Bug#615020: xdm: ConsoleKit support

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#615020: xdm: ConsoleKit support
From: Fernando Tarlá Cardoso Lemos <fernandotcl@gmail.com>
Date: Thu, 24 Feb 2011 20:19:28 -0300
Message-id: <[🔎] 20110224231928.4503.6870.reportbug@vostro.localdomain>
Reply-to: Fernando Tarlá Cardoso Lemos <fernandotcl@gmail.com>, 615020@bugs.debian.org

Package: xdm
Version: 1:1.1.10-3
Severity: wishlist
Tags: patch


Hi,

Starting with ConsoleKit 0.4.2, sessions launched by ck-launch-session are no
longer considered active and local. Instead, display managers are supposed to
create the ConsoleKit session directly through the DBus API, specifying
parameters that are not available when running Xsession.d. That's essentially
what the provided patch does.

Why is this relevant? PolicyKit policies often give special permissions to
local users. This means you can automount devices with UDisks or maybe
configure certain NetworkManager parameters if you have an active local
session. This trend seems on the rise too, since HAL is gonna be abandoned
eventually and the *Kit APIs often play nice with PolicyKit and local active
sessions for a smoother user experience.

This patch is not mine. It's from OpenSUSE and I believe similar patches are
also being used by Mandriva. Upstream did not show much interest in those
patches when they were posted in the upstream bugtracker, but I believe this
has never been discussed in their mailing list. Anyways, the patch is small
and libck-connector abstracts the whole thing very nicely (it's intended to be
used by display managers).

The patch adds a build dependendency on libck-connector-dev, translating into
a runtime dependency on libck-connector0. libck-connector0 is very lightweight
(only depends on libdbus).

The patch also works great for the time I've been testing it. You don't get
duplicate sessions or anything like that.

Regards,

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.37-1-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages xdm depends on:
ii  cpp                           4:4.4.5-2  The GNU C preprocessor (cpp)
ii  debconf [debconf-2.0]         1.5.38     Debian configuration management sy
ii  libc6                         2.11.2-11  Embedded GNU C Library: Shared lib
ii  libpam0g                      1.1.2-2    Pluggable Authentication Modules l
ii  libselinux1                   2.0.96-1   SELinux runtime shared libraries
ii  libx11-6                      2:1.4.1-5  X11 client-side library
ii  libxau6                       1:1.0.6-1  X11 authorisation library
ii  libxaw7                       2:1.0.9-2  X11 Athena Widget library
ii  libxdmcp6                     1:1.1.0-1  X11 Display Manager Control Protoc
ii  libxext6                      2:1.2.0-2  X11 miscellaneous extension librar
ii  libxft2                       2.2.0-2    FreeType-based font drawing librar
ii  libxinerama1                  2:1.1.1-1  X11 Xinerama extension library
ii  libxmu6                       2:1.1.0-1  X11 miscellaneous utility library
ii  libxpm4                       1:3.5.9-1  X11 pixmap library
ii  libxrender1                   1:0.9.6-1  X Rendering Extension client libra
ii  libxt6                        1:1.0.9-2  X11 toolkit intrinsics library
ii  lsb-base                      3.2-27     Linux Standard Base 3.2 init scrip
ii  procps                        1:3.2.8-10 /proc file system utilities
ii  x11-common                    1:7.6+3    X Window System (X.Org) infrastruc
ii  x11-utils                     7.6+1      X11 utilities
ii  x11-xserver-utils             7.6+1      X server utilities

xdm recommends no packages.

xdm suggests no packages.

-- debconf information:
  xdm/stop_running_server_with_children: false
  xdm/daemon_name: /usr/bin/xdm
* shared/default-x-display-manager: xdm

>From ac232d8fa2e2c3fcbd30aff86af1c9f8cfb73876 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fernando=20Tarl=C3=A1=20Cardoso=20Lemos?= <fernandotcl@gmail.com>
Date: Sat, 19 Feb 2011 13:40:15 -0200
Subject: [PATCH] Add a patch for ConsoleKit support.

---
 debian/control                 |    1 +
 debian/patches/consolekit.diff |  231 ++++++++++++++++++++++++++++++++++++++++
 debian/patches/series          |    1 +
 debian/rules                   |    3 +-
 4 files changed, 235 insertions(+), 1 deletions(-)
 create mode 100644 debian/patches/consolekit.diff

