Index: head/x11/sddm/Makefile =================================================================== --- head/x11/sddm/Makefile (revision 479521) +++ head/x11/sddm/Makefile (revision 479522) @@ -1,47 +1,61 @@ # $FreeBSD$ PORTNAME= sddm PORTVERSION= 0.17.0 DISTVERSIONPREFIX= v +PORTREVISION= 1 CATEGORIES= x11 MAINTAINER= kde@FreeBSD.org COMMENT= QML based login manager +# The source code is GPLv2+, but the provided themes are: +# - CC-BY 3.0 (default greeter theme, maldives) +# - CC-BY 4.0 (maya) +# - Apache20 (font included with maya) +LICENSE= GPLv2+ CC-BY-3.0 CC-BY-4.0 APACHE20 +LICENSE_COMB= multi +LICENSE_FILE_GPLv2+= ${WRKSRC}/LICENSE +LICENSE_FILE_CC-BY-3.0= ${WRKSRC}/LICENSE.CC-BY-3.0 + RUN_DEPENDS= dbus-run-session:devel/dbus USES= cmake:outsource kde:5 qt:5 USE_KDE= ecm USE_QT= concurrent core dbus gui linguisttools multimedia network \ printsupport qml quick script sql webkit widgets \ buildtools_build qmake_build USE_XORG= xcb CMAKE_ARGS= -DUID_MIN=1000 \ -DUID_MAX=65000 \ -DCMAKE_INSTALL_SYSCONFDIR:PATH=${LOCALBASE}/etc USE_RC_SUBR= sddm SUB_FILES= xinitrc.desktop USERS= sddm GROUPS= sddm USE_GITHUB= yes + +# There are multiple patches that apply to Display.cpp, +# fixing CVE-2018-14345 and backported from 0.18. +EXTRA_PATCHES= ${PATCHDIR}/git-patch-147cec38d ${PATCHDIR}/git-patch-b02b00559 post-patch: @${REINPLACE_CMD} -e 's#/etc/X11#${LOCALBASE}/etc/X11#' \ -e 's#/usr/bin/#${LOCALBASE}/bin/#g' \ -e 's#/usr/share/#${LOCALBASE}/share/#' \ ${WRKSRC}/data/scripts/Xsession \ ${WRKSRC}/src/common/Configuration.h post-install: ${MV} ${STAGEDIR}${PREFIX}/etc/sddm.conf \ ${STAGEDIR}${PREFIX}/etc/sddm.conf.sample # Install xsession.desktop to launch .xinitrc via sddm. ${MKDIR} ${STAGEDIR}${PREFIX}/share/xsessions ${INSTALL_DATA} ${WRKDIR}/xinitrc.desktop ${STAGEDIR}${PREFIX}/share/xsessions ${INSTALL_SCRIPT} ${FILESDIR}/xinit-session ${STAGEDIR}${PREFIX}/share/sddm/scripts .include Index: head/x11/sddm/files/git-patch-147cec38d =================================================================== --- head/x11/sddm/files/git-patch-147cec38d (nonexistent) +++ head/x11/sddm/files/git-patch-147cec38d (revision 479522) @@ -0,0 +1,28 @@ +diff --git a/src/daemon/Display.cpp b/src/daemon/Display.cpp +index 5abfc9a..57d7ecb 100644 +--- src/daemon/Display.cpp ++++ src/daemon/Display.cpp +@@ -339,7 +339,9 @@ namespace SDDM { + } else { + //we only want to unlock the session if we can lock in, so we want to go via PAM auth, but not start a new session + //by not setting the session and the helper will emit authentication and then quit +- connect(m_auth, &Auth::authentication, this, [=](){ ++ connect(m_auth, &Auth::authentication, this, [=](const QString &, bool success){ ++ if(!success) ++ return; + qDebug() << "activating existing seat"; + OrgFreedesktopLogin1ManagerInterface manager(Logind::serviceName(), Logind::managerPath(), QDBusConnection::systemBus()); + manager.UnlockSession(existingSessionId); +diff --git a/src/helper/backend/PamBackend.cpp b/src/helper/backend/PamBackend.cpp +index 69cbd2c..5467282 100644 +--- src/helper/backend/PamBackend.cpp ++++ src/helper/backend/PamBackend.cpp +@@ -219,8 +219,6 @@ namespace SDDM { + + if (user == QStringLiteral("sddm") && m_greeter) + service = QStringLiteral("sddm-greeter"); +- else if (m_app->session()->path().isEmpty()) +- service = QStringLiteral("sddm-check"); + else if (m_autologin) + service = QStringLiteral("sddm-autologin"); + result = m_pam->start(service, user); Property changes on: head/x11/sddm/files/git-patch-147cec38d ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/x11/sddm/files/git-patch-b02b00559 =================================================================== --- head/x11/sddm/files/git-patch-b02b00559 (nonexistent) +++ head/x11/sddm/files/git-patch-b02b00559 (revision 479522) @@ -0,0 +1,70 @@ +diff --git a/src/daemon/Display.cpp b/src/daemon/Display.cpp +index 57d7ecb..c2ea728 100644 +--- src/daemon/Display.cpp ++++ src/daemon/Display.cpp +@@ -280,7 +280,7 @@ namespace SDDM { + return; + } + +- QString existingSessionId; ++ m_reuseSessionId = QString(); + + if (Logind::isAvailable() && mainConfig.Users.ReuseSession.get()) { + OrgFreedesktopLogin1ManagerInterface manager(Logind::serviceName(), Logind::managerPath(), QDBusConnection::systemBus()); +@@ -291,7 +291,7 @@ namespace SDDM { + if (s.userName == user) { + OrgFreedesktopLogin1SessionInterface session(Logind::serviceName(), s.sessionPath.path(), QDBusConnection::systemBus()); + if (session.service() == QLatin1String("sddm")) { +- existingSessionId = s.sessionId; ++ m_reuseSessionId = s.sessionId; + break; + } + } +@@ -334,19 +334,8 @@ namespace SDDM { + m_auth->insertEnvironment(env); + + m_auth->setUser(user); +- if (existingSessionId.isNull()) { ++ if (m_reuseSessionId.isNull()) { + m_auth->setSession(session.exec()); +- } else { +- //we only want to unlock the session if we can lock in, so we want to go via PAM auth, but not start a new session +- //by not setting the session and the helper will emit authentication and then quit +- connect(m_auth, &Auth::authentication, this, [=](const QString &, bool success){ +- if(!success) +- return; +- qDebug() << "activating existing seat"; +- OrgFreedesktopLogin1ManagerInterface manager(Logind::serviceName(), Logind::managerPath(), QDBusConnection::systemBus()); +- manager.UnlockSession(existingSessionId); +- manager.ActivateSession(existingSessionId); +- }); + } + m_auth->start(); + } +@@ -355,7 +344,13 @@ namespace SDDM { + if (success) { + qDebug() << "Authenticated successfully"; + +- m_auth->setCookie(qobject_cast(m_displayServer)->cookie()); ++ if (!m_reuseSessionId.isNull()) { ++ OrgFreedesktopLogin1ManagerInterface manager(Logind::serviceName(), Logind::managerPath(), QDBusConnection::systemBus()); ++ manager.UnlockSession(m_reuseSessionId); ++ manager.ActivateSession(m_reuseSessionId); ++ } else { ++ m_auth->setCookie(qobject_cast(m_displayServer)->cookie()); ++ } + + // save last user and last session + if (mainConfig.Users.RememberLastUser.get()) +diff --git a/src/daemon/Display.h b/src/daemon/Display.h +index 09d3cf9..a6a06b2 100644 +--- src/daemon/Display.h ++++ src/daemon/Display.h +@@ -85,6 +85,7 @@ namespace SDDM { + + QString m_passPhrase; + QString m_sessionName; ++ QString m_reuseSessionId; + + Auth *m_auth { nullptr }; + DisplayServer *m_displayServer { nullptr }; Property changes on: head/x11/sddm/files/git-patch-b02b00559 ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/x11/sddm/pkg-message =================================================================== --- head/x11/sddm/pkg-message (nonexistent) +++ head/x11/sddm/pkg-message (revision 479522) @@ -0,0 +1,2 @@ +SDDM does not support login.conf(5), and no special restrictions +or settings from login.conf are enforced or applied. Property changes on: head/x11/sddm/pkg-message ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property