packages/gdm
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!32 Upgrade to 3.38.2

Browse Source 
From: @weijin-deng
Reviewed-by: @dwl301
Signed-off-by: @dwl301
This commit is contained in:
openeuler-ci-bot 2021-05-24 19:08:59 +08:00 committed by Gitee
commit 6e8725ddb2
10 changed files with 53 additions and 569 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
9000-add-openeuler-pam-config.patch
View File

@ -1,11 +0,0 @@
diff -ru gdm-3.30.1-origin/configure.ac gdm-3.30.1/configure.ac
--- gdm-3.30.1-origin/configure.ac 2019-12-17 15:33:13.656357443 +0800
+++ gdm-3.30.1/configure.ac 2019-12-17 17:19:34.848463487 +0800
@@ -200,6 +200,7 @@
AS_HELP_STRING([--with-default-pam-config: One of redhat, openembedded, exherbo, lfs, arch, none @<:@default=auto@:>@]))
dnl If not given, try autodetecting from release files (see NetworkManager source)
if test x$with_default_pam_config = x; then
+ AC_CHECK_FILE(/etc/openEuler-release,with_default_pam_config="redhat")
AC_CHECK_FILE(/etc/redhat-release,with_default_pam_config="redhat")
AC_CHECK_FILE(/etc/fedora-release,with_default_pam_config="redhat")
AC_CHECK_FILE(/etc/exherbo-release,with_default_pam_config="exherbo")

33
CVE-2019-3825-1.patch
View File

@ -1,33 +0,0 @@
From 7726c81db92d2339fc468ed41c967f5412db66ed Mon Sep 17 00:00:00 2001
From: Ray Strode <rstrode@redhat.com>
Date: Wed, 6 Feb 2019 16:14:52 -0500
Subject: [PATCH] manager: don't kill timed login session immediately after it
starts
At the moment GDM is misidentifying timed login sessions as if
they are automatic login sessions. That leads to their displays
getting killed sometimes shortly after log in.
This commit corrects the check, so that timed login sessions aren't
treated as autologin sessions.
---
daemon/gdm-manager.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/daemon/gdm-manager.c b/daemon/gdm-manager.c
index 4d2ad9dec..dbf64473a 100644
--- a/daemon/gdm-manager.c
+++ b/daemon/gdm-manager.c
@@ -1683,7 +1683,8 @@ on_start_user_session (StartUserSessionOperation *operation)
session_id);
- if (g_strcmp0 (operation->service_name, "gdm-autologin") == 0) {
+ if (g_strcmp0 (operation->service_name, "gdm-autologin") == 0 &&
+ !gdm_session_client_is_connected (operation->session)) {
/* remove the unused prepared greeter display since we're not going
* to have a greeter */
gdm_display_store_remove (self->priv->display_store, display);
--
GitLab

