-
Notifications
You must be signed in to change notification settings - Fork 0
/
NEWS
2488 lines (1617 loc) · 83.2 KB
/
NEWS
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
Ahh news...
2.6.0.5 stuff:
- Doc update (Brian Cameron)
- Solaris fix (don't call logindevperm if not on the console) (Brian Cameron)
- Translation updates (Akagic Amila, Jesus Bravo Alvarez,
Theppitak Karoonboonyanan, Laszlo Dvornik, Supranee Thirawatthanasuk,
Hendrik Richter, Dafydd Harries, Francisco Javier F. Serrador,
Tommi Vainikainen, David Lodge, Marius Andreiana, Misu Moldovan,
Baris Cicek, Vincent van Adrighem, Tino Meinen, Nikos Charonitakis,
Arafat Medini, Asmund Skjaeveland, Hasbullah Bin Pit, Ryoichi INAGAKI,
Changwoo Ryu, Jordi Mallach, Danilo Segan, Laurent Dhima,
Maxim Dziumanenko, Christian Rose)
2.6.0.4 stuff:
- Allow not checcking directory owners with CheckDirOwner key,
(Andreas Schubert)
- FreeBSD support for VTAllocation stuff (Alexander Nedousukov)
- Add de_AT, de_CH, fr_BE, fr_CH, hy_AM to language list (#148349, #139454)
- Add more native versions of language names and fix up existing ones,
#148373, #148486, 148356, #148350, #88777, #150293
- Add support for Solaris logindevperm and usiting (Brian Cameron)
- Fix some strings, fixes #144076, #144077, #147800
- On sun we automatically make the default config add -nobanner to
the X server flags (Arvind)
- Fix doubleclicking on the user browser in the standard greeter
- Fix #144007 where bad .profile could screw up a session start
- Fix #148042 by making GETTEXT_PACKAGE just gdm
- Fix #147940 by properly checking if shutdown/reboot/suspend commands exist
in the graphical greeter
- Fix #143707 by using Exclude key for the user dropdown lists in gdmsetup
- Fix some compiler warnings for new gcc
- .dmrc is created with umask 077 for maximum anality
- Translation updates (Kjartan Maraas, Laszlo Dvornik, Laurent Dhima,
Martin Willemoes Hansen, Marie Lund, Metin Amiroff, Francisco Javier F.
Serrador, Duarte Loreto, Tommi Vainikainen, Leonid Kanter, Changwoo Ryu,
Funda Wang, Artur Flinta, GNOME PL Team, Miloslav Trmac, Adam Weinberger,
Estevao Samuel Procopio, Tommi Vainikainen, Danilo Segan, Guntupalli
Karunakar, Lucas Vieites, Christian Neumair, Nikos Charonitakis,
Gustavo Maciel Dias Vieira, Afonso Celso Medina, Sebastien Bacher,
Ole Laursen, Ivan Stojmirov, Andras Timar)
2.6.0.3 stuff:
- Fix cpu/bandwidth eating on idle displays by not blinking the cursor
after 20 seconds of inactivity on anything other then :0, fixes #135764
- In the face greeter cut after a comma in the gecos field if there are
at least two commas since then it's probably some login arguments and
not the name of the user, "fixes" #142274
- Apply patch to make the language dialog at most 600 pixels so that it
doesn't look too crappy on large displays, #142175 (Leonard Michlmayr)
- Fix last_x_failed possible infinite loop on slow machines, #141497
- Fix multihead wanker code in the *mouselistener modules, this confused
the moronic bonobo DISPLAY logic
- Don't use certain languages on the console. Controlled by the
daemon/ConsoleCannotHandle config key, but that's a hack. Oh well,
better then displaying garbage in cjk and similar. "fixes" #135387
- Ensure proper ~/.ICEauthority permissions to fix broken cases such
as gnome-session vs. suid root apps that create root owned ~/.ICEauthority,
"fixes" #137345
- We no longer use `which' command which is horribly broken on some horribly
