File gdm.spec of Package gdm.14226

# spec file for package gdm
# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany.
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via

%define systemdsystemunitdir %(pkg-config --variable=systemdsystemunitdir systemd)
# FIXME: need to check what should be done to enable this (at least adapt the pam files). See bnc#699999
%define enable_split_authentication 0

Name:           gdm
Release:        0
Summary:        The GNOME Display Manager
License:        GPL-2.0+
Group:          System/GUI/GNOME
Source1:        gdm.pamd
Source2:        gdm-autologin.pamd
Source3:        gdm-launch-environment.pamd
Source4:        gdm-fingerprint.pamd
Source5:        gdm-smartcard.pamd
# gdmflexiserver wrapper, to enable other display managers to abuse the gdmflexiserver namespace (like lightdm)
Source6:        gdmflexiserver-wrapper
# /etc/xinit.d/xdm integration script
Source7:        X11-displaymanager-gdm
# GDM does not boostrap using, but has it's own bootstrap script
# Use tmpfiles to create directories under /var to support transactional updates
Source9:        gdm.tmpfiles
# PATCH-FEATURE-OPENSUSE gdm-workaround-boo971852.patch -- Work around boo971852 - xsessions is just not going to happen for a gdm user - Those users ALL have gnome-shell installed (which is mandatory for gdm to operate) - openSUSE only
Patch0:         gdm-workaround-boo971852.patch
# PATCH-FIX-UPSTREAM gdm-disable-wayland-on-unsupported-chipsets.patch bgo#789081 bgo#794106 boo#1059356 boo#1083609 boo#1088539 -- Disable Wayland on unsupported chipsets
Patch1:         gdm-disable-wayland-on-unsupported-chipsets.patch
# WARNING: do not remove/significantly change patch3 without updating the relevant patch in accountsservice too
# PATCH-FIX-OPENSUSE gdm-sysconfig-settings.patch bnc432360 bsc#919723 -- Read autologin options from /etc/sysconfig/displaymanager; note that accountsservice has a similar patch (accountsservice-sysconfig.patch)
Patch3:         gdm-sysconfig-settings.patch
# PATCH-FIX-OPENSUSE gdm-suse-xsession.patch -- Use the /etc/X11/xdm/* scripts
Patch7:         gdm-suse-xsession.patch
Patch9:         gdm-passwordless-login.patch
# PATCH-FIX-OPENSUSE gdm-default-wm.patch -- Use sysconfig to know to which desktop to use by default
Patch34:        gdm-default-wm.patch
# PATCH-FIX-OPENSUSE gdm-xauthlocalhostname.patch bnc#538064 -- Set XAUTHLOCALHOSTNAME to current hostname when we authenticate, for local logins, to avoid issues in the session in case the hostname changes later one. See comment 24 in the bug.
Patch35:        gdm-xauthlocalhostname.patch
# PATCH-FIX-OPENSUSE gdm-switch-to-tty1.patch bsc#1113700 -- switch to tty1 when stopping gdm service
Patch41:        gdm-switch-to-tty1.patch
# PATCH-FIX-UPSTREAM gdm-fails-to-restart-gnome-shell.patch bsc#981976 bgo#769969 -- Gdm should stop after a few times fails
Patch42:        gdm-fails-to-restart-gnome-shell.patch
# PATCH-FIX-UPSTREAM gdm-not-run-with-bogus-DISPLAY-XAUTHORITY.patch bsc#1068016 bgo#792150 -- When run PreSession script, don't set DISPLAY and XAUTHORITY environment variable
Patch43:        gdm-not-run-with-bogus-DISPLAY-XAUTHORITY.patch
# PATCH-FIX-UPSTREAM gdm-add-runtime-option-to-disable-starting-X-server-as-u.patch bnc#1075805 bgo#793255 -- Add runtime option to start X under root instead of regular user. Necessary if no DRI drivers are present.
Patch45:        gdm-add-runtime-option-to-disable-starting-X-server-as-u.patch
# PATCH-FIX-UPSTREAM gdm-Revert-session-don-t-call-gdm_session_defaults_chang.patch bsc#1082958 bgo#793609 -- Show right active session of user in login dialog.
Patch46:        gdm-Revert-session-don-t-call-gdm_session_defaults_chang.patch
# PATCH-FIX-UPSTREAM gdm-quit-plymouth-when-xdmcp-is-the-only-allowed-connection.patch bsc#1083646 bgo#795120 -- Quit plymouth when xdmcp is the only allowed connection.
Patch47:        gdm-quit-plymouth-when-xdmcp-is-the-only-allowed-connection.patch
