summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMart Raudsepp <leio@gentoo.org>2019-03-19 23:39:51 +0200
committerMart Raudsepp <leio@gentoo.org>2019-03-20 00:39:20 +0200
commit003b0f462810dfbeee0edda88243d19983dc3333 (patch)
treeefa3e6584d1a0ef204e3d26a4ff27ad0e54b5685 /gnome-base/gdm
parentdev-vcs/cvs-fast-export: bump up to 1.47 (diff)
downloadgentoo-003b0f462810dfbeee0edda88243d19983dc3333.tar.gz
gentoo-003b0f462810dfbeee0edda88243d19983dc3333.tar.bz2
gentoo-003b0f462810dfbeee0edda88243d19983dc3333.zip
gnome-base/gdm: add elogind support
Include a patch from 3.32 that removes long gone legacy argument to pam_systemd.so, as to make it uniform with the added elogind support (and not add that legacy arg there too) and be able to reuse the pam-elogind.patch bits for 3.32 without changes, just dropping the argument patch. The elogind support is achieved without configure.ac patches by making use of the standard PKG_CHECK_MODULES builtin AC_ARG_VAR provided variable override support and passing elogind values there as a drop-in replacement. So we don't need an eautoreconf and maintaing an autotools patch until upstream moves to meson. Initial VT is put back to 7 for elogind for the time being until there is more clarity what will happen with startDM.sh and how things interact with agetty out of the box (potential keyboard stealing, etc). Closes: https://bugs.gentoo.org/645348 Package-Manager: Portage-2.3.52, Repoman-2.3.12 Signed-off-by: Mart Raudsepp <leio@gentoo.org>
Diffstat (limited to 'gnome-base/gdm')
-rw-r--r--gnome-base/gdm/files/3.30.3-pam-drop-legacy-arg.patch29
-rw-r--r--gnome-base/gdm/files/pam-elogind.patch24
-rw-r--r--gnome-base/gdm/gdm-3.30.3-r1.ebuild222
-rw-r--r--gnome-base/gdm/metadata.xml1
4 files changed, 276 insertions, 0 deletions
diff --git a/gnome-base/gdm/files/3.30.3-pam-drop-legacy-arg.patch b/gnome-base/gdm/files/3.30.3-pam-drop-legacy-arg.patch
new file mode 100644
index 000000000000..8d82a284bf50
--- /dev/null
+++ b/gnome-base/gdm/files/3.30.3-pam-drop-legacy-arg.patch
@@ -0,0 +1,29 @@
+From a26ed5502622c22daa175861fa9d651a32131cf5 Mon Sep 17 00:00:00 2001
+From: Marc-Antoine Perennou <Marc-Antoine@Perennou.com>
+Date: Sat, 16 Feb 2019 08:47:45 +0100
+Subject: [PATCH 1/2] pam-exherbo: drop legacy pam_systemd argument
+
+kill-session-processes=1 is long gone
+
+Signed-off-by: Marc-Antoine Perennou <Marc-Antoine@Perennou.com>
+(cherry picked from commit 13e6666b1e1000d757ac5621a83105110f55e3e3)
+---
+ data/pam-exherbo/gdm-launch-environment.pam | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/data/pam-exherbo/gdm-launch-environment.pam b/data/pam-exherbo/gdm-launch-environment.pam
+index 8c13b3bc..51a8e003 100644
+--- a/data/pam-exherbo/gdm-launch-environment.pam
++++ b/data/pam-exherbo/gdm-launch-environment.pam
+@@ -8,7 +8,7 @@ auth required pam_permit.so
+
+ password required pam_deny.so
+
+--session optional pam_systemd.so kill-session-processes=1
++-session optional pam_systemd.so