226
CVE-2019-3825-2.patch
View File

@ -1,226 +0,0 @@
From d9d22a1c48a528873e3cc84a73fc868507b8dd4d Mon Sep 17 00:00:00 2001
From: Iain Lane <iainl@gnome.org>
Date: Thu, 31 Jan 2019 10:52:35 +0000
Subject: [PATCH] manager,session: Add some debugging around starting
reauthentication
There's a bug right now dealing with timed login and reauthentication,
but it's not clear what's going on by looking at the logs.
This commit sprinkles some more logging throughout the code, to make
the bug easier to track.
---
daemon/gdm-manager.c | 46 ++++++++++++++++++++++++++++++++++++++------
daemon/gdm-session.c | 25 ++++++++++++++++++++----
2 files changed, 61 insertions(+), 10 deletions(-)
diff --git a/daemon/gdm-manager.c b/daemon/gdm-manager.c
index dbf64473a..1e5719558 100644
--- a/daemon/gdm-manager.c
+++ b/daemon/gdm-manager.c
@@ -335,23 +335,40 @@ find_session_for_user_on_seat (GdmManager *manager,
for (node = manager->priv->user_sessions; node != NULL; node = node->next) {
GdmSession *candidate_session = node->data;
- const char *candidate_username, *candidate_seat_id;
+ const char *candidate_username, *candidate_seat_id, *candidate_session_id;
- if (candidate_session == dont_count_session)
+ candidate_session_id = gdm_session_get_session_id (candidate_session);
+
+ if (candidate_session == dont_count_session) {
+ g_debug ("GdmSession: Ignoring session %s as requested",
+ candidate_session_id);
continue;
+ }
- if (!gdm_session_is_running (candidate_session))
+ if (!gdm_session_is_running (candidate_session)) {
+ g_debug ("GdmSession: Ignoring session %s as it isn't running",
+ candidate_session_id);
continue;
+ }
candidate_username = gdm_session_get_username (candidate_session);
candidate_seat_id = gdm_session_get_display_seat_id (candidate_session);
+ g_debug ("GdmManager: Considering session %s on seat %s belonging to user %s",
+ candidate_session_id,
+ candidate_seat_id,
+ candidate_username);
+
if (g_strcmp0 (candidate_username, username) == 0 &&
g_strcmp0 (candidate_seat_id, seat_id) == 0) {
+ g_debug ("GdmManager: yes, found session %s", candidate_session_id);
return candidate_session;
}
+
+ g_debug ("GdmManager: no, will not use session %s", candidate_session_id);
}
+ g_debug ("GdmManager: no matching sessions found");
return NULL;
}
@@ -835,8 +852,12 @@ gdm_manager_handle_open_session (GdmDBusManager *manager,
#endif
if (session == NULL) {
session = get_user_session_for_display (display);
+ g_debug ("GdmSession: Considering session %s for username %s",
+ gdm_session_get_session_id (session),
+ gdm_session_get_username (session));
if (gdm_session_is_running (session)) {
+ g_debug ("GdmSession: the session is running, and therefore can't be used");
g_dbus_method_invocation_return_error_literal (invocation,
G_DBUS_ERROR,
G_DBUS_ERROR_ACCESS_DENIED,
@@ -1012,6 +1033,10 @@ open_temporary_reauthentication_channel (GdmManager *self,
environment);
g_strfreev (environment);
+ g_debug ("GdmSession: Created session for temporary reauthentication channel for user %d (seat %s)",
+ (int) uid,
+ seat_id);
+
g_object_set_data_full (G_OBJECT (session),
"caller-session-id",
g_strdup (session_id),
@@ -1091,11 +1116,13 @@ gdm_manager_handle_open_reauthentication_channel (GdmDBusManager *manager
}
if (is_login_screen) {
+ g_debug ("GdmManager: looking for login screen session for user %s on seat %s", username, seat_id);
session = find_session_for_user_on_seat (self,
username,
seat_id,
NULL);
} else {
+ g_debug ("GdmManager: looking for user session on display");
session = get_user_session_for_display (display);
}
@@ -1918,7 +1945,7 @@ on_session_client_connected (GdmSession *session,
gboolean enabled;
gboolean allow_timed_login = FALSE;
- g_debug ("GdmManager: client connected");