broken systems and use a private shell version, #133245 (Brian Cameron, me)
- Solaris fixes, #137600 (build), #133245 (chown arguments) (Brian Cameron,
Ivan Noris)
- Support system-config-display as X setup for FC2
- Further shell quoting paranoia in gdmsetup
- Many minor fixes
- Add some new new icons (James M. Cape)
- Translation updates (Francisco Javier F. Serrador, Alexander Shopov,
Rostislav Raykov, Dinesh Nadarajah, Asmund Skjaeveland)
2.6.0.2 stuff:
- Fix PAM braindamage in #119853 and #126984 (Frederic Crozat, me)
- Fix the flexiserver protocol (gdmflexiserver should no longer hang)
- Disable IPv6 by default, it's still kind of problematic, you have
to explicitly enable it now with --enable-ipv6=yes
- Fix some IPv6 issues, #133246
- Fix message weirdness in the greeters, #123958 (Frederic Crozat, me)
- Set font correctly on theming, #125070 (Muktha, me)
- Translation updates (John C Barstow, Vincent van Adrighem, Christophe Merlet,
Changwoo Ryu)
2.6.0.1 stuff:
- Also ensure that /tmp/.X11-unix exists as well as /tmp/.ICE-unix, and
do this in a way to avoid self races
- Main daemon now ignores SIGPIPE which it can get which would cause
a crash (Jerry Wall)
- Fix a file descriptor leak when closing slaves (Jerry Wall)
- Fixed IPv6 authorization setting in .Xauthority (Vijaykumar Patwari)
- Some typos fixed
- Translation updates (Guntupalli Karunakar, Christian Rose, Gareth Owen,
Andras Timar, Gujarati Team, Christophe Merlet, Inaki Larranaga,
Changwoo Ryu, Samuel Jon Gunnarsson, Helgi, Pormar Porbjornsson,
Zuza Software Foundation, Ole Laursen, Jaswinder Singh Phulewala,
Asmund Skjaeveland, Robert Sedak, Takeshi Aihana, Mugurel Tudor,
Misu Moldovan, Abel Cheung, Kevin Kee, Baris Cicek, Telsa Gwynne,
Sayamindu Dasgupta, Indranil Dasgupta, Francisco Javier F. Serrador,
Arafat Medini, Indictrans team, Leonid Kanter, Dafydd Harries,
Alession Frusciante, Francesco Marletta)
2.6.0.0 stuff:
- DisplayLastLogin defaults to false since '/usr/bin/last' is stupidly
unlocalized
- Add translated (de, es, fr, it, ja, ko, sv, zh_CN, zh_HK and zh_TW)
documentation (Glynn, Sun translation team)
- Translation updates (Christophe Merlet, Christian Neumair, Maxim Dziumanenko,
Telsa Gwynne, Stanislav Visnovsky, Gustavo Maciel Dias Vieira,
Alastair McKinstry, Alexander Winston, Sanlig Badral, Vincent van Adrighem,
Michiel Sikkes, Funda Wang, Ales Nyakhaychyk, Metin Amiroff, Takeshi AIHANA,
Alessio Frusciante, Francesco Marletta)
2.5.90.2 stuff:
- Support for GTK+ theming (accessibility) and ability to change current
theme in the standard login, fixes #125070 (Muktha, me)
- Hindi was written wrong in the language menu fixes #134372
(Guntupalli Karunakar)
- When restarting a server by whacking it and starting it again, wait
for 1 sec to allow things to "settle", plus be a lot milder on X
server's lock files / sockets to avoid whacking ones currently in use
- Make language dialog in the graphical greeter come up quicker and init
the languages lazily
- Fix #135232 by using code@mod for the translation matrix (me), and added
Serbian variants there (Danilo Segan)
- Fix #135053 by adding canadian english (Adam Weinberger, Danilo Segan)
- Fix sourcing of environment on AIX, #135401 (Vincent Berger)
- Fix displaying of ~/.xsession-errors file
- Attempt to handle out of user diskspace more gracefully by whacking old
.xsession-errors in case we fail.