# PATCH-FIX-UPSTREAM gdm-CVE-2018-14424.patch glgo#GNOME#gdm#401 boo#1103737 CVE-2018-14424 -- Fix use-after-free of disposed transient displays.
Patch48:        gdm-CVE-2018-14424.patch
# PATCH-FIX-UPSTREAM gdm-ignore-duplicate-desktop-file.patch bsc#1112834 glgo#GNOME/gdm#437 -- Ignore duplicate desktop file with same "Name".
Patch49:        gdm-ignore-duplicate-desktop-file.patch
# PATCH-FIX-UPSTREAM gdm-disable-wayland-for-proprietary-nvidia-machines.patch glgo#GNOME#gdm!46 bsc#1112578 -- Disable wayland for proprietary nvidia machines.
Patch50:        gdm-disable-wayland-for-proprietary-nvidia-machines.patch
# PATCH-FIX-UPSTREAM gdm-CVE-2019-3825.patch boo#1124628 glgo#GNOME/gdm#460 -- Fix lock screen bypass when timed login is enabled
Patch51:        gdm-CVE-2019-3825.patch
# PATCH-FIX-UPSTREAM gdm-kill-user-session.patch bsc#1112294 glgo#GNOME/gdm#400 -- Kill all sessions when stopping gdm service
Patch52:        gdm-kill-user-session.patch
# PATCH-FIX-OPENSUSE gdm-s390-not-require-g-s-d_wacom.patch bsc#1129412 -- Remove the runtime requirement of g-s-d Wacom plugin
Patch53:        gdm-s390-not-require-g-s-d_wacom.patch
# PATCH-FIX-UPSTREAM gdm-remove-duplicate-sessions.patch boo#1131625 glgo#GNOME/gdm#473 -- Remove duplicate sessions once, after all sessions have been processed.
Patch54:        gdm-remove-duplicate-sessions.patch
# PATCH-FIX-UPSTREAM gdm-drop-weak-refs-on-the-GDBusConnection.patch boo#1161339 bgo#795940 -- Drop weak refs on the GDBusConnection
Patch55:        gdm-drop-weak-refs-on-the-GDBusConnection.patch
### NOTE: Keep please SLE-only patches at bottom (starting on 1000).
# PATCH-FIX-SLE gdm-disable-gnome-initial-setup.patch bnc#1067976 -- Disable gnome-initial-setup runs before gdm, g-i-s will only serve for CJK people to choose the input-method after login.
Patch1002:      gdm-disable-gnome-initial-setup.patch
BuildRequires:  check-devel
# needed for directory ownership
BuildRequires:  dconf
# needed for directory ownership
BuildRequires:  fdupes
BuildRequires:  gnome-common
BuildRequires:  gnome-session-core
BuildRequires:  keyutils-devel
BuildRequires:  pam-devel
BuildRequires:  pkgconfig
BuildRequires:  pwdutils
BuildRequires:  tcpd-devel
BuildRequires:  translation-update-upstream
BuildRequires:  update-desktop-files
BuildRequires:  xorg-x11-server
BuildRequires:  xorg-x11-server-extra
BuildRequires:  pkgconfig(accountsservice) >= 0.6.35
BuildRequires:  pkgconfig(check)
BuildRequires:  pkgconfig(gio-2.0) >= 2.36.0
BuildRequires:  pkgconfig(gio-unix-2.0) >= 2.36.0
BuildRequires:  pkgconfig(glib-2.0) >= 2.36.0
BuildRequires:  pkgconfig(gobject-2.0) >= 2.36.0
BuildRequires:  pkgconfig(gobject-introspection-1.0) >= 0.9.12
BuildRequires:  pkgconfig(gthread-2.0)
BuildRequires:  pkgconfig(gtk+-3.0) >= 2.91.1
BuildRequires:  pkgconfig(iso-codes)
BuildRequires:  pkgconfig(libcanberra-gtk3) >= 0.4
BuildRequires:  pkgconfig(libsystemd)
BuildRequires:  pkgconfig(ply-boot-client)
BuildRequires:  pkgconfig(x11)
BuildRequires:  pkgconfig(xau)
BuildRequires:  pkgconfig(xcb)
BuildRequires:  pkgconfig(xdmcp)
BuildRequires:  pkgconfig(xi)
BuildRequires:  pkgconfig(xinerama)
%ifnarch s390 s390x
BuildRequires:  pkgconfig(xorg-server)
BuildRequires:  pkgconfig(xrandr)
Requires(pre):  group(video)
Requires:       %{name}-branding = %{version}
Requires:       gdmflexiserver
Requires:       gnome-session-core
Requires:       gnome-settings-daemon
Requires:       gnome-shell
# xdm package ships systemd display-manager service and other common scripts
# between display managers (bsc#1084655)
Requires:       xdm
Requires(post): dconf
# accessibility
Recommends:     orca
# For groupadd, useradd, usermod
PreReq:         pwdutils
Recommends:     %{name}-lang
Recommends:     iso-codes
Provides:       gdm2 = %{version}
Obsoletes:      gdm2 < %{version}
Provides:       gnome-applets-gdm = %{version}
Obsoletes:      gnome-applets-gdm < %{version}
DocDir:         %{_defaultdocdir}

