diff options
-rw-r--r-- | .SRCINFO | 57 | ||||
-rw-r--r-- | 01_gdmchooser-ipv6_bindv6only-workaround.patch | 28 | ||||
-rw-r--r-- | 02_xdmcp-ipv6_bindv6only.patch | 29 | ||||
-rw-r--r-- | 03_arch-sysres-paths.patch | 72 | ||||
-rw-r--r-- | PKGBUILD | 121 | ||||
-rw-r--r-- | defaults.conf | 748 | ||||
-rw-r--r-- | gdm-autologin.pam | 16 | ||||
-rw-r--r-- | gdm-old-faces.changelog | 7 | ||||
-rw-r--r-- | gdm-old.changelog | 29 | ||||
-rw-r--r-- | gdm-old.install | 74 | ||||
-rw-r--r-- | gdm.pam | 11 | ||||
-rw-r--r-- | gdm.service | 15 | ||||
-rw-r--r-- | org.gnome2.pkexec.gdmsetup.policy | 21 |
13 files changed, 1228 insertions, 0 deletions
diff --git a/.SRCINFO b/.SRCINFO new file mode 100644 index 000000000000..6d30e70f4b2a --- /dev/null +++ b/.SRCINFO @@ -0,0 +1,57 @@ +pkgbase = gdm-old + pkgdesc = Gnome Display Manager (a reimplementation of xdm) + pkgver = 2.20.11 + pkgrel = 9.2 + url = http://www.gnome.org + arch = i686 + arch = x86_64 + groups = gnome-extra + license = GPL + makedepends = intltool + makedepends = gnome-doc-utils + makedepends = pkgconfig + makedepends = xorg-server + depends = pam + depends = libdmx + depends = libgnomecanvas + depends = librsvg + depends = dbus-glib + depends = zenity + depends = polkit + depends = systemd + options = !libtool + source = http://ftp.gnome.org/pub/gnome/sources/gdm/2.20/gdm-2.20.11.tar.bz2 + source = defaults.conf + source = gdm.pam + source = gdm-autologin.pam + source = gdm.service + source = org.gnome2.pkexec.gdmsetup.policy + source = 01_gdmchooser-ipv6_bindv6only-workaround.patch + source = 02_xdmcp-ipv6_bindv6only.patch + source = 03_arch-sysres-paths.patch + sha256sums = 2e21c9a44941cd0033aaa6b381b563488bbdd0ad1a28ef05f7e0178891f1eaa2 + sha256sums = 9f654e761407079012c669021f935414d031699955c123fca92366a6ba096f64 + sha256sums = fb3aa7e7b5cf5403581d5912ac79361e8b70481c1170d3a4d1f51aea315b9e92 + sha256sums = b50136199204911205cb67b6325b23f4b155c66ed14569465a9ffc1d992be97f + sha256sums = 4bb13f97448351ae80a0caf8ed0e13360ae37956ed8ec16369649bcb75e062a0 + sha256sums = 9079378fb3b0a60224bbbe91a518c11fc2e3e7b2df4747fe6045dc13d1e35815 + sha256sums = 790eaa15a0a2f069325d5e875745dc834a866b7a4c4c5dbaf03580447d1ae94d + sha256sums = e1036348765b6329dcf80eed22b5b61cf5c0c838efbd9cb5616966e941dbdfc0 + sha256sums = f19a3a23afb1d7124df2020e670efdb9588150740dfc40e1af5313061fdf0d09 + +pkgname = gdm-old + install = gdm-old.install + changelog = gdm-old.changelog + optdepends = polkit-gnome: PolicyKit authentication agent for users without gnome-shell + provides = gdm + conflicts = gdm + backup = etc/gdm/custom.conf + backup = etc/pam.d/gdm + backup = etc/pam.d/gdm-autologin + +pkgname = gdm-old-faces + pkgdesc = Default faces for GDM (you may install gnome-control-center instead) + changelog = gdm-old-faces.changelog + depends = gdm-old + conflicts = gnome-control-center + diff --git a/01_gdmchooser-ipv6_bindv6only-workaround.patch b/01_gdmchooser-ipv6_bindv6only-workaround.patch new file mode 100644 index 000000000000..228cdb74f9ba --- /dev/null +++ b/01_gdmchooser-ipv6_bindv6only-workaround.patch @@ -0,0 +1,28 @@ +Debian #562126; enable gdmchooser to work with netbase default setting +net.ipv6.bindv6only=1 + +diff -Naur gdm-2.20.10/gui/gdmchooser.c gdm-2.20.10/gui/gdmchooser.c +--- gdm-2.20.10/gui/gdmchooser.c 2009-03-19 00:29:11.000000000 -0430 ++++ gdm-2.20.10/gui/gdmchooser.c 2010-02-09 20:10:08.000000000 -0430 +@@ -1121,6 +1121,7 @@ + { + static XdmcpHeader header; + gint sockopts = 1; ++ int ipv6_only_flag = 0; + + /* Open socket for communication */ + #ifdef ENABLE_IPV6 +@@ -1140,6 +1141,13 @@ + gdm_common_fail_exit ("Could not set socket options!"); + } + ++ if (have_ipv6) { ++ if (setsockopt (sockfd, IPPROTO_IPV6, IPV6_V6ONLY, ++ (char*)&ipv6_only_flag, sizeof(ipv6_only_flag)) < 0) { ++ gdm_common_fail_exit ("Could not set socket options!"); ++ } ++ } ++ + /* Assemble XDMCP BROADCAST_QUERY packet in static buffer */ + header.opcode = (CARD16) BROADCAST_QUERY; + header.length = 1; diff --git a/02_xdmcp-ipv6_bindv6only.patch b/02_xdmcp-ipv6_bindv6only.patch new file mode 100644 index 000000000000..b6278c9c32e2 --- /dev/null +++ b/02_xdmcp-ipv6_bindv6only.patch @@ -0,0 +1,29 @@ +Debian #563406 + +Index: gdm-2.20.10/daemon/gdm-xdmcp-manager.c +=================================================================== +--- gdm-2.20.10.orig/daemon/gdm-xdmcp-manager.c 2010-02-28 13:57:47.685002928 +0100 ++++ gdm-2.20.10/daemon/gdm-xdmcp-manager.c 2010-02-28 14:01:54.697504018 +0100 +@@ -398,6 +398,7 @@ static int + create_socket (struct addrinfo *ai) + { + int sock; ++ int zero = 0; + + sock = socket (ai->ai_family, ai->ai_socktype, ai->ai_protocol); + if (sock < 0) { +@@ -405,6 +406,14 @@ create_socket (struct addrinfo *ai) + return sock; + } + ++ if (ai->ai_family == AF_INET6) { ++ if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, &zero, sizeof zero) < 0) { ++ gdm_error("setsockopt(IPV6_V6ONLY): %s\n", g_strerror(errno)); ++ close(sock); ++ return -1; ++ } ++ } ++ + if (bind (sock, ai->ai_addr, ai->ai_addrlen) < 0) { + gdm_error ("bind: %s", g_strerror (errno)); + close (sock); diff --git a/03_arch-sysres-paths.patch b/03_arch-sysres-paths.patch new file mode 100644 index 000000000000..40abf11cb47d --- /dev/null +++ b/03_arch-sysres-paths.patch @@ -0,0 +1,72 @@ +diff -Naur b/config/Init.in a/config/Init.in +--- b/config/Init.in 2010-06-03 01:06:25.000000000 +0000 ++++ a/config/Init.in 2012-12-08 10:57:07.000000000 +0000 +@@ -22,18 +22,28 @@ + echo "$OUTPUT" + } + +-sysresources=/etc/X11/Xresources ++archsysresources="/etc/X11/xinit/.Xresources" ++sysresources="/etc/X11/Xresources" + + # merge in defaults ++if [ -f "$archsysresources" ]; then ++ xrdb -merge "$archsysresources" ++fi ++ + if [ -f "$sysresources" ]; then + xrdb -merge "$sysresources" + fi + +-sysmodmap=/etc/X11/Xmodmap ++archsysmodmap="/etc/X11/xinit/.Xmodmap" ++sysmodmap="/etc/X11/Xmodmap" + + XMODMAP=`gdmwhich xmodmap` + if [ "x$XMODMAP" != "x" ] ; then + if [ "x$GDM_PARENT_DISPLAY" = "x" ]; then ++ if [ -f "$archsysmodmap" ]; then ++ $XMODMAP "$archsysmodmap" ++ fi ++ + if [ -f $sysmodmap ]; then + $XMODMAP $sysmodmap + fi +diff -Naur b/config/Xsession.in a/config/Xsession.in +--- b/config/Xsession.in 2010-06-03 01:06:25.000000000 +0000 ++++ a/config/Xsession.in 2012-12-08 10:52:18.000000000 +0000 +@@ -85,16 +85,16 @@ + usermodmap="$HOME/.Xmodmap" + userxkbmap="$HOME/.Xkbmap" + +-sysresources=/etc/X11/Xresources +-sysmodmap=/etc/X11/Xmodmap +-sysxkbmap=/etc/X11/Xkbmap ++sysresources="/etc/X11/Xresources" ++sysmodmap="/etc/X11/Xmodmap" ++sysxkbmap="/etc/X11/Xkbmap" + +-rh6sysresources=/etc/X11/xinit/Xresources +-rh6sysmodmap=/etc/X11/xinit/Xmodmap ++archsysresources="/etc/X11/xinit/.Xresources" ++archsysmodmap="/etc/X11/xinit/.Xmodmap" + + # merge in defaults +-if [ -f "$rh6sysresources" ]; then +- xrdb -merge "$rh6sysresources" ++if [ -f "$archsysresources" ]; then ++ xrdb -merge "$archsysresources" + fi + + if [ -f "$sysresources" ]; then +@@ -131,8 +131,8 @@ + + # xkb and xmodmap don't play nice together + if [ -z "$XKB_IN_USE" ]; then +- if [ -f "$rh6sysmodmap" ]; then +- xmodmap "$rh6sysmodmap" ++ if [ -f "$archsysmodmap" ]; then ++ xmodmap "$archsysmodmap" + fi + + if [ -f "$sysmodmap" ]; then diff --git a/PKGBUILD b/PKGBUILD new file mode 100644 index 000000000000..98ef21d4b72c --- /dev/null +++ b/PKGBUILD @@ -0,0 +1,121 @@ +# Maintainer: 3ED <krzysztof1987@gmail.com> +# Contributor: Jan de Groot <jgc@archlinux.org> +pkgbase=gdm-old +pkgname=(gdm-old gdm-old-faces) +_pkgname=gdm +pkgver=2.20.11 +pkgrel=9.2 +pkgdesc="Gnome Display Manager (a reimplementation of xdm)" +arch=(i686 x86_64) +license=('GPL') +depends=('pam' 'libdmx' 'libgnomecanvas' 'librsvg' 'dbus-glib' 'zenity' 'polkit' 'systemd') +makedepends=('intltool' 'gnome-doc-utils' 'pkgconfig' 'xorg-server') +url="http://www.gnome.org" +groups=('gnome-extra') +options=('!libtool') +source=(http://ftp.gnome.org/pub/gnome/sources/${_pkgname}/2.20/${_pkgname}-${pkgver}.tar.bz2 + defaults.conf + gdm.pam + gdm-autologin.pam + gdm.service + org.gnome2.pkexec.gdmsetup.policy + 01_gdmchooser-ipv6_bindv6only-workaround.patch + 02_xdmcp-ipv6_bindv6only.patch + 03_arch-sysres-paths.patch) +sha256sums=('2e21c9a44941cd0033aaa6b381b563488bbdd0ad1a28ef05f7e0178891f1eaa2' + '9f654e761407079012c669021f935414d031699955c123fca92366a6ba096f64' + 'fb3aa7e7b5cf5403581d5912ac79361e8b70481c1170d3a4d1f51aea315b9e92' + 'b50136199204911205cb67b6325b23f4b155c66ed14569465a9ffc1d992be97f' + '4bb13f97448351ae80a0caf8ed0e13360ae37956ed8ec16369649bcb75e062a0' + '9079378fb3b0a60224bbbe91a518c11fc2e3e7b2df4747fe6045dc13d1e35815' + '790eaa15a0a2f069325d5e875745dc834a866b7a4c4c5dbaf03580447d1ae94d' + 'e1036348765b6329dcf80eed22b5b61cf5c0c838efbd9cb5616966e941dbdfc0' + 'f19a3a23afb1d7124df2020e670efdb9588150740dfc40e1af5313061fdf0d09') + +prepare() { + cd "${srcdir}/${_pkgname}-${pkgver}" + + # probably better idea to do it inside makepkg instead in pkgbuilds + local i + for i in "${source[@]}"; do + if [ "${i##*.}" = "patch" ]; then + msg2 "Patching: ${i}..." + patch -Np1 -i "$srcdir/$i" + fi + done +} + +build() { + cd "${srcdir}/${_pkgname}-${pkgver}" + + ./configure \ + --disable-dependency-tracking \ + --prefix=/usr \ + --sysconfdir=/etc \ + --sbindir=/usr/bin \ + --libexecdir=/usr/lib/gdm \ + --localstatedir=/var/lib \ + --disable-static \ + --with-xevie=yes \ + --disable-scrollkeeper \ + --enable-secureremote=yes \ + --enable-ipv6=yes \ + LDFLAGS="-lXau -lm" + + sed -i -e 's|${prefix}|/usr|' config.h + make +} + +package_gdm-old() { + provides=('gdm') + conflicts=('gdm') + optdepends=("polkit-gnome: PolicyKit authentication agent for users without gnome-shell") + backup=('etc/gdm/custom.conf' 'etc/pam.d/gdm' 'etc/pam.d/gdm-autologin') + install=gdm-old.install + changelog=gdm-old.changelog + + cd "${srcdir}/${_pkgname}-${pkgver}" + make DESTDIR="${pkgdir}" install + + #PAM + install -m644 "${srcdir}/gdm-autologin.pam" "${pkgdir}/etc/pam.d/gdm-autologin" + install -m644 "${srcdir}/gdm.pam" "${pkgdir}/etc/pam.d/gdm" + + #systemd service + install -m755 -d "${pkgdir}/usr/lib/systemd/system" + install -m644 "${srcdir}/gdm.service" "${pkgdir}/usr/lib/systemd/system/gdm.service" + install -m644 "${srcdir}/gdm.service" "${pkgdir}/usr/lib/systemd/system/gdm-old.service" + + #configuration + install -m444 "${srcdir}/defaults.conf" "${pkgdir}/usr/share/gdm/" + rm -f ${pkgdir}/usr/share/xsessions/gnome.desktop || true + + #PolicyKit execution scheme + install -m755 -d "${pkgdir}/usr/share/polkit-1/actions/" + install -m644 "${srcdir}/org.gnome2.pkexec.gdmsetup.policy" "${pkgdir}/usr/share/polkit-1/actions/" + + #fix gdmsetup.desktop + sed -e 's|^Exec=|Exec=pkexec |; s|/usr/sbin/gdmsetup|/usr/bin/gdmsetup|g' \ + -i "${pkgdir}/usr/share/gdm/applications/gdmsetup.desktop" + + #fix gdm files conflict with gnome-control-center (usr/share/pixmaps/faces/*) + rm -f "${pkgdir}/usr/share/pixmaps/faces/"* + + #fix "warning: directory permissions differ on var/log/gdm/" + test -d "${pkgdir}/var/log/gdm/" && chmod 1770 "${pkgdir}/var/log/gdm/" +} + +package_gdm-old-faces() { + pkgrel=8.1 + depends=('gdm-old') + conflicts=('gnome-control-center') + pkgdesc="Default faces for GDM (you may install gnome-control-center instead)" + changelog=gdm-old-faces.changelog + + cd "${srcdir}/${_pkgname}-${pkgver}" + + #fix gdm files conflict with gnome-control-center (usr/share/pixmaps/faces/*) + install -m755 -d "${pkgdir}/usr/share/pixmaps/faces/" + + make DESTDIR="${pkgdir}" install -C gui/faces +} diff --git a/defaults.conf b/defaults.conf new file mode 100644 index 000000000000..c4e474492cb2 --- /dev/null +++ b/defaults.conf @@ -0,0 +1,748 @@ +# GDM System Defaults Configuration file. +# +# This file should not be updated by hand. Since GDM 2.13.0.4, configuration +# choices in the GDM Custom Configuration file will override the default +# values specified in this file. This GDM System Defaults Configuration file +# may be overwritten on upgrade, so to ensure that your configuration choices +# are not lost, please make sure that your changes are made only the GDM Custom +# Configuration file. The GDM Custom Configuration file is found at the +# following location: +# +# /etc/gdm/custom.conf +# +# If you were using an older version of GDM, your system may have the the older +# gdm.conf configuration file on the system. If so, then this file is used +# instead of the GDM Custom Configuration file for backwards support. If you +# make changes to the GDM Custom Configuration file and they seem to not be +# taking effect, this is likely the problem. Consider migrating your +# configuration to the new configuration file and removing the gdm.conf file. +# +# You can use the gdmsetup program to graphically edit the gdm.conf-custom +# file. Note that gdmsetup does not support every option in this file, just +# the most common ones that users want to change. If you feel that gdmsetup +# should support additional configuration options, please file a bug report at +# http://bugzilla.gnome.org/. +# +# If you hand-edit the GDM configuration, you should run the following command +# to get the GDM daemon to recognize the change. Any running GDM GUI programs +# will also be notified to update with the new configuration. +# +# gdmflexiserver --command="UPDATE_CONFIG <configuration key>" +# +# e.g, the "Enable" key in the "[debug]" section would be "debug/Enable". +# +# You can also run gdm-restart or gdm-safe-restart to cause GDM to restart and +# re-read the new configuration settings. You can also restart GDM by sending +# a HUP or USR1 signal to the daemon. HUP behaves like gdm-restart and causes +# any user session started by GDM to exit immediately while USR1 behaves like +# gdm-safe-restart and will wait until all users log out before restarting GDM. +# +# For full reference documentation see the GNOME help browser under +# GNOME|System category. You can also find the docs in HTML form on +# http://www.gnome.org/projects/gdm/ +# +# NOTE: Some values are commented out, but show their default values. Lines +# that begin with "#" are considered comments. +# +# Have fun! + +[daemon] +# Automatic login, if true the first attached screen will automatically logged +# in as user as set with AutomaticLogin key. +AutomaticLoginEnable=false +AutomaticLogin= + +# Timed login, useful for kiosks. Log in a certain user after a certain amount +# of time. +TimedLoginEnable=false +TimedLogin= +TimedLoginDelay=30 + +# The GDM configuration program that is run from the login screen, you should +# probably leave this alone. +#Configurator=/usr/bin/gdmsetup --disable-sound --disable-crash-dialog + +# The chooser program. Must output the chosen host on stdout, probably you +# should leave this alone. +#Chooser=/usr/lib/gdm/gdmchooser + +# The greeter for attached (non-xdmcp) logins. Change gdmlogin to gdmgreeter +# to get the new graphical greeter. +#Greeter=/usr/lib/gdm/gdmlogin + +# The greeter for xdmcp logins, usually you want a less graphically intensive +# greeter here so it's better to leave this with gdmlogin +#RemoteGreeter=/usr/lib/gdm/gdmlogin + +# Launch the greeter with an additional list of colon separated GTK+ modules. +# This is useful for enabling additional feature support e.g. GNOME +# accessibility framework. Only "trusted" modules should be allowed to minimize +# security holes +AddGtkModules=true +# By default, these are the accessibility modules. +GtkModulesList=gail:atk-bridge:/usr/lib/gtk-2.0/modules/libdwellmouselistener:/usr/lib/gtk-2.0/modules/libkeymouselistener + +# Default path to set. The profile scripts will likely override this value. +# This value will be overridden with the value from /etc/default/login if it +# contains "ROOT=<pathvalue>". +#DefaultPath=/usr/bin:/usr/local/bin +# Default path for root. The profile scripts will likely override this value. +# This value will be overridden with the value from /etc/default/login if it +# contains "SUROOT=<pathvalue>". +#RootPath=/usr/bin:/usr/local/bin + +# If you are having trouble with using a single server for a long time and want +# GDM to kill/restart the server, turn this on. On Solaris, this value is +# always true and this configuration setting is ignored. +AlwaysRestartServer=true + +# User and group used for running GDM GUI applications. By default this is set +# to user "gdm" and group "gdm". This user/group should have very limited +# permissions and access to only the gdm directories and files. +User=gdm +Group=gdm + +# To try to kill all clients started at greeter time or in the Init script. +# does not always work, only if those clients have a window of their own. +#KillInitClients=true +LogDir=/var/log/gdm + +# Note that a post login script is run before a PreSession script. It is run +# after the login is successful and before any setup is run on behalf of the +# user. +PostLoginScriptDir=/etc/gdm/PostLogin/ +PreSessionScriptDir=/etc/gdm/PreSession/ +PostSessionScriptDir=/etc/gdm/PostSession/ +DisplayInitDir=/etc/gdm/Init +# Distributions: If you have some script that runs an X server in say VGA +# mode, allowing a login, could you please send it to me? +#FailsafeXServer= +# if X keeps crashing on us we run this script. The default one does a bunch +# of cool stuff to figure out what to tell the user and such and can run an X +# configuration program. +XKeepsCrashing=/etc/gdm/XKeepsCrashing + +# System command support. +# +# Reboot, Halt and suspend commands, you can add different commands separated +# by a semicolon. GDM will use the first one it can find. +RebootCommand=/usr/bin/systemctl reboot;/usr/bin/reboot;/usr/bin/shutdown -r now +HaltCommand=/usr/bin/systemctl poweroff;/usr/bin/poweroff;/usr/bin/shutdown -h now +SuspendCommand=/usr/bin/systemctl suspend;/usr/bin/pm-suspend + +# The following options specify how GDM system commands are supported. +# +# Specify which actions are displayed in the greeter. Valid values are HALT, +# REBOOT, SUSPEND, and CUSTOM_CMD separated by semicolons. +SystemCommandsInMenu=HALT;REBOOT;SUSPEND;CUSTOM_CMD + +# Specify which actions are supported by QUERY_LOGOUT_ACTION, SET_LOGOUT_ACTION +# and SET_SAFE_LOGOUT_ACTION. Valid values are HALT, REBOOT, SUSPEND, and +# CUSTOM_CMD separated by semicolons. +AllowLogoutActions=HALT;REBOOT;SUSPEND;CUSTOM_CMD + +# This feature is only functional if GDM is compiled with RBAC (Role Based +# Access Control) support. +# Specify the RBAC key used to determine if the user has permission to use +# the action via QUERY_LOGOUT_ACTION, SET_LOGOUT_ACTION and +# SET_SAFE_LOGOUT_ACTION. The GDM GUI will only display the action if the +# "gdm" user has RBAC permissions to use the action. RBAC keys for multiple +# actions can be specified by separating them by semicolons. The format for +# each is "Action:RBAC key". If an action is not specified, it is assumed +# all users have permission for this action. For example: +# HALT:key.for.halt,REBOOT:key.for.reboot,[...] +RBACSystemCommandKeys= + +# Probably should not touch the below this is the standard setup. +ServAuthDir=/var/lib/gdm +# This is our standard startup script. A bit different from a normal X +# session, but it shares a lot of stuff with that. See the provided default +# for more information. +BaseXsession=/etc/gdm/Xsession +# This is a directory where .desktop files describing the sessions live. It is +# really a PATH style variable since 2.4.4.2 to allow actual interoperability +# with KDM. Note that <dmconfdir>/Sessions is there for backwards +# compatibility reasons with 2.4.4.x. +#SessionDesktopDir=/etc/X11/sessions/:/etc/dm/Sessions/:/usr/share/gdm/BuiltInSessions/:/usr/share/xsessions/ +# This is the default .desktop session. One of the ones in SessionDesktopDir +#DefaultSession=gnome.desktop +# Better leave this blank and HOME will be used. You can use syntax ~/ below +# to indicate home directory of the user. You can also set this to something +# like /tmp if you don't want the authorizations to be in home directories. +# This is useful if you have NFS mounted home