Merge lp:~robert-ancell/lightdm/configurable-pam-service into lp:lightdm
- configurable-pam-service
- Merge into trunk
Status: | Merged |
---|---|
Merged at revision: | 2010 |
Proposed branch: | lp:~robert-ancell/lightdm/configurable-pam-service |
Merge into: | lp:lightdm |
Diff against target: |
286 lines (+142/-11) 8 files modified
data/lightdm.conf (+6/-0) src/lightdm.c (+6/-0) src/seat.c (+8/-11) tests/Makefile.am (+4/-0) tests/scripts/autologin-pam-config.conf (+44/-0) tests/scripts/login-pam-config.conf (+70/-0) tests/test-autologin-pam-config (+2/-0) tests/test-login-pam-config (+2/-0) |
To merge this branch: | bzr merge lp:~robert-ancell/lightdm/configurable-pam-service |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
PS Jenkins bot | continuous-integration | Approve | |
Robert Ancell | Approve | ||
Review via email: mp+228240@code.launchpad.net |
Commit message
Make PAM services configurable
Description of the change
Robert Ancell (robert-ancell) wrote : | # |
PS Jenkins bot (ps-jenkins) wrote : | # |
PASSED: Continuous integration, rev:2009
http://
Executed test runs:
SUCCESS: http://
SUCCESS: http://
Click here to trigger a rebuild:
http://
- 2010. By Robert Ancell
-
Add regression tests for PAM configuration
Robert Ancell (robert-ancell) : | # |
PS Jenkins bot (ps-jenkins) wrote : | # |
PASSED: Continuous integration, rev:2010
http://
Executed test runs:
SUCCESS: http://
SUCCESS: http://
Click here to trigger a rebuild:
http://
Preview Diff
1 | === modified file 'data/lightdm.conf' | |||
2 | --- data/lightdm.conf 2014-03-12 04:53:33 +0000 | |||
3 | +++ data/lightdm.conf 2014-07-27 23:39:55 +0000 | |||
4 | @@ -35,6 +35,9 @@ | |||
5 | 35 | # | 35 | # |
6 | 36 | # type = Seat type (xlocal, xremote) | 36 | # type = Seat type (xlocal, xremote) |
7 | 37 | # xdg-seat = Seat name to set pam_systemd XDG_SEAT variable and name to pass to X server | 37 | # xdg-seat = Seat name to set pam_systemd XDG_SEAT variable and name to pass to X server |
8 | 38 | # pam-service = PAM service to use for login | ||
9 | 39 | # pam-autologin-service = PAM service to use for autologin | ||
10 | 40 | # pam-greeter-service = PAM service to use for greeters | ||
11 | 38 | # xserver-command = X server command to run (can also contain arguments e.g. X -special-option) | 41 | # xserver-command = X server command to run (can also contain arguments e.g. X -special-option) |
12 | 39 | # xserver-layout = Layout to pass to X server | 42 | # xserver-layout = Layout to pass to X server |
13 | 40 | # xserver-config = Config file to pass to X server | 43 | # xserver-config = Config file to pass to X server |
14 | @@ -73,6 +76,9 @@ | |||
15 | 73 | [SeatDefaults] | 76 | [SeatDefaults] |
16 | 74 | #type=xlocal | 77 | #type=xlocal |
17 | 75 | #xdg-seat=seat0 | 78 | #xdg-seat=seat0 |
18 | 79 | #pam-service=lightdm | ||
19 | 80 | #pam-autologin-service=lightdm-autologin | ||
20 | 81 | #pam-greeter-service=lightdm-greeter | ||
21 | 76 | #xserver-command=X | 82 | #xserver-command=X |
22 | 77 | #xserver-layout= | 83 | #xserver-layout= |
23 | 78 | #xserver-config= | 84 | #xserver-config= |
24 | 79 | 85 | ||
25 | === modified file 'src/lightdm.c' | |||