The GNOME Display Manager is a system service that is responsible for
providing graphical log-ins and managing local and remote displays.

%package -n libgdm1
Summary:        Client Library for Communicating with GDM Greeter Server
Group:          System/Libraries
Recommends:     gdm

%description -n libgdm1
The GNOME Display Manager is a system service that is responsible for
providing graphical log-ins and managing local and remote displays.

%package -n typelib-1_0-Gdm-1_0
Summary:        Introspection bindings for gdm
Group:          System/Libraries

%description -n typelib-1_0-Gdm-1_0
The GNOME Display Manager is a system service that is responsible for
providing graphical log-ins and managing local and remote displays.

This package provides the GObject Introspection bindings for
communicating with the GDM greeter server.

%package devel
Summary:        Libraries for GDM -- Development Files
Group:          Development/Libraries/GNOME
Requires:       libgdm1 = %{version}
Requires:       typelib-1_0-Gdm-1_0 = %{version}

%description devel
The GNOME Display Manager is a system service that is responsible for
providing graphical log-ins and managing local and remote displays.

%package branding-upstream
Summary:        The GNOME Display Manager -- Upstream default configuration
Group:          System/GUI/GNOME
Requires:       %{name} = %{version}
Supplements:    packageand(%{name}:branding-upstream)
Conflicts:      %{name}-branding
Provides:       %{name}-branding = %{version}
BuildArch:      noarch
#BRAND: Provide one file:
#BRAND: /etc/gdm/custom.conf
#BRAND:   Default configuration of gdm

%description branding-upstream
The GNOME Display Manager is a system service that is responsible for
providing graphical log-ins and managing local and remote displays.

This package provides the upstream default configuration for gdm.

%package -n gdmflexiserver
Summary:        Compatibility Wrapper for Display Managers
Group:          System/GUI/GNOME
Suggests:       gdm
BuildArch:      noarch

%description -n gdmflexiserver
The GDMFlexiServer tool interacts with the display manager to
enable fast user switching. This package contains a wrapper that
selects the correct Gdmflexiserver implementation, based on the
running display manager.