- Translation updates (Nikos Charonitakis, Jordi Mallach, Funda Wang,
Tommi Vainikainen, Kostas Papadimas, Kjartan Maraas, Miloslav Trmac,
Laurent Dhima, Zygimantas Berucka, Christian Rose, Changwoo Ryu,
Yukihiro Nakai, Duarte Loreto, Christophe Merlet,
Francisco Javier F. Serrador, Artur Flinta, Alastair McKinstry,
Guntupalli Karunakar, Takeshi AIHANA, Paisa Seeluangsawat,
Surichat Sumrit, Supranee Thirawatthanasuk, Chanchai Junlouchai,
Adam Weinberger, Christian Neumair, Hasbullah Bin Pit,
Pauli Virtanen, Ole Laursen, Asmund Skjaeveland, Metin Amiroff,
Vincent van Adrighem, Tino Meinen, GNOME PL Team)
2.5.90.1 stuff:
- Login field was not clearned when x server / slave crashed (#131389)
- Change the 12 hour format to be less confusing (#133189)
- Re-fix the aix ADMCHG bug #123766 (Vincent Berger)
- keymouselistener fixes (Brian Cameron)
- Compilation fixes #131042, #130963
- Build fixes (Tomasz Kloczko)
- Other fixes and cleanups (among others #133181 by Mariano Suarez-Alvarez)
- Translation update (Andras Timar, Francisco Javier F. Serrador, Lucas Vieites,
Maxim Dziumanenko, Robert Sedak, Metin Amiroff, Laurent Dhima, Changwoo Ryu,
Kjartan Maraas, Miloslav Trmac, Asmund Skjaeveland, Sanlig Badral,
Zygimantas Berucka, Kostas Papadimas, Christian Neumair, Artur Flinta,
GNOME PL Team, Gustavo Maciel Dias Vieira, Joao Emanuel, Danilo Segan,
Vincent van Adrighem, Tino Meinen, Fernando Herrera, Arafat Medini)
2.5.90.0 stuff:
- Add accessibility setting to gdmsetup and allow setting an arbitrary
sound for the "ready for login" sound. (#125487)
- gdmflexiserver now lists running sessions if there are some and allow
the users to easily switch. (#127038)
- Display last login when the user enters their name (can be turned
off) (#128940)
- Inactive flexiservers are reaped by default after 5 minutes.
- Accessibility modules set the busy cursor for 2 secs to show that
an action was started (#125153)
- Doubleclicking on a language in graphical greeter selects it
(Kirk Mitchener, #123199)
- Optional info message on login (sort of like motd) (Anton Altaparmakov,
#125219)
- New SUP (socket protocol) commands to request shutdown/reboot after
session ends or after all users log out. Also new SUP commands for
querying and setting the VT on Linux.
- A --wait-for-go option that will start one X server and then wait until
GO is sent through the fifo before going further.
- IPv6 support (Archana Shah)
- Built in sessions are out of /etc/X11/dm/Sessions and moved to
<datadir>/gdm/BuiltInSessions
- Fix chooser commonication vs. accessibility stuff (#125064)
- Fix RetryDelay and make it default to 1 and not 3 (Leena Gunda, me, #128507)
- On AIX without PAM, password expiration is done (Vincent Berger, me, #123766)
- On crypt/shadow the double login warning was too early, now done after
authentication as in the PAM setup.
- Clients are now forcibly whacked at session stop, should "fix" #126071
- Use GtkFileChooser in gdmsetup (Jan Arne Petersen, #128668)
- Paranoia: Check owenership of the socket before using it
- Fix xdmcp session counting (#126465)
- Warn the user when they want to set root as autologin (RH #97716)
- StandardXServer can now have arguments
- Default color is now #76848F and the PreSession script tries
to use the default gdm color to fix #128220
- Fix assert failure when starting Xnest (#127780)
- Indent the chooser and config toggles in the setup (#120639)
- Lots of cleanup and fixes and adding to the general paranoia in the
code. (me, Ray Strode, Brian Cameron)
- Translation updates (Miloslav Trmac, Andras Timar, David O'Callaghan,
Paul Duffy, Danilo Segan, Vincent van Adrighem, Kostas Papadimas,
Jordi Mallach, Ole Laursen, Dmitry G. Mastrukov, Russian team,
Sanlig Badral, Francisco Javier F. Serrador, Lucas Vieites,
Laurent Dhima, Asmund Skjaeveland, Artur Flinta, Duarte Loreto,
Robert Sedak, Christophe Merlet, Christian Neumair, Zygimantas Berucka)
2.4.4.5 stuff:
- Brown paper security bag: ~/.Xauthority could be left readable
after logout
- gecos info (face browser user name) didn't get through if non-utf8
(Frederic Crozat) (fixes mandrake #5309)
- Translation updates (another brown paper bag, these went in over
the last month) (Kjartan Maraas, Andras Timar, Danilo Segan,
Ales Nyakhaychyk, Asmund Skjaeveland, Gustavo Maciel Dias Vieira,
Augusta Marques da Silva, Richard Allen)
2.4.4.4 stuff:
- SECURITY: Fixed CAN-2003-0793, a local DoS, the socket connection
is now non-blocking and limitted to the number of commands
- SECURITY: Fixed CAN-2003-0794, a local DoS, the line length is limitted
to 4096 bytes (note, this was not a buffer overrun).
