GitLab

Positional parameters to merge_file() were never allowed and always
ignored, so just drop it.
See: https://github.com/mesonbuild/meson/issues/9441

Fixes #97

Rafael Fontenelle authored Aug 01, 2021 and Ray Strode committed Oct 12, 2021

Contribution by Henrique Machado Campos

Ray Strode authored Sep 09, 2021 and Ray Strode committed Oct 08, 2021

At the moment, at start up we unconditionally reset permission of all
cache files in /var/lib/AccountsService/users.  If the mode of the files
can't be reset, accountsservice fails to start.

But there's a situation where we should proceed anyway: If the
mode is already correct, and the file is read-only, there is no reason
to refuse to proceed.

This commit changes the code to explicitly validate the permissions of
the file before failing.

Ray Strode authored Sep 08, 2021 and Ray Strode committed Oct 08, 2021

At the moment we do dodgy checks based on uid to decide whether or not
an account is a system account.

For legacy reasons, sometimes normal users have really low UIDs.

This commit reshuffles things, so the cache file "wins" for deciding
whether or not a user is a system user.

Ray Strode authored Aug 04, 2021 and Ray Strode committed Oct 08, 2021

At the moment there's no easy way to set a default session, or
face icon or whatever for all users.  If a user has never logged in
before, we just generate their cache file from hardcoded defaults.

This commit introduces a template system to make it possible for
admins to set up defaults on their own.

Admins can write either
/etc/accountsservice/user-templates/administrator
or
/etc/accountsservice/user-templates/standard

files.  These files follow the same format as

/var/lib/AccountsService/users/username

files, but will support substituting $HOME and $USER to the appropriate
user specific values.

User templates also support an additional group [Template] that
have an additional key EnvironmentFiles that specify a list
of environment files to load (files with KEY=VALUE pairs in them).
Any keys listed in those environment files will also get substituted.

#63

The daemon code manually calls `g_signal_emit_by_name (user, "changed", 0)` every time it changes that users `automatic-login` property.
This emission is redundant because the user code sets up a `notify` handler to emit `changed` it self any time any of its properties are changed.

The variable uid is used only when the loginuid cannot be obtained
or is empty. Change it to get the variable uid when needed

The proxy "xsession" property is exposed as "x-session" to the API, so
don't break the API, but translate the name internally.

Accounts service provides the user's set_user_name() function that
allows to change an user username, but if this happens the user won't
ever be moved by index in the containing hash table, causing the user to
be never deleted when calling delete_user() and it will be always
exposed when listing or fetching it.

In fact we refer to the users only by their usernames but this may
change and in such situation they'd be left stale in the containing
table.

So, add ability to get an user by the UID, and use this function to
check if the user has been renamed during the "changed" callback and if
so, update its hashtable key.

Philip Withnall authored Jun 18, 2020 and Philip Withnall committed Mar 16, 2021

The refcounting of `ActUser` instances was a bit jumbled and unclear,
and seemed to contain several bugs. In particular,
`act_user_manager_get_user_by_id()` was behaving as `(transfer full)`
when it was documented as `(transfer none)`.

Try and tidy the refcounting up, to a certain extent. There may still be
issues left.
Signed-off-by: Philip Withnall <withnall@endlessm.com>

Philip Withnall authored Jun 18, 2020 and Philip Withnall committed Mar 16, 2021

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Otherwise, a trivial executable that includes <act/act.h>, built with
$(pkg-config --cflags --libs accountsservice), will fail to compile
when we cannot include headers like <glib-object.h>.
Signed-off-by: Simon McVittie <smcv@debian.org>

Iain Lane authored Apr 28, 2020 and Ray Strode committed May 04, 2020

And set is-loaded accordingly. This causes properties to be invalidated
on the client side and then get re-fetched when the daemon comes back.

#55

Philip Withnall authored May 01, 2020 and Ray Strode committed May 01, 2020

This introduces one small functional change: if any of the groups in
`EXTRA_ADMIN_GROUPS` can’t be resolved using `getgrnam()`, an error will
now be thrown. Previously, it would be ignored.

Other than that, this introduces no functional changes and is just
intended as a code cleanup.
Signed-off-by: Philip Withnall <withnall@endlessm.com>

Philip Withnall authored Apr 27, 2020 and Ray Strode committed May 01, 2020

Filter out the `extra_admin_groups` from the group list when a user is
no longer an admin.
Signed-off-by: Philip Withnall <withnall@endlessm.com>

The correct way to tell `g_option_context_new()` not to print any
information after the options is to pass `NULL`. Passing the empty
string results in a call to `gettext ("")`, which returns the
translation’s header.

This fixes the output of `accounts-daemon --help`.
Signed-off-by: Philip Withnall <withnall@endlessm.com>

Bad news for Geoffrey Ingram Taylor.

See: #57

We don't want this code running except on Red Hat systems, where we can
maintain it in a downstream patch if need be.

The heuristic has been wrong before (e.g. as in #57) and is not useful
on upstream systems where 1000 is the presumed minimum uid for human
users.

Many, many user accounts use / as their home directory. If deleting
these accounts with accountsservice, we should just ignore requests to
delete the home dir, rather than trash the user's computer.

Fixes #57

Because real name is stored in the GECOS field of /etc/passwd, which is delimited
by commas that cannot be escaped, the user's full name must not contain a comma.

Fixes #83

See: #83

When we return FALSE, we're not saying "failure," we're actually
saying "unhandled." So in accounts-user-generated.c (generated by
gdbus-codegen), _accounts_user_skeleton_handle_method_call() will
call g_dbus_method_invocation_return_error(), which assumes
ownership, sends a D-Bus error to the peer, and unrefs the
GDBusMethodInvocation. Problem is, we've already done all of that
and doing so twice is unexpected and bad.

Spotted by Ray Strode in !51.

Fixes #86

Philip Withnall authored Feb 18, 2020 and Ray Strode committed Feb 24, 2020

This tidies up the code a bit, and (critically) exposes a concrete
structure for `ActUser` and `ActUserClass`. Previously these were
dangling typedefs, which meant the compiler had no idea they derived
from `GObject`, and hence would give warnings about strict aliasing when
(for example) calling:
```
g_set_object (&my_user, user);
```
where `my_user` and `user` were both `ActUser*`.

This shouldn’t introduce any API or ABI changes, as the library
basically exposed no API in this area before. The autoptr cleanup
function is now defined by `G_DECLARE_FINAL_TYPE`.

libaccountsservice already depends on GLib 2.63, so no dependency bump
is needed.
Signed-off-by: Philip Withnall <withnall@endlessm.com>

Robert Ancell authored Sep 06, 2019 and Ray Strode committed Feb 24, 2020

ConsoleKit is very much dead and replaced by logind or elogind.