%setup -q
cp %{SOURCE8} .
%if 0%{?is_opensuse}
# Disabled for now, see boo#981372 and boo#971852
#patch0 -p1
%patch1 -p1
%patch3 -p1
%patch7 -p1
%patch9 -p1
%patch34 -p1
%patch35 -p1
%patch41 -p1
%patch42 -p1
%patch43 -p1
%patch45 -p1
%patch46 -p1
%patch47 -p1
%patch48 -p1
%patch49 -p1
%patch50 -p1
%patch51 -p1
%patch52 -p1
%ifarch s390 s390x
%patch53 -p1
%patch54 -p1
%patch55 -p1
# SLE-only patches start at 1000
%if !0%{?is_opensuse}
%patch1002 -p1

autoreconf -fiv
        --disable-static \
        --libexecdir=%{_prefix}/lib/gdm \
        --localstatedir=%{_localstatedir} \
        --with-at-spi-registryd-directory=%{_libexecdir}/at-spi \
        --with-check-accelerated-directory=%{_libexecdir} \
        --with-gnome-settings-daemon-directory=%{_libexecdir}/gnome-settings-daemon-3.0 \
        --with-pam-mod-dir=/%{_lib}/security \
        --enable-ipv6 \
        --enable-gdm-xsession \
        --with-plymouth \
        --enable-wayland-support \
%if 0%{?is_opensuse}
        --enable-systemd-journal \
        --disable-systemd-journal \
%if %{enable_split_authentication}
        --enable-split-authentication \
        --disable-split-authentication \
        --with-initial-vt=7 \
%make_build V=1

find %{buildroot} -type f -name "*.la" -delete -print
# Do not ship the systemd.service file: openSUSE uses xdm, which enables the DM based on sysconfig.
rm %{buildroot}%{systemdsystemunitdir}/gdm.service
## Install PAM files.
mkdir -p %{buildroot}%{_sysconfdir}/pam.d
# Generic pam config
cp %{SOURCE1} %{buildroot}%{_sysconfdir}/pam.d/gdm
# Pam config for autologin
cp %{SOURCE2} %{buildroot}%{_sysconfdir}/pam.d/gdm-autologin
# Pam config for the greeter session
cp %{SOURCE3} %{buildroot}%{_sysconfdir}/pam.d/gdm-launch-environment
%if %{enable_split_authentication}
# Pam config for fingerprint authentication
cp %{SOURCE4} %{buildroot}%{_sysconfdir}/pam.d/gdm-fingerprint
# Pam config for smartcard authentication
cp %{SOURCE5} %{buildroot}%{_sysconfdir}/pam.d/gdm-smartcard
# The default gdm pam configuration is the one to be used as pam-password too
%if %{enable_split_authentication}
rm %{buildroot}%{_sysconfdir}/pam.d/gdm-password
echo "We are not ready for this, we need to know what to put in gdm-fingerprint and gdm-smartcard pam config files."
ln -s gdm %{buildroot}%{_sysconfdir}/pam.d/gdm-password
## Install other files
# Install PostLogin script.
mv %{buildroot}%{_sysconfdir}/gdm/PostLogin/Default.sample %{buildroot}%{_sysconfdir}/gdm/PostLogin/Default
# Move gdmflexiserver to libexecdir and replace it with the compatibility wrapper
mv %{buildroot}%{_bindir}/gdmflexiserver %{buildroot}%{_libexecdir}/gdm/gdmflexiserver
install -m 755 %{SOURCE6} %{buildroot}%{_bindir}/gdmflexiserver
#Install /etc/xinit.d/xdm integration script
install -D -m 644 %{SOURCE7} %{buildroot}%{_libexecdir}/X11/displaymanagers/gdm
mkdir -p %{buildroot}%{_sysconfdir}/alternatives
touch %{buildroot}%{_sysconfdir}/alternatives/default-displaymanager
ln -s %{_sysconfdir}/alternatives/default-displaymanager %{buildroot}%{_libexecdir}/X11/displaymanagers/default-displaymanager

# Install other files
mkdir -p %{buildroot}/run/gdm
mkdir -p %{buildroot}%{_bindir}
ln -s ../sbin/gdm %{buildroot}%{_bindir}/gdm

mkdir -p %{buildroot}%{_prefix}/lib/tmpfiles.d
install -m 644 %{SOURCE9} %{buildroot}%{_prefix}/lib/tmpfiles.d/gdm.conf