(Thanks to Jarno Gassenbauer for pointing out the above two problems)
- Avoid possible DoS by using "-audit 0" for the X server command line
- When cookies are in the fallback dir touch them every
12 hours to avoid tmpwatch from removing them
- Add config key NeverPlaceCookiesOnNFS to allow
cookie files on NFS or similar filesystems
- Graphical greeter now graphically complains if it can't
load a theme rather then plainly failing.
- Go shell quoting crazy (fixes among others rh #105858,
but none of the issues were actually security problems,
"annoying" on really weird configs at most)
- Some more anality with touching user owned files
- Fixed the graphical greeter line breaking to not upset
pango and generally work with marked up strings
- Fix an underlining bug in the graphical greeter when the underlined letter
is the last letter. (discussed in rh #106189)
- Minor other fixes (among others #123958, #124680)
2.4.4.3 stuff:
- The graphical greeter now wraps text correctly (and
all text). Plus you can insert \n in the welcome text
now too (it worked for gdmlogin before) Fixes #123017
- The entry type in the graphical greeter listens to
font and color from the normal state (it only has
the normal state) (Anton Altaparmakov, me)
- Tweak fontsizes in the default themes to be smaller. For
some reason they very suddenly very huge.
- Further memory savings in the graphical greeter (though
it may be offset by the new wrapping code which is quite
large :)
- Another security audit, but no new security holes found,
on the other hand lots of code changed to being
super-anal (which is never bad in something running as
root)
- Lots of random fixes again
2.4.4.2 stuff:
- Fix the session setup to be both back-compatible and
fully KDM (kde 3.2) compatible, among others:
- SessionDesktopDir is now a path
- Change 'Default' to 'default'
- Honour TryExec correctly
- Other then 'default', the gnome and CDE sessions are
now installed in /usr/share/xsessions (if prefix==/usr)
- Support SELinux
- Fix the 'switchdesk' mode and mention 'switchdesk'
only if it's actually installed (rh #104287)
- Use the a11y modules for the chooser as well as the
error dialogs
- Lots of dwellmouselistener and keymouselistener a11y
modules fixing, as in they actually work now,
among other fixes are #122944, #122658, #122616
- Default gestures for gok (David Bolter, me)
- Lots of small fixes
- Error dialogs are now crashing theme/module tolerant
- Load ~/.face.icon for kde 3.2 interoperability
- Clean up the random stuff again a bit (we get more entropy
for less work, yay!)
- Documentation updates
- Translation updates (Alessio Frusciante, Francesco Marletta,
Changwoo Ryu)
2.4.4.1 stuff:
- Update the manual a bit
- Some internal cleanup
- Be ultra anal with creating the user protocol socket
- Don't fall back to 'nobody' if the gdm user is not found
(that is a horrible behaviour)
- Support and write KDM style .dmrc (KDM will use this in
the next version). Still KDM will use /etc/X11/sessions,
and we're using /etc/X11/dm/Sessions, oh well, life can't
be perfect, next time ...
- Translation updates (Andras Timar, Pablo Saratxaga, Vincent van Adrighem,
Guntupalli Karunakar, Pablo Gonzalo del Campo, Francisco Javier F. Serrador,
Mugurel Tudor, Misu Moldovan, KAMAGASAKO Masatoshi, Gustavo Noronha Silva,
Hasbullah Bin Pit, Christian Neumair)
Major changes in 2.4.4.x since 2.4.1.x:
- Full reference documentation!
- Facebrowser support in the graphical greeter
- Better HIG support
- Many security improvements
- Performance and memory usage improvements
- XDMCP much more robust
- Better support for running XDMCP-only servers
- Session setup is reworked into a new common standard
to be implemented in KDM soon
- "Proper" support for PAM making things like
smartcard modules possible
- XDMCP chooser may be run directly from the local
login dialog (or you can have the chooser be default)
- A PostLogin script for finer grained login setup
- Many MANY bugfixes and build fixes
- Lots of new translations
- And lots of other new features, improvements,
and bugfixes, see individual news entries since
2.4.1.4
2.4.4.0 stuff (since 2.4.2.102):
- Updated the documentation quite a bit again.
