1 |
commit: f2394513fd33929540f0fe6c5500b41094038d29 |
2 |
Author: Mart Raudsepp <leio <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sun May 5 11:31:53 2019 +0000 |
4 |
Commit: Mart Raudsepp <leio <AT> gentoo <DOT> org> |
5 |
CommitDate: Sun May 5 11:53:57 2019 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f2394513 |
7 |
|
8 |
gnome-base/gdm: workaround file perm and bluetooth sound issues |
9 |
|
10 |
Install a pulseaudio default config file which unloads bluetooth modules, |
11 |
to avoid logged in users failing to load these modules upon log-in due to |
12 |
device locks. As bluetooth sound may be important for a11y screen reader |
13 |
over bluetooth sound, a USE flag is provided to keep loading bluetooth |
14 |
modules; as this shouldn't be a common case (especially as normal sound |
15 |
still works, it's just about sound over bluetooth), this USE flag is |
16 |
default disabled. |
17 |
|
18 |
Add back file ownership tweaks, as users still somehow end up with |
19 |
wrong permissions. At least if the path where Xorg sessions log file |
20 |
gets written has wrong permissions, Xorg fails to start and gdm with it. |
21 |
|
22 |
Bug: https://bugs.gentoo.org/679526 |
23 |
Closes: https://bugs.gentoo.org/669146 |
24 |
Package-Manager: Portage-2.3.62, Repoman-2.3.12 |
25 |
Signed-off-by: Mart Raudsepp <leio <AT> gentoo.org> |
26 |
|
27 |
gnome-base/gdm/files/default.pa | 18 +++ |
28 |
gnome-base/gdm/gdm-3.30.3-r3.ebuild | 246 ++++++++++++++++++++++++++++++++++++ |
29 |
gnome-base/gdm/metadata.xml | 3 + |
30 |
3 files changed, 267 insertions(+) |
31 |
|
32 |
diff --git a/gnome-base/gdm/files/default.pa b/gnome-base/gdm/files/default.pa |
33 |
new file mode 100644 |
34 |
index 00000000000..0922c37a7f9 |
35 |
--- /dev/null |
36 |
+++ b/gnome-base/gdm/files/default.pa |
37 |
@@ -0,0 +1,18 @@ |
38 |
+#!/usr/bin/pulseaudio -nF |
39 |
+# |
40 |
+ |
41 |
+# load system wide configuration |
42 |
+.include /etc/pulse/default.pa |
43 |
+ |
44 |
+### unload driver modules for Bluetooth hardware |
45 |
+.nofail |
46 |
+ |
47 |
+.ifexists module-bluetooth-policy.so |
48 |
+unload-module module-bluetooth-policy |
49 |
+.endif |
50 |
+ |
51 |
+.ifexists module-bluetooth-discover.so |
52 |
+unload-module module-bluetooth-discover |
53 |
+.endif |
54 |
+ |
55 |
+.fail |
56 |
|
57 |
diff --git a/gnome-base/gdm/gdm-3.30.3-r3.ebuild b/gnome-base/gdm/gdm-3.30.3-r3.ebuild |
58 |
new file mode 100644 |
59 |
index 00000000000..85fce600274 |
60 |
--- /dev/null |
61 |
+++ b/gnome-base/gdm/gdm-3.30.3-r3.ebuild |
62 |
@@ -0,0 +1,246 @@ |
63 |
+# Copyright 1999-2019 Gentoo Authors |
64 |
+# Distributed under the terms of the GNU General Public License v2 |
65 |
+ |
66 |
+EAPI=6 |
67 |
+GNOME2_LA_PUNT="yes" |
68 |
+GNOME2_EAUTORECONF="yes" |
69 |
+ |
70 |
+inherit eutils gnome2 pam readme.gentoo-r1 systemd udev user |
71 |
+ |
72 |
+DESCRIPTION="GNOME Display Manager for managing graphical display servers and user logins" |
73 |
+HOMEPAGE="https://wiki.gnome.org/Projects/GDM" |
74 |
+ |
75 |
+SRC_URI="${SRC_URI} |
76 |
+ branding? ( https://www.mail-archive.com/tango-artists@×××××××××××××××××.org/msg00043/tango-gentoo-v1.1.tar.gz ) |
77 |
+" |
78 |
+ |
79 |
+LICENSE=" |
80 |
+ GPL-2+ |
81 |
+ branding? ( CC-BY-SA-4.0 ) |
82 |
+" |
83 |
+ |
84 |
+SLOT="0" |
85 |
+ |
