diff options
authorsirlucjan2015-06-08 17:41:50 +0200
committersirlucjan2015-06-08 17:41:50 +0200
commit49f4ed39ae772f46d7619615d122caa0dca077cf (patch)
9 files changed, 1035 insertions, 0 deletions
diff --git a/.SRCINFO b/.SRCINFO
new file mode 100644
index 00000000000..9e1d2669909
--- /dev/null
+++ b/.SRCINFO
@@ -0,0 +1,60 @@
+pkgbase = mdm-display-manager
+ pkgdesc = The MDM Display Manager
+ pkgver = 1.8.3
+ pkgrel = 1
+ url =
+ install = mdm-display-manager.install
+ arch = i686
+ arch = x86_64
+ license = GPL
+ makedepends = gnome-common
+ makedepends = intltool
+ makedepends = perl
+ makedepends = gnome-doc-utils
+ makedepends = xorg-server
+ makedepends = pango
+ makedepends = zenity
+ makedepends = popt
+ makedepends = pkg-config
+ makedepends = automake
+ makedepends = autoconf
+ makedepends = libtool
+ depends = pam
+ depends = libdmx
+ depends = gtk2
+ depends = libgnomecanvas
+ depends = librsvg
+ depends = libxml2
+ depends = libart-lgpl
+ depends = dbus-glib
+ depends = libwebkit
+ provides = gdm
+ provides = gdm-old
+ provides = mate-display-manager
+ provides = mdm
+ conflicts = gdm
+ conflicts = mate-display-manager
+ conflicts = mdm
+ replaces = mate-display-manager
+ replaces = mdm
+ options = !libtool
+ backup = etc/mdm/custom.conf
+ backup = etc/pam.d/mdm
+ backup = etc/pam.d/mdm-autologin
+ source =
+ source = mdm.pam
+ source = mdm.service
+ source = mdm-autologin.pam
+ source = defaults.conf
+ source = org.cinnamon.pkexec.mdmsetup.policy
+ source = mdm-plymouth.service
+ sha256sums = 912d8f7cfc950a70f68e09db46775687cd9b61a54a9d96b7715cf6eff79ba6ba
+ sha256sums = 8663192f02fbbcaf9b84a37a44d47af7381c18d4327c576ca7924baca2cc163b
+ sha256sums = d3dd582eb25bb31f012167069c869d3ce89c1dbd9b5aa7396350d8cf609994a5
+ sha256sums = 479e8fd4d5ef353fec5af776ad05e4f414a92d6f374f9b8f5deef77b9e301bc7
+ sha256sums = ce9448356c54d8de5b8af5cdef2b5c30b4e6ae970126ce0c4ef295be557bbd2a
+ sha256sums = bd22d536a7a1b455a8f8a45d7d8cc46156cb4ef5f3bc706dd73c89d503acad6b
+ sha256sums = 7579ed402ee0db60e0c40ddbb7b2c80be0aec4315e45aa525908bef8aa181bd6
+pkgname = mdm-display-manager
diff --git a/PKGBUILD b/PKGBUILD
new file mode 100644
index 00000000000..df379987ac9
--- /dev/null
@@ -0,0 +1,107 @@
+# Maintainer: Piotr Gorski <>
+pkgdesc="The MDM Display Manager"
+arch=('i686' 'x86_64')
+depends=('pam' 'libdmx' 'gtk2' 'libgnomecanvas' 'librsvg'
+ 'libxml2' 'libart-lgpl' 'dbus-glib' 'libwebkit')
+makedepends=('gnome-common' 'intltool' 'perl' 'gnome-doc-utils' 'xorg-server' 'pango' 'zenity' 'popt' 'pkg-config' 'automake' 'autoconf' 'libtool')
+provides=('gdm' 'gdm-old' 'mate-display-manager' 'mdm')
+conflicts=('gdm' 'mate-display-manager' 'mdm')
+replaces=('mate-display-manager' 'mdm')
+backup=('etc/mdm/custom.conf' 'etc/pam.d/mdm' 'etc/pam.d/mdm-autologin')
+ 'mdm.pam'
+ 'mdm.service'
+ 'mdm-autologin.pam'
+ 'defaults.conf'
+ 'org.cinnamon.pkexec.mdmsetup.policy'
+ 'mdm-plymouth.service')
+prepare() {
+cd ${srcdir}/${_pkgname}-${pkgver}
+aclocal --install
+build() {
+cd ${srcdir}/${_pkgname}-${pkgver}
+chmod +x ./
+export AUTOMAKE=automake
+./ --enable-ipv6=yes --with-prefetch \
+--prefix=/usr --with-console-kit=no --sysconfdir=/etc \
+--with-systemd --libexecdir=/usr/lib/mdm --localstatedir=/var/lib \
+--disable-static --with-xevie=yes --disable-scrollkeeper \
+--enable-secureremote=yes --enable-ipv6=yes \
+--enable-compile-warnings=no --sbindir=/usr/bin \
+LDFLAGS="-lXau -lm"
+sed -i -e 's|${prefix}|/usr|' config.h
+make DESTDIR=$pkgdir
+package() {
+cd ${srcdir}/${_pkgname}-${pkgver}
+make DESTDIR=$pkgdir install
+msg2 'Adding PAM rules'
+#PAM, we use our own, not LinuxMint stuff, problem?...