directories. Note that if this +# is the home directory the UserAuthFBDir will still be used in case the home +# directory is NFS, see security/NeverPlaceCookiesOnNFS to override this +# behavior. +UserAuthDir= +# Fallback directory for writing authorization file if user's home directory +# is not writable. +UserAuthFBDir=/tmp +UserAuthFile=.Xauthority +# The X server to use if we can't figure out what else to run. +StandardXServer=/usr/bin/Xorg +# The maximum number of flexible X servers to run. +#FlexibleXServers=5 +# And after how many minutes should we reap the flexible server if there is no +# activity and no one logged on. Set to 0 to turn off the reaping. Does not +# affect nested flexiservers. +#FlexiReapDelayMinutes=5 + +# The X nest command. +# Examples of valid commands (assuming installed to /usr/bin: +# Xorg Xnest: /usr/bin/Xnest -audit 0 -name Xnest +# Xsun Xnest: /usr/openwin/bin/Xnest -audit 0 -name Xnest -pn +# Xephyr: /usr/bin/Xephyr -audit 0 +Xnest=/usr/bin/Xephyr -audit 0 +# Xsun Xnest does not support font paths (passed into Xnest -fp argument) +# that include the ":unscaled" suffix after a path name. Setting this to +# false will strip any ":unscaled" suffix from the font path. If not +# using this Xnest, the value should be true. +XnestUnscaledFontPath=true + +# Automatic VT allocation. Right now only works on Linux. This way we force +# X to use specific vts. Turn VTAllocation to false if this is causing +# problems. +#FirstVT=7 +#VTAllocation=true +# Should double login be treated with a warning (and possibility to change VT's +# on Linux and FreeBSD systems for console logins) +#DoubleLoginWarning=true +# Should a second login always resume the current session and switch VT's on +# Linux and FreeBSD systems for console logins +#AlwaysLoginCurrentSession=true + +# If true then the last login information is printed to the user before being +# prompted for password. While this gives away some info on what users are on +# a system, it on the other hand should give the user an idea of when they +# logged in and if it doesn't seem kosher to them, they can just abort the +# login and contact the sysadmin (avoids running malicious startup scripts). +#DisplayLastLogin=false + +# Program used to play sounds. Should not require any 'daemon' or anything +# like that as it will be run when no one is logged in yet. +#SoundProgram=/usr/bin/play + +# These are the languages that the console cannot handle because of font +# issues. Here we mean the text console, not X. This is only used when there +# are errors to report and we cannot start X. +# This is the default: +#ConsoleCannotHandle=am,ar,az,bn,el,fa,gu,hi,ja,ko,ml,mr,pa,ta,zh + +# This determines whether GDM will honor requests DYNAMIC requests from the +# gdmdynamic command. +#DynamicXServers=false + +# This determines whether GDM will send notifications to the console. +#ConsoleNotify=true + +# How long gdm should wait before it assumes a started Xserver is defunct and +# kills it. 10 seconds should be long enough for X, but Xgl may need 20 or 25. +GdmXserverTimeout=10 + +[security] +# Allow root to login. It makes sense to turn this off for kiosk use, when +# you want to minimize the possibility of break in. +AllowRoot=false +# Allow login as root via XDMCP. This value will be overridden and set to +# false if the /etc/default/login file exists and contains +# "CONSOLE=/dev/login", and set to true if the /etc/default/login file exists +# and contains any other value or no value for CONSOLE. +AllowRemoteRoot=false +# This will allow remote timed login. +AllowRemoteAutoLogin=false +# 0 is the most restrictive, 1 allows group write permissions, 2 allows all +# write permissions. +RelaxPermissions=0 +# Check if directories are owned by logon user. Set to false, if you have, for +# example, home directories owned by some other user. +CheckDirOwner=true +# If your HOME is managed by automounter, set to true +SupportAutomount=false +# Number of seconds to wait after a failed login +#RetryDelay=1 +# Maximum size of a file we wish to read. This makes it hard for a user to DoS +# us by using a large file. +#UserMaxFile=65536 +# If true this will basically append -nolisten tcp to every X command line, a +# good default to have (why is this a "negative" setting? because if it is +# false, you could still not allow it by setting command line of any particular +# server). It's probably better to ship with this on since most users will not +# need this and it's more of a security risk then anything else. +# Note: Anytime we find a -query or -indirect on the command line we do not add +# a "-nolisten tcp", as then the query just wouldn't work, so this setting only +# affects truly attached sessions. +#DisallowTCP=true +# By default never place cookies if we "detect" NFS. We detect NFS by +# detecting "root-squashing". It seems bad practice to place cookies on things +# that go over the network by default and thus we do not do it by default. +# Sometimes you can however use safe remote filesystems where this is OK and +# you may want to have the cookie in your home directory. +#NeverPlaceCookiesOnNFS=true +# Will cause PAM_DISALLOW_NULL_AUTHTOK to be passed as a flag to +# pam_authenticate and pam_acct_mgmt, disallowing NULL password. This setting +# will only take effect if PAM is being used by GDM. This value will be +# overridden with the value from /etc/default/login if it contains +# "PASSREQ=[YES|NO]" +#PasswordRequired=false +# Specifies the PAM Stack to use, "gdm" by default. +PamStack=gdm +# GDM allows configuration of how ut_line is set when it does utmp/wtmp and +# audit processing. If VT is being used, then ut_line will be set to the +# device associated with the VT. If the console is attached and has a device +# name specified in the [servers] section, then this value will be used. +# Otherwise the value is defaulted to the value specified in UtmpLineAttached +# for attached displays and UtmpLineRemote for remote displays. The value +# can be left empty which means that ut_line will be set to an empty value +# (if not VT and no value specified in the [servers] section. The values +# can contain "%d" which is translated to the DISPLAY value or %h which +# is translated to the hostname. The values for both keys must begin with +# "/dev/". +UtmpLineAttached=/dev/console +UtmpLineRemote= +# If true and the specified UtmpLineAttached or UtmpLineRemote does not exist, +# then create a pseudo-device filename that will be touched when the utmp +# record is updated. Creating such a psuedo-device ensures that programs +# that stat the utmp device associated with ut_line such as finger, last, +# etc. work