86 |
+IUSE="accessibility audit bluetooth-sound branding elogind fprint +introspection ipv6 plymouth selinux smartcard systemd tcpd test wayland xinerama" |
87 |
+REQUIRED_USE="^^ ( elogind systemd )" |
88 |
+ |
89 |
+KEYWORDS="~alpha ~amd64 ~arm ~ia64 ~ppc ~ppc64 ~sh ~x86" |
90 |
+ |
91 |
+# NOTE: x11-base/xorg-server dep is for X_SERVER_PATH etc, bug #295686 |
92 |
+# nspr used by smartcard extension |
93 |
+# dconf, dbus and g-s-d are needed at install time for dconf update |
94 |
+# We need either systemd or >=openrc-0.12 to restart gdm properly, bug #463784 |
95 |
+COMMON_DEPEND=" |
96 |
+ app-text/iso-codes |
97 |
+ >=dev-libs/glib-2.44:2 |
98 |
+ dev-libs/libgudev |
99 |
+ >=x11-libs/gtk+-2.91.1:3 |
100 |
+ >=gnome-base/dconf-0.20 |
101 |
+ >=gnome-base/gnome-settings-daemon-3.1.4 |
102 |
+ gnome-base/gsettings-desktop-schemas |
103 |
+ >=media-libs/fontconfig-2.5.0:1.0 |
104 |
+ >=media-libs/libcanberra-0.4[gtk3] |
105 |
+ sys-apps/dbus |
106 |
+ >=sys-apps/accountsservice-0.6.35 |
107 |
+ |
108 |
+ x11-base/xorg-server |
109 |
+ x11-libs/libXau |
110 |
+ x11-libs/libX11 |
111 |
+ x11-libs/libXdmcp |
112 |
+ x11-libs/libXext |
113 |
+ x11-libs/libxcb |
114 |
+ >=x11-misc/xdg-utils-1.0.2-r3 |
115 |
+ |
116 |
+ virtual/pam |
117 |
+ elogind? ( >=sys-auth/elogind-239.3[pam] ) |
118 |
+ systemd? ( >=sys-apps/systemd-186:0=[pam] ) |
119 |
+ |
120 |
+ sys-auth/pambase[elogind?,systemd?] |
121 |
+ |
122 |
+ audit? ( sys-process/audit ) |
123 |
+ introspection? ( >=dev-libs/gobject-introspection-0.9.12:= ) |
124 |
+ plymouth? ( sys-boot/plymouth ) |
125 |
+ selinux? ( sys-libs/libselinux ) |
126 |
+ tcpd? ( >=sys-apps/tcp-wrappers-7.6 ) |
127 |
+ xinerama? ( x11-libs/libXinerama ) |
128 |
+" |
129 |
+# XXX: These deps are from session and desktop files in data/ directory |
130 |
+# fprintd is used via dbus by gdm-fingerprint-extension |
131 |
+# gnome-session-3.6 needed to avoid freezing with orca |
132 |
+RDEPEND="${COMMON_DEPEND} |
133 |
+ >=gnome-base/gnome-session-3.6 |
134 |
+ >=gnome-base/gnome-shell-3.1.90 |
135 |
+ x11-apps/xhost |
136 |
+ |
137 |
+ accessibility? ( |
138 |
+ >=app-accessibility/orca-3.10 |
139 |
+ gnome-extra/mousetweaks ) |
140 |
+ fprint? ( |
141 |
+ sys-auth/fprintd |
142 |
+ sys-auth/pam_fprint ) |
143 |
+ |
144 |
+ !gnome-extra/fast-user-switch-applet |
145 |
+" |
146 |
+DEPEND="${COMMON_DEPEND} |
147 |
+ app-text/docbook-xml-dtd:4.1.2 |
148 |
+ dev-util/gdbus-codegen |
149 |
+ dev-util/glib-utils |
150 |
+ dev-util/itstool |
151 |
+ >=sys-devel/gettext-0.19.8 |
152 |
+ virtual/pkgconfig |
153 |
+ x11-base/xorg-proto |
154 |
+ test? ( >=dev-libs/check-0.9.4 ) |
155 |
+ app-text/yelp-tools |
156 |
+" # yelp-tools needed for eautoreconf to not lose help docs (m4_ifdeffed YELP_HELP_INIT call and setup) |
157 |
+ |
158 |
+DOC_CONTENTS=" |
159 |
+ To make GDM start at boot with systemd, run:\n |
160 |
+ # systemctl enable gdm.service\n |
161 |
+ \n |
162 |
+ To make GDM start at boot with OpenRC, edit /etc/conf.d to have |
163 |
+ DISPLAYMANAGER=\"gdm\" and enable the xdm service:\n |
164 |
+ # rc-update add xdm |
165 |
+ \n |
166 |
+ For passwordless login to unlock your keyring, you need to install |
167 |
+ sys-auth/pambase with USE=gnome-keyring and set an empty password |
168 |
+ on your keyring. Use app-crypt/seahorse for that.\n |