+ g_debug ("GdmManager: client with pid %d connected", (int) pid_of_client);
display = get_display_for_user_session (session);
@@ -1964,7 +1991,7 @@ on_session_client_disconnected (GdmSession *session,
GPid pid_of_client,
GdmManager *manager)
{
- g_debug ("GdmManager: client disconnected");
+ g_debug ("GdmManager: client with pid %d disconnected", (int) pid_of_client);
}
typedef struct
@@ -2031,9 +2058,10 @@ on_session_conversation_started (GdmSession *session,
gboolean enabled;
char *username;
- g_debug ("GdmManager: session conversation started for service %s", service_name);
+ g_debug ("GdmManager: session conversation started for service %s on session", service_name);
if (g_strcmp0 (service_name, "gdm-autologin") != 0) {
+ g_debug ("GdmManager: ignoring session conversation since its not automatic login conversation");
return;
}
@@ -2143,6 +2171,12 @@ create_user_session_for_display (GdmManager *manager,
display_auth_file,
display_is_local,
NULL);
+
+ g_debug ("GdmSession: Created user session for user %d on display %s (seat %s)",
+ (int) allowed_user,
+ display_id,
+ display_seat_id);
+
g_free (display_name);
g_free (remote_hostname);
g_free (display_auth_file);
diff --git a/daemon/gdm-session.c b/daemon/gdm-session.c
index 04f879a7a..09f471086 100644
--- a/daemon/gdm-session.c
+++ b/daemon/gdm-session.c
@@ -654,7 +654,10 @@ gdm_session_select_user (GdmSession *self,
const char *text)
{
- g_debug ("GdmSession: Setting user: '%s'", text);
+ g_debug ("GdmSession: selecting user '%s' for session '%s' (%p)",
+ text,
+ gdm_session_get_session_id (self),
+ self);
g_free (self->priv->selected_user);
self->priv->selected_user = g_strdup (text);
@@ -1429,6 +1432,7 @@ gdm_session_handle_client_select_user (GdmDBusGreeter *greeter_interface,
gdm_dbus_greeter_complete_select_user (greeter_interface,
invocation);
}
+ g_debug ("GdmSession: client selected user '%s' on session (%p)", username, self);
gdm_session_select_user (self, username);
return TRUE;
}
@@ -1485,7 +1489,10 @@ gdm_session_handle_client_begin_auto_login (GdmDBusGreeter *greeter_inter
invocation);
}
- g_debug ("GdmSession: begin auto login for user '%s'", username);
+ g_debug ("GdmSession: client requesting automatic login for user '%s' on session '%s' (%p)",
+ username,
+ gdm_session_get_session_id (self),
+ self);
gdm_session_setup_for_user (self, "gdm-autologin", username);
@@ -1788,7 +1795,9 @@ setup_outside_server (GdmSession *self)
GDBusServer *server;
GError *error = NULL;
- g_debug ("GdmSession: Creating D-Bus server for greeters and such");
+ g_debug ("GdmSession: Creating D-Bus server for greeters and such for session %s (%p)",
+ gdm_session_get_session_id (self),
+ self);
observer = g_dbus_auth_observer_new ();
g_signal_connect_object (observer,
@@ -2172,7 +2181,7 @@ gdm_session_start_conversation (GdmSession *self,
conversation->job = NULL;
}
- g_debug ("GdmSession: starting conversation %s", service_name);
+ g_debug ("GdmSession: starting conversation %s for session (%p)", service_name, self);
conversation = start_conversation (self, service_name);
@@ -2331,6 +2340,10 @@ gdm_session_setup_for_user (GdmSession *self,
update_session_type (self);
+ g_debug ("GdmSession: Set up service %s for username %s on session (%p)",
+ service_name,
+ username,
+ self);
gdm_session_select_user (self, username);
self->priv->is_program_session = FALSE;
@@ -2961,6 +2974,10 @@ gdm_session_start_reauthentication (GdmSession *session,
g_return_if_fail (conversation != NULL);
+ g_debug ("GdmSession: starting reauthentication for session %s for client with pid %d",
+ conversation->session_id,
+ (int) uid_of_caller);
+
conversation->reauth_pid_of_caller = pid_of_caller;
gdm_dbus_worker_call_start_reauthentication (conversation->worker_proxy,
--
GitLab

