rpms/gdm/devel gdm-2.15.6-session-keyring.patch, NONE, 1.1 gdm-2.15.6-security-tokens.patch, 1.2, 1.3 gdm.spec, 1.178, 1.179 gdm-2.15.5-session-keyring.patch, 1.3, NONE

fedora-cvs-commits at redhat.com fedora-cvs-commits at redhat.com
Tue Jul 18 13:36:03 UTC 2006


Author: rstrode

Update of /cvs/dist/rpms/gdm/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv20197

Modified Files:
	gdm-2.15.6-security-tokens.patch gdm.spec 
Added Files:
	gdm-2.15.6-session-keyring.patch 
Removed Files:
	gdm-2.15.5-session-keyring.patch 
Log Message:
- reenable session keyring support in pam module (bug 198629)


gdm-2.15.6-session-keyring.patch:
 gdm                |    1 +
 gdm-autologin      |    1 +
 gdm-securitytokens |    1 +
 3 files changed, 3 insertions(+)

--- NEW FILE gdm-2.15.6-session-keyring.patch ---
--- gdm-2.15.6/config/gdm-autologin.session-keyring	2006-07-18 09:32:39.000000000 +0200
+++ gdm-2.15.6/config/gdm-autologin	2006-07-18 09:33:16.000000000 +0200
@@ -4,6 +4,7 @@ auth       required    pam_permit.so
 account    required    pam_nologin.so
 account    include     system-auth
 password   include     system-auth
+session    optional    pam_keyinit.so force revoke
 session    include     system-auth
 session    required    pam_loginuid.so
 session    optional    pam_console.so
--- gdm-2.15.6/config/gdm-securitytokens.session-keyring	2006-07-18 09:32:39.000000000 +0200
+++ gdm-2.15.6/config/gdm-securitytokens	2006-07-18 09:32:39.000000000 +0200
@@ -5,6 +5,7 @@ auth       required     pam_deny.so
 account    required     pam_nologin.so
 account    include      system-auth
 password   include      system-auth
+session    optional     pam_keyinit.so force revoke
 session    include      system-auth
 session    required     pam_loginuid.so
 session    optional     pam_console.so
--- gdm-2.15.6/config/gdm.session-keyring	2006-07-18 09:32:39.000000000 +0200
+++ gdm-2.15.6/config/gdm	2006-07-18 09:33:27.000000000 +0200
@@ -4,6 +4,7 @@ auth       include     system-auth
 account    required    pam_nologin.so
 account    include     system-auth
 password   include     system-auth
+session    optional    pam_keyinit.so force revoke
 session    include     system-auth
 session    required    pam_loginuid.so
 session    optional    pam_console.so

gdm-2.15.6-security-tokens.patch:
 config/Makefile.am            |   35 +
 config/gdm                    |   16 
 config/gdm-autologin          |   17 
 config/gdm-securitytokens     |   10 
 config/gdm.conf.in            |    7 
 config/securitytokens.conf.in |    4 
 configure.ac                  |    3 
 daemon/Makefile.am            |    7 
 daemon/gdm.c                  |  148 +++++++
 daemon/gdm.h                  |    5 
 daemon/gdmconfig.c            |   26 +
 daemon/gdmconfig.h            |    3 
 daemon/securitytoken.c        |  602 ++++++++++++++++++++++++++++++
 daemon/securitytoken.h        |  101 +++++
 daemon/securitytokenmonitor.c |  840 ++++++++++++++++++++++++++++++++++++++++++
 daemon/securitytokenmonitor.h |   81 ++++
 daemon/verify-pam.c           |    5 
 17 files changed, 1889 insertions(+), 21 deletions(-)