+ session optional pam_keyinit.so force revoke
+ session required pam_succeed_if.so audit quiet_success user = gdm
+ session required pam_permit.so
+--
+2.17.0
+
diff --git a/gnome-base/gdm/files/pam-elogind.patch b/gnome-base/gdm/files/pam-elogind.patch
new file mode 100644
index 000000000000..e17bed395b54
--- /dev/null
+++ b/gnome-base/gdm/files/pam-elogind.patch
@@ -0,0 +1,24 @@
+From 96e605d6bd832a89f022872492a9c9cb1eb62f66 Mon Sep 17 00:00:00 2001
+From: Mart Raudsepp <leio@gentoo.org>
+Date: Tue, 19 Mar 2019 23:13:29 +0200
+Subject: [PATCH 2/2] pam-exherbo: Support elogind
+
+---
+ data/pam-exherbo/gdm-launch-environment.pam | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/data/pam-exherbo/gdm-launch-environment.pam b/data/pam-exherbo/gdm-launch-environment.pam
+index 51a8e003..c697a528 100644
+--- a/data/pam-exherbo/gdm-launch-environment.pam
++++ b/data/pam-exherbo/gdm-launch-environment.pam
+@@ -8,6 +8,7 @@ auth required pam_permit.so
+
+ password required pam_deny.so
+
++-session optional pam_elogind.so
+ -session optional pam_systemd.so
+ session optional pam_keyinit.so force revoke
+ session required pam_succeed_if.so audit quiet_success user = gdm
+--
+2.17.0
+
diff --git a/gnome-base/gdm/gdm-3.30.3-r1.ebuild b/gnome-base/gdm/gdm-3.30.3-r1.ebuild
new file mode 100644
index 000000000000..fe94fdcdbc45
--- /dev/null
+++ b/gnome-base/gdm/gdm-3.30.3-r1.ebuild
@@ -0,0 +1,222 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+GNOME2_LA_PUNT="yes"
+
+inherit eutils gnome2 pam readme.gentoo-r1 systemd udev user
+
+DESCRIPTION="GNOME Display Manager for managing graphical display servers and user logins"
+HOMEPAGE="https://wiki.gnome.org/Projects/GDM"
+
+SRC_URI="${SRC_URI}
+ branding? ( https://www.mail-archive.com/tango-artists@lists.freedesktop.org/msg00043/tango-gentoo-v1.1.tar.gz )
+"
+
+LICENSE="
+ GPL-2+
+ branding? ( CC-BY-SA-4.0 )
+"
+
+SLOT="0"
+
+IUSE="accessibility audit branding elogind fprint +introspection ipv6 plymouth selinux smartcard systemd tcpd test wayland xinerama"
+REQUIRED_USE="^^ ( elogind systemd )"
+
+KEYWORDS="~alpha ~amd64 ~arm ~ia64 ~ppc ~ppc64 ~sh ~x86"
+
+# NOTE: x11-base/xorg-server dep is for X_SERVER_PATH etc, bug #295686
+# nspr used by smartcard extension
+# dconf, dbus and g-s-d are needed at install time for dconf update
+# We need either systemd or >=openrc-0.12 to restart gdm properly, bug #463784
+COMMON_DEPEND="
+ app-text/iso-codes
+ >=dev-libs/glib-2.44:2
+ >=x11-libs/gtk+-2.91.1:3
+ >=gnome-base/dconf-0.20
+ >=gnome-base/gnome-settings-daemon-3.1.4
+ gnome-base/gsettings-desktop-schemas
+ >=media-libs/fontconfig-2.5.0:1.0
+ >=media-libs/libcanberra-0.4[gtk3]
+ sys-apps/dbus
+ >=sys-apps/accountsservice-0.6.35
+
+ x11-base/xorg-server
+ x11-libs/libXau
+ x11-libs/libX11
+ x11-libs/libXdmcp
+ x11-libs/libXext
+ x11-libs/libxcb
+ >=x11-misc/xdg-utils-1.0.2-r3
+
+ virtual/pam
+ elogind? ( >=sys-auth/elogind-239.3[pam] )
+ systemd? ( >=sys-apps/systemd-186:0=[pam] )
+
+ sys-auth/pambase[elogind?,systemd?]