169 |
+ \n |
170 |
+ You may need to install app-crypt/coolkey and sys-auth/pam_pkcs11 |
171 |
+ for smartcard support |
172 |
+" |
173 |
+ |
174 |
+pkg_setup() { |
175 |
+ enewgroup gdm |
176 |
+ enewgroup video # Just in case it hasn't been created yet |
177 |
+ enewuser gdm -1 -1 /var/lib/gdm gdm,video |
178 |
+ |
179 |
+ # For compatibility with certain versions of nvidia-drivers, etc., need to |
180 |
+ # ensure that gdm user is in the video group |
181 |
+ if ! egetent group video | grep -q gdm; then |
182 |
+ # FIXME XXX: is this at all portable, ldap-safe, etc.? |
183 |
+ # XXX: egetent does not have a 1-argument form, so we can't use it to |
184 |
+ # get the list of gdm's groups |
185 |
+ local g=$(groups gdm) |
186 |
+ elog "Adding user gdm to video group" |
187 |
+ usermod -G video,${g// /,} gdm || die "Adding user gdm to video group failed" |
188 |
+ fi |
189 |
+} |
190 |
+ |
191 |
+src_prepare() { |
192 |
+ # ssh-agent handling must be done at xinitrc.d, bug #220603 |
193 |
+ eapply "${FILESDIR}/${PN}-2.32.0-xinitrc-ssh-agent.patch" |
194 |
+ |
195 |
+ # Gentoo does not have a fingerprint-auth pam stack |
196 |
+ eapply "${FILESDIR}/${PN}-3.8.4-fingerprint-auth.patch" |
197 |
+ |
198 |
+ # Drop legacy argument to pam_systemd.so, included in 3.32 |
199 |
+ eapply "${FILESDIR}/${PV}-pam-drop-legacy-arg.patch" |
200 |
+ # Support pam_elogind.so in gdm-launch-environment.pam |
201 |
+ eapply "${FILESDIR}/pam-elogind.patch" |
202 |
+ |
203 |
+ # Wait 10 seconds for a DRM master with systemd. Workaround for gdm not waiting for CanGraphical=yes property on the seat. Bug #613222 |
204 |
+ eapply "${FILESDIR}/gdm-CanGraphical-wait.patch" # needs eautoreconf |
205 |
+ |
206 |
+ # Show logo when branding is enabled |
207 |
+ use branding && eapply "${FILESDIR}/${PN}-3.30.3-logo.patch" |
208 |
+ |
209 |
+ gnome2_src_prepare |
210 |
+} |
211 |
+ |
212 |
+src_configure() { |
213 |
+ # PAM is the only auth scheme supported |
214 |
+ # even though configure lists shadow and crypt |
215 |
+ # they don't have any corresponding code. |
216 |
+ # --with-at-spi-registryd-directory= needs to be passed explicitly because |
217 |
+ # of https://bugzilla.gnome.org/show_bug.cgi?id=607643#c4 |
218 |
+ # Xevie is obsolete, bug #482304 |
219 |
+ |
220 |
+ # --with-initial-vt=7 conflicts with plymouth, bug #453392 |
221 |
+ # gdm-3.30 now reaps (stops) the login screen when the login VT isn't active, which |
222 |
+ # saves on memory. However this means if we don't start on VT1, gdm doesn't start up |
223 |
+ # before user manually goes to VT7. Thus as-is we can not keep gdm away from VT1, |
224 |
+ # so lets try always having it in VT1 and see if that is an issue for people before |
225 |
+ # hacking up workarounds for the initial start case. |
226 |
+ # ! use plymouth && myconf="${myconf} --with-initial-vt=7" |
227 |
+ local myconf=( |
228 |
+ --enable-gdm-xsession |
229 |
+ --enable-user-display-server |
230 |
+ --with-run-dir=/run/gdm |
231 |
+ --localstatedir="${EPREFIX}"/var |
232 |
+ --disable-static |
233 |
+ --with-xdmcp=yes |
234 |
+ --enable-authentication-scheme=pam |
235 |
+ --with-default-pam-config=exherbo |
236 |
+ --with-pam-mod-dir=$(getpam_mod_dir) |
237 |
+ --with-udevdir=$(get_udevdir) |
238 |
+ --with-at-spi-registryd-directory="${EPREFIX}"/usr/libexec |