+install -m755 -d $pkgdir/etc/pam.d
+install -m644 $srcdir/mdm-autologin.pam $pkgdir/etc/pam.d/mdm-autologin
+install -m644 $srcdir/mdm.pam $pkgdir/etc/pam.d/mdm
+msg2 'Adding SystemD services'
+#systemd Init script, but ... SysV Inint is soo old
+install -m755 -d $pkgdir/usr/lib/systemd/system
+install -m644 $srcdir/mdm.service $pkgdir/usr/lib/systemd/system/mdm.service
+install -m644 $srcdir/mdm-plymouth.service $pkgdir/usr/lib/systemd/system/mdm-plymouth.service
+msg2 'Adding config files'
+install -m444 "${srcdir}/defaults.conf" "${pkgdir}/usr/share/mdm/"
+install -m444 "${srcdir}/defaults.conf" "${pkgdir}/usr/share/mdm/distro.conf"
+rm -f ${pkgdir}/usr/share/xsessions/gnome.desktop || true
+msg2 'Adding PolicyKit execution scheme'
+#PolicyKit execution scheme (need some tests)
+install -m755 -d $pkgdir/usr/share/polkit-1/actions/
+install -m644 $srcdir/org.cinnamon.pkexec.mdmsetup.policy $pkgdir/usr/share/polkit-1/actions/
+#Why on the hay this directory is created empty in etc, remove it
+rmdir $pkgdir/etc/dm
+msg2 'Adding faces'
+#Fix mdm files conflict with gnome-control-center (usr/share/pixmaps/faces/*)
+install -m755 -d $pkgdir/usr/share/pixmaps/faces/
+make DESTDIR=$pkgdir install -C gui/faces
+msg2 'Adding applications'
+#Fix gdmsetup.desktop
+sed -i -e 's|^Exec=gksu|Exec=pkexec|' $pkgdir/usr/share/mdm/applications/mdmsetup.desktop
+sed -i -e 's|^Categories=|Categories=GNOME;GTK;System;Settings;X-GNOME-Settings-Panel;X-GNOME-SystemSettings;X-XFCE-SettingsDialog;X-XFCE-SystemSettings;|' $pkgdir/usr/share/mdm/applications/mdmsetup.desktop
+#Fix erroneous path for certain applications
+install -m755 -d $pkgdir/usr/share/applications
+mv -f $pkgdir/usr/share/mdm/applications/*.* $pkgdir/usr/share/applications
+chmod 755 $pkgdir/usr/share/applications/*.*
+rmdir $pkgdir/usr/share/mdm/applications
+ '8663192f02fbbcaf9b84a37a44d47af7381c18d4327c576ca7924baca2cc163b'
+ 'd3dd582eb25bb31f012167069c869d3ce89c1dbd9b5aa7396350d8cf609994a5'
+ '479e8fd4d5ef353fec5af776ad05e4f414a92d6f374f9b8f5deef77b9e301bc7'
+ 'ce9448356c54d8de5b8af5cdef2b5c30b4e6ae970126ce0c4ef295be557bbd2a'
+ 'bd22d536a7a1b455a8f8a45d7d8cc46156cb4ef5f3bc706dd73c89d503acad6b'
+ '7579ed402ee0db60e0c40ddbb7b2c80be0aec4315e45aa525908bef8aa181bd6')
diff --git a/defaults.conf b/defaults.conf
new file mode 100644
index 00000000000..027a9020bbf
--- /dev/null
+++ b/defaults.conf
@@ -0,0 +1,748 @@
+# MDM System Defaults Configuration file.
+# This file should not be updated by hand. Since GDM, configuration
+# choices in the MDM Custom Configuration file will override the default
+# values specified in this file. This MDM System Defaults Configuration file
+# may be overwritten on upgrade, so to ensure that your configuration choices
+# are not lost, please make sure that your changes are made only the MDM Custom
+# Configuration file. The MDM Custom Configuration file is found at the
+# following location:
+# /etc/mdm/custom.conf
+# If you were using an older version of MDM, your system may have the the older
+# mdm.conf configuration file on the system. If so, then this file is used
+# instead of the MDM Custom Configuration file for backwards support. If you
+# make changes to the MDM Custom Configuration file and they seem to not be
+# taking effect, this is likely the problem. Consider migrating your
+# configuration to the new configuration file and removing the mdm.conf file.