in a reasonable way. +UtmpPseudoDevice=false + +# XDMCP is the protocol that allows remote login. If you want to log into GDM +# remotely (I'd never turn this on on open network, use ssh for such remote +# usage). You can then run X with -query <thishost> to log in, or +# -indirect <thishost> to run a chooser. Look for the 'Terminal' server type +# at the bottom of this config file. +[xdmcp] +# Distributions: Ship with this off. It is never a safe thing to leave out on +# the net. Setting up /etc/hosts.allow and /etc/hosts.deny to only allow local +# access is another alternative but not the safest. Firewalling port 177 is +# the safest if you wish to have xdmcp on. Read the manual for more notes on +# the security of XDMCP. +Enable=false +# Honor indirect queries, we run a chooser for these, and then redirect the +# user to the chosen host. Otherwise we just log the user in locally. +#HonorIndirect=true +# Maximum pending requests. +#MaxPending=4 +#MaxPendingIndirect=4 +# Maximum open XDMCP sessions at any point in time. +#MaxSessions=16 +# Maximum wait times. +#MaxWait=15 +#MaxWaitIndirect=15 +# How many times can a person log in from a single host. Usually better to +# keep low to fend off DoS attacks by running many logins from a single host. +# This is now set at 2 since if the server crashes then GDM doesn't know for +# some time and wouldn't allow another session. +#DisplaysPerHost=2 +# The number of seconds after which a non-responsive session is logged off. +# Better keep this low. +#PingIntervalSeconds=15 +# The port. 177 is the standard port so better keep it that way. +#Port=177 +# Willing script, none is shipped and by default we'll send hostname system id. +# But if you supply something here, the output of this script will be sent as +# status of this host so that the chooser can display it. You could for +# example send load, or mail details for some user, or some such. +#Willing=/etc/gdm/Xwilling + +[gui] +# The specific gtkrc file we use. It should be the full path to the gtkrc that +# we need. Unless you need a specific gtkrc that doesn't correspond to a +# specific theme, then just use the GtkTheme key. +#GtkRC=/usr/share/themes/Default/gtk-2.0/gtkrc + +# The GTK+ theme to use for the GUI. +GtkTheme=Adwaita +# If to allow changing the GTK+ (widget) theme from the greeter. Currently +# this only affects the standard greeter as the graphical greeter does not yet +# have this ability. +#AllowGtkThemeChange=true +# Comma separated list of themes to allow. These must be the names of the +# themes installed in the standard locations for gtk themes. You can also +# specify 'all' to allow all installed themes. These should be just the +# basenames of the themes such as 'Thinice' or 'LowContrast'. +#GtkThemesToAllow=all + +# Maximum size of an icon, larger icons are scaled down. +#MaxIconWidth=128 +#MaxIconHeight=128 + +[greeter] +# The following options for setting titlebar and setting window position are +# only useful for the standard login (gdmlogin) and are not used by the +# themed login (gdmgreeter). +# +# The standard login has a title bar that the user can move. +#TitleBar=true +# Don't allow user to move the standard login window. Only makes sense if +# TitleBar is on. +#LockPosition=false +# Set a position for the standard login window rather then just centering the +# window. If you enter negative values for the position it is taken as an +# offset from the right or bottom edge. +#SetPosition=false +#PositionX=0 +#PositionY=0 + +# Enable the Face browser. Note that the Browser key is only used by the +# standard login (gdmlogin) program. The Face Browser is enabled in +# the Graphical greeter by selecting a theme that includes the Face +# Browser, such as happygnome-list. The other configuration values that +# affect the Face Browser (MinimalUID, DefaultFace, Include, Exclude, +# IncludeAll, GlobalFaceDir) are used by both the Standard and Themed +# greeter. +Browser=false +# The default picture in the browser. +#DefaultFace=/usr/share/pixmaps/nobody.png +# User ID's less than the MinimalUID value will not be included in the face +# browser or in the gdmselection list for Automatic/Timed login. They will not +# be displayed regardless of the settings for Include and Exclude. +#MinimalUID=100 +# Users listed in Include will be included in the face browser and in the +# gdmsetup selection list for Automatic/Timed login. Users should be separated +# by commas. +#Include= +# Users listed in Exclude are excluded from the face browser and from the +# gdmsetup selection list for Automatic/Timed login. Excluded users will still +# be able to log in, but will have to type their username. Users should be +# separated by commas. +#Exclude=bin,daemon,adm,lp,sync,shutdown,halt,mail,news,uucp,operator,nobody,gdm,postgres,pvm,rpm,nfsnobody,pcap +# By default, an empty include list means display no users. By setting +# IncludeAll to true, the password file will be scanned and all users will be +# displayed except users excluded via the Exclude setting and user ID's less +# than MinimalUID. Scanning the password file can be slow on systems with +# large numbers of users and this feature should not be used in such +# environments. The setting of IncludeAll does nothing if Include is set to a +# non-empty value. +#IncludeAll=false +# If user or user.png exists in this dir it will be used as his picture. +#GlobalFaceDir=/usr/share/pixmaps/faces/ + +# File which contains the locale we show to the user. Likely you want to use +# the one shipped with GDM and edit it. It is not a standard locale.alias +# file, although GDM will be able to read a standard locale.alias file as well. +#LocaleFile=/etc/gdm/locale.alias +# Logo shown in the standard greeter. +#Logo=/usr/share/pixmaps/gdm-foot-logo.png +# Logo shown on file chooser button in gdmsetup (do not modify this value). +#ChooserButtonLogo=/usr/share/pixmaps/gdm-foot-logo.png +# The standard greeter should shake if a user entered the wrong username or +# password. Kind of cool looking +#Quiver=true + +# The Actions menu (formerly system menu) is shown in the greeter, this is the +# menu that contains reboot, shutdown, suspend, config and chooser. None of +# these is available if this is off. They can be turned off individually +# however. +SystemMenu=true +# Configuration is available from the system menu of the greeter. +ConfigAvailable=true +# Should the chooser button be shown. If this is shown, GDM can drop into +# chooser mode which will run the xdmcp chooser locally and allow the user to +# connect to some remote host. Local XDMCP does not need to be enabled, +# however. +ChooserButton=true + +# Welcome is