130
CVE-2019-3825-3.patch
View File

@ -1,130 +0,0 @@
From 94d9fec87960e3ff5f7b75dadcde2807db148fbd Mon Sep 17 00:00:00 2001
From: Iain Lane <iainl@gnome.org>
Date: Thu, 31 Jan 2019 17:51:52 +0000
Subject: [PATCH] session: Don't allow greeter operations on an running session
If a client has a reference to a session that starts running,
refuse to allow further operations on the session.
CVE-2019-3825
---
daemon/gdm-session.c | 75 ++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 75 insertions(+)
diff --git a/daemon/gdm-session.c b/daemon/gdm-session.c
index 09f471086..ca06608c4 100644
--- a/daemon/gdm-session.c
+++ b/daemon/gdm-session.c
@@ -1414,6 +1414,21 @@ gdm_session_handle_client_select_session (GdmDBusGreeter *greeter_interf
const char *session,
GdmSession *self)
{
+ if (gdm_session_is_running (self)) {
+ const char *username;
+
+ username = gdm_session_get_username (self);
+ g_debug ("GdmSession: refusing to select session %s since it's already running (for user %s)",
+ session,
+ username);
+ g_dbus_method_invocation_return_error (invocation,
+ G_DBUS_ERROR,
+ G_DBUS_ERROR_INVALID_ARGS,
+ "Session already running for user %s",
+ username);
+ return TRUE;
+ }
+
if (self->priv->greeter_interface != NULL) {
gdm_dbus_greeter_complete_select_session (greeter_interface,
invocation);
@@ -1428,6 +1443,22 @@ gdm_session_handle_client_select_user (GdmDBusGreeter *greeter_interface,
const char *username,
GdmSession *self)
{
+ if (gdm_session_is_running (self)) {
+ const char *session_username;
+
+ session_username = gdm_session_get_username (self);
+ g_debug ("GdmSession: refusing to select user %s, since session (%p) already running (for user %s)",
+ username,
+ self,
+ session_username);
+ g_dbus_method_invocation_return_error (invocation,
+ G_DBUS_ERROR,
+ G_DBUS_ERROR_INVALID_ARGS,
+ "Session already running for user %s",
+ session_username);
+ return TRUE;
+ }
+
if (self->priv->greeter_interface != NULL) {
gdm_dbus_greeter_complete_select_user (greeter_interface,
invocation);
@@ -1444,6 +1475,20 @@ gdm_session_handle_client_start_session_when_ready (GdmDBusGreeter *greet
gboolean client_is_ready,
GdmSession *self)
{
+ if (gdm_session_is_running (self)) {
+ const char *username;
+
+ username = gdm_session_get_username (self);
+ g_debug ("GdmSession: refusing to start session (%p), since it's already running (for user %s)",
+ self,
+ username);
+ g_dbus_method_invocation_return_error (invocation,
+ G_DBUS_ERROR,
+ G_DBUS_ERROR_INVALID_ARGS,
+ "Session already running for user %s",
+ username);
+ return TRUE;
+ }
if (self->priv->greeter_interface != NULL) {
gdm_dbus_greeter_complete_start_session_when_ready (greeter_interface,
@@ -1462,6 +1507,20 @@ gdm_session_handle_get_timed_login_details (GdmDBusGreeter *greeter_inter
GDBusMethodInvocation *invocation,
GdmSession *self)
{
+ if (gdm_session_is_running (self)) {
+ const char *username;
+
+ username = gdm_session_get_username (self);
+ g_debug ("GdmSession: refusing to give timed login details, session (%p) already running (for user %s)",
+ self,
+ username);
+ g_dbus_method_invocation_return_error (invocation,
+ G_DBUS_ERROR,
+ G_DBUS_ERROR_INVALID_ARGS,
+ "Session already running for user %s",
+ username);
+ return TRUE;
+ }
if (self->priv->greeter_interface != NULL) {
gdm_dbus_greeter_complete_get_timed_login_details (greeter_interface,
@@ -1484,6 +1543,22 @@ gdm_session_handle_client_begin_auto_login (GdmDBusGreeter *greeter_inter
const char *username,
GdmSession *self)
{
+ const char *session_username;
+
+ if (gdm_session_is_running (self)) {
+ session_username = gdm_session_get_username (self);
+ g_debug ("GdmSession: refusing auto login operation, session (%p) already running for user %s (%s requested)",
+ self,
+ session_username,
+ username);
+ g_dbus_method_invocation_return_error (invocation,
+ G_DBUS_ERROR,
+ G_DBUS_ERROR_INVALID_ARGS,
+ "Session already owned by user %s",
+ session_username);
+ return TRUE;
+ }
+
if (self->priv->greeter_interface != NULL) {
gdm_dbus_greeter_complete_begin_auto_login (greeter_interface,
invocation);
--
GitLab