Index: gdm-2.15.6-security-tokens.patch
===================================================================
RCS file: /cvs/dist/rpms/gdm/devel/gdm-2.15.6-security-tokens.patch,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- gdm-2.15.6-security-tokens.patch	18 Jul 2006 05:59:38 -0000	1.2
+++ gdm-2.15.6-security-tokens.patch	18 Jul 2006 13:36:00 -0000	1.3
@@ -99,6 +99,27 @@
 +session    required    pam_loginuid.so
 +session    optional    pam_console.so
 +
+--- gdm-2.15.6/config/gdm-autologin
++++ gdm-2.15.6/config/gdm-autologin
+@@ -1,8 +1,9 @@
+-#%PAM-1.0
+-auth       required	pam_env.so
+-auth       required	pam_nologin.so
+-auth       required	pam_permit.so
+-account    required	pam_stack.so service=system-auth
+-password   required	pam_stack.so service=system-auth
+-session    required	pam_stack.so service=system-auth
+-session    optional     pam_console.so
++ #%PAM-1.0
++auth       required    pam_env.so
++auth       required    pam_permit.so
++account    required    pam_nologin.so
++account    include     system-auth
++password   include     system-auth
++session    include     system-auth
++session    required    pam_loginuid.so
++session    optional    pam_console.so
+new file mode 100644
 --- /dev/null
 +++ gdm-2.15.6/config/gdm-securitytokens
 @@ -0,0 +1,10 @@
@@ -135,6 +156,14 @@
  # XDMCP is the protocol that allows remote login.  If you want to log into GDM
  # remotely (I'd never turn this on on open network, use ssh for such remote
  # usage that).  You can then run X with -query <thishost> to log in, or
+new file mode 100644
+--- /dev/null
++++ gdm-2.15.6/config/securitytokens.conf.in
+@@ -0,0 +1,4 @@
++[SecurityTokens]
++Enable=true
++#Driver=@libdir@/pkcs11/libcoolkeypk11.so
++#PamStack=gdm-securitytokens
 --- gdm-2.15.6/configure.ac
 +++ gdm-2.15.6/configure.ac
 @@ -19,6 +19,7 @@ LIBRSVG_REQUIRED=1.1.1
@@ -442,6 +471,7 @@
  void           gdm_config_key_to_string_per_display
                                          (gchar *file,
                                           gchar *key,
+new file mode 100644
 --- /dev/null
 +++ gdm-2.15.6/daemon/securitytoken.c
 @@ -0,0 +1,602 @@
@@ -1047,6 +1077,7 @@
 +    return 0;
 +}
 +#endif
+new file mode 100644
 --- /dev/null
 +++ gdm-2.15.6/daemon/securitytoken.h
 @@ -0,0 +1,101 @@
@@ -1151,6 +1182,7 @@
 +
 +G_END_DECLS
 +#endif				/* SC_SECURITY_TOKEN_H */
+new file mode 100644
 --- /dev/null
 +++ gdm-2.15.6/daemon/securitytokenmonitor.c
 @@ -0,0 +1,840 @@
@@ -1994,6 +2026,7 @@
 +    return 0;
 +}
 +#endif
+new file mode 100644
 --- /dev/null
 +++ gdm-2.15.6/daemon/securitytokenmonitor.h
 @@ -0,0 +1,81 @@
@@ -2106,11 +2139,3 @@
      if ( ! create_pamh (d, pam_stack, login, &pamc, display, &pamerr)) {
  	    if (started_timer)
  		    gdm_slave_greeter_ctl_no_ret (GDM_STOPTIMER, "");
---- /dev/null
-+++ gdm-2.15.6/config/securitytokens.conf.in
-@@ -0,0 +1,4 @@
-+[SecurityTokens]
-+Enable=true
-+#Driver=@libdir@/pkcs11/libcoolkeypk11.so
-+#PamStack=gdm-securitytokens
-


Index: gdm.spec
===================================================================
RCS file: /cvs/dist/rpms/gdm/devel/gdm.spec,v
retrieving revision 1.178
retrieving revision 1.179
diff -u -r1.178 -r1.179
--- gdm.spec	18 Jul 2006 11:44:13 -0000	1.178
+++ gdm.spec	18 Jul 2006 13:36:00 -0000	1.179
@@ -47,7 +47,7 @@
 Patch19: gdm-2.15.5-move-default-message.patch
 Patch20: gdm-2.15.5-reset-pam.patch
 Patch21: gdm-2.15.6-security-tokens.patch
-Patch22: gdm-2.15.5-session-keyring.patch
+Patch22: gdm-2.15.6-session-keyring.patch
 Patch23: gdm-2.15.6-fix-setup-hang.patch
 Patch24: gdm-2.15.6-wtmp.patch
 
@@ -130,7 +130,7 @@
 %patch19 -p1 -b .move-default-message
 %patch20 -p1 -b .reset-pam
 %patch21 -p1 -b .security-tokens
-#%patch22 -p1 -b .session-keyring
+%patch22 -p1 -b .session-keyring
 %patch23 -p1 -b .fix-setup-hang
 %patch24 -p1 -b .wtmp
 
@@ -329,6 +329,9 @@
 %attr(1770, root, gdm) %dir %{_localstatedir}/gdm
 
 %changelog
+* Tue Jul 18 2006 Ray Strode <rstrode at redhat.com> - 1:2.15.6-8
+- reenable session keyring support in pam module (bug 198629)
+
 * Mon Jul 17 2006 Ray Strode <rstrode at redhat.com> - 1:2.15.6-7
 - make security token support use its own config file in
   preparation for modularizing it.


--- gdm-2.15.5-session-keyring.patch DELETED ---




More information about the fedora-cvs-commits mailing list