File gdm-remote-root-passwd-correctness.patch of Package gdm.16051

diff --git a/daemon/gdm-session-worker.c b/daemon/gdm-session-worker.c
index 841cb89..ace614b 100644
--- a/daemon/gdm-session-worker.c
+++ b/daemon/gdm-session-worker.c
@@ -1192,9 +1192,44 @@ gdm_session_worker_authenticate_user (GdmSessionWorker *worker,
 {
         int error_code;
         int authentication_flags;
+        char *username;
+        struct passwd *pwent = NULL;
 
         g_debug ("GdmSessionWorker: authenticating user %s", worker->priv->username);
 
+        gdm_session_worker_get_username (worker, &username);
+        if (username) {
+                pwent = getpwnam (username);
+                g_free (username);
+        }
+
+        if (pwent && (pwent->pw_uid == GDM_SESSION_ROOT_UID)) {
+                gboolean allow_root;
+
+                gdm_settings_direct_get_boolean (GDM_KEY_ALLOW_ROOT, &allow_root);
+                if (!allow_root) {
+                        g_set_error (error,
+                                     GDM_SESSION_WORKER_ERROR,
+                                     GDM_SESSION_WORKER_ERROR_AUTHORIZING,
+                                     "%s", _("System administrator is not allowed to login."));
+                        gdm_session_worker_uninitialize_pam (worker, PAM_PERM_DENIED);
+                        return FALSE;
+                }
+                if (!worker->priv->display_is_local) {
+                        gboolean allow_remote_root;
+
+                        gdm_settings_direct_get_boolean (GDM_KEY_ALLOW_REMOTE_ROOT, &allow_remote_root);
+                        if (!allow_remote_root) {
+                                g_set_error (error,
+                                             GDM_SESSION_WORKER_ERROR,
+                                             GDM_SESSION_WORKER_ERROR_AUTHORIZING,
+                                             "%s", _("System administrator is not allowed to remote login."));
+                                gdm_session_worker_uninitialize_pam (worker, PAM_PERM_DENIED);
+                                return FALSE;
+                        }
+                }
+        }
+
         authentication_flags = 0;
 
         if (password_is_required) {
@@ -1249,45 +1284,10 @@ gdm_session_worker_authorize_user (GdmSessionWorker *worker,
 {
         int error_code;
         int authentication_flags;
-        char *username;
-        struct passwd *pwent = NULL;
 
         g_debug ("GdmSessionWorker: determining if authenticated user (password required:%d) is authorized to session",
                  password_is_required);
 
-        gdm_session_worker_get_username (worker, &username);
-        if (username) {
-                pwent = getpwnam (username);
-                g_free (username);
-        }
-
-        if (pwent && (pwent->pw_uid == GDM_SESSION_ROOT_UID)) {
-                gboolean allow_root;
-
-                gdm_settings_direct_get_boolean (GDM_KEY_ALLOW_ROOT, &allow_root);
-                if (!allow_root) {
-                        g_set_error (error,
-                                     GDM_SESSION_WORKER_ERROR,
-                                     GDM_SESSION_WORKER_ERROR_AUTHORIZING,
-                                     "%s", _("System administrator is not allowed to login."));
-                        gdm_session_worker_uninitialize_pam (worker, PAM_PERM_DENIED);
-                        return FALSE;
-                }
-                if (!worker->priv->display_is_local) {
-                        gboolean allow_remote_root;
-
-                        gdm_settings_direct_get_boolean (GDM_KEY_ALLOW_REMOTE_ROOT, &allow_remote_root);
-                        if (!allow_remote_root) {
-                                g_set_error (error,
-                                             GDM_SESSION_WORKER_ERROR,
-                                             GDM_SESSION_WORKER_ERROR_AUTHORIZING,
-                                             "%s", _("System administrator is not allowed to remote login."));
-                                gdm_session_worker_uninitialize_pam (worker, PAM_PERM_DENIED);
-                                return FALSE;
-                        }
-                }
-        }
-
         authentication_flags = 0;
 
         if (password_is_required) {