50
CVE-2019-3825-4.patch
View File

@ -1,50 +0,0 @@
From dd45295425c5a843c30aa8797b02d59ff488acb8 Mon Sep 17 00:00:00 2001
From: Iain Lane <iainl@gnome.org>
Date: Mon, 4 Feb 2019 15:12:38 +0000
Subject: [PATCH] GdmManager: Don't perform timed login if session gets started
At the moment it's possible for the login screen to initiate
a timed login operation shortly after a user successfully starts
their session.
GDM won't complete the timed login operation, since a session is
already running, but will erroneously overwrite the username
associated with the session, misattributing the users session
to the timed login user.
Later, attempts to log in as the timed user will instead unlock the
session for the other user, since that session is now associated
with the timed login user.
This commit refuses timed login requests on sessions that are
already running, so the username doesn't get corrupted.
CVE-2019-3825
Closes https://gitlab.gnome.org/GNOME/gdm/issues/460
---
daemon/gdm-manager.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/daemon/gdm-manager.c b/daemon/gdm-manager.c
index 1e5719558..b8619fbba 100644
--- a/daemon/gdm-manager.c
+++ b/daemon/gdm-manager.c
@@ -1947,6 +1947,14 @@ on_session_client_connected (GdmSession *session,
g_debug ("GdmManager: client with pid %d connected", (int) pid_of_client);
+ if (gdm_session_is_running (session)) {
+ const char *session_username;
+ session_username = gdm_session_get_username (session);
+ g_debug ("GdmManager: ignoring connection, since session already running (for user %s)",
+ session_username);
+ return;
+ }
+
display = get_display_for_user_session (session);
if (display == NULL) {
--
GitLab

58
display-Use-autoptr-to-handle-errors-in-look-for-exi.patch
View File

@ -1,58 +0,0 @@
From 4e6e5335d29c039bed820c43bfd1c19cb62539ff Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= <mail@3v1n0.net>
Date: Tue, 27 Oct 2020 15:38:28 +0100
Subject: [PATCH] display: Use autoptr to handle errors in look for existing
users
It will make things just cleaner
---
daemon/gdm-display.c | 15 ++++++---------
1 file changed, 6 insertions(+), 9 deletions(-)
diff --git a/daemon/gdm-display.c b/daemon/gdm-display.c
index 5e193f2..a65cbf1 100644
--- a/daemon/gdm-display.c
+++ b/daemon/gdm-display.c
@@ -539,9 +539,9 @@ gdm_display_real_prepare (GdmDisplay *self)
static void
look_for_existing_users_sync (GdmDisplay *self)
{
- GError *error = NULL;
- GVariant *call_result;
- GVariant *user_list;
+ g_autoptr(GError) error = NULL;
+ g_autoptr(GVariant) call_result = NULL;
+ g_autoptr(GVariant) user_list = NULL;
self->priv->accountsservice_proxy = g_dbus_proxy_new_sync (self->priv->connection,
0, NULL,
@@ -553,7 +553,7 @@ look_for_existing_users_sync (GdmDisplay *self)
if (!self->priv->accountsservice_proxy) {
g_warning ("Failed to contact accountsservice: %s", error->message);
- goto out;
+ return FALSE;
}
call_result = g_dbus_proxy_call_sync (self->priv->accountsservice_proxy,
@@ -566,15 +566,12 @@ look_for_existing_users_sync (GdmDisplay *self)
if (!call_result) {
g_warning ("Failed to list cached users: %s", error->message);
- goto out;
+ return FALSE;
}
g_variant_get (call_result, "(@ao)", &user_list);
self->priv->have_existing_user_accounts = g_variant_n_children (user_list) > 0;
- g_variant_unref (user_list);
- g_variant_unref (call_result);
-out:
- g_clear_error (&error);
+ return TRUE;
}
gboolean
--
1.8.3.1

BIN
gdm-3.30.1.tar.xz
View File

Binary file not shown.

BIN
gdm-3.38.2.1.tar.xz Normal file
View File

Binary file not shown.

24
gdm-should-recover-automatically.patch
View File

@ -1,24 +0,0 @@
From 10f8add3b6f75113676812ef52e32823f91afb44 Mon Sep 17 00:00:00 2001
From: si-gui <245140120@qq.com>
Date: Fri, 18 Dec 2020 15:18:09 +0800
Subject: [PATCH] gdm should recover automatically
---
data/gdm.service.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/data/gdm.service.in b/data/gdm.service.in
index 72201c1..d2892b8 100644
--- a/data/gdm.service.in
+++ b/data/gdm.service.in
@@ -20,6 +20,7 @@ After=rc-local.service plymouth-start.service systemd-user-sessions.service
OnFailure=plymouth-quit.service
[Service]
+ExecStartPre=/bin/sh -c "systemctl stop session-c*.scope"
ExecStart=@sbindir@/gdm
KillMode=mixed
Restart=always
--
2.23.0