+# You can use the mdmsetup program to graphically edit the mdm.conf-custom
+# file. Note that mdmsetup does not support every option in this file, just
+# the most common ones that users want to change. If you feel that mdmsetup
+# should support additional configuration options, please file a bug report at
+# If you hand-edit the MDM configuration, you should run the following command
+# to get the MDM daemon to recognize the change. Any running MDM GUI programs
+# will also be notified to update with the new configuration.
+# mdmflexiserver --command="UPDATE_CONFIG <configuration key>"
+# e.g, the "Enable" key in the "[debug]" section would be "debug/Enable".
+# You can also run mdm-restart or mdm-safe-restart to cause MDM to restart and
+# re-read the new configuration settings. You can also restart MDM by sending
+# a HUP or USR1 signal to the daemon. HUP behaves like mdm-restart and causes
+# any user session started by MDM to exit immediately while USR1 behaves like
+# mdm-safe-restart and will wait until all users log out before restarting MDM.
+# For full reference documentation see the GNOME help browser under
+# GNOME|System category. You can also find the docs in HTML form on
+# NOTE: Some values are commented out, but show their default values. Lines
+# that begin with "#" are considered comments.
+# Have fun!
+# Automatic login, if true the first attached screen will automatically logged
+# in as user as set with AutomaticLogin key.
+# Timed login, useful for kiosks. Log in a certain user after a certain amount
+# of time.
+# The MDM configuration program that is run from the login screen, you should
+# probably leave this alone.
+#Configurator=/usr/sbin/mdmsetup --disable-sound --disable-crash-dialog
+# The chooser program. Must output the chosen host on stdout, probably you
+# should leave this alone.
+# The greeter for attached (non-xdmcp) logins. Change mdmlogin to mdmgreeter
+# to get the new graphical greeter.
+# The greeter for xdmcp logins, usually you want a less graphically intensive
+# greeter here so it's better to leave this with mdmlogin
+# Launch the greeter with an additional list of colon separated GTK+ modules.
+# This is useful for enabling additional feature support e.g. GNOME
+# accessibility framework. Only "trusted" modules should be allowed to minimize
+# security holes
+# By default, these are the accessibility modules.
+# Default path to set. The profile scripts will likely override this value.
+# This value will be overridden with the value from /etc/default/login if it
+# contains "ROOT=<pathvalue>".
+# Default path for root. The profile scripts will likely override this value.
+# This value will be overridden with the value from /etc/default/login if it
+# contains "SUROOT=<pathvalue>".
+# If you are having trouble with using a single server for a long time and want
+# MDM to kill/restart the server, turn this on. On Solaris, this value is
+# always true and this configuration setting is ignored.
+# User and group used for running MDM GUI applications. By default this is set
+# to user "mdm" and group "mdm". This user/group should have very limited
+# permissions and access to only the mdm directories and files.
+# To try to kill all clients started at greeter time or in the Init script.
+# does not always work, only if those clients have a window of their own.
+# Note that a post login script is run before a PreSession script. It is run
+# after the login is successful and before any setup is run on behalf of the
+# user.
+# Distributions: If you have some script that runs an X server in say VGA
+# mode, allowing a login, could you please send it to me?
+# if X keeps crashing on us we run this script. The default one does a bunch
+# of cool stuff to figure out what to tell the user and such and can run an X
+# configuration program.
+# System command support.
+# Reboot, Halt and suspend commands, you can add different commands separated
+# by a semicolon. MDM will use the first one it can find.
+RebootCommand=/sbin/reboot;/sbin/shutdown -r now
+HaltCommand=/sbin/poweroff;/sbin/shutdown -h now
+# The following options specify how MDM system commands are supported.
+# Specify which actions are displayed in the greeter. Valid values are HALT,
+# REBOOT, SUSPEND, and CUSTOM_CMD separated by semicolons.
+# Specify which actions are supported by QUERY_LOGOUT_ACTION, SET_LOGOUT_ACTION
+# and SET_SAFE_LOGOUT_ACTION. Valid values are HALT, REBOOT, SUSPEND, and
+# CUSTOM_CMD separated by semicolons.
+# This feature is only functional if MDM is compiled with RBAC (Role Based
+# Access Control) support.
+# Specify the RBAC key used to determine if the user has permission to use
+# SET_SAFE_LOGOUT_ACTION. The MDM GUI will only display the action if the
+# "mdm" user has RBAC permissions to use the action. RBAC keys for multiple
+# actions can be specified by separating them by semicolons. The format for
+# each is "Action:RBAC key". If an action is not specified, it is assumed
+# all users have permission for this action. For example:
+# HALT:key.for.halt,REBOOT:key.for.reboot,[...]
+# Probably should not touch the below this is the standard setup.
+# This is our standard startup script. A bit different from a normal X
+# session, but it shares a lot of stuff with that. See the provided default
+# for more information.
+# This is a directory where .desktop files describing the sessions live. It is
+# really a PATH style variable since to allow actual interoperability
+# with KDM. Note that <dmconfdir>/Sessions is there for backwards
+# compatibility reasons with 2.4.4.x.
