GNOME Bugzilla – Bug 655867
[PATCH] register welcome pseudo-session with PAM
Last modified: 2011-08-30 15:17:21 UTC
Created attachment 193122 [details] [review] the patch In order to get udev/systemd device ACL management right we need to make sure that gdm registers its welcome pseudo-session not only with CK but with PAM, too. The attached patch does this. It's very simple, and hopefully robust. Even on systems not using systemd it should be much cleaner running through the PAM session hooks when setting up the welcome pseudo-session, in order to set additional limits or other rules via PAM.
(In reply to comment #0) > Created an attachment (id=193122) [details] [review] > the patch > > In order to get udev/systemd device ACL management right we need to make sure > that gdm registers its welcome pseudo-session not only with CK but with PAM, > too. The attached patch does this. It's very simple, and hopefully robust. Even > on systems not using systemd it should be much cleaner running through the PAM > session hooks when setting up the welcome pseudo-session, in order to set > additional limits or other rules via PAM. If we're going to run through pam anyway, we should consider dropping ck_connector and just relying on pam_ck_connector for the non-systemd case as well. Although, it may not be flexible enough an interface to do what we need to do, not sure.
Also, I'd rather we go through the existing PAM handling code rather than having new calls to it.
okay, i've committed a, hopefully equivalent, patch to master now: http://git.gnome.org/browse/gdm/commit/?id=647cad5bf59a4ff3776ba1ae5cda6b1aaaa1cfb2