90
gdm.spec
View File

@ -1,28 +1,21 @@
Name: gdm Name: gdm
Epoch: 1 Epoch: 1
Version: 3.30.1 Version: 3.38.2.1
Release: 10 Release: 1
Summary: A graphical display manager Summary: A graphical display manager
License: GPLv2+ License: GPLv2+
URL: https://wiki.gnome.org/Projects/GDM URL: https://wiki.gnome.org/Projects/GDM
Source0: http://download.gnome.org/sources/gdm/3.30/gdm-%{version}.tar.xz Source0: http://download.gnome.org/sources/gdm/3.38/gdm-%{version}.tar.xz
Patch0: 9000-add-openeuler-pam-config.patch
Patch1: display-Use-autoptr-to-handle-errors-in-look-for-exi.patch
Patch2: gdm-should-recover-automatically.patch
Patch3: CVE-2019-3825-1.patch
Patch4: CVE-2019-3825-2.patch
Patch5: CVE-2019-3825-3.patch
Patch6: CVE-2019-3825-4.patch
BuildRequires: pam-devel >= 0:0.99.8.1-11 desktop-file-utils >= 0.2.90 BuildRequires: pam-devel >= 0:0.99.8.1-11 desktop-file-utils >= 0.2.90
BuildRequires: libtool automake autoconf libattr-devel gettext-devel libdmx-devel BuildRequires: libtool automake autoconf libattr-devel gettext-devel libdmx-devel
BuildRequires: audit-libs-devel >= 1.0.6 xorg-x11-server-Xorg nss-devel >= 3.11.1 BuildRequires: audit-devel >= 1.0.6 xorg-x11-server-Xorg nss-devel >= 3.11.1
BuildRequires: pkgconfig(accountsservice) >= 0.6.3 pkgconfig(check) BuildRequires: pkgconfig(accountsservice) >= 0.6.3 pkgconfig(check)
BuildRequires: pkgconfig(gobject-introspection-1.0) pkgconfig(gtk+-3.0) >= 2.99.2 BuildRequires: pkgconfig(gobject-introspection-1.0) pkgconfig(gtk+-3.0) >= 2.99.2
BuildRequires: pkgconfig(iso-codes) pkgconfig(libcanberra-gtk3) pkgconfig(libselinux) BuildRequires: pkgconfig(iso-codes) pkgconfig(libcanberra-gtk3) pkgconfig(libselinux)
BuildRequires: pkgconfig(libsystemd) pkgconfig(ply-boot-client) pkgconfig(systemd) BuildRequires: pkgconfig(libsystemd) pkgconfig(ply-boot-client) pkgconfig(systemd)
BuildRequires: pkgconfig(x11) pkgconfig(xau) pkgconfig(xorg-server) libXdmcp-devel BuildRequires: pkgconfig(x11) pkgconfig(xau) pkgconfig(xorg-server) libXdmcp-devel
BuildRequires: systemd keyutils-libs-devel dconf BuildRequires: systemd keyutils-libs-devel dconf meson itstool
Requires(pre): shadow-utils Requires(pre): shadow-utils
Requires(post): systemd Requires(post): systemd
@ -60,19 +53,17 @@ The gdm-devel package contains header files and others for building
applications that use GDM. applications that use GDM.
%prep %prep
%autosetup -n %{name}-%{version} -p1 %autosetup -n %{name}-%{version}
autoreconf -if
%build %build
%configure --with-pam-prefix=%{_sysconfdir} --with-run-dir=/run/gdm \ %meson -Dpam-prefix=%{_sysconfdir} \
--with-default-path=/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin \ -Drun-dir=/run/gdm \
--enable-split-authentication --enable-profiling --enable-console-helper \ -Dudev-dir=%{_udevrulesdir} \
--with-selinux -Ddefault-path=/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin \
-Dprofiling=true \