+# This is the default .desktop session. One of the ones in SessionDesktopDir
+# Better leave this blank and HOME will be used. You can use syntax ~/ below
+# to indicate home directory of the user. You can also set this to something
+# like /tmp if you don't want the authorizations to be in home directories.
+# This is useful if you have NFS mounted home directories. Note that if this
+# is the home directory the UserAuthFBDir will still be used in case the home
+# directory is NFS, see security/NeverPlaceCookiesOnNFS to override this
+# behavior.
+# Fallback directory for writing authorization file if user's home directory
+# is not writable.
+# The X server to use if we can't figure out what else to run.
+# The maximum number of flexible X servers to run.
+# And after how many minutes should we reap the flexible server if there is no
+# activity and no one logged on. Set to 0 to turn off the reaping. Does not
+# affect nested flexiservers.
+# The X nest command.
+# Examples of valid commands (assuming installed to /usr/X11/bin:
+# Xorg Xnest: /usr/X11/bin/Xnest -audit 0 -name Xnest
+# Xsun Xnest: /usr/openwin/bin/Xnest -audit 0 -name Xnest -pn
+# Xephyr: /usr/X11/bin/Xephyr -audit 0
+Xnest=/usr/bin/Xephyr -audit 0
+# Xsun Xnest does not support font paths (passed into Xnest -fp argument)
+# that include the ":unscaled" suffix after a path name. Setting this to
+# false will strip any ":unscaled" suffix from the font path. If not
+# using this Xnest, the value should be true.
+# Automatic VT allocation. Right now only works on Linux. This way we force
+# X to use specific vts. Turn VTAllocation to false if this is causing
+# problems.
+# Should double login be treated with a warning (and possibility to change VT's
+# on Linux and FreeBSD systems for console logins)
+# Should a second login always resume the current session and switch VT's on
+# Linux and FreeBSD systems for console logins
+# If true then the last login information is printed to the user before being
+# prompted for password. While this gives away some info on what users are on
+# a system, it on the other hand should give the user an idea of when they
+# logged in and if it doesn't seem kosher to them, they can just abort the
+# login and contact the sysadmin (avoids running malicious startup scripts).
+# Program used to play sounds. Should not require any 'daemon' or anything
+# like that as it will be run when no one is logged in yet.
+# These are the languages that the console cannot handle because of font
+# issues. Here we mean the text console, not X. This is only used when there
+# are errors to report and we cannot start X.
+# This is the default:
+# This determines whether MDM will honor requests DYNAMIC requests from the
+# mdmdynamic command.
+# This determines whether MDM will send notifications to the console.
+# How long mdm should wait before it assumes a started Xserver is defunct and
+# kills it. 10 seconds should be long enough for X, but Xgl may need 20 or 25.
+# Allow root to login. It makes sense to turn this off for kiosk use, when
+# you want to minimize the possibility of break in.
+# Allow login as root via XDMCP. This value will be overridden and set to
+# false if the /etc/default/login file exists and contains
+# "CONSOLE=/dev/login", and set to true if the /etc/default/login file exists
+# and contains any other value or no value for CONSOLE.
+# This will allow remote timed login.
+# 0 is the most restrictive, 1 allows group write permissions, 2 allows all
+# write permissions.
+# Check if directories are owned by logon user. Set to false, if you have, for
+# example, home directories owned by some other user.
+# If your HOME is managed by automounter, set to true
+# Number of seconds to wait after a failed login
+# Maximum size of a file we wish to read. This makes it hard for a user to DoS
+# us by using a large file.
+# If true this will basically append -nolisten tcp to every X command line, a
+# good default to have (why is this a "negative" setting? because if it is
+# false, you could still not allow it by setting command line of any particular
+# server). It's probably better to ship with this on since most users will not
+# need this and it's more of a security risk then anything else.
+# Note: Anytime we find a -query or -indirect on the command line we do not add
+# a "-nolisten tcp", as then the query just wouldn't work, so this setting only
+# affects truly attached sessions.
+# By default never place cookies if we "detect" NFS. We detect NFS by
+# detecting "root-squashing". It seems bad practice to place cookies on things
+# that go over the network by default and thus we do not do it by default.
+# Sometimes you can however use safe remote filesystems where this is OK and
+# you may want to have the cookie in your home directory.
+# Will cause PAM_DISALLOW_NULL_AUTHTOK to be passed as a flag to
+# pam_authenticate and pam_acct_mgmt, disallowing NULL password. This setting
+# will only take effect if PAM is being used by MDM. This value will be
+# overridden with the value from /etc/default/login if it contains
+# Specifies the PAM Stack to use, "mdm" by default.
+# MDM allows configuration of how ut_line is set when it does utmp/wtmp and
+# audit processing. If VT is being used, then ut_line will be set to the
+# device associated with the VT. If the console is attached and has a device
+# name specified in the [servers] section, then this value will be used.
