Re: [gdm-list] Per-user session scripts for GDM defaults?



> It would be reasonable to file an RFE in the "gdm" category at
> http://bugzilla.gnome.org/ with this request.  It seems reasonable to
> add a hook to these scripts so that sysadmins can specify additional
> code to run without needing to modify the scripts shipped as a part of
> GDM.

I was hoping to convince a developer to try this themselves,
so they'd push it thorough.

If nobody gets interested enough, well,
perhaps it is less useful than I believed.

> As I think about this, one possible workaround which might work well
> for some users...
>
> Note that GDM supports running per-display PreSession and PostSession
> scripts.  So, if you have an executable script named:
>
> /etc/gdm/PreSession/:0

That was my first choice, too.

> This should work well and avoid
> issues with the default scripts changing on upgrade.

Only if :0 executes Default, and you have the Default
provided and maintained by your distribution.

That way, the changes the distribution needs in the GDM startup
will always be included, but your own scripts are also run.

A bit too fragile for my taste, thank you.

> It probably does not make sense to integrate Firefox specific code
> into the default GDM scripts.

No, obviously not. That's why I only linked to it.

I'm assuming other developers use Linux minilaptops when travelling,
and that little script helps a lot, there. Tryy eeet.
You'll need to make sure you're using a tmpfs at /tmp or
set up one at /ramtmp, yourself; also remember to configure Firefox
to limit its temprary files to a safe small size, few megabytes.

I wanted to see if I could lure a GDM developer to see for themselves
exactly how useful this is, and let them work the red tape.

> However, adding a hook so that
> the GDM PostLogin, PreSession, and PostLogin scripts can run a
> separate script defined by the sysadmin would make sense.

I was hoping to add hooks for *users* to run those.

For improved security, one could even redirect stdin/stdout/stderr
and run the scripts in a new session using setsid. That would
completely detach the scripts from gdm.

> Perhaps, for
> example, /etc/gdm/PreSession/Default could check for the existence of a
> script named /etc/gdm/PreSession/Default.system and run it if it is
> present.

I'd rather just extend
	daemon/gdm-slave.c: gdm_slave_run_script()
to search and run multiple (matching) files,
in addition to a global one. For example:
	.../always
	.../$DISPLAY
	.../root:$USER
	.../root:$USER$DISPLAY
Personally, I'd also like to have the forked child process drop
privileges and run
	.../users
	.../users$DISPLAY
	.../user:$USER
	.../user:$USER$DISPLAY
as the user themselves, if these files exist,
because the child could detach and drop privileges once,
and then run all four scripts, if they exist.

> Also, providing a proposed patch for discussion would likely speed the
> process.

Here is an example patch to PostSession/Default and PreSession/Default
for gdm-2.28.2 to run per-user session scripts with user privileges
(and not root privileges).

When logging in or out, all scripts in $HOME/.session/
are run as the user, with parameter PreSession (if logging in) or
PostSession (if logging out).

diff -Naru gdm-2.28.2.original/data/PostSession.in gdm-2.28.2/data/PostSession.in
--- gdm-2.28.2.original/data/PostSession.in	2009-12-17 00:46:13.000000000 +0200
+++ gdm-2.28.2/data/PostSession.in	2010-05-25 06:02:27.441598505 +0300
@@ -1,3 +1,13 @@
 #!/bin/sh

+# Run any session scripts the user might have.
+#
+if [ -n "$USER" -a -n "$HOME" -a -d "$HOME/.session/" ]; then
+	for script in "$HOME/.session"/* ; do
+		if [ -f "$script" ]; then
+			su -l "$USER" "$script" postsession
+		fi
+	done
+fi
+
 exit 0

diff -Naru gdm-2.28.2.original/data/PreSession.in
gdm-2.28.2/data/PreSession.in
--- gdm-2.28.2.original/data/PreSession.in	2009-12-17 00:46:13.000000000 +0200
+++ gdm-2.28.2/data/PreSession.in	2010-05-25 05:58:46.598702280 +0300
@@ -7,3 +7,14 @@
 # Note that output goes into the .xsession-errors file for easy debugging
 #
 PATH="@X_PATH@:$PATH:/bin:/usr/bin"
+
+# Run any session scripts the user might have.
+#
+if [ -n "$USER" -a -n "$HOME" -a -d "$HOME/.session/" ]; then
+	for script in "$HOME/.session"/* ; do
+		if [ -f "$script" ]; then
+			su -l "$USER" "$script" presession
+		fi
+	done
+fi
+

Terve,
	Jouko


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]