automatic import of gnome-shellopeneuler24.03_LTSopeneuler23.09

1 files changed, 114 insertions, 0 deletions

diff --git a/enforce-smartcard-at-unlock.patch b/enforce-smartcard-at-unlock.patch
new file mode 100644
index 0000000..ffe2316
--- /dev/null
+++ b/enforce-smartcard-at-unlock.patch
@@ -0,0 +1,114 @@
+From d2c12a372ea0ccbe6ba682c553d8b83b3253169f Mon Sep 17 00:00:00 2001
+From: Ray Strode <rstrode@redhat.com>
+Date: Mon, 28 Sep 2015 10:57:02 -0400
+Subject: [PATCH 1/3] smartcardManager: add way to detect if user logged using
+ (any) token
+
+If a user uses a token at login time, we need to make sure they continue
+to use the token at unlock time.
+
+As a prerequisite for addressing that problem we need to know up front
+if a user logged in with a token at all.
+
+This commit adds the necessary api to detect that case.
+---
+ js/misc/smartcardManager.js | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/js/misc/smartcardManager.js b/js/misc/smartcardManager.js
+index d9b6ff474..26f9f5aaa 100644
+--- a/js/misc/smartcardManager.js
++++ b/js/misc/smartcardManager.js
+@@ -111,5 +111,12 @@ var SmartcardManager = class {
+ 
+         return true;
+     }
++
++    loggedInWithToken() {
++        if (this._loginToken)
++            return true;
++
++        return false;
++    }
+ };
+ Signals.addSignalMethods(SmartcardManager.prototype);
+-- 
+2.31.1
+
+
+From 98393eef884edc9e685b712c71356751acdd552f Mon Sep 17 00:00:00 2001
+From: Ray Strode <rstrode@redhat.com>
+Date: Mon, 28 Sep 2015 19:56:53 -0400
+Subject: [PATCH 2/3] gdm: only unlock with smartcard, if smartcard used for
+ login
+
+If a smartcard is used for login, we need to make sure the smartcard
+gets used for unlock, too.
+---
+ js/gdm/util.js | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/js/gdm/util.js b/js/gdm/util.js
+index 72561daab..6b92e3564 100644
+--- a/js/gdm/util.js
++++ b/js/gdm/util.js
+@@ -149,7 +149,6 @@ var ShellUserVerifier = class {
+         this._settings = new Gio.Settings({ schema_id: LOGIN_SCREEN_SCHEMA });
+         this._settings.connect('changed',
+                                this._updateDefaultService.bind(this));
+-        this._updateDefaultService();
+ 
+         this._fprintManager = new FprintManagerProxy(Gio.DBus.system,
+             'net.reactivated.Fprint',
+@@ -166,6 +165,8 @@ var ShellUserVerifier = class {
+         this.smartcardDetected = false;
+         this._checkForSmartcard();
+ 
++        this._updateDefaultService();
++
+         this._smartcardInsertedId = this._smartcardManager.connect('smartcard-inserted',
+                                                                    this._checkForSmartcard.bind(this));
+         this._smartcardRemovedId = this._smartcardManager.connect('smartcard-removed',
+@@ -527,7 +528,9 @@ var ShellUserVerifier = class {
+     }
+ 
+     _updateDefaultService() {
+-        if (this._settings.get_boolean(PASSWORD_AUTHENTICATION_KEY))
++        if (this._smartcardManager.loggedInWithToken())
++            this._defaultService = SMARTCARD_SERVICE_NAME;
++        else if (this._settings.get_boolean(PASSWORD_AUTHENTICATION_KEY))
+             this._defaultService = PASSWORD_SERVICE_NAME;
+         else if (this._settings.get_boolean(SMARTCARD_AUTHENTICATION_KEY))
+             this._defaultService = SMARTCARD_SERVICE_NAME;
+-- 
+2.31.1
+
+
+From 57ca969a0af6f65e71dc1158163b9c826bdb7079 Mon Sep 17 00:00:00 2001
+From: Ray Strode <rstrode@redhat.com>
+Date: Mon, 28 Sep 2015 19:57:36 -0400
+Subject: [PATCH 3/3] gdm: update default service when smartcard inserted
+
+Early on at start up we may not know if a smartcard is
+available.  Make sure we reupdate the default service
+after we get a smartcard insertion event.
+---
+ js/gdm/util.js | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/js/gdm/util.js b/js/gdm/util.js
+index 6b92e3564..e62114cb1 100644
+--- a/js/gdm/util.js
++++ b/js/gdm/util.js
+@@ -420,6 +420,8 @@ var ShellUserVerifier = class {
+             else if (this._preemptingService == SMARTCARD_SERVICE_NAME)
+                 this._preemptingService = null;
+ 
++            this._updateDefaultService();
++
+             this.emit('smartcard-status-changed');
+         }
+     }
+-- 
+2.31.1
+