diff --git a/debian/control b/debian/control
index 7c2da31..6e7439c 100644
--- a/debian/control
+++ b/debian/control
@@ -14,6 +14,7 @@ Build-Depends:
  libselinux1-dev [!hurd-i386 !kfreebsd-i386 !kfreebsd-amd64],
  libxinerama-dev (>= 1:1.0.1),
  libxft-dev,
+ libck-connector-dev,
  quilt,
  automake,
  libtool,
diff --git a/debian/patches/consolekit.diff b/debian/patches/consolekit.diff
new file mode 100644
index 0000000..c5afffa
--- /dev/null
+++ b/debian/patches/consolekit.diff
@@ -0,0 +1,231 @@
+Description: Implement ConsoleKit support
+ Starting from 0.4.2, ConsoleKit has more strict securty requirements
+ and ck-launch-session doesn't create a local and active session
+ anymore.
+Forwarded: https://bugs.freedesktop.org/show_bug.cgi?id=17325
+Origin: https://build.opensuse.org/package/view_file?file=xdm-consolekit.diff&package=xorg-x11&project=openSUSE:11.3:Update:Test&srcmd5=5e43d91b0bf84c8a82fc23b1cb550931
+--- a/configure.ac
++++ b/configure.ac
+@@ -434,6 +434,20 @@
+ 
+ AM_CONDITIONAL(DYNAMIC_GREETER, test x$DYNAMIC_GREETER = xyes)
+ 
++# ConsoleKit support
++AC_ARG_WITH(consolekit, AC_HELP_STRING([--with-consolekit], [Use ConsoleKit]),
++	[USE_CONSOLEKIT=$withval], [USE_CONSOLEKIT=yes])
++if test x"$USE_CONSOLEKIT" != xno; then
++	PKG_CHECK_MODULES(CK_CONNECTOR, ck-connector,
++		[USE_CONSOLEKIT=yes], [USE_CONSOLEKIT=no])
++	if test x"$USE_CONSOLEKIT" = xyes; then
++		AC_DEFINE([USE_CONSOLEKIT], 1, [Define to 1 to use ConsoleKit])
++		XDM_CFLAGS="$XDM_CFLAGS $CK_CONNECTOR_CFLAGS"
++		XDM_LIBS="$XDM_LIBS $CK_CONNECTOR_LIBS"
++	fi
++fi
++dnl AM_CONDITIONAL(USE_CONSOLEKIT, test$USE_CONSOLEKIT = xyes)
++
+ #
+ #  XDM
+ #
+--- a/dm.h
++++ b/dm.h
+@@ -323,6 +323,9 @@
+ extern char	*prngdSocket;
+ extern int	prngdPort;
+ # endif
++#ifdef USE_CONSOLEKIT
++extern int	use_consolekit;
++#endif
+ 
+ extern char	*greeterLib;
+ extern char	*willing;
+--- a/resource.c
++++ b/resource.c
+@@ -65,6 +65,9 @@
+ char	*prngdSocket;
+ int	prngdPort;
+ #endif
++#ifdef USE_CONSOLEKIT
++int	use_consolekit;
++#endif
+ 
+ char	*greeterLib;
+ char	*willing;
+@@ -196,6 +199,10 @@
+ 				"false"} ,
+ { "willing",	"Willing",	DM_STRING,	&willing,
+ 				""} ,
++#ifdef USE_CONSOLEKIT
++{ "consoleKit",	"ConsoleKit",	DM_BOOL,	(char **) &use_consolekit,
++				"true"} ,
++#endif
+ };
+ 
+ #define NUM_DM_RESOURCES	(sizeof DmResources / sizeof DmResources[0])
+@@ -378,7 +385,11 @@
+ {"-debug",	"*debugLevel",		XrmoptionSepArg,	(caddr_t) NULL },
+ {"-xrm",	NULL,			XrmoptionResArg,	(caddr_t) NULL },
+ {"-daemon",	".daemonMode",		XrmoptionNoArg,		"true"         },
+-{"-nodaemon",	".daemonMode",		XrmoptionNoArg,		"false"        }
++{"-nodaemon",	".daemonMode",		XrmoptionNoArg,		"false"        },
++#ifdef USE_CONSOLEKIT
++{"-consolekit",	".consoleKit",		XrmoptionNoArg,		"true"  },
++{"-noconsolekit", ".consoleKit",	XrmoptionNoArg,		"false" }
++#endif
+ };
+ 
+ static int	originalArgc;
+--- a/session.c
++++ b/session.c
+@@ -67,6 +67,11 @@
+ # endif
+ #endif /* USE_PAM */
+ 
++#ifdef USE_CONSOLEKIT
++#include <ck-connector.h>
++#include <dbus/dbus.h>
++#endif
++
+ #ifdef __SCO__
+ # include <prot.h>
+ #endif
+@@ -514,6 +519,97 @@
+     }
+ }
+ 
++#ifdef USE_CONSOLEKIT
++
++static CkConnector *connector;
++
++static int openCKSession(struct verify_info *verify, struct display *d)
++{
++    int ret;
++    DBusError error;
++    char  *remote_host_name = "";
++    dbus_bool_t is_local;
++    char *display_name = "";
++    char *display_device = "";
++    char devtmp[16];
++
++    if (!use_consolekit)
++	return 1;
++
++    is_local = d->displayType.location == Local;
++    if (d->peerlen > 0 && d->peer)
++	remote_host_name = d->peer;
++    if (d->name)
++	display_name = d->name;
++    /* how can we get the corresponding tty at best...? */
++    if (d->windowPath) {
++	display_device = strchr(d->windowPath, ':');
++	if (display_device && display_device[1])
++	    display_device++;
++	else
++	    display_device = d->windowPath;
++	snprintf(devtmp, sizeof(devtmp), "/dev/tty%s", display_device);
++	display_device = devtmp;
++    }
++
++    connector = ck_connector_new();
++    if (!connector) {
++	LogOutOfMem("ck_connector");
++	return 0;
++    }
++
++    dbus_error_init(&error);
++    ret = ck_connector_open_session_with_parameters(
++		connector, &error,
++		"unix-user", &verify->uid,
++		"x11-display", &display_name,
++		"x11-display-device", &display_device,
++		"remote-host-name", &remote_host_name,
++		"is-local", &is_local,
++		NULL);
++    if (!ret) {
++	if (dbus_error_is_set(&error)) {
++	    LogError("Dbus error: %s\n", error.message);
++	    dbus_error_free(&error);
++	} else {
++	    LogError("ConsoleKit error\n");
++	}
++	LogError("console-kit-daemon not running?\n");
++	ck_connector_unref(connector);
++	connector = NULL;
++	return 0;
++    }
++
++    verify->userEnviron = setEnv(verify->userEnviron,
++		"XDG_SESSION_COOKIE", ck_connector_get_cookie(connector));
++    return 1;
++}
++
++static void closeCKSession(void)
++{
++    DBusError error;
++
++    if (!connector)
++	return;
++
++    dbus_error_init(&error);
++    if (!ck_connector_close_session(connector, &error)) {
++	if (dbus_error_is_set(&error)) {
++	    LogError("Dbus error: %s\n", error.message);
++	    dbus_error_free(&error);
++	} else {
++	    LogError("ConsoleKit close error\n");
++	}
++	LogError("console-kit-daemon not running?\n");
++    }
++    ck_connector_unref(connector);
++    connector = NULL;
++}
++#else
++#define openCKSession(v,d)	1
++#define closeCKSession()
++#endif
++
+ void
+ SessionExit (struct display *d, int status, int removeAuth)
+ {
+@@ -528,6 +624,8 @@
+     }
+ #endif
+ 
++    closeCKSession();
++
+     /* make sure the server gets reset after the session is over */
+     if (d->serverPid >= 2 && d->resetSignal)
+ 	kill (d->serverPid, d->resetSignal);
+@@ -610,6 +708,10 @@
+ #ifdef USE_PAM
+     if (pamh) pam_open_session(pamh, 0);
+ #endif
++
++    if (!openCKSession(verify, d))
++	return 0;
++
+     switch (pid = fork ()) {
+     case 0:
+ 	CleanUpChild ();
+--- a/xdm.man.cpp
++++ b/xdm.man.cpp
+@@ -48,6 +48,8 @@
+ ] [
+ .B \-session
+ .I session_program
++] [
++.B \-noconsolekit
+ ]
+ .SH DESCRIPTION
+ .I Xdm
+@@ -215,6 +217,10 @@
+ .IP "\fB\-xrm\fP \fIresource_specification\fP"
+ Allows an arbitrary resource to be specified, as in most
+ X Toolkit applications.
++.IP "\fB\-noconsolekit\fP"
++Specifies ``false'' as the value for the \fBDisplayManager.consoleKit\fP
++resource.
++This suppresses the session management using ConsoleKit.
+ .SH RESOURCES
+ At many stages the actions of
+ .I xdm
diff --git a/debian/patches/series b/debian/patches/series
index 15eddf7..e37ea22 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -9,3 +9,4 @@ support_logfile_rotation.diff
 