+# Otherwise the value is defaulted to the value specified in UtmpLineAttached
+# for attached displays and UtmpLineRemote for remote displays. The value
+# can be left empty which means that ut_line will be set to an empty value
+# (if not VT and no value specified in the [servers] section. The values
+# can contain "%d" which is translated to the DISPLAY value or %h which
+# is translated to the hostname. The values for both keys must begin with
+# "/dev/".
+# If true and the specified UtmpLineAttached or UtmpLineRemote does not exist,
+# then create a pseudo-device filename that will be touched when the utmp
+# record is updated. Creating such a psuedo-device ensures that programs
+# that stat the utmp device associated with ut_line such as finger, last,
+# etc. work in a reasonable way.
+# XDMCP is the protocol that allows remote login. If you want to log into MDM
+# remotely (I'd never turn this on on open network, use ssh for such remote
+# usage). You can then run X with -query <thishost> to log in, or
+# -indirect <thishost> to run a chooser. Look for the 'Terminal' server type
+# at the bottom of this config file.
+# Distributions: Ship with this off. It is never a safe thing to leave out on
+# the net. Setting up /etc/hosts.allow and /etc/hosts.deny to only allow local
+# access is another alternative but not the safest. Firewalling port 177 is
+# the safest if you wish to have xdmcp on. Read the manual for more notes on
+# the security of XDMCP.
+# Honor indirect queries, we run a chooser for these, and then redirect the
+# user to the chosen host. Otherwise we just log the user in locally.
+# Maximum pending requests.
+# Maximum open XDMCP sessions at any point in time.
+# Maximum wait times.
+# How many times can a person log in from a single host. Usually better to
+# keep low to fend off DoS attacks by running many logins from a single host.
+# This is now set at 2 since if the server crashes then MDM doesn't know for
+# some time and wouldn't allow another session.
+# The number of seconds after which a non-responsive session is logged off.
+# Better keep this low.
+# The port. 177 is the standard port so better keep it that way.
+# Willing script, none is shipped and by default we'll send hostname system id.
+# But if you supply something here, the output of this script will be sent as
+# status of this host so that the chooser can display it. You could for
+# example send load, or mail details for some user, or some such.
+# The specific gtkrc file we use. It should be the full path to the gtkrc that
+# we need. Unless you need a specific gtkrc that doesn't correspond to a
+# specific theme, then just use the GtkTheme key.
+# The GTK+ theme to use for the GUI.
+# If to allow changing the GTK+ (widget) theme from the greeter. Currently
+# this only affects the standard greeter as the graphical greeter does not yet
+# have this ability.
+# Comma separated list of themes to allow. These must be the names of the
+# themes installed in the standard locations for gtk themes. You can also
+# specify 'all' to allow all installed themes. These should be just the
+# basenames of the themes such as 'Thinice' or 'LowContrast'.
+# Maximum size of an icon, larger icons are scaled down.
+# The following options for setting titlebar and setting window position are
+# only useful for the standard login (mdmlogin) and are not used by the
+# themed login (mdmgreeter).
+# The standard login has a title bar that the user can move.
+# Don't allow user to move the standard login window. Only makes sense if
+# TitleBar is on.
+# Set a position for the standard login window rather then just centering the
+# window. If you enter negative values for the position it is taken as an
+# offset from the right or bottom edge.
+# Enable the Face browser. Note that the Browser key is only used by the
+# standard login (mdmlogin) program. The Face Browser is enabled in
+# the Graphical greeter by selecting a theme that includes the Face
+# Browser, such as happygnome-list. The other configuration values that
+# affect the Face Browser (MinimalUID, DefaultFace, Include, Exclude,
+# IncludeAll, GlobalFaceDir) are used by both the Standard and Themed
+# greeter.
+# The default picture in the browser.
+# User ID's less than the MinimalUID value will not be included in the face
+# browser or in the mdmselection list for Automatic/Timed login. They will not
+# be displayed regardless of the settings for Include and Exclude.
+# Users listed in Include will be included in the face browser and in the
+# mdmsetup selection list for Automatic/Timed login. Users should be separated
+# by commas.
+# Users listed in Exclude are excluded from the face browser and from the
+# mdmsetup selection list for Automatic/Timed login. Excluded users will still
+# be able to log in, but will have to type their username. Users should be
+# separated by commas.
+# By default, an empty include list means display no users. By setting
+# IncludeAll to true, the password file will be scanned and all users will be
+# displayed except users excluded via the Exclude setting and user ID's less
+# than MinimalUID. Scanning the password file can be slow on systems with
+# large numbers of users and this feature should not be used in such
+# environments. The setting of IncludeAll does nothing if Include is set to a
+# non-empty value.
+# If user or user.png exists in this dir it will be used as his picture.
+# File which contains the locale we show to the user. Likely you want to use
+# the one shipped with MDM and edit it. It is not a standard locale.alias
+# file, although MDM will be able to read a standard locale.alias file as well.
+# Logo shown in the standard greeter.
+# Logo shown on file chooser button in mdmsetup (do not modify this value).
