in the gdm source coode, more precisily simple-greeter) we got .glade file with login window using show_widget("login_window", "auth-input-box"...) that shows the password prompt for the user... am I wrong?
I think (but I am not sure) that developing a new pam module would not solve my problem. Because I need to have a process running and polling dbus for a signal from the smartcard reader.
thanks, global
On Thu, Apr 8, 2010 at 5:33 PM, Brian Cameron
<brian cameron oracle com> wrote:
Anderson:
Note that GDM uses PAM (Pluggable Authentication Mechanism) modules
to actually manage all prompting of the user and handling the actual
verification of whatever the user responds with. GDM just blindly
presents the prompts and passes any response back to the PAM module
which handles all authentication.
So, you won't find any code in GDM that manages changing how the
prompts are displayed or dealt with. It sounds like you might need
to create your own PAM module and configure the "gdm" stack in your
PAM configuration to use your PAM module. Then you can have control
over how GDM prompts the user.
While there are some people on this list who have some experience
with PAM, there are probably other forums where you would likely
get more help with PAM-specific questions.
Brian
I am trying to develop a simple window with one entry (pin code) to
authenticate an smartcard on GDM 2.24. I am studying gdm code for a few
days trying to find a simple way to do that. I could have some ideas,
but I got lost on gobject code and IPC mechanism used. Looking at
GdmGreeterLoginWindow object I saw that it register some signals and
when the password is captured a "query-answer" signal is emited. But I
could not understand how this signal get captured by gdm-slave process
and how this information is sent (encapsulated). Could anyone explain
how it works?
To avoid modifying gdm source code and making things easier, I wrote a
simple binary that reads from dbus the information of insertion/removing
the smartcard and show/hide the PIN code window entry. Now what I just
need is to send this text_entry to gdm daemon (and obviously, PAM -
pam_pkcs11). Any ideas on how can I do that?
ps: this program is started by gdm autostart
(/usr/share/gdm/autostart/LoginWindow/program.desktop). It is working on
the sense of appearing and disappearing the window, but not the "talk
mechanism" with gdm to verify the pin code.
Thanks in advance,
Global
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]