File gdm-remote-root-passwd-correctness.patch of Package gdm.15269
diff --git a/daemon/gdm-session-worker.c b/daemon/gdm-session-worker.c
index 841cb89..ace614b 100644
--- a/daemon/gdm-session-worker.c
+++ b/daemon/gdm-session-worker.c
@@ -1192,9 +1192,44 @@ gdm_session_worker_authenticate_user (GdmSessionWorker *worker,
{
int error_code;
int authentication_flags;
+ char *username;
+ struct passwd *pwent = NULL;
g_debug ("GdmSessionWorker: authenticating user %s", worker->priv->username);
+ gdm_session_worker_get_username (worker, &username);
+ if (username) {
+ pwent = getpwnam (username);
+ g_free (username);
+ }
+
+ if (pwent && (pwent->pw_uid == GDM_SESSION_ROOT_UID)) {
+ gboolean allow_root;
+
+ gdm_settings_direct_get_boolean (GDM_KEY_ALLOW_ROOT, &allow_root);
+ if (!allow_root) {
+ g_set_error (error,
+ GDM_SESSION_WORKER_ERROR,
+ GDM_SESSION_WORKER_ERROR_AUTHORIZING,
+ "%s", _("System administrator is not allowed to login."));
+ gdm_session_worker_uninitialize_pam (worker, PAM_PERM_DENIED);
+ return FALSE;
+ }
+ if (!worker->priv->display_is_local) {
+ gboolean allow_remote_root;
+
+ gdm_settings_direct_get_boolean (GDM_KEY_ALLOW_REMOTE_ROOT, &allow_remote_root);
+ if (!allow_remote_root) {
+ g_set_error (error,
+ GDM_SESSION_WORKER_ERROR,
+ GDM_SESSION_WORKER_ERROR_AUTHORIZING,
+ "%s", _("System administrator is not allowed to remote login."));
+ gdm_session_worker_uninitialize_pam (worker, PAM_PERM_DENIED);
+ return FALSE;
+ }
+ }
+ }
+
authentication_flags = 0;
if (password_is_required) {
@@ -1249,45 +1284,10 @@ gdm_session_worker_authorize_user (GdmSessionWorker *worker,
{
int error_code;
int authentication_flags;
- char *username;
- struct passwd *pwent = NULL;
g_debug ("GdmSessionWorker: determining if authenticated user (password required:%d) is authorized to session",
password_is_required);
- gdm_session_worker_get_username (worker, &username);
- if (username) {
- pwent = getpwnam (username);
- g_free (username);
- }
-
- if (pwent && (pwent->pw_uid == GDM_SESSION_ROOT_UID)) {
- gboolean allow_root;
-
- gdm_settings_direct_get_boolean (GDM_KEY_ALLOW_ROOT, &allow_root);
- if (!allow_root) {
- g_set_error (error,
- GDM_SESSION_WORKER_ERROR,
- GDM_SESSION_WORKER_ERROR_AUTHORIZING,
- "%s", _("System administrator is not allowed to login."));
- gdm_session_worker_uninitialize_pam (worker, PAM_PERM_DENIED);
- return FALSE;
- }
- if (!worker->priv->display_is_local) {
- gboolean allow_remote_root;
-
- gdm_settings_direct_get_boolean (GDM_KEY_ALLOW_REMOTE_ROOT, &allow_remote_root);
- if (!allow_remote_root) {
- g_set_error (error,
- GDM_SESSION_WORKER_ERROR,
- GDM_SESSION_WORKER_ERROR_AUTHORIZING,
- "%s", _("System administrator is not allowed to remote login."));
- gdm_session_worker_uninitialize_pam (worker, PAM_PERM_DENIED);
- return FALSE;
- }
- }
- }
-
authentication_flags = 0;
if (password_is_required) {