+# The standard greeter should shake if a user entered the wrong username or
+# password. Kind of cool looking
+# The Actions menu (formerly system menu) is shown in the greeter, this is the
+# menu that contains reboot, shutdown, suspend, config and chooser. None of
+# these is available if this is off. They can be turned off individually
+# however.
+# Configuration is available from the system menu of the greeter.
+# Should the chooser button be shown. If this is shown, MDM can drop into
+# chooser mode which will run the xdmcp chooser locally and allow the user to
+# connect to some remote host. Local XDMCP does not need to be enabled,
+# however.
+# Welcome is for all console logins and RemoteWelcome is for remote logins
+# (through XDMCP).
+# DefaultWelcome and DefaultRemoteWelcome set the string for Welcome to
+# "Welcome" and for DefaultWelcome to "Welcome to %n", and properly translate
+# the message to the appropriate language. Note that %n gets translated to the
+# hostname of the machine. These default values can be overridden by setting
+# DefaultWelcome and/or DefaultRemoteWelcome to false, and setting the Welcome
+# and DefaultWelcome values as desired. Just make sure the strings are in
+# utf-8 Note to distributors, if you wish to have a different Welcome string
+# and wish to have this translated you can have entries such as
+# "Welcome[cs]=Vitejte na %n".
+#RemoteWelcome=Welcome to %n
+# Xinerama screen we use to display the greeter on. Not for true multihead,
+# currently only works for Xinerama.
+# Background settings for the standard greeter:
+# Type can be 0=None, 1=Image & Color, 2=Color, 3=Image
+# The Standard greeter (mdmlogin) uses BackgroundColor as the background
+# color, while the themed greeter (mdmgreeter) uses GraphicalThemedColor
+# as the background color.
+# XDMCP session should only get a color, this is the sanest setting since you
+# don't want to take up too much bandwidth
+# Program to run to draw the background in the standard greeter. Perhaps
+# something like an xscreensaver hack or some such.
+# If this is true then the background program is run always, otherwise it is
+# only run when the BackgroundType is 0 (None).
+# Delay before starting background program
+# Should the background program be restarted if it is exited.
+# Delay before restarting background program
+# Show the Failsafe sessions. These are much MUCH nicer (focus for xterm for
+# example) and more failsafe then those supplied by scripts so distros should
+# use this rather then just running an xterm from a script.
+# Normally there is a session type called 'Last' that is shown which refers to
+# the last session the user used. If off, we will be in 'switchdesk' mode
+# where the session saving stuff is disabled in MDM
+# Always use 24 hour clock no matter what the locale.
+# Use circles in the password field. Looks kind of cool actually, but only
+# works with certain fonts.
+# Do not show any visible feedback in the password field. This is standard for
+# instance in console, xdm and ssh.
+# These two keys are for the themed greeter (mdmgreeter). Circles is the
+# standard shipped theme. If you want MDM to select a random theme from a
+# list then provide a list that is delimited by /: to the GraphicalThemes
+# key and set GraphicalThemeRand to true. Otherwise use GraphicalTheme
+# and specify just one theme.
+# If InfoMsgFile points to a file, the greeter will display the contents of the
+# file in a modal dialog box before the user is allowed to log in.
+# If InfoMsgFile is present then InfoMsgFont can be used to specify the font to
+# be used when displaying the contents of the file.
+#InfoMsgFont=Sans 24
+# If SoundOnLogin is true, then the greeter will beep when login is ready for
+# user input. If SoundOnLogin is a file and the greeter finds the 'play'
+# executable (see daemon/SoundProgram) it will play that file instead of just
+# beeping.
+# If SoundOnLoginSuccess, then the greeter will play a sound (as above) when a
+# user successfully logs in.
+# If SoundOnLoginFailure, then the greeter will play a sound (as above) when a
+# user fails to log in.
+# Specifies a program to be called by the greeter/login program when the
+# initial screen is displayed. The purpose is to provide a hook where files
+# used after login can be preloaded to speed performance for the user. The
+# program will only be called once only, the first time a greeter is displayed.
+# The mdmprefetch command may be used. This utility will load any libraries
+# passed in on the command line, or if the argument starts with a "@"
+# character, it will process the file assuming it is an ASCII file containing a
+# list of libraries, one per line, and load each library in the file.
+# The chooser is what's displayed when a user wants an indirect XDMCP session,
+# or selects Run XDMCP chooser from the system menu
+# Default image for hosts.
+# Directory with host images, they are named by the hosts: host or host.png.
+# Time we scan for hosts (well only the time we tell the user we are scanning
+# actually, we continue to listen even after this has expired).
+# A comma separated lists of hosts to automatically add (if they answer to a
+# query of course). You can use this to reach hosts that broadcast cannot
+# reach.
+# Broadcast a query to get all hosts on the current network that answer.
+# Set it to true if you want to send a multicast query to hosts.