 debian.diff
 doc_mention_xdm.options.diff
+consolekit.diff
diff --git a/debian/rules b/debian/rules
index 57b33e8..81ccf3b 100755
--- a/debian/rules
+++ b/debian/rules
@@ -22,7 +22,8 @@ confflags += --with-pam \
 	--with-bw-pixmap=debianbw.xpm \
 	--disable-dynamic-greeter \
 	--disable-xdm-auth \
-	--with-xft
+	--with-xft \
+	--with-consolekit
 
 CFLAGS = -Wall -g
 ifneq (,$(filter noopt,$(DEB_BUILD_OPTIONS)))
-- 
1.7.4.1

Reply to:

Follow-Ups:
- Bug#615020: xdm: ConsoleKit support
  - From: Cyril Brulebois <kibi@debian.org>

Prev by Date: Bug#597082: xserver-xorg-input-synaptics: Patch attached (was Please add support for Synaptics "ClickPads")
Next by Date: Bug#610540: xserver-xorg-video-intel: serious display flickering and corruption in bottom third of screen
Previous by thread: Bug#597082: xserver-xorg-input-synaptics: Patch attached (was Please add support for Synaptics "ClickPads")
Next by thread: Bug#615020: xdm: ConsoleKit support
Index(es):
- Date
- Thread