+
+ audit? ( sys-process/audit )
+ introspection? ( >=dev-libs/gobject-introspection-0.9.12:= )
+ plymouth? ( sys-boot/plymouth )
+ selinux? ( sys-libs/libselinux )
+ tcpd? ( >=sys-apps/tcp-wrappers-7.6 )
+ xinerama? ( x11-libs/libXinerama )
+"
+# XXX: These deps are from session and desktop files in data/ directory
+# fprintd is used via dbus by gdm-fingerprint-extension
+# gnome-session-3.6 needed to avoid freezing with orca
+RDEPEND="${COMMON_DEPEND}
+ >=gnome-base/gnome-session-3.6
+ >=gnome-base/gnome-shell-3.1.90
+ x11-apps/xhost
+
+ accessibility? (
+ >=app-accessibility/orca-3.10
+ gnome-extra/mousetweaks )
+ fprint? (
+ sys-auth/fprintd
+ sys-auth/pam_fprint )
+
+ !gnome-extra/fast-user-switch-applet
+"
+DEPEND="${COMMON_DEPEND}
+ app-text/docbook-xml-dtd:4.1.2
+ dev-util/gdbus-codegen
+ dev-util/glib-utils
+ dev-util/itstool
+ >=sys-devel/gettext-0.19.8
+ virtual/pkgconfig
+ x11-base/xorg-proto
+ test? ( >=dev-libs/check-0.9.4 )
+"
+
+DOC_CONTENTS="
+ To make GDM start at boot with systemd, run:\n
+ # systemctl enable gdm.service\n
+ \n
+ To make GDM start at boot with OpenRC, edit /etc/conf.d to have
+ DISPLAYMANAGER=\"gdm\" and enable the xdm service:\n
+ # rc-update add xdm
+ \n
+ For passwordless login to unlock your keyring, you need to install
+ sys-auth/pambase with USE=gnome-keyring and set an empty password
+ on your keyring. Use app-crypt/seahorse for that.\n
+ \n
+ You may need to install app-crypt/coolkey and sys-auth/pam_pkcs11
+ for smartcard support
+"
+
+pkg_setup() {
+ enewgroup gdm
+ enewgroup video # Just in case it hasn't been created yet
+ enewuser gdm -1 -1 /var/lib/gdm gdm,video
+
+ # For compatibility with certain versions of nvidia-drivers, etc., need to
+ # ensure that gdm user is in the video group
+ if ! egetent group video | grep -q gdm; then
+ # FIXME XXX: is this at all portable, ldap-safe, etc.?
+ # XXX: egetent does not have a 1-argument form, so we can't use it to
+ # get the list of gdm's groups
+ local g=$(groups gdm)
+ elog "Adding user gdm to video group"
+ usermod -G video,${g// /,} gdm || die "Adding user gdm to video group failed"
+ fi
+}
+
+src_prepare() {
+ # ssh-agent handling must be done at xinitrc.d, bug #220603
+ eapply "${FILESDIR}/${PN}-2.32.0-xinitrc-ssh-agent.patch"
+
+ # Gentoo does not have a fingerprint-auth pam stack
+ eapply "${FILESDIR}/${PN}-3.8.4-fingerprint-auth.patch"
+
+ # Drop legacy argument to pam_systemd.so, included in 3.32
+ eapply "${FILESDIR}/${PV}-pam-drop-legacy-arg.patch"
+ # Support pam_elogind.so in gdm-launch-environment.pam
+ eapply "${FILESDIR}/pam-elogind.patch"
+
+ # Show logo when branding is enabled
+ use branding && eapply "${FILESDIR}/${PN}-3.30.3-logo.patch"
+
+ gnome2_src_prepare
+}
+
+src_configure() {
+ # PAM is the only auth scheme supported
+ # even though configure lists shadow and crypt
+ # they don't have any corresponding code.