sed -i -e 's/ -shared / -Wl,-O1,--as-needed\0 /g' libtool -Dplymouth=enabled \
sed -i -e 's/ if test "$export_dynamic" = yes && test -n "$export_dynamic_flag_spec"; then/ func_append compile_command " -Wl,-O1,--as-needed"\n func_append finalize_command " -Wl,-O1,--as-needed"\n\0/' libtool -Dselinux=enabled
%meson_build
%make_build
%install %install
install -d %{buildroot}%{_sysconfdir}/gdm/Init install -d %{buildroot}%{_sysconfdir}/gdm/Init
@ -82,7 +73,7 @@ install -d %{buildroot}/var/log/gdm
install -d %{buildroot}%{_datadir}/gdm/autostart/LoginWindow install -d %{buildroot}%{_datadir}/gdm/autostart/LoginWindow
install -d %{buildroot}/run/gdm install -d %{buildroot}/run/gdm
%make_install %meson_install
(cd %{buildroot}%{_sysconfdir}/gdm; ln -sf ../X11/xinit/Xsession .) (cd %{buildroot}%{_sysconfdir}/gdm; ln -sf ../X11/xinit/Xsession .)
@ -106,11 +97,38 @@ if [ $1 -ge 2 ] ; then
fi fi
if [ -n "$oldconffile" ]; then if [ -n "$oldconffile" ]; then
sed -e 's@^Greeter=/usr/bin/gdmlogin@Greeter=/usr/libexec/gdmlogin@' $oldconffile > $newconffile sed \
sed -e 's@^RemoteGreeter=/usr/bin/gdmgreeter@RemoteGreeter=/usr/libexec/gdmgreeter@' $oldconffile >> $newconffile -e 's@^command=/usr/X11R6/bin/X@#command=/usr/bin/Xorg@' \
-e 's@^Xnest=/usr/X11R6/bin/Xnest@#Xnest=/usr/X11R6/bin/Xnest@' \
-e 's@^BaseXsession=/etc/X11/xdm/Xsession@#BaseXsession=/etc/X11/xinit/Xsession@' \
-e 's@^BaseXsession=/etc/X11/gdm/Xsession@#&@' \
-e 's@^BaseXsession=/etc/gdm/Xsession@#&@' \
-e 's@^Greeter=/usr/bin/gdmgreeter@#Greeter=/usr/libexec/gdmgreeter@' \
-e 's@^RemoteGreeter=/usr/bin/gdmlogin@#RemoteGreeter=/usr/libexec/gdmlogin@' \
-e 's@^GraphicalTheme=Bluecurve@#&@' \
-e 's@^BackgroundColor=#20305a@#&@' \
-e 's@^DefaultPath=/usr/local/bin:/usr/bin:/bin:/usr/X11R6/bin@#&@' \
-e 's@^RootPath=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin@#&@' \
-e 's@^HostImageDir=/usr/share/hosts/@#HostImageDir=/usr/share/pixmaps/faces/@' \
-e 's@^LogDir=/var/log/gdm@#&@' \
-e 's@^PostLoginScriptDir=/etc/X11/gdm/PostLogin@#&@' \
-e 's@^PreLoginScriptDir=/etc/X11/gdm/PreLogin@#&@' \
-e 's@^PreSessionScriptDir=/etc/X11/gdm/PreSession@#&@' \
-e 's@^PostSessionScriptDir=/etc/X11/gdm/PostSession@#&@' \
-e 's@^DisplayInitDir=/var/run/gdm.pid@#&@' \
-e 's@^RebootCommand=/sbin/reboot;/sbin/shutdown -r now;/usr/sbin/shutdown -r now;/usr/bin/reboot@#&@' \
-e 's@^HaltCommand=/sbin/poweroff;/sbin/shutdown -h now;/usr/sbin/shutdown -h now;/usr/bin/poweroff@#&@' \
-e 's@^ServAuthDir=/var/gdm@#&@' \
-e 's@^Greeter=/usr/bin/gdmlogin@Greeter=/usr/libexec/gdmlogin@' \
-e 's@^RemoteGreeter=/usr/bin/gdmgreeter@RemoteGreeter=/usr/libexec/gdmgreeter@' \
$oldconffile > $newconffile
fi fi
fi fi
if [ $1 -ge 2 -a -f $newconffile ] && grep -q /etc/X11/gdm $custom ; then
sed -i -e 's@/etc/X11/gdm@/etc/gdm@g' $custom
fi
if [ -f "$newconffile" ]; then if [ -f "$newconffile" ]; then