- Make the .spec file work again
- Run pam_close_session and the delete cred AFTER the
PostSession script and all those places where we touch
the home dir so that pam_mount works properly
- Fix error output to point to the right places
- Create log file correctly during "make install"
- Translation updates (Dafydd Harries, Alessio Frusciante, Jordi Mallach,
Vincent van Adrighem, Ole Laursen, Stanislav Visnovsky, Abel Cheung,
Pablo Gonzalo del Campo, Lucas 'Basurero' Vieites, Danilo Segan,
Laurent Dhima, Christian Neumair)
2.4.2.102 stuff:
- Update the manual
- Fix error where GDM would take up 100% cpu in case
the Xsession file redirect .xsession-errors output
itself (which is really a bug IMO) (#120580)
- Fallback to an alternative file in the /tmp dir
if we can't create .xsession-errors (or if the home
dir is unsafe or it's a failsafe session)
- Fix sensitivity with respect to action menu toggle in
the security tab in gdmsetup (#120639)
- A whole bunch of fixes to how the xauth files
are set up
- Remove .Xauthority if it would be empty.
- Added --version command line option (#120409)
- The gdmsetup.desktop now has System in the
categories (#120360)
- Filenames are built properly without double '/'
everywhere (#118040)
- There is a simple gdm(1) man page
- Many minor fixes
- The AUTHORS file is updated
- Translation updates (Artur Flinta, Duarte Loreto,
Metin Amiroff, Tõivo Leedjärv, Changwoo Ryu,
Kjartan Maraas)
2.4.2.101 stuff:
- Memory profiling of the graphical greeter by not keeping
around info (pixmaps) which we won't need. On the circles
theme this saves about 6megs on the circles theme.
Also cache pixmaps in the graphical greeter which reduces
the disk rattling we need to do to start up. Plus a bit
of just performance profiling should reduce CPU usage of
the graphical greeter quite a bit too.
- Update the manual, especially the theme section
- The UserAuthDir now works in a much saner way. If the
directory is not tilde expanded, then we treat it just
like /tmp and use random filenames.
- Prevent a minor DoS attack (apps being coerced to fill
up the home dir) by intercepting the output from the
session and only writing to the ~/.xsession-errors
file a maximum of 80*2500 bytes.
- The user lists in the face browsers and the gdmsetup are
now capped at a higher number, but we also cap the time
that is spent gathering the info at 5 seconds.
- Deal with hypothetical main daemon crashes semi decently
in the slave.
- Try /dev/fd if /proc/self/fd isn't there for checking
which FDs are open, should make this work on more platforms
(in particular FreeBSD)
- Run fbconsole on startup if found, this is a solaris
thing to prevent console output to corrupt your display
(Brian Cameron)
- Use the 66 code from session to indicate failure that
need not display the .xsession-errors file
- Actually read the "active" state for text items
- Break all pam messages (not just the error) at 50
columns. This is kind of a hack, we need to support
proper linebreaking in the theme.
- Respect negative coordinates with "-0" in the
theme
- Display help from the setup program if not running
from within gdm itself
- The standard config file now has most keys commented out
so that the internal defaults are used and so that we can
change those defaults in the future without the user having
to update the config file.
- Improvements in the cookie generation. Doesn't use
up all the system entropy but just uses the 16 bytes it
actually needs (since we just need a 16 byte cookie).
Plus improve randomness on systems without /dev/random
and friends.
- Correctly handle out of diskspace on auth handling and
on the PID file thing.
- Fix the runlevel reading
- Fix possible crash on auth purge
- Fix possible chooser crash
- Fix lots of minor bugs
- Some soptimization to save a nanosecond or two
- Translation updates (Wang Jian, Funda Wang, Christian Rose, Jordi Mallach,
Danilo Segan, Artur Flinta, Miloslav Trmac, Duarte Loreto, Kostas Papadimas,
Ales Nyakhaychyk, Laurent Dhima, Christophe Merlet,
Evandro Fernandes Giovanini, Metin Amiroff, Pauli Virtanen, Dafydd Harries)
2.4.2.100 SECURITY ADDENDUM:
Was not part of the original release notes to give distributors a chance
to update.
- SECURITY: Fixed CAN-2003-0547 which allows any user to read any
root readable text file on the system by making a symlink from
~/.xsession-errors
- SECURITY: Fixed CAN-2003-0548, a crash when chosen host expires.