+ # --with-at-spi-registryd-directory= needs to be passed explicitly because
+ # of https://bugzilla.gnome.org/show_bug.cgi?id=607643#c4
+ # Xevie is obsolete, bug #482304
+
+ # --with-initial-vt=7 conflicts with plymouth, bug #453392
+ # gdm-3.30 now reaps (stops) the login screen when the login VT isn't active, which
+ # saves on memory. However this means if we don't start on VT1, gdm doesn't start up
+ # before user manually goes to VT7. Thus as-is we can not keep gdm away from VT1,
+ # so lets try always having it in VT1 and see if that is an issue for people before
+ # hacking up workarounds for the initial start case.
+ # ! use plymouth && myconf="${myconf} --with-initial-vt=7"
+ local myconf=(
+ --enable-gdm-xsession
+ --enable-user-display-server
+ --with-run-dir=/run/gdm
+ --localstatedir="${EPREFIX}"/var
+ --disable-static
+ --with-xdmcp=yes
+ --enable-authentication-scheme=pam
+ --with-default-pam-config=exherbo
+ --with-pam-mod-dir=$(getpam_mod_dir)
+ --with-udevdir=$(get_udevdir)
+ --with-at-spi-registryd-directory="${EPREFIX}"/usr/libexec
+ --without-xevie
+ $(use_enable systemd systemd-journal)
+ --with-systemdsystemunitdir="$(systemd_get_systemunitdir)"
+ $(use_with audit libaudit)
+ $(use_enable ipv6)
+ $(use_with plymouth)
+ $(use_with selinux)
+ $(use_with tcpd tcp-wrappers)
+ $(use_enable wayland wayland-support)
+ $(use_with xinerama)
+ )
+
+ if use elogind; then
+ myconf+=(
+ --with-initial-vt=7 # TODO: Revisit together with startDM.sh and other xinit talks; also ignores plymouth possibility
+ SYSTEMD_CFLAGS=`pkg-config --cflags "libelogind" 2>/dev/null`
+ SYSTEMD_LIBS=`pkg-config --libs "libelogind" 2>/dev/null`
+ )
+ fi
+
+ gnome2_src_configure "${myconf[@]}"
+}
+
+src_install() {
+ gnome2_src_install
+
+ if ! use accessibility ; then
+ rm "${ED}"/usr/share/gdm/greeter/autostart/orca-autostart.desktop || die
+ fi
+
+ exeinto /etc/X11/xinit/xinitrc.d
+ newexe "${FILESDIR}/49-keychain-r1" 49-keychain
+ newexe "${FILESDIR}/50-ssh-agent-r1" 50-ssh-agent
+
+ # gdm user's home directory
+ keepdir /var/lib/gdm
+ fowners gdm:gdm /var/lib/gdm
+
+ # install XDG_DATA_DIRS gdm changes
+ echo 'XDG_DATA_DIRS="/usr/share/gdm"' > 99xdg-gdm
+ doenvd 99xdg-gdm
+
+ use branding && newicon "${WORKDIR}/tango-gentoo-v1.1/scalable/gentoo.svg" gentoo-gdm.svg
+
+ readme.gentoo_create_doc
+}
+
+pkg_postinst() {
+ gnome2_pkg_postinst
+ systemd_reenable gdm.service
+ readme.gentoo_print_elog
+}
diff --git a/gnome-base/gdm/metadata.xml b/gnome-base/gdm/metadata.xml
index 747420ed8b55..ac51d07ebe21 100644
--- a/gnome-base/gdm/metadata.xml
+++ b/gnome-base/gdm/metadata.xml
@@ -6,6 +6,7 @@
<name>Gentoo GNOME Desktop</name>
</maintainer>
<use>
+ <flag name="elogind">Use <pkg>sys-auth/elogind</pkg> for session management</flag>
<flag name="fprint">Enables experimental fingerprint authentication using
<pkg>sys-auth/fprintd</pkg></flag>
<flag name="plymouth">Enable support for smooth transition from