+# It is an IPv6 multicast address.It is hardcoded here and will be replaced
+# when officially registered xdmcp multicast address of TBD will be available.
+# Allow adding random hosts to the list by typing in their names.
+# This will cause MDM to send debugging information to the system log, which
+# will create a LOT of output. It is not recommended to turn this on for
+# normal use, but it can be useful to determine the cause when MDM is not
+# working properly.
+# This will enable debug messages for accessibilty gesture listeners into the
+# syslog. This includes output about key events, mouse button events, and
+# pointer motion events. This is useful for figuring out the cause of why the
+# gesture listeners may not be working, but is too verbose for general debug.
+# Attached DISPLAY Configuration
+# This section defines which attached DISPLAYS should be started by MDM by
+# default. You can add as many DISPLAYS as desired and they will always be
+# started. The key for each entry must be a unique number that cooresponds to
+# the DISPLAY number to start the X server. For a typical single-display
+# machine, there will only be one entry "0" for DISPLAY ":0". The first word
+# in the value corresponds to an X server definition in the "X Server
+# Definitions" section of the configuration file. For example, the entry:
+# 0=Standard
+# Means that DISPLAY ":0" will start an X server as defined in the
+# [server-Standard] section.
+# The optional device argument is used to specify the device that is associated
+# with the DISPLAY. When using Virtual Terminals (VT), this value is ignored
+# and MDM will use the correct device name associated with the VT. If not
+# using VT, then MDM will use the value specified by this optional argument.
+# If the device argument is not defined, then MDM will use the default setting
+# for attached displays defined in the UtmpLineAttached configuration option.
+# For the main display (typically DISPLAY ":0"), "/dev/console" is a reasonable
+# value. For other displays it is probably best to not include this argument
+# unless you know the specific device associated with the DISPLAY. The device
+# value can contain "%d" which is translated to the DISPLAY value or %h which
+# is translated to the hostname.
+0=Standard device=/dev/console
+# Example of how to set up DISPLAY :1 to also use Standard.
+# If you wish to run the XDMCP chooser on the local display use the following
+# line
+# X Server Definitions
+# Note: Is your X server not listening to TCP requests? Refer to the
+# security/DisallowTCP setting!
+name=Standard server
+command=/usr/bin/Xorg -audit 0
+# Indicates that the X server should be started at a different process
+# priority. Values can be any integer value accepted by the setpriority C
+# library function (normally between -20 and 20) with 0 being the default. For
+# highly interactive applications, -5 yields good responsiveness. The default
+# value is 0 and the setpriority function is not called if the value is 0.
+# To use this server type you should add -query host or -indirect host to the
+# command line.
+name=Terminal server
+# Add -terminate to make things behave more nicely
+command=/usr/bin/Xorg -audit 0 -terminate
+# Make this not appear in the flexible servers (we need extra params anyway,
+# and terminate would be bad for xdmcp choosing). You can make a terminal
+# server flexible, but not with an indirect query. If you need flexible
+# indirect query server, then you must get rid of the -terminate and the only
+# way to kill the flexible server will then be by Ctrl-Alt-Backspace.
+# Do not handle this X server for attached displays.
+# To use this server type you should add -query host or -indirect host to the
+# command line.
+name=Chooser server
+command=/usr/bin/Xorg -audit 0
+# Make this not appear in the flexible servers for now, but if you wish to
+# allow a chooser server then make this true. This is the only way to make a
+# flexible chooser server that behaves nicely.
+# Run the chooser instead of the greeter. When the user chooses a machine they
+# will get this same server but run with "-terminate -query hostname".
+# This section allows you specify up to 10 custom commands. Each of the
+# commands can be defined by the seven parameters listed below. In each of the
+# descriptions of the parameters N can take on any values between 0 and 9,
+# i.e. CustomCommand0=,CustomCommand1=,...,CustomCommand9=. The numbers
+# can have gaps as long as they fit within predefined set of 10, and their
+# placement order within this section and with respect to each other is
+# not important.
+# CustomCommandN, CustomCommandTextN, CustomCommandLabelN,
+# CustomCommandLRLabelN, CustomCommandTooltipN, CustomCommandIsPersistentN
+# and CustomCommandNoRestartN should all be defined for a given integer N,
+# where N can be a number from 0-9 (if not the default values will be
+# assigned except CustomCommandN for which no default exists).
+# Custom command to run. Multiple commands may be specified separated by
+# semicolons. GMM will use the first valid command. Examples:
+# /sbin/bootwindoze;/usr/bin/bootwindoze, or
+# /sbin/runupdate;/usr/local/sbin/runupdate
+# Custom command dialog message that will appear on all warning dialogs.
+# This will vary depending on what you want to do. Examples:
+# Are you sure you want to restart system into Windoze?, or
+# Are you sure you want do do this?
+# Custom command label that will appear as stock label on buttons/menu items.
+# This option can't contain any semicolon characters (i.e. ";").