for all console logins and RemoteWelcome is for remote logins +# (through XDMCP). +# DefaultWelcome and DefaultRemoteWelcome set the string for Welcome to +# "Welcome" and for DefaultWelcome to "Welcome to %n", and properly translate +# the message to the appropriate language. Note that %n gets translated to the +# hostname of the machine. These default values can be overridden by setting +# DefaultWelcome and/or DefaultRemoteWelcome to false, and setting the Welcome +# and DefaultWelcome values as desired. Just make sure the strings are in +# utf-8 Note to distributors, if you wish to have a different Welcome string +# and wish to have this translated you can have entries such as +# "Welcome[cs]=Vitejte na %n". +DefaultWelcome=true +DefaultRemoteWelcome=true +#Welcome=Welcome +#RemoteWelcome=Welcome to %n + +# Xinerama screen we use to display the greeter on. Not for true multihead, +# currently only works for Xinerama. +XineramaScreen=0 +# Background settings for the standard greeter: +# Type can be 0=None, 1=Image & Color, 2=Color, 3=Image +#BackgroundType=2 +#BackgroundImage= +#BackgroundScaleToFit=true +# The Standard greeter (gdmlogin) uses BackgroundColor as the background +# color, while the themed greeter (gdmgreeter) uses GraphicalThemedColor +# as the background color. +BackgroundColor=#76848F +GraphicalThemedColor=#76848F +# XDMCP session should only get a color, this is the sanest setting since you +# don't want to take up too much bandwidth +#BackgroundRemoteOnlyColor=true + +# Program to run to draw the background in the standard greeter. Perhaps +# something like an xscreensaver hack or some such. +#BackgroundProgram= +# If this is true then the background program is run always, otherwise it is +# only run when the BackgroundType is 0 (None). +#RunBackgroundProgramAlways=false +# Delay before starting background program +#BackgroundProgramInitialDelay=30 +# Should the background program be restarted if it is exited. +#RestartBackgroundProgram=true +# Delay before restarting background program +#BackgroundProgramRestartDelay=30 + +# Show the Failsafe sessions. These are much MUCH nicer (focus for xterm for +# example) and more failsafe then those supplied by scripts so distros should +# use this rather then just running an xterm from a script. +ShowGnomeFailsafeSession=true +ShowXtermFailsafeSession=true +# Normally there is a session type called 'Last' that is shown which refers to +# the last session the user used. If off, we will be in 'switchdesk' mode +# where the session saving stuff is disabled in GDM +#ShowLastSession=true +# Always use 24 hour clock no matter what the locale. +#Use24Clock=auto +# Use circles in the password field. Looks kind of cool actually, but only +# works with certain fonts. +UseCirclesInEntry=true +# Do not show any visible feedback in the password field. This is standard for +# instance in console, xdm and ssh. +#UseInvisibleInEntry=false + +# These two keys are for the themed greeter (gdmgreeter). Circles is the +# standard shipped theme. If you want GDM to select a random theme from a +# list then provide a list that is delimited by /: to the GraphicalThemes +# key and set GraphicalThemeRand to true. Otherwise use GraphicalTheme +# and specify just one theme. +#GraphicalTheme=circles +#GraphicalThemes=circles/:happygnome +GraphicalThemeDir=/usr/share/gdm/themes/ +GraphicalThemeRand=false + +# If InfoMsgFile points to a file, the greeter will display the contents of the +# file in a modal dialog box before the user is allowed to log in. +#InfoMsgFile= +# If InfoMsgFile is present then InfoMsgFont can be used to specify the font to +# be used when displaying the contents of the file. +#InfoMsgFont=Sans 24 + +# If SoundOnLogin is true, then the greeter will beep when login is ready for +# user input. If SoundOnLogin is a file and the greeter finds the 'play' +# executable (see daemon/SoundProgram) it will play that file instead of just +# beeping. +#SoundOnLogin=true +#SoundOnLoginFile= +# If SoundOnLoginSuccess, then the greeter will play a sound (as above) when a +# user successfully logs in. +#SoundOnLoginSuccess=false +#SoundOnLoginSuccessFile= +# If SoundOnLoginFailure, then the greeter will play a sound (as above) when a +# user fails to log in. +#SoundOnLoginFailure=false +#SoundOnLoginFailureFile= + +# Specifies a program to be called by the greeter/login program when the +# initial screen is displayed. The purpose is to provide a hook where files +# used after login can be preloaded to speed performance for the user. The +# program will only be called once only, the first time a greeter is displayed. +# The gdmprefetch command may be used. This utility will load any libraries +# passed in on the command line, or if the argument starts with a "@" +# character, it will process the file assuming it is an ASCII file containing a +# list of libraries, one per line, and load each library in the file. +PreFetchProgram= + +# The chooser is what's displayed when a user wants an indirect XDMCP session, +# or selects Run XDMCP chooser from the system menu +[chooser] +# Default image for hosts. +#DefaultHostImg=/usr/share/pixmaps/nohost.png +# Directory with host images, they are named by the hosts: host or host.png. +HostImageDir=/usr/share/hosts/ +# Time we scan for hosts (well only the time we tell the user we are scanning +# actually, we continue to listen even after this has expired). +#ScanTime=4 +# A comma separated lists of hosts to automatically add (if they answer to a +# query of course). You can use this to reach hosts that broadcast cannot +# reach. +Hosts= +# Broadcast a query to get all hosts on the current network that answer. +Broadcast=true +# Set it to true if you want to send a multicast query to hosts. +Multicast=false +# It is an IPv6 multicast address.It is hardcoded here and will be replaced +# when officially registered xdmcp multicast address of TBD will be available. +#Multicast_Addr=ff02::1 +# Allow adding random hosts to the list by typing in their names. +#AllowAdd=true + +[debug] +# This will cause GDM to send debugging information to the system log, which +# will create a LOT of output. It is not recommended to turn this on for +# normal use, but it can be useful to determine the cause when GDM is not +# working properly. +Enable=false +# This will enable debug messages for accessibilty gesture listeners into the +# syslog. This includes output about key events, mouse button events, and +# pointer motion events. This is useful for figuring out the cause of why the +# gesture listeners may not be working, but is too verbose for general debug. +Gestures=false + +# Attached DISPLAY