sed -ie 's@^#WaylandEnable=false@WaylandEnable=false@' $newconffile sed -ie 's@^#WaylandEnable=false@WaylandEnable=false@' $newconffile
fi fi
@ -131,13 +149,6 @@ fi
%config %{_sysconfdir}/gdm/PreSession/* %config %{_sysconfdir}/gdm/PreSession/*
%config %{_sysconfdir}/gdm/PostSession/* %config %{_sysconfdir}/gdm/PostSession/*
%{_sysconfdir}/gdm/Xsession %{_sysconfdir}/gdm/Xsession
%config %{_sysconfdir}/pam.d/gdm-autologin
%config %{_sysconfdir}/pam.d/gdm-password
%config %{_sysconfdir}/pam.d/gdm-pin
%config %{_sysconfdir}/pam.d/gdm-smartcard
%config %{_sysconfdir}/pam.d/gdm-fingerprint
%exclude %{_sysconfdir}/pam.d/gdm
%{_sysconfdir}/pam.d/gdm-launch-environment
%{_sysconfdir}/dbus-1/system.d/gdm.conf %{_sysconfdir}/dbus-1/system.d/gdm.conf
%{_datadir}/gdm/gdm.schemas %{_datadir}/gdm/gdm.schemas
%{_datadir}/gdm/greeter-dconf-defaults %{_datadir}/gdm/greeter-dconf-defaults
@ -145,11 +156,9 @@ fi
%{_datadir}/gdm/gdb-cmd %{_datadir}/gdm/gdb-cmd
%{_datadir}/gdm/greeter/applications/* %{_datadir}/gdm/greeter/applications/*
%{_datadir}/gdm/greeter/autostart/* %{_datadir}/gdm/greeter/autostart/*
%{_datadir}/pixmaps/*.png
%{_datadir}/glib-2.0/schemas/* %{_datadir}/glib-2.0/schemas/*
%{_datadir}/dconf/profile/gdm %{_datadir}/dconf/profile/gdm
%{_datadir}/gnome-session/sessions/gnome-login.session %{_datadir}/gnome-session/sessions/gnome-login.session
%{_datadir}/icons/hicolor/*/*/*.png
%{_libexecdir}/* %{_libexecdir}/*
%{_sbindir}/gdm %{_sbindir}/gdm
%{_bindir}/* %{_bindir}/*
@ -157,9 +166,9 @@ fi
%{_libdir}/security/pam_gdm.so %{_libdir}/security/pam_gdm.so
%{_libdir}/libgdm*.so* %{_libdir}/libgdm*.so*
%attr(0711, root, gdm) %dir /run/gdm %attr(0711, root, gdm) %dir /run/gdm
%attr(1755, root, gdm) %dir %{_localstatedir}/cache/gdm
%{_udevrulesdir}/61-gdm.rules %{_udevrulesdir}/61-gdm.rules
%{_unitdir}/gdm.service %{_unitdir}/gdm.service
%{_userunitdir}/gnome-session@gnome-login.target.d/session.conf
%files devel %files devel
%{_includedir}/gdm/*.h %{_includedir}/gdm/*.h
@ -167,6 +176,13 @@ fi
%{_libdir}/pkgconfig/*.pc %{_libdir}/pkgconfig/*.pc
%changelog %changelog
* Mon May 24 2021 weijin deng <weijin.deng@turbolinux.com.cn> - 3.38.2-1
- Upgrade to 3.38.2
- Update Version, Release, Source0, BuildRequires
- Use meson rebuild and install
- Delete patches, delete pam.d related and other two files which not in 3.38.2
- Add new file session.conf. modify /etc/gdm/custom.conf
* Fri Feb 5 2021 wangxiao <wangxiao65@huawei.com> - 1:3.30.1-10 * Fri Feb 5 2021 wangxiao <wangxiao65@huawei.com> - 1:3.30.1-10
- fix CVE-2019-3825 - fix CVE-2019-3825
@ -191,5 +207,5 @@ fi
* Tue Dec 17 2019 Jiangping Hu <hujiangping@huawei.com> - 1:3.30.1-4 * Tue Dec 17 2019 Jiangping Hu <hujiangping@huawei.com> - 1:3.30.1-4
- Add openEuler PAM config - Add openEuler PAM config
* Wed Nov 23 2019 Jiangping Hu <hujiangping@huawei.com> - 1:3.30.1-3 * Sat Nov 23 2019 Jiangping Hu <hujiangping@huawei.com> - 1:3.30.1-3
- Package init - Package init