+# Examples:
+# _Windoze, or
+# _Update Me
+# Custom command label that will appear as stock label on radio buttons/list
+# items. The underscore indicates the mnemonic used with this item. Examples:
+# Restart into _Windoze
+# Perform system _Update
+# Custom command tooltip. Examples
+# Restarts the computer into Windoze
+# Updates the computer software to the most recent version(s)
+# Custom command persistence option. Setting it to true will allow this
+# command to appear outside the login manager, e.g. on the desktop through
+# Log Out/Shut Down dialogs. The default value is false.
+# Custom command mdm/system restart option. Setting it to true will not
+# restart mdm after command execution. The default commands (reboot, shut
+# down) all reboot the system by default which is why the default setting
+# is true.
+# In addition when corresponding CustomCommandIsPersistentN option is set to
+# true, setting CustomCommandNoRestartN to false will place CustomCommandN
+# in the Shut Down dialog set of actions, setting it to true will place
+# CustomCommandN in the Log Out dialog set of actions.
+# Example layout for more than one command:
+# and so on
diff --git a/mdm-autologin.pam b/mdm-autologin.pam
new file mode 100644
index 00000000000..f3b1541ac07
--- /dev/null
+++ b/mdm-autologin.pam
@@ -0,0 +1,25 @@
+auth requisite
+auth required
+auth required
+auth sufficient uid >= 1000 quiet
+auth required
+account required
+account required
+account required
+password required
+password required
+session required
+session required
+session required
+-session optional
+session optional revoke
+session required
+session required
diff --git a/mdm-display-manager.install b/mdm-display-manager.install
new file mode 100644
index 00000000000..3c5e388a0c4
--- /dev/null
+++ b/mdm-display-manager.install
@@ -0,0 +1,25 @@
+post_install() {
+ getent group mdm >/dev/null 2>&1 || groupadd -g 128 mdm
+ getent passwd mdm >/dev/null 2>&1 || usr/sbin/useradd -c 'Linux Mint Display Manager' -u 128 -g mdm -d /var/lib/mdm -s /sbin/nologin mdm
+ passwd -l mdm > /dev/null
+ chown root:mdm /var/lib/mdm > /dev/null
+ chmod 1770 /var/lib/mdm > /dev/null
+ gtk-update-icon-cache -q -t -f usr/share/icons/hicolor
+ printf "\n By default the tty1 is disabled, this because a bug"
+ printf "\n that if tty1 is runing, then mdm is automagically "
+ printf "\n restarted in a infinite loop, this take around "
+ printf "\n 1 minute post login, please not force the use of "
+ printf "\n getty@tty1 unles you know how deal with the problem"
+ printf "\n"
+ printf "\n For systemd use: # systemctl enable mdm"
+ printf "\n"
+post_remove() {
+ gtk-update-icon-cache -q -t -f usr/share/icons/hicolor
+ getent passwd mdm || userdel mdm
+ getent group mdm || groupdel mdm
diff --git a/mdm-plymouth.service b/mdm-plymouth.service
new file mode 100644
index 00000000000..670ad9f9d33
--- /dev/null
+++ b/mdm-plymouth.service
@@ -0,0 +1,20 @@
+Description=LightDM Display Manager
+After=systemd-user-sessions.service getty@tty1
+ExecStart=/usr/sbin/mdm --nodaemon
diff --git a/mdm.pam b/mdm.pam
new file mode 100644
index 00000000000..bb7aeedd445
--- /dev/null
+++ b/mdm.pam
@@ -0,0 +1,13 @@
+auth requisite
+auth required
+auth required
+account required
+session required
+session required
+session required
+password required \ No newline at end of file
diff --git a/mdm.service b/mdm.service
new file mode 100644
index 00000000000..5d60df0b26b
--- /dev/null
+++ b/mdm.service
@@ -0,0 +1,16 @@
+Description=Linux Mint Display Manager
+After=systemd-user-sessions.service getty@tty1.service
+ExecStart=/usr/sbin/mdm --nodaemon
diff --git a/org.cinnamon.pkexec.mdmsetup.policy b/org.cinnamon.pkexec.mdmsetup.policy
new file mode 100644
index 00000000000..25708c78ac4
--- /dev/null
+++ b/org.cinnamon.pkexec.mdmsetup.policy
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE policyconfig PUBLIC
+ "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
+ "">
+ <vendor>Cinnamon Desktop environment</vendor>
+ <vendor_url></vendor_url>
+ <action id="org.cinnamon.pkexec.mdmsetup">
+ <description>MDM login window appearance and behavior</description>
+ <message>Privileges are required to change MDM Settings</message>
+ <icon_name>mdmsetup</icon_name>
+ <defaults>
+ <allow_any>no</allow_any>
+ <allow_inactive>no</allow_inactive>
+ <allow_active>auth_admin</allow_active>
+ </defaults>
+ <annotate key="org.freedesktop.policykit.exec.path">/usr/bin/mdmsetup</annotate>
+ <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate>
+ </action>