%find_lang %{name} %{?no_lang_C}
%fdupes -s %{buildroot}%{_datadir}/help

%{_sbindir}/groupadd -r gdm 2> /dev/null || :
%{_sbindir}/useradd -r -g gdm -G video -s /bin/false \
-c "Gnome Display Manager daemon" -d %{_localstatedir}/lib/gdm gdm 2> /dev/null || :
%{_sbindir}/usermod -g gdm -G video -s /bin/false gdm 2> /dev/null
# Fix incorrect interpretation of DISPLAYMANAGER_PASSWORD_LESS_LOGIN (#307566).
# Last done in SLED10&10.1, first fixed in 10.3.
# Can be removed after SLES12:
if test -f sbin/conf.d/SuSEconfig.gdm && grep -q gdm-autologin sbin/conf.d/SuSEconfig.gdm ; then
    if grep -q '^DISPLAYMANAGER_PASSWORD_LESS_LOGIN="no"' etc/sysconfig/displaymanager ; then
	sed 's/^\(auth[[:space:]][[:space:]]*\)include[[:space:]]\([[:space:]]*\)common-auth/\1required\' <etc/pam.d/gdm-autologin >etc/pam.d/
	if cmp -s etc/pam.d/gdm-autologin etc/pam.d/ ; then
	    rm etc/pam.d/
	    mv etc/pam.d/ etc/pam.d/gdm-autologin
# Fix how DISPLAYMANAGER_PASSWORD_LESS_LOGIN is used. Before 11.4,
# /etc/pam.d/gdm was changed to use pam_permit. We don't want this anymore.
if test -f /sbin/conf.d/SuSEconfig.gdm; then
    grep -q %{_sysconfdir}/pam.d/gdm
    if test $? -eq 0; then
        # We'll just use the file from the new package
        mv %{_sysconfdir}/pam.d/gdm %{_sysconfdir}/pam.d/gdm.rpmold

%tmpfiles_create gdm.conf
%{_sbindir}/update-alternatives --install %{_libexecdir}/X11/displaymanagers/default-displaymanager \
  default-displaymanager %{_libexecdir}/X11/displaymanagers/gdm 25

# Create dconf database for gdm, to lockdown the gdm session
dconf update

[ -f %{_libexecdir}/X11/displaymanagers/gdm ] || %{_sbindir}/update-alternatives \
  --remove default-displaymanager %{_libexecdir}/X11/displaymanagers/gdm

%post -n libgdm1 -p /sbin/ldconfig
%postun -n libgdm1 -p /sbin/ldconfig

%license COPYING
%doc %{_datadir}/help/C/%{name}/
%dir %config %{_sysconfdir}/gdm
%config %{_sysconfdir}/gdm/[IPXl]*
%dir %{_datadir}/dconf
%dir %{_datadir}/dconf/profile
%dir %{_libexecdir}/gdm
%ghost %attr(750,gdm,gdm) %dir %{_localstatedir}/lib/gdm
%ghost %attr(711,root,gdm) %dir %{_localstatedir}/log/gdm
%ghost %dir %{_localstatedir}/cache/gdm
%ghost %attr(711,root,gdm) %dir /run/gdm
%config %{_sysconfdir}/pam.d/gdm
%config %{_sysconfdir}/pam.d/gdm-autologin
%if %{enable_split_authentication}
%config %{_sysconfdir}/pam.d/gdm-fingerprint
%config %{_sysconfdir}/pam.d/gdm-smartcard
%config %{_sysconfdir}/pam.d/gdm-password
%config %{_sysconfdir}/pam.d/gdm-launch-environment
%config %{_sysconfdir}/dbus-1/system.d/gdm.conf
# /etc/xinit.d/xdm integration
%dir %{_libexecdir}/X11/displaymanagers
%ghost %{_sysconfdir}/alternatives/default-displaymanager

%files -n libgdm1

%files -n typelib-1_0-Gdm-1_0

%files devel

%files branding-upstream
%config(noreplace) %{_sysconfdir}/gdm/custom.conf

%files -n gdmflexiserver

%files lang -f %{name}.lang

openSUSE Build Service is sponsored by