26 | --- src/lightdm.c 2014-04-17 04:06:30 +0000 | |||
27 | +++ src/lightdm.c 2014-07-27 23:39:55 +0000 | |||
28 | @@ -1109,6 +1109,12 @@ | |||
29 | 1109 | config_set_boolean (config_get_instance (), "LightDM", "lock-memory", TRUE); | 1109 | config_set_boolean (config_get_instance (), "LightDM", "lock-memory", TRUE); |
30 | 1110 | if (!config_has_key (config_get_instance (), "SeatDefaults", "type")) | 1110 | if (!config_has_key (config_get_instance (), "SeatDefaults", "type")) |
31 | 1111 | config_set_string (config_get_instance (), "SeatDefaults", "type", "xlocal"); | 1111 | config_set_string (config_get_instance (), "SeatDefaults", "type", "xlocal"); |
32 | 1112 | if (!config_has_key (config_get_instance (), "SeatDefaults", "pam-service")) | ||
33 | 1113 | config_set_string (config_get_instance (), "SeatDefaults", "pam-service", "lightdm"); | ||
34 | 1114 | if (!config_has_key (config_get_instance (), "SeatDefaults", "pam-autologin-service")) | ||
35 | 1115 | config_set_string (config_get_instance (), "SeatDefaults", "pam-autologin-service", "lightdm-autologin"); | ||
36 | 1116 | if (!config_has_key (config_get_instance (), "SeatDefaults", "pam-greeter-service")) | ||
37 | 1117 | config_set_string (config_get_instance (), "SeatDefaults", "pam-greeter-service", "lightdm-greeter"); | ||
38 | 1112 | if (!config_has_key (config_get_instance (), "SeatDefaults", "xserver-command")) | 1118 | if (!config_has_key (config_get_instance (), "SeatDefaults", "xserver-command")) |
39 | 1113 | config_set_string (config_get_instance (), "SeatDefaults", "xserver-command", "X"); | 1119 | config_set_string (config_get_instance (), "SeatDefaults", "xserver-command", "X"); |
40 | 1114 | if (!config_has_key (config_get_instance (), "SeatDefaults", "xserver-share")) | 1120 | if (!config_has_key (config_get_instance (), "SeatDefaults", "xserver-share")) |
41 | 1115 | 1121 | ||
42 | === modified file 'src/seat.c' | |||
43 | --- src/seat.c 2014-06-30 05:00:29 +0000 | |||
44 | +++ src/seat.c 2014-07-27 23:39:55 +0000 | |||
45 | @@ -64,11 +64,6 @@ | |||
46 | 64 | gboolean stopped; | 64 | gboolean stopped; |
47 | 65 | }; | 65 | }; |
48 | 66 | 66 | ||
49 | 67 | /* PAM services to use */ | ||
50 | 68 | #define GREETER_SERVICE "lightdm-greeter" | ||
51 | 69 | #define USER_SERVICE "lightdm" | ||
52 | 70 | #define AUTOLOGIN_SERVICE "lightdm-autologin" | ||
53 | 71 | |||
54 | 72 | static void seat_logger_iface_init (LoggerInterface *iface); | 67 | static void seat_logger_iface_init (LoggerInterface *iface); |
55 | 73 | 68 | ||
56 | 74 | G_DEFINE_TYPE_WITH_CODE (Seat, seat, G_TYPE_OBJECT, | 69 | G_DEFINE_TYPE_WITH_CODE (Seat, seat, G_TYPE_OBJECT, |
57 | @@ -1091,7 +1086,7 @@ | |||
58 | 1091 | session = create_guest_session (seat, session_name); | 1086 | session = create_guest_session (seat, session_name); |
59 | 1092 | if (!session) | 1087 | if (!session) |
60 | 1093 | return FALSE; | 1088 | return FALSE; |
62 | 1094 | session_set_pam_service (session, AUTOLOGIN_SERVICE); | 1089 | session_set_pam_service (session, seat_get_string_property (seat, "pam-autologin-service")); |
63 | 1095 | } | 1090 | } |
64 | 1096 | else | 1091 | else |