DoS only for XDMCP (XDMCP should however be confined to a 'trusted'
network anyway)
- SECURITY: Fixed CAN-2003-0549, a crash if authorization key name
is shorter then 18 bytes (that is, not MIT-MAGIC-COOKIE-1)
DoS only for XDMCP (XDMCP should however be confined to a 'trusted'
network anyway)
2.4.2.100 stuff:
- Fix #118878 by actually ensuring /tmp/.ICE-unix
- More doc updates
- Fix up rlimit use and handle cases where we ourself
hit SIGXCPU and SIGXFSZ. Also handle SIGABRT cleanly
in the main daemon.
- The error gui uses the same theme as the greeters
- The pam config files don't include the /lib/security
prefix as apparently it's more kosher to let pam
find the modules itself
- Fix some crashes in main daemon, fix debug output in places
- A whole pile of minor XDMCP updates
- Fix solaris build (Brian Cameron)
- Limit users in face browsers above 100 not 50
- Remove any mentions of SessionMaxFile as it isn't used anymore
- Some typos fixed (Jordi Mallach)
- Translation updates (Jordi Mallach, Artur Flinta, Christian Rose,
Miloslav Trmac, Kostas Papadimas, Duarte Loreto, Ole Laursen,
Danilo Segan, Christian Neumair)
2.4.2.99 stuff:
- Updated docs a bit
- When no local servers are defined we assume we have no console
and don't use the console to print messages with gdmopen and
dialog. Also --no-console now forces this (forces ignoring
[servers] section). Fixes debian #194613
- Changed required permissions on ServAuthDir to be: root.gdm 1770.
These are now enforced and GDM will try to set them if they're
not that way already.
- Fix PostLogin to behave like PostSession with respect to the return
value.
- Use /var/log/gdm by default as logdir rather then the ServAuthDir
- The face browsers all display at most 50 users. This should fix
very large systems where this may hang for a long time and more
then 50 users in a facebrowser is useless anyway.
- Reworked the server reinit to use SIGUSR1 as it should, should
fix some weird crashes which left X behind before.
- A lot of race hunting again.
- No more pam session_close and delete of credits if the user
has not yet logged in.
- SIGTERM should kill things at any point properly without hanging
- Faster shutdown in case there are lots of XDMCP sessions
open
- Fix hang on systems where maximum number of open file descriptors
is very very high. Use /proc/self/fd/ if available.
- Use sched_yield in places where we know the other process
really has stuff to do, so that we speed things along.
- Remove some deprecated function use (Steve Chaplin #118361)
- Don't build with tcp wrappers if we don't build XDMCP
- Don't include programmer references in translatable strings,
this time should really be fixed (#56654)
- Redo the user selector setup in pam. Now completely restart
pam when user is selected.
- In the face browsers the username is bold to separate it from
the user info
- An X bell is sounded when the username prompt comes on. Useful
for the blind.
- On exit from an XDMCP display whack all the clients with windows
to support the more broken displays.
- gdmchooser handles HUP gracefully and rereads config
- gdmthemetester improved
- Some build fixes
- Fix some C99 isms
- Many other fixes
- Translation updates (Christian Neumair, Dafydd Harries, Kostas Papadimas,
Artur Flinta, Duarte Loreto, Christophe Merlet, Kjartan Maraas,
Miloslav Trmac, Gil "Dolfin" Osher, Christian Rose, Kang Jeong-Hee,
Vincent van Adrighem, Pablo Gonzalo del Campo, Lucas 'Basurero' Vieites,
Jordi Mallach)
2.4.2.98 stuff:
- DOCUMENTATION! We have documentation! I've updated the
xml docs and they're installed so you can use the GNOME
help browser to browse them under GNOME|System. Or you
can view the HTML versions on the webpage
(www.jirka.org/gdm.html)
- Whack the GdmGreeterThemeManual.txt as it is now part
of the xml documentation
- Add mnemonics/keynav to a bunch of things and generally try to
fix issues from the HIG bugs filed in bugzilla (partially
fixes #117776, #117784, #117504
- Add "listitem" tag to the graphical themes. This allows
custom list widgets in the theme and then you can get
the info in a PreSession script or whatnot.
- The graphical greeter now scales down fonts on screens
800x600 and less, and scalles down fonts even more
on screens 640x480 and less.
- Remove the iconification of Standard greeter feature,
it was broken and I didn't want to fix it, and it was
weird anyway.