Configuration +# +[servers] +# This section defines which attached DISPLAYS should be started by GDM by +# default. You can add as many DISPLAYS as desired and they will always be +# started. The key for each entry must be a unique number that cooresponds to +# the DISPLAY number to start the X server. For a typical single-display +# machine, there will only be one entry "0" for DISPLAY ":0". The first word +# in the value corresponds to an X server definition in the "X Server +# Definitions" section of the configuration file. For example, the entry: +# +# 0=Standard +# +# Means that DISPLAY ":0" will start an X server as defined in the +# [server-Standard] section. +# +# The optional device argument is used to specify the device that is associated +# with the DISPLAY. When using Virtual Terminals (VT), this value is ignored +# and GDM will use the correct device name associated with the VT. If not +# using VT, then GDM will use the value specified by this optional argument. +# If the device argument is not defined, then GDM will use the default setting +# for attached displays defined in the UtmpLineAttached configuration option. +# For the main display (typically DISPLAY ":0"), "/dev/console" is a reasonable +# value. For other displays it is probably best to not include this argument +# unless you know the specific device associated with the DISPLAY. The device +# value can contain "%d" which is translated to the DISPLAY value or %h which +# is translated to the hostname. +# +0=Standard device=/dev/console + +# Example of how to set up DISPLAY :1 to also use Standard. +#1=Standard + +# If you wish to run the XDMCP chooser on the local display use the following +# line +#0=Chooser + +# X Server Definitions +# +# Note: Is your X server not listening to TCP requests? Refer to the +# security/DisallowTCP setting! + +[server-Standard] +name=Standard server +command=/usr/bin/Xorg -audit 0 +flexible=true +# Indicates that the X server should be started at a different process +# priority. Values can be any integer value accepted by the setpriority C +# library function (normally between -20 and 20) with 0 being the default. For +# highly interactive applications, -5 yields good responsiveness. The default +# value is 0 and the setpriority function is not called if the value is 0. + +#priority=0 + +# To use this server type you should add -query host or -indirect host to the +# command line. +[server-Terminal] +name=Terminal server +# Add -terminate to make things behave more nicely +command=/usr/bin/Xorg -audit 0 -terminate +# Make this not appear in the flexible servers (we need extra params anyway, +# and terminate would be bad for xdmcp choosing). You can make a terminal +# server flexible, but not with an indirect query. If you need flexible +# indirect query server, then you must get rid of the -terminate and the only +# way to kill the flexible server will then be by Ctrl-Alt-Backspace. +flexible=false +# Do not handle this X server for attached displays. +handled=false + +# To use this server type you should add -query host or -indirect host to the +# command line. +[server-Chooser] +name=Chooser server +command=/usr/bin/Xorg -audit 0 +# Make this not appear in the flexible servers for now, but if you wish to +# allow a chooser server then make this true. This is the only way to make a +# flexible chooser server that behaves nicely. +flexible=false +# Run the chooser instead of the greeter. When the user chooses a machine they +# will get this same server but run with "-terminate -query hostname". +chooser=true + +[customcommand] +# This section allows you specify up to 10 custom commands. Each of the +# commands can be defined by the seven parameters listed below. In each of the +# descriptions of the parameters N can take on any values between 0 and 9, +# i.e. CustomCommand0=,CustomCommand1=,...,CustomCommand9=. The numbers +# can have gaps as long as they fit within predefined set of 10, and their +# placement order within this section and with respect to each other is +# not important. +# +# CustomCommandN, CustomCommandTextN, CustomCommandLabelN, +# CustomCommandLRLabelN, CustomCommandTooltipN, CustomCommandIsPersistentN +# and CustomCommandNoRestartN should all be defined for a given integer N, +# where N can be a number from 0-9 (if not the default values will be +# assigned except CustomCommandN for which no default exists). + +# Custom command to run. Multiple commands may be specified separated by +# semicolons. GDM will use the first valid command. Examples: +# /usr/bin/bootwindoze;/usr/local/bin/bootwindoze, or +# /usr/bin/runupdate;/usr/local/bin/runupdate +# +#CustomCommandN= + +# Custom command dialog message that will appear on all warning dialogs. +# This will vary depending on what you want to do. Examples: +# Are you sure you want to restart system into Windoze?, or +# Are you sure you want do do this? +#CustomCommandTextN= + +# Custom command label that will appear as stock label on buttons/menu items. +# This option can't contain any semicolon characters (i.e. ";"). +# Examples: +# _Windoze, or +# _Update Me +#CustomCommandLabelN= + +# Custom command label that will appear as stock label on radio buttons/list +# items. The underscore indicates the mnemonic used with this item. Examples: +# Restart into _Windoze +# Perform system _Update +#CustomCommandLRLabelN= + +# Custom command tooltip. Examples +# Restarts the computer into Windoze +# Updates the computer software to the most recent version(s) +#CustomCommandTooltipN= + +# Custom command persistence option. Setting it to true will allow this +# command to appear outside the login manager, e.g. on the desktop through +# Log Out/Shut Down dialogs. The default value is false. +#CustomCommandIsPersistentN= + +# Custom command gdm/system restart option. Setting it to true will not +# restart gdm after command execution. The default commands (reboot, shut +# down) all reboot the system by default which is why the default setting +# is true. +# In addition when corresponding CustomCommandIsPersistentN option is set to +# true, setting CustomCommandNoRestartN to false will place CustomCommandN +# in the Shut Down dialog set of actions, setting it to true will place +# CustomCommandN in the Log Out dialog set of actions. +#CustomCommandNoRestartN= +# +# Example layout for more than one command: +#CustomCommand0= +#CustomCommandText0= +#CustomCommandLabel0= +#CustomCommandLRLabel0= +#CustomCommandTooltip0= +#CustomCommandIsPersistent0= +#CustomCommandNoRestart0= +# +#CustomCommand1= +#CustomCommandText1= +#CustomCommandLabel1= +#CustomCommandLRLabel1= +#CustomCommandTooltip1= +#CustomCommandIsPersistent1= +#CustomCommandNoRestart1= +# +# and