Unity

Merge lp:~azzar1/unity/option-lockscreen-account-checking into lp:unity

  1. option-lockscreen-account-checking
  2. Merge into trunk
Proposed by Andrea Azzarone
Status: Merged
Approved by: Marco Trevisan (Treviño)
Approved revision: no longer in the source branch.
Merged at revision: 4133
Proposed branch: lp:~azzar1/unity/option-lockscreen-account-checking
Merge into: lp:unity
Diff against target: 100 lines (+29/-5)
4 files modified
com.canonical.Unity.gschema.xml (+7/-0)
lockscreen/UserAuthenticatorPam.cpp (+14/-5)
unity-shared/UnitySettings.cpp (+7/-0)
unity-shared/UnitySettings.h (+1/-0)
To merge this branch: bzr merge lp:~azzar1/unity/option-lockscreen-account-checking
Reviewer Review Type Date Requested Status
Marco Trevisan (Treviño) Approve
PS Jenkins bot continuous-integration Pending
Review via email: mp+297758@code.launchpad.net

Commit message

UnitySettings: Add an option to enable/disable pam account checking.

Description of the change

Add an option to enable/disable pam account checking. A similar solution is used in XScreenSaver.

To post a comment you must log in.
Revision history for this message
Marco Trevisan (Treviño) (3v1n0) wrote :

Allright, I'd just move the option into a new .lockscreen section.

Revision history for this message
Marco Trevisan (Treviño) (3v1n0) wrote :

Let's keep as it is, I think it's fine.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'com.canonical.Unity.gschema.xml'
2--- com.canonical.Unity.gschema.xml 2016-06-06 14:05:18 +0000
3+++ com.canonical.Unity.gschema.xml 2016-06-17 12:16:43 +0000
4@@ -93,6 +93,13 @@
5 <summary>List of keycodes that should be processed even if auto-repated.</summary>
6 <description>These keycodes are processed even if they are auto-repeated.</description>
7 </key>
8+ <key type="b" name="pam-check-account-type">
9+ <default>false</default>
10+ <summary>Enable/Disable PAM account checking</summary>
11+ <description>Whether PAM should check the result of account modules
12+ when authenticating. Only do this if you have account
13+ configured properly on your system.</description>
14+ </key>
15 </schema>
16 <schema path="/com/canonical/unity/interface/" id="com.canonical.Unity.Interface" gettext-domain="unity">
17 <key type="d" name="text-scale-factor">
18
19=== modified file 'lockscreen/UserAuthenticatorPam.cpp'
20--- lockscreen/UserAuthenticatorPam.cpp 2014-05-27 07:54:04 +0000
21+++ lockscreen/UserAuthenticatorPam.cpp 2016-06-17 12:16:43 +0000
22@@ -22,6 +22,7 @@
23 // let's just fallcback to lightdm.
24
25 #include "UserAuthenticatorPam.h"
26+#include "unity-shared/UnitySettings.h"
27
28 #include <cstring>
29 #include <security/pam_appl.h>
30@@ -52,13 +53,21 @@
31
32 g_task_run_in_thread(task, [] (GTask* task, gpointer, gpointer data, GCancellable*) {
33 auto self = static_cast<UserAuthenticatorPam*>(data);
34+
35 self->status_ = pam_authenticate(self->pam_handle_, 0);
36- if (self->status_ == PAM_SUCCESS)
37- self->status_ = pam_acct_mgmt(self->pam_handle_, 0);
38- if (self->status_ == PAM_NEW_AUTHTOK_REQD)
39- self->status_ = pam_chauthtok(self->pam_handle_, PAM_CHANGE_EXPIRED_AUTHTOK);
40- if (self->status_ == PAM_SUCCESS)
41+
42+ if (self->status_ == PAM_SUCCESS)
43+ {
44+ int status2 = pam_acct_mgmt(self->pam_handle_, 0);
45+
46+ if (status2 == PAM_NEW_AUTHTOK_REQD)
47+ status2 = pam_chauthtok(self->pam_handle_, PAM_CHANGE_EXPIRED_AUTHTOK);
48+
49+ if (unity::Settings::Instance().pam_check_account_type())
50+ self->status_ = status2;
51+
52 pam_setcred (self->pam_handle_, PAM_REINITIALIZE_CRED);
53+ }
54 });
55
56 return true;
57
58=== modified file 'unity-shared/UnitySettings.cpp'
59--- unity-shared/UnitySettings.cpp 2016-06-06 14:05:18 +0000
60+++ unity-shared/UnitySettings.cpp 2016-06-17 12:16:43 +0000
61@@ -39,6 +39,7 @@
62 const std::string FORM_FACTOR = "form-factor";
63 const std::string DOUBLE_CLICK_ACTIVATE = "double-click-activate";
64 const std::string DESKTOP_TYPE = "desktop-type";
65+const std::string PAM_CHECK_ACCOUNT_TYPE = "pam-check-account-type";
66
67 const std::string LAUNCHER_SETTINGS = "com.canonical.Unity.Launcher";
68 const std::string LAUNCHER_POSITION = "launcher-position";
69@@ -109,6 +110,7 @@
70 parent_->launcher_position.SetGetterFunction(sigc::mem_fun(this, &Impl::GetLauncherPosition));
71 parent_->launcher_position.SetSetterFunction(sigc::mem_fun(this, &Impl::SetLauncherPosition));
72 parent_->desktop_type.SetGetterFunction(sigc::mem_fun(this, &Impl::GetDesktopType));
73+ parent_->pam_check_account_type.SetGetterFunction(sigc::mem_fun(this, &Impl::GetPamCheckAccountType));
74
75 for (unsigned i = 0; i < monitors::MAX; ++i)
76 em_converters_.emplace_back(std::make_shared<EMConverter>());
77@@ -273,6 +275,11 @@
78 return static_cast<DesktopType>(g_settings_get_enum(usettings_, DESKTOP_TYPE.c_str()));
79 }
80
81+ bool GetPamCheckAccountType() const
82+ {
83+ return g_settings_get_boolean(usettings_, PAM_CHECK_ACCOUNT_TYPE.c_str());
84+ }
85+
86 int GetFontSize() const
87 {
88 gint font_size;
89
90=== modified file 'unity-shared/UnitySettings.h'
91--- unity-shared/UnitySettings.h 2016-06-06 14:05:18 +0000
92+++ unity-shared/UnitySettings.h 2016-06-17 12:16:43 +0000
93@@ -64,6 +64,7 @@
94 nux::RWProperty<FormFactor> form_factor;
95 nux::Property<bool> is_standalone;
96 nux::ROProperty<DesktopType> desktop_type;
97+ nux::ROProperty<bool> pam_check_account_type;
98 nux::ROProperty<bool> double_click_activate;
99 nux::Property<unsigned> lim_movement_thresold;
100 nux::Property<unsigned> lim_double_click_wait;