- Internal messaging is now faster as we use an internal pipe
instead of the FIFO file. Also reduces the damage gdm user
can do
- Don't XOpenDisplay so many times to make things run along
a lot faster, and use XSetAuthority instead of XAUTHORITY
env var internaly
- The server reinit is now safer, doesn't fork an extra process
and it's quite a bit faster
- Justification of text in the graphical greeter is based on
the anchor of the text
- We're very careful about the log directory as well as the
ServAuthDir
- Fix a bunch of errors (mostly portability stuff) by looking at the
FreeBSD cvs repository
- The server authfile is now unreadable by the gdm user during
a user sessions for security
- Fixed #109331, by catching term/int/hup signals properly when inside
the hanging gethostbyaddr/name
- The name resolution stuff now caches the last result for 60
seconds
- Get the name of the root user instead of assuming it's "root"
(fixes #117527)
- Fix hangs with the signal stuff by fixing the in_signal flag
undercounts and redoing the waitpid mess in the slave by using
a select call, and not doing that many things in the signal
handlers. Also fixes a long delay when restarting the greeter
- Fix configuration with --with-xinerama=no (#117895)
- The standard greeter clock will now look much better with
some themes.
- An empty return will once again log you into the timed user
as it did before I broke it
- The Xsession now displays $0 in output (Steve Chaplin, #117898)
- There is now a gdmtranslate libexec proggie that does what
the gettext command does, so we get translations from scripts
even on user systems (ones without developer kind of packages)
- Fix gdmaskpass internationalization
- Lots of random minor fixes
- Translation updates (Artur Flinta, Vincent van Adrighem,
Duarte Loreto, Pablo Gonzalo del Campo, Francisco Javier Fernandez,
Hasbullah Bin Pit, Noor Azurah Anuar, Christian Neumair,
Miloslav Trmac, Danilo Segan, Serbian team, Kang Jeong-Hee)
2.4.2.97 stuff:
- HIGify almost all the alert boxes.
- Fix install of the sessions setup by creating the /etc/X11/dm
dir fixes #116836
- Fix DNS lookup stuff in XDMCP for places without DNS. Also cache
last result of DNS lookup to cut down traffic during session setup.
- daemon, gdmgreeter, gdmlogin and gdmchooser don't link against
libgnome and friends (gdmgreeter still uses canvas). This
reduces number of libs linked by daemon from 46 to 26, for
gdmgreeter this goes from 56 to 32 and for gdmlogin this goes
from 52 to 22, and gdmchooser is down to 27
- If a greeter crashes within 10 seconds of display start, try
running a different greeter (and telling the user that)
- Fix the chooser so that it actually chooses the host that
you clicked on and not some random one. This also changes
the chooser to use GtkTreeView
- Fix #97774 by resetting the rlimits back after we fork the
user session. Also make AlwaysRestartServer default to false
again since it was a workaround for this bug.
- Checking for free display numbers was only taking into account
servers listening on tcp.
- The .desktop files include correct Terminal and StartupNotify
entries (Jordi Mallach)
- Fallback for home is now ServAuthDir for gdm processes
instead of / and for shell we use /bin/sh consistently
(rather then /bin/bash)
- The full error dialog is now run as the gdm user for security
(no more gtk code run as root) Also uses GtkTextView,
looks nicer and converts encoding correctly.
- Be very careful when opening files just about everywhere,
so this prevents some possible damange someone could do if
they do manage to get the gdm user privs.
- If X server crashes or doesn't otherwise whack its lockfile,
help it along, should fix #114003 and redhat #90014
- No translatable message contains unneccessary markup now
(fixes #101794 and #101795)
- gdmsetup .desktop file is now in the SystemSetup category
and so goes into System Setup in the menu (#116977)
- The bits that parse X output now understand v4 XFree86 output
correctly
- gdmopen now sets up TERM to "linux" on linux to make sure
that fonts come out all ok
- Use ve-config (from vicious-extensions) everywhere in the daemon
- Fix RH #84247 by checking for gettext binary before using it
- The standard themes now don't include the translated labels
since they weren't used anyway and this improves load times
and memory usage.
- Updated the theme document a bit, and the dtd is now in the
tarball in gui/greeter/
- Random other minor fixes
- Translation updates (Danilo Segan, Serbian team, Metin Amiroff,
Christian Rose, Kjartan Maraas, Artur Flinta, Vincent van Adrighem,
Valek Filippov, Laurent Dhima, Christophe Merlet, Mohammad DAMT,
Dafydd Harries, Kang Jeong-Hee, Simos Xenitellis, Miloslav Trmac,
Artur Flinta)
2.4.2.96 stuff:
- When you log in twice on a different server, gdm warns you and if
both logins are console logins on linux, then you can have gdm switch
consoles for you instead of logging on.