65 | 1097 | { | 1092 | { |
66 | @@ -1230,7 +1225,7 @@ | |||
67 | 1230 | set_session_env (SESSION (greeter_session)); | 1225 | set_session_env (SESSION (greeter_session)); |
68 | 1231 | session_set_env (SESSION (greeter_session), "XDG_SESSION_CLASS", "greeter"); | 1226 | session_set_env (SESSION (greeter_session), "XDG_SESSION_CLASS", "greeter"); |
69 | 1232 | 1227 | ||
71 | 1233 | session_set_pam_service (SESSION (greeter_session), GREETER_SERVICE); | 1228 | session_set_pam_service (SESSION (greeter_session), seat_get_string_property (seat, "pam-greeter-service")); |
72 | 1234 | if (getuid () == 0) | 1229 | if (getuid () == 0) |
73 | 1235 | { | 1230 | { |
74 | 1236 | gchar *greeter_user; | 1231 | gchar *greeter_user; |
75 | @@ -1246,7 +1241,9 @@ | |||
76 | 1246 | session_set_argv (SESSION (greeter_session), argv); | 1241 | session_set_argv (SESSION (greeter_session), argv); |
77 | 1247 | g_strfreev (argv); | 1242 | g_strfreev (argv); |
78 | 1248 | 1243 | ||
80 | 1249 | greeter_set_pam_services (greeter_session, USER_SERVICE, AUTOLOGIN_SERVICE); | 1244 | greeter_set_pam_services (greeter_session, |
81 | 1245 | seat_get_string_property (seat, "pam-service"), | ||
82 | 1246 | seat_get_string_property (seat, "pam-autologin-service")); | ||
83 | 1250 | g_signal_connect (greeter_session, "create-session", G_CALLBACK (greeter_create_session_cb), seat); | 1247 | g_signal_connect (greeter_session, "create-session", G_CALLBACK (greeter_create_session_cb), seat); |
84 | 1251 | g_signal_connect (greeter_session, "start-session", G_CALLBACK (greeter_start_session_cb), seat); | 1248 | g_signal_connect (greeter_session, "start-session", G_CALLBACK (greeter_start_session_cb), seat); |
85 | 1252 | 1249 | ||
86 | @@ -1483,7 +1480,7 @@ | |||
87 | 1483 | /* Attempt to authenticate them */ | 1480 | /* Attempt to authenticate them */ |
88 | 1484 | session = create_user_session (seat, username, FALSE); | 1481 | session = create_user_session (seat, username, FALSE); |
89 | 1485 | g_signal_connect (session, "authentication-complete", G_CALLBACK (switch_authentication_complete_cb), seat); | 1482 | g_signal_connect (session, "authentication-complete", G_CALLBACK (switch_authentication_complete_cb), seat); |
91 | 1486 | session_set_pam_service (session, USER_SERVICE); | 1483 | session_set_pam_service (session, seat_get_string_property (seat, "pam-service")); |
92 | 1487 | session_start (session); | 1484 | session_start (session); |
93 | 1488 | 1485 | ||
94 | 1489 | return FALSE; | 1486 | return FALSE; |
95 | @@ -1533,7 +1530,7 @@ | |||
96 | 1533 | if (seat->priv->session_to_activate) | 1530 | if (seat->priv->session_to_activate) |
97 | 1534 | g_object_unref (seat->priv->session_to_activate); | 1531 | g_object_unref (seat->priv->session_to_activate); |
98 | 1535 | seat->priv->session_to_activate = g_object_ref (session); | 1532 | seat->priv->session_to_activate = g_object_ref (session); |
100 | 1536 | session_set_pam_service (session, AUTOLOGIN_SERVICE); | 1533 | session_set_pam_service (session, seat_get_string_property (seat, "pam-autologin-service")); |
101 | 1537 | session_set_display_server (session, display_server); | 1534 | session_set_display_server (session, display_server); |