239 |
+ --without-xevie |
240 |
+ $(use_enable systemd systemd-journal) |
241 |
+ --with-systemdsystemunitdir="$(systemd_get_systemunitdir)" |
242 |
+ $(use_with audit libaudit) |
243 |
+ $(use_enable ipv6) |
244 |
+ $(use_with plymouth) |
245 |
+ $(use_with selinux) |
246 |
+ $(use_with tcpd tcp-wrappers) |
247 |
+ $(use_enable wayland wayland-support) |
248 |
+ $(use_with xinerama) |
249 |
+ ) |
250 |
+ |
251 |
+ if use elogind; then |
252 |
+ myconf+=( |
253 |
+ --with-initial-vt=7 # TODO: Revisit together with startDM.sh and other xinit talks; also ignores plymouth possibility |
254 |
+ SYSTEMD_CFLAGS=`pkg-config --cflags "libelogind" 2>/dev/null` |
255 |
+ SYSTEMD_LIBS=`pkg-config --libs "libelogind" 2>/dev/null` |
256 |
+ ) |
257 |
+ fi |
258 |
+ |
259 |
+ gnome2_src_configure "${myconf[@]}" |
260 |
+} |
261 |
+ |
262 |
+src_install() { |
263 |
+ gnome2_src_install |
264 |
+ |
265 |
+ if ! use accessibility ; then |
266 |
+ rm "${ED}"/usr/share/gdm/greeter/autostart/orca-autostart.desktop || die |
267 |
+ fi |
268 |
+ |
269 |
+ exeinto /etc/X11/xinit/xinitrc.d |
270 |
+ newexe "${FILESDIR}/49-keychain-r1" 49-keychain |
271 |
+ newexe "${FILESDIR}/50-ssh-agent-r1" 50-ssh-agent |
272 |
+ |
273 |
+ # gdm user's home directory |
274 |
+ keepdir /var/lib/gdm |
275 |
+ fowners gdm:gdm /var/lib/gdm |
276 |
+ |
277 |
+ if ! use bluetooth-sound ; then |
278 |
+ # Workaround https://gitlab.freedesktop.org/pulseaudio/pulseaudio/merge_requests/10 |
279 |
+ # bug #679526 |
280 |
+ insinto /var/lib/gdm/.config/pulse |
281 |
+ doins "${FILESDIR}"/default.pa |
282 |
+ fi |
283 |
+ |
284 |
+ # install XDG_DATA_DIRS gdm changes |
285 |
+ echo 'XDG_DATA_DIRS="/usr/share/gdm"' > 99xdg-gdm |
286 |
+ doenvd 99xdg-gdm |
287 |
+ |
288 |
+ use branding && newicon "${WORKDIR}/tango-gentoo-v1.1/scalable/gentoo.svg" gentoo-gdm.svg |
289 |
+ |
290 |
+ readme.gentoo_create_doc |
291 |
+} |
292 |
+ |
293 |
+pkg_postinst() { |
294 |
+ gnome2_pkg_postinst |
295 |
+ local d ret |
296 |
+ |
297 |
+ # bug #669146; gdm may crash if /var/lib/gdm subdirs are not owned by gdm:gdm |
298 |
+ ret=0 |
299 |
+ ebegin "Fixing "${EROOT}"var/lib/gdm ownership" |
300 |
+ chown --no-dereference gdm:gdm "${EROOT}var/lib/gdm" || ret=1 |
301 |
+ for d in "${EROOT}var/lib/gdm/"{.cache,.color,.config,.dbus,.local}; do |
302 |
+ [[ ! -e "${d}" ]] || chown --no-dereference -R gdm:gdm "${d}" || ret=1 |
303 |
+ done |
304 |
+ eend ${ret} |
305 |
+ |
306 |
+ systemd_reenable gdm.service |
307 |
+ readme.gentoo_print_elog |
308 |
+} |
309 |
|
310 |
diff --git a/gnome-base/gdm/metadata.xml b/gnome-base/gdm/metadata.xml |
311 |
index ac51d07ebe2..905cfca7884 100644 |
312 |
--- a/gnome-base/gdm/metadata.xml |
313 |
+++ b/gnome-base/gdm/metadata.xml |
314 |
@@ -6,6 +6,9 @@ |
315 |
<name>Gentoo GNOME Desktop</name> |
316 |
</maintainer> |
317 |
<use> |
318 |
+ <flag name="bluetooth-sound">Allow loading of bluetooth sound modules. |
319 |
+ This may be necessary for accessibility screen readers, but may cause bluetooth |
320 |
+ sound issues for users logging in.</flag> |
321 |
<flag name="elogind">Use <pkg>sys-auth/elogind</pkg> for session management</flag> |
322 |
<flag name="fprint">Enables experimental fingerprint authentication using |
323 |
<pkg>sys-auth/fprintd</pkg></flag> |