- Errorgui (failsafe) dialogs now run mostly under the gdm user and not as root
- In the .desktop files we now refer to GDM as Login Screen and not GDM,
fixes #85543
- Add ALL_SERVERS to the socket protocol which returns all the displays
- DESKTOP_SESSION is set in addition to GDMSESSION. Also these are unset
in the standard Xsession file not to pollute the env namespace.
- Add CDE session .desktop (Brian Cameron)
- Remove some debugging output (and make it only output stuff when debug is on)
- Fix the output reading of failsafe yes/no dialog
- Fix some typos in config stuff (Ali Akcaagac, me)
- Graphical greeter should now work again (Frederic Crozat, Diego Gonzalez, me)
- Fix compilation on non-pam setups and non-linux setup
- Fix default paths (Brian Cameron, me)
- Actually include the theme document!
- Minor other fixes
- Translation updates (Christian Rose, Vincent van Adrighem)
2.4.2.95 stuff:
- Completely new session setup, born out of discussions with Oswald
Buddenhagen, the KDM maintainer, which will bring about common session
setup for both GDM and KDM. We now basically have a common
/etc/X11/dm/Sessions directory where there are .desktop files are stored
which describe sessions and these will be shared among KDM and GDM.
Among other things this also makes the face browser default to using
~/.face and the per user saved info is in ~/.dmrc
- The greeter.dtd is updated and there is theme creation documentation
(Brian Cameron, Aidan Butler, me)
- A face browser for the graphical greeter. This is selecting by selecting
a theme that implements it. Add happygnome-list which does.
(Patrizio Bruno, me)
- The standard greeter has a GtkTreeView based face browser based on the
new one from the graphical greeter.
- Accesibility work. Add posibility of adding modules to the greeter through
AddGtkModules and GtkModulesList. Add guesture listeners. Dwell mouse
events. (Niall Power, Brian Cameron)
- Attempt at getting things HIG-ified
- Add "Run XDMCP chooser" button to the system menu, which is now called
the "Actions" menu, also allow a server type that runs a chooser by
adding a "chooser=true" to a server definition.
- The XDMCP chooser got an overhaul internally. Also there is an "Add"
button to add new hosts by typing in the hostname.
- Add a PostLogin script which is run right after login succeeds but before
any setup is done. This can be used if the users home directory needs
to be setup here.
- Add security/DisallowTCP which will append -nolisten tcp to all
console displays, and this is by default true. Fixes #87291
- PingInterval is now PingIntervalSeconds and is now in seconds, it makes no
sense in minutes really since nobody is that patient anymore these days, also
the comment in the config file said seconds, so I suppose this is a bugfix,
should "fix" #103266
- Add a "Delete theme" button to gdmsetup, add a scroll window to the
theme preview, fixes #110302 and #104757
- PAM now asks for username itself. This made LocalNoPasswordUsers impossible,
and so that was removed. This way hopefully we should work with some more
pam setups, such as smartcard ones. Fixes issues from #106537
- The GNOME session chooser stuff is removed since it wasn't working all
right anyway and was kind of icky.
- The F10 menu in the graphical greeter is nicer.
- When you doubleclick on the radiobutton in graphical greeter Actions
menu, it activates the item (Mihael Vrbanec)
- There is the Welcome label and RemoteWelcome label now. The local Welcome
label is now just "Welcome" since "Welcome to localhost" is silly. Also
the graphical greeter uses this, as long as you use the stock label text.
- Check for the capslock turned on before warning about it, and also only
mention "bad username or password" if we actually asked for a password.
Fixes #71496
- The "subtype" field to the "show" item for the themes is gone, it was stupid
and I hope no one used it (it wasn't documented anyhow).
- A bunch of standard pam messages are now translated inside gdm
- If there are many sessions available the graphical greeter presents
a scrolled window, fixes #104120
- Don't set RUSER for PAM and don't set RHOST if this is a console login,
apparently this is what it should be doing according to the Sun guys,
fixes issues from #106537
- The loop of death is now working as it should be and is not as sensitive.
Also the toplevel loop of death does not abort the display, but only
disables it for 2 minutes.
- Suspend now works much better and doesn't whack the gdm process,
fixes #108700
- When more then 50 users on the system don't put them all into
the combobox in gdmsetup, semi-fixes #111830
- When using shadow passwords, fall back to standard if shadow is
not available, fixes #109765 (cschelcher@free.fr)