102 | 1538 | 1535 | ||
103 | 1539 | return display_server_start (display_server); | 1536 | return display_server_start (display_server); |
104 | @@ -1658,7 +1655,7 @@ | |||
105 | 1658 | session = create_user_session (seat, autologin_username, TRUE); | 1655 | session = create_user_session (seat, autologin_username, TRUE); |
106 | 1659 | 1656 | ||
107 | 1660 | if (session) | 1657 | if (session) |
109 | 1661 | session_set_pam_service (session, AUTOLOGIN_SERVICE); | 1658 | session_set_pam_service (session, seat_get_string_property (seat, "pam-autologin-service")); |
110 | 1662 | 1659 | ||
111 | 1663 | /* Load in background if required */ | 1660 | /* Load in background if required */ |
112 | 1664 | if (autologin_in_background && session) | 1661 | if (autologin_in_background && session) |
113 | 1665 | 1662 | ||
114 | === modified file 'tests/Makefile.am' | |||
115 | --- tests/Makefile.am 2014-06-30 05:00:29 +0000 | |||
116 | +++ tests/Makefile.am 2014-07-27 23:39:55 +0000 | |||
117 | @@ -20,6 +20,7 @@ | |||
118 | 20 | test-headless \ | 20 | test-headless \ |
119 | 21 | test-autologin \ | 21 | test-autologin \ |
120 | 22 | test-autologin-pam \ | 22 | test-autologin-pam \ |
121 | 23 | test-autologin-pam-config \ | ||
122 | 23 | test-autologin-in-background \ | 24 | test-autologin-in-background \ |
123 | 24 | test-autologin-guest-in-background \ | 25 | test-autologin-guest-in-background \ |
124 | 25 | test-autologin-timeout-in-background \ | 26 | test-autologin-timeout-in-background \ |
125 | @@ -37,6 +38,7 @@ | |||
126 | 37 | test-restart-authentication \ | 38 | test-restart-authentication \ |
127 | 38 | test-cancel-authentication-gobject \ | 39 | test-cancel-authentication-gobject \ |
128 | 39 | test-login-pam \ | 40 | test-login-pam \ |
129 | 41 | test-login-pam-config \ | ||
130 | 40 | test-denied \ | 42 | test-denied \ |
131 | 41 | test-expired \ | 43 | test-expired \ |
132 | 42 | test-cred-error \ | 44 | test-cred-error \ |
133 | @@ -350,6 +352,7 @@ | |||
134 | 350 | scripts/autologin-in-background.conf \ | 352 | scripts/autologin-in-background.conf \ |
135 | 351 | scripts/autologin-invalid-greeter.conf \ | 353 | scripts/autologin-invalid-greeter.conf \ |
136 | 352 | scripts/autologin-pam.conf \ | 354 | scripts/autologin-pam.conf \ |
137 | 355 | scripts/autologin-pam-config.conf \ | ||
138 | 353 | scripts/autologin-invalid-session.conf \ | 356 | scripts/autologin-invalid-session.conf \ |
139 | 354 | scripts/autologin-invalid-user.conf \ | 357 | scripts/autologin-invalid-user.conf \ |
140 | 355 | scripts/autologin-logout.conf \ | 358 | scripts/autologin-logout.conf \ |
141 | @@ -424,6 +427,7 @@ | |||
142 | 424 | scripts/login-new-authtok.conf \ | 427 | scripts/login-new-authtok.conf \ |
143 | 425 | scripts/login-no-password.conf \ | 428 | scripts/login-no-password.conf \ |
144 | 426 | scripts/login-pam.conf \ | 429 | scripts/login-pam.conf \ |
145 | 430 | scripts/login-pam-config.conf \ | ||
146 | 427 | scripts/login-pick-session.conf \ | 431 | scripts/login-pick-session.conf \ |
147 | 428 | scripts/login-previous-session.conf \ | 432 | scripts/login-previous-session.conf \ |