so on diff --git a/gdm-autologin.pam b/gdm-autologin.pam new file mode 100644 index 000000000000..7ba2053e7c6e --- /dev/null +++ b/gdm-autologin.pam @@ -0,0 +1,16 @@ +#%PAM-1.0 +# mirrors system-auth / system(-local)-login +# except for the authentication method, which is: +# always permit login (from gdm package) +auth requisite pam_nologin.so +auth requisite pam_succeed_if.so uid >= 1000 quiet +auth requisite pam_succeed_if.so user notingroup root quiet +auth required pam_env.so +auth required pam_tally.so file=/var/log/faillog onerr=succeed +auth required pam_shells.so +auth required pam_permit.so +-auth optional pam_gnome_keyring.so +account include system-local-login +password include system-local-login +session include system-local-login +-session optional pam_gnome_keyring.so auto_start diff --git a/gdm-old-faces.changelog b/gdm-old-faces.changelog new file mode 100644 index 000000000000..86ca7bf30df0 --- /dev/null +++ b/gdm-old-faces.changelog @@ -0,0 +1,7 @@ +2012-12-21 Krzysztof AS <krzysztof1987@gmail.com> + * 2.20.11-8.1 : + * add ChangeLog + +2012-12-19 Krzysztof AS <krzysztof1987@gmail.com> + * 2.20.11-8 : + * remove gdm.install from gdm-old-faces diff --git a/gdm-old.changelog b/gdm-old.changelog new file mode 100644 index 000000000000..9bd3f09e50d0 --- /dev/null +++ b/gdm-old.changelog @@ -0,0 +1,29 @@ +2014-10-30 Krzysztof AS <krzysztof1987@gmail.com> + * 2.20.11-9.2 : + * add AUR3 metapackage feature support + * rework install script + +2013-06-04 Krzysztof AS <krzysztof1987@gmail.com> + * 2.20.11-9.1 : + * fix: paths in defaults.conf (see pkgrel=9) + +2013-06-04 Krzysztof AS <krzysztof1987@gmail.com> + * 2.20.11-9 : + * fix: /usr/sbin is deprecated (forced by package: filesystem) + +2013-04-30 Krzysztof AS <krzysztof1987@gmail.com> + * 2.20.11-8.2 : + * no longer depends on tcp_wrappers + * no longer support for sysvinit + +2012-12-21 Krzysztof AS <krzysztof1987@gmail.com> + * 2.20.11-8.1 : + * add ChangeLog + * fix auto-adding "install" by makepkg + * fix warning about directory permissions + +2012-12-19 Krzysztof AS <krzysztof1987@gmail.com> + * 2.20.11-8 : + * fix compatybility with plymouth service + * rewrite pam modules + * make "install" lighter diff --git a/gdm-old.install b/gdm-old.install new file mode 100644 index 000000000000..7455a323b7f3 --- /dev/null +++ b/gdm-old.install @@ -0,0 +1,74 @@ +pkgname=gdm-old + +post_install() { + printf -- "==> %s...\n" "Creating user and group: gdm" + getent group gdm &> /dev/null || groupadd -g 120 gdm + getent passwd gdm &> /dev/null || useradd -c 'Gnome Display Manager' -u 120 -g gdm -d /var/lib/gdm -s /sbin/nologin gdm + passwd -l gdm > /dev/null + chown root:gdm /var/lib/gdm > /dev/null + chmod 1770 /var/lib/gdm > /dev/null + + printf -- "==> %s...\n" "Updating icon cache" + gtk-update-icon-cache -q -t -f usr/share/icons/hicolor + + printf -- "==> %s...\n" "Refreshing systemd cache" + systemctl --system daemon-reload + + if systemctl is-enabled gdm.service &> /dev/null; then + printf -- "==> %s...\n" "Reenabling gdm.service" + systemctl reenable gdm.service 2>&1 + else + # Arch-way = you decide + printf -- ">\n> %s\n> %s\n>\n" \ + "If you want use GDM-old as default DM, run this command:" \ + "# sudo systemctl enable -f gdm.service" + fi +} + +post_upgrade() { + printf -- "==> %s...\n" "Refreshing systemd cache" + systemctl --system daemon-reload + + local i + for i in gdm.service gdm-old.service; do + if systemctl is-active "$i" &> /dev/null; then + printf -- "==> %s...\n" "Reloading $i (using: gdm-safe-restart)" + systemctl reload "$i" 2>&1 + printf -- ">\n> %s\n>\n" \ + "You must relogin if you want use the new gdm version" + break + fi + done +} + +post_remove() { + printf -- "==> %s...\n" "Updating icon cache" + gtk-update-icon-cache -q -t -f usr/share/icons/hicolor + + printf -- "==> %s...\n" "Removing user and group: gdm" + local i="" + if getent passwd gdm &> /dev/null; then + userdel gdm || i="sudo userdel gdm" + fi + if getent group gdm &> /dev/null; then + groupdel gdm || i+="${i:+" && "}sudo groupdel gdm" + fi + if [ -n "$i" ]; then + printf -- ">\n> %s\n> %s\n> %s\n>\n" \ + "Can't remove user/group currently used by" \ + "gdm process... Stop gdm and retry manually:" \ + "# $i" + fi + + printf -- "==> %s...\n" "Refreshing systemd cache" + systemctl --system daemon-reload + + # We can't use it anymore, this remove dead link + local i + for i in gdm.service gdm-old.service; do + if systemctl is-enabled "$i" &> /dev/null; then + printf -- "==> %s...\n" "Disabling $i" + systemctl disable "$i" 2>&1 + fi + done +} diff --git a/gdm.pam b/gdm.pam new file mode 100644 index 000000000000..a7254c1d25d9 --- /dev/null +++ b/gdm.pam @@ -0,0 +1,11 @@ +#%PAM-1.0 +auth requisite pam_nologin.so +auth requisite pam_succeed_if.so user != root quiet +auth requisite pam_succeed_if.so user notingroup root quiet +auth substack system-login +auth optional pam_gnome_keyring.so +account include system-login +password include system-login +session substack system-local-login +session optional pam_keyinit.so force revoke +session optional pam_gnome_keyring.so auto_start diff --git a/gdm.service b/gdm.service new file mode 100644 index 000000000000..1ad64cc69e3b --- /dev/null +++ b/gdm.service @@ -0,0 +1,15 @@ +[Unit] +Description=Gnome Display Manager +Conflicts=getty@tty7.service +After=systemd-user-sessions.service getty@tty1.service + +[Service] +ExecStart=/usr/bin/gdm --nodaemon +ExecReload=/usr/bin/gdm-safe-restart +ExecStop=/usr/bin/gdm-stop +IgnoreSIGPIPE=no +RestartSec=1s +TimeoutStopSec=5s + +[Install] +Alias=display-manager.service diff --git a/org.gnome2.pkexec.gdmsetup.policy b/org.gnome2.pkexec.gdmsetup.policy new file mode 100644 index 000000000000..6e502b26df6e --- /dev/null +++ b/org.gnome2.pkexec.gdmsetup.policy @@ -0,0 +1,21 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE policyconfig PUBLIC + "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN" + "http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd"> +<policyconfig> + <vendor>The GNOME Project</vendor> + <vendor_url>http://www.gnome.org/projects/gdm/</vendor_url> + <action id="org.gnome2.pkexec.gdmsetup"> + <description>GDM login window appearance and behavior</description> + <message>Privileges are required to change GDM Settings</message> + <icon_name>gdmsetup</icon_name> + <defaults> + <allow_any>no</allow_any> + <allow_inactive>no</allow_inactive> + <allow_active>auth_admin</allow_active> + </defaults> + <annotate key="org.freedesktop.policykit.exec.path">/usr/bin/gdmsetup</annotate> + <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate> + </action> +</policyconfig> + |