148 | 429 | scripts/login-remember-session.conf \ | 433 | scripts/login-remember-session.conf \ |
149 | 430 | 434 | ||
150 | === added file 'tests/scripts/autologin-pam-config.conf' | |||
151 | --- tests/scripts/autologin-pam-config.conf 1970-01-01 00:00:00 +0000 | |||
152 | +++ tests/scripts/autologin-pam-config.conf 2014-07-27 23:39:55 +0000 | |||
153 | @@ -0,0 +1,44 @@ | |||
154 | 1 | # | ||
155 | 2 | # Check we can configure the PAM service for automatic login | ||
156 | 3 | # | ||
157 | 4 | |||
158 | 5 | [SeatDefaults] | ||
159 | 6 | autologin-user=no-password1 | ||
160 | 7 | user-session=default | ||
161 | 8 | pam-autologin-service=lightdm-autologin-alternative | ||
162 | 9 | |||
163 | 10 | [test-pam] | ||
164 | 11 | log-events=true | ||
165 | 12 | |||
166 | 13 | #?*START-DAEMON | ||
167 | 14 | #?RUNNER DAEMON-START | ||
168 | 15 | |||
169 | 16 | # X server starts | ||
170 | 17 | #?XSERVER-0 START VT=7 SEAT=seat0 | ||
171 | 18 | |||
172 | 19 | # Daemon connects when X server is ready | ||
173 | 20 | #?*XSERVER-0 INDICATE-READY | ||
174 | 21 | #?XSERVER-0 INDICATE-READY | ||
175 | 22 | #?XSERVER-0 ACCEPT-CONNECT | ||
176 | 23 | |||
177 | 24 | # Session authenticates | ||
178 | 25 | #?PAM-no-password1 START SERVICE=lightdm-autologin-alternative USER=no-password1 | ||
179 | 26 | #?PAM-no-password1 AUTHENTICATE | ||
180 | 27 | #?PAM-no-password1 ACCT-MGMT | ||
181 | 28 | #?PAM-no-password1 SETCRED ESTABLISH_CRED | ||
182 | 29 | #?PAM-no-password1 OPEN-SESSION | ||
183 | 30 | |||
184 | 31 | # Session starts | ||
185 | 32 | #?SESSION-X-0 START XDG_SEAT=seat0 XDG_VTNR=7 XDG_GREETER_DATA_DIR=.*/no-password1 XDG_SESSION_TYPE=x11 XDG_SESSION_DESKTOP=default USER=no-password1 | ||
186 | 33 | #?LOGIN1 ACTIVATE-SESSION SESSION=c0 | ||
187 | 34 | #?XSERVER-0 ACCEPT-CONNECT | ||
188 | 35 | #?SESSION-X-0 CONNECT-XSERVER | ||
189 | 36 | |||
190 | 37 | # Cleanup | ||
191 | 38 | #?*STOP-DAEMON | ||
192 | 39 | #?SESSION-X-0 TERMINATE SIGNAL=15 | ||
193 | 40 | #?PAM-no-password1 CLOSE-SESSION | ||
194 | 41 | #?PAM-no-password1 SETCRED DELETE_CRED | ||
195 | 42 | #?PAM-no-password1 END | ||
196 | 43 | #?XSERVER-0 TERMINATE SIGNAL=15 | ||
197 | 44 | #?RUNNER DAEMON-EXIT STATUS=0 | ||
198 | 0 | 45 | ||
199 | === added file 'tests/scripts/login-pam-config.conf' | |||
200 | --- tests/scripts/login-pam-config.conf 1970-01-01 00:00:00 +0000 | |||
201 | +++ tests/scripts/login-pam-config.conf 2014-07-27 23:39:55 +0000 | |||
202 | @@ -0,0 +1,70 @@ | |||
203 | 1 | # | ||
204 | 2 | # Check we can configure the PAM service for login | ||
205 | 3 | # | ||
206 | 4 | |||
207 | 5 | [SeatDefaults] | ||
208 | 6 | user-session=default | ||
209 | 7 | pam-service=lightdm-alternative | ||
210 | 8 | pam-greeter-service=lightdm-greeter-alternative | ||
211 | 9 | |||
212 | 10 | [test-pam] | ||
213 | 11 | log-events=true | ||
214 | 12 | |||
215 | 13 | #?*START-DAEMON | ||
216 | 14 | #?RUNNER DAEMON-START | ||
217 | 15 | |||
218 | 16 | # X server starts | ||
219 | 17 | #?XSERVER-0 START VT=7 SEAT=seat0 | ||
220 | 18 | |||
221 | 19 | # Daemon connects when X server is ready | ||
222 | 20 | #?*XSERVER-0 INDICATE-READY | ||
223 | 21 | #?XSERVER-0 INDICATE-READY | ||
224 | 22 | #?XSERVER-0 ACCEPT-CONNECT | ||
225 | 23 | |||
226 | 24 | # Create PAM session for greeter | ||
227 | 25 | #?PAM-lightdm START SERVICE=lightdm-greeter-alternative USER=lightdm | ||
228 | 26 | #?PAM-lightdm SETCRED ESTABLISH_CRED | ||
229 | 27 | #?PAM-lightdm OPEN-SESSION | ||
230 | 28 | |||
231 | 29 | # Greeter starts | ||
232 | 30 | #?GREETER-X-0 START XDG_SEAT=seat0 XDG_VTNR=7 XDG_SESSION_CLASS=greeter | ||
233 | 31 | #?LOGIN1 ACTIVATE-SESSION SESSION=c0 | ||
234 | 32 | #?XSERVER-0 ACCEPT-CONNECT | ||
235 | 33 | #?GREETER-X-0 CONNECT-XSERVER | ||
236 | 34 | #?GREETER-X-0 CONNECT-TO-DAEMON | ||
237 | 35 | #?GREETER-X-0 CONNECTED-TO-DAEMON | ||
238 | 36 | |||
239 | 37 | # Greeter does authentication via PAM | ||
240 | 38 | #?*GREETER-X-0 AUTHENTICATE USERNAME=have-password1 | ||
241 | 39 | #?PAM-have-password1 START SERVICE=lightdm-alternative USER=have-password1 | ||
242 | 40 | #?PAM-have-password1 AUTHENTICATE | ||
243 | 41 | #?GREETER-X-0 SHOW-PROMPT TEXT="Password:" | ||
244 | 42 | #?*GREETER-X-0 RESPOND TEXT="password" | ||
245 | 43 | #?PAM-have-password1 ACCT-MGMT | ||
246 | 44 | #?GREETER-X-0 AUTHENTICATION-COMPLETE USERNAME=have-password1 AUTHENTICATED=TRUE | ||
247 | 45 | |||
248 | 46 | # User session starts | ||
249 | 47 | #?*GREETER-X-0 START-SESSION | ||
250 | 48 | #?PAM-have-password1 SETCRED ESTABLISH_CRED | ||
251 | 49 | #?PAM-have-password1 OPEN-SESSION | ||
252 | 50 | |||
253 | 51 | # Greeter session stops | ||
254 | 52 | #?GREETER-X-0 TERMINATE SIGNAL=15 | ||
255 | 53 | #?PAM-lightdm CLOSE-SESSION | ||
256 | 54 | #?PAM-lightdm SETCRED DELETE_CRED | ||
257 | 55 | #?PAM-lightdm END | ||
258 | 56 | |||
259 | 57 | # Session starts | ||
260 | 58 | #?SESSION-X-0 START XDG_SEAT=seat0 XDG_VTNR=7 XDG_GREETER_DATA_DIR=.*/have-password1 XDG_SESSION_TYPE=x11 XDG_SESSION_DESKTOP=default USER=have-password1 | ||
261 | 59 | #?LOGIN1 ACTIVATE-SESSION SESSION=c1 | ||
262 | 60 | #?XSERVER-0 ACCEPT-CONNECT | ||
263 | 61 | #?SESSION-X-0 CONNECT-XSERVER | ||
264 | 62 | |||
265 | 63 | # Cleanup | ||
266 | 64 | #?*STOP-DAEMON | ||
267 | 65 | #?SESSION-X-0 TERMINATE SIGNAL=15 | ||
268 | 66 | #?PAM-have-password1 CLOSE-SESSION | ||
269 | 67 | #?PAM-have-password1 SETCRED DELETE_CRED | ||
270 | 68 | #?PAM-have-password1 END | ||
271 | 69 | #?XSERVER-0 TERMINATE SIGNAL=15 | ||
272 | 70 | #?RUNNER DAEMON-EXIT STATUS=0 | ||
273 | 0 | 71 | ||
274 | === added file 'tests/test-autologin-pam-config' | |||
275 | --- tests/test-autologin-pam-config 1970-01-01 00:00:00 +0000 | |||
276 | +++ tests/test-autologin-pam-config 2014-07-27 23:39:55 +0000 | |||
277 | @@ -0,0 +1,2 @@ | |||
278 | 1 | #!/bin/sh | ||
279 | 2 | ./src/dbus-env ./src/test-runner autologin-pam-config test-gobject-greeter | ||
280 | 0 | 3 | ||
281 | === added file 'tests/test-login-pam-config' | |||
282 | --- tests/test-login-pam-config 1970-01-01 00:00:00 +0000 | |||
283 | +++ tests/test-login-pam-config 2014-07-27 23:39:55 +0000 | |||
284 | @@ -0,0 +1,2 @@ | |||
285 | 1 | #!/bin/sh | ||
286 | 2 | ./src/dbus-env ./src/test-runner login-pam-config test-gobject